From f6a177e14bc7137bc6901f7c00c5c7f1720c4ee5 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Fri, 20 Dec 2024 09:31:35 +0900 Subject: [PATCH] Auto Update 2024/12/20 00:31:35 --- 2013/CVE-2013-6282.json | 8 ++++---- 2016/CVE-2016-10709.json | 8 ++++---- 2017/CVE-2017-17099.json | 8 ++++---- 2018/CVE-2018-17240.json | 4 ++-- 2018/CVE-2018-1999002.json | 8 ++++---- 2018/CVE-2018-6789.json | 4 ++-- 2019/CVE-2019-1003000.json | 8 ++++---- 2019/CVE-2019-15107.json | 2 +- 2019/CVE-2019-2618.json | 2 +- 2019/CVE-2019-9053.json | 8 ++++---- 2020/CVE-2020-8012.json | 8 ++++---- 2020/CVE-2020-8559.json | 8 ++++---- 2021/CVE-2021-33044.json | 12 ++++++------ 2021/CVE-2021-36955.json | 12 ++++++------ 2021/CVE-2021-3929.json | 8 ++++---- 2021/CVE-2021-4045.json | 8 ++++---- 2022/CVE-2022-21894.json | 8 ++++---- 2022/CVE-2022-32981.json | 33 +++++++++++++++++++++++++++++++++ 2022/CVE-2022-42889.json | 2 +- 2023/CVE-2023-25194.json | 2 +- 2023/CVE-2023-32428.json | 8 ++++---- 2023/CVE-2023-36845.json | 2 +- 2023/CVE-2023-45866.json | 2 +- 2023/CVE-2023-48788.json | 8 ++++---- 2024/CVE-2024-1939.json | 8 ++++---- 2024/CVE-2024-24919.json | 8 ++++---- 2024/CVE-2024-35176.json | 33 +++++++++++++++++++++++++++++++++ 2024/CVE-2024-35250.json | 8 ++++---- 2024/CVE-2024-38063.json | 8 ++++---- 2024/CVE-2024-39908.json | 33 +++++++++++++++++++++++++++++++++ 2024/CVE-2024-49112.json | 8 ++++---- 2024/CVE-2024-50944.json | 33 +++++++++++++++++++++++++++++++++ 2024/CVE-2024-5274.json | 4 ++-- 2024/CVE-2024-52940.json | 4 ++-- 2024/CVE-2024-53476.json | 33 +++++++++++++++++++++++++++++++++ 2024/CVE-2024-54679.json | 2 +- README.md | 27 +++++++++++++++++++++++++++ 37 files changed, 291 insertions(+), 99 deletions(-) create mode 100644 2022/CVE-2022-32981.json create mode 100644 2024/CVE-2024-35176.json create mode 100644 2024/CVE-2024-39908.json create mode 100644 2024/CVE-2024-50944.json create mode 100644 2024/CVE-2024-53476.json diff --git a/2013/CVE-2013-6282.json b/2013/CVE-2013-6282.json index 62838e9fd0..2b10c144cc 100644 --- a/2013/CVE-2013-6282.json +++ b/2013/CVE-2013-6282.json @@ -107,10 +107,10 @@ "description": "CVE-2013-6282 proof of concept for Android", "fork": false, "created_at": "2016-12-19T16:14:18Z", - "updated_at": "2024-08-12T19:26:40Z", + "updated_at": "2024-12-19T21:27:06Z", "pushed_at": "2016-12-19T16:19:07Z", - "stargazers_count": 19, - "watchers_count": 19, + "stargazers_count": 20, + "watchers_count": 20, "has_discussions": false, "forks_count": 19, "allow_forking": true, @@ -119,7 +119,7 @@ "topics": [], "visibility": "public", "forks": 19, - "watchers": 19, + "watchers": 20, "score": 0, "subscribers_count": 3 } diff --git a/2016/CVE-2016-10709.json b/2016/CVE-2016-10709.json index 9b3d819ae5..7a52a2e726 100644 --- a/2016/CVE-2016-10709.json +++ b/2016/CVE-2016-10709.json @@ -14,10 +14,10 @@ "description": "CVE-2020-8012, CVE-2016-10709, CVE-2017-17099, CVE-2017-18047, CVE-2019-1003000, CVE-2018-1999002", "fork": false, "created_at": "2017-04-26T02:03:43Z", - "updated_at": "2024-08-12T19:29:24Z", + "updated_at": "2024-12-19T21:05:15Z", "pushed_at": "2020-02-29T21:27:15Z", - "stargazers_count": 56, - "watchers_count": 56, + "stargazers_count": 57, + "watchers_count": 57, "has_discussions": false, "forks_count": 34, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 34, - "watchers": 56, + "watchers": 57, "score": 0, "subscribers_count": 6 } diff --git a/2017/CVE-2017-17099.json b/2017/CVE-2017-17099.json index 9b3d819ae5..7a52a2e726 100644 --- a/2017/CVE-2017-17099.json +++ b/2017/CVE-2017-17099.json @@ -14,10 +14,10 @@ "description": "CVE-2020-8012, CVE-2016-10709, CVE-2017-17099, CVE-2017-18047, CVE-2019-1003000, CVE-2018-1999002", "fork": false, "created_at": "2017-04-26T02:03:43Z", - "updated_at": "2024-08-12T19:29:24Z", + "updated_at": "2024-12-19T21:05:15Z", "pushed_at": "2020-02-29T21:27:15Z", - "stargazers_count": 56, - "watchers_count": 56, + "stargazers_count": 57, + "watchers_count": 57, "has_discussions": false, "forks_count": 34, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 34, - "watchers": 56, + "watchers": 57, "score": 0, "subscribers_count": 6 } diff --git a/2018/CVE-2018-17240.json b/2018/CVE-2018-17240.json index 9375b3200f..18c7188aee 100644 --- a/2018/CVE-2018-17240.json +++ b/2018/CVE-2018-17240.json @@ -45,8 +45,8 @@ "description": "A tool for retrieving login credentials from Netwave IP cameras using a memory dump vulnerability (CVE-2018-17240)", "fork": false, "created_at": "2024-01-04T21:44:21Z", - "updated_at": "2024-12-06T19:44:48Z", - "pushed_at": "2024-12-19T09:49:38Z", + "updated_at": "2024-12-19T18:16:51Z", + "pushed_at": "2024-12-19T18:16:49Z", "stargazers_count": 3, "watchers_count": 3, "has_discussions": false, diff --git a/2018/CVE-2018-1999002.json b/2018/CVE-2018-1999002.json index 15bb4cc4b7..46ef71d1fc 100644 --- a/2018/CVE-2018-1999002.json +++ b/2018/CVE-2018-1999002.json @@ -14,10 +14,10 @@ "description": "CVE-2020-8012, CVE-2016-10709, CVE-2017-17099, CVE-2017-18047, CVE-2019-1003000, CVE-2018-1999002", "fork": false, "created_at": "2017-04-26T02:03:43Z", - "updated_at": "2024-08-12T19:29:24Z", + "updated_at": "2024-12-19T21:05:15Z", "pushed_at": "2020-02-29T21:27:15Z", - "stargazers_count": 56, - "watchers_count": 56, + "stargazers_count": 57, + "watchers_count": 57, "has_discussions": false, "forks_count": 34, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 34, - "watchers": 56, + "watchers": 57, "score": 0, "subscribers_count": 6 }, diff --git a/2018/CVE-2018-6789.json b/2018/CVE-2018-6789.json index 5022054e09..26a2d67629 100644 --- a/2018/CVE-2018-6789.json +++ b/2018/CVE-2018-6789.json @@ -81,13 +81,13 @@ "stargazers_count": 8, "watchers_count": 8, "has_discussions": false, - "forks_count": 7, + "forks_count": 6, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 7, + "forks": 6, "watchers": 8, "score": 0, "subscribers_count": 4 diff --git a/2019/CVE-2019-1003000.json b/2019/CVE-2019-1003000.json index 6c479c5716..92ffaaf028 100644 --- a/2019/CVE-2019-1003000.json +++ b/2019/CVE-2019-1003000.json @@ -14,10 +14,10 @@ "description": "CVE-2020-8012, CVE-2016-10709, CVE-2017-17099, CVE-2017-18047, CVE-2019-1003000, CVE-2018-1999002", "fork": false, "created_at": "2017-04-26T02:03:43Z", - "updated_at": "2024-08-12T19:29:24Z", + "updated_at": "2024-12-19T21:05:15Z", "pushed_at": "2020-02-29T21:27:15Z", - "stargazers_count": 56, - "watchers_count": 56, + "stargazers_count": 57, + "watchers_count": 57, "has_discussions": false, "forks_count": 34, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 34, - "watchers": 56, + "watchers": 57, "score": 0, "subscribers_count": 6 }, diff --git a/2019/CVE-2019-15107.json b/2019/CVE-2019-15107.json index f724973bc1..a35e27567c 100644 --- a/2019/CVE-2019-15107.json +++ b/2019/CVE-2019-15107.json @@ -1077,6 +1077,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2019/CVE-2019-2618.json b/2019/CVE-2019-2618.json index 959e391c64..3f141f9c3b 100644 --- a/2019/CVE-2019-2618.json +++ b/2019/CVE-2019-2618.json @@ -235,6 +235,6 @@ "forks": 340, "watchers": 2012, "score": 0, - "subscribers_count": 37 + "subscribers_count": 38 } ] \ No newline at end of file diff --git a/2019/CVE-2019-9053.json b/2019/CVE-2019-9053.json index 0473f94bb6..9679bc7c32 100644 --- a/2019/CVE-2019-9053.json +++ b/2019/CVE-2019-9053.json @@ -231,10 +231,10 @@ "description": "The exploit is edited to work with different text encodings and Python 3 and is compatible with CMSMS version 2.2.9 and below.", "fork": false, "created_at": "2023-05-29T17:59:09Z", - "updated_at": "2024-09-06T04:25:46Z", + "updated_at": "2024-12-19T23:00:23Z", "pushed_at": "2024-06-09T12:39:47Z", - "stargazers_count": 4, - "watchers_count": 4, + "stargazers_count": 3, + "watchers_count": 3, "has_discussions": false, "forks_count": 5, "allow_forking": true, @@ -243,7 +243,7 @@ "topics": [], "visibility": "public", "forks": 5, - "watchers": 4, + "watchers": 3, "score": 0, "subscribers_count": 1 }, diff --git a/2020/CVE-2020-8012.json b/2020/CVE-2020-8012.json index 9b3d819ae5..7a52a2e726 100644 --- a/2020/CVE-2020-8012.json +++ b/2020/CVE-2020-8012.json @@ -14,10 +14,10 @@ "description": "CVE-2020-8012, CVE-2016-10709, CVE-2017-17099, CVE-2017-18047, CVE-2019-1003000, CVE-2018-1999002", "fork": false, "created_at": "2017-04-26T02:03:43Z", - "updated_at": "2024-08-12T19:29:24Z", + "updated_at": "2024-12-19T21:05:15Z", "pushed_at": "2020-02-29T21:27:15Z", - "stargazers_count": 56, - "watchers_count": 56, + "stargazers_count": 57, + "watchers_count": 57, "has_discussions": false, "forks_count": 34, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 34, - "watchers": 56, + "watchers": 57, "score": 0, "subscribers_count": 6 } diff --git a/2020/CVE-2020-8559.json b/2020/CVE-2020-8559.json index 0688793883..409b98278a 100644 --- a/2020/CVE-2020-8559.json +++ b/2020/CVE-2020-8559.json @@ -45,10 +45,10 @@ "description": "This is a PoC exploit for CVE-2020-8559 Kubernetes Vulnerability ", "fork": false, "created_at": "2020-07-22T08:36:41Z", - "updated_at": "2024-08-12T20:03:59Z", + "updated_at": "2024-12-19T19:59:45Z", "pushed_at": "2020-07-23T12:55:28Z", - "stargazers_count": 53, - "watchers_count": 53, + "stargazers_count": 54, + "watchers_count": 54, "has_discussions": false, "forks_count": 14, "allow_forking": true, @@ -57,7 +57,7 @@ "topics": [], "visibility": "public", "forks": 14, - "watchers": 53, + "watchers": 54, "score": 0, "subscribers_count": 4 } diff --git a/2021/CVE-2021-33044.json b/2021/CVE-2021-33044.json index 995c399ef8..58d8b8b5a3 100644 --- a/2021/CVE-2021-33044.json +++ b/2021/CVE-2021-33044.json @@ -14,19 +14,19 @@ "description": "Chrome extension that uses vulnerabilities CVE-2021-33044 and CVE-2021-33045 to log in to Dahua cameras without authentication.", "fork": false, "created_at": "2021-10-11T22:08:47Z", - "updated_at": "2024-12-08T19:58:51Z", + "updated_at": "2024-12-19T19:04:27Z", "pushed_at": "2021-10-13T22:32:36Z", - "stargazers_count": 134, - "watchers_count": 134, + "stargazers_count": 135, + "watchers_count": 135, "has_discussions": false, - "forks_count": 33, + "forks_count": 34, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 33, - "watchers": 134, + "forks": 34, + "watchers": 135, "score": 0, "subscribers_count": 7 }, diff --git a/2021/CVE-2021-36955.json b/2021/CVE-2021-36955.json index 2d2ec1f88a..51fd473f8e 100644 --- a/2021/CVE-2021-36955.json +++ b/2021/CVE-2021-36955.json @@ -14,19 +14,19 @@ "description": "CVE-2021-36955", "fork": false, "created_at": "2022-07-18T07:08:56Z", - "updated_at": "2024-11-09T00:56:23Z", + "updated_at": "2024-12-19T23:48:56Z", "pushed_at": "2023-08-15T15:42:39Z", - "stargazers_count": 13, - "watchers_count": 13, + "stargazers_count": 14, + "watchers_count": 14, "has_discussions": false, - "forks_count": 6, + "forks_count": 7, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 6, - "watchers": 13, + "forks": 7, + "watchers": 14, "score": 0, "subscribers_count": 2 } diff --git a/2021/CVE-2021-3929.json b/2021/CVE-2021-3929.json index ba5e2a0d51..b6c01d005a 100644 --- a/2021/CVE-2021-3929.json +++ b/2021/CVE-2021-3929.json @@ -14,10 +14,10 @@ "description": "Recursive MMIO VM Escape PoC", "fork": false, "created_at": "2022-05-13T05:33:28Z", - "updated_at": "2024-10-04T17:14:10Z", + "updated_at": "2024-12-20T00:07:19Z", "pushed_at": "2022-05-13T05:37:41Z", - "stargazers_count": 169, - "watchers_count": 169, + "stargazers_count": 170, + "watchers_count": 170, "has_discussions": false, "forks_count": 24, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 24, - "watchers": 169, + "watchers": 170, "score": 0, "subscribers_count": 7 } diff --git a/2021/CVE-2021-4045.json b/2021/CVE-2021-4045.json index b440152aed..161290187f 100644 --- a/2021/CVE-2021-4045.json +++ b/2021/CVE-2021-4045.json @@ -51,10 +51,10 @@ "description": "TP-Link Tapo c200 ver <1.1.15 - Remote Code Execution (RCE)", "fork": false, "created_at": "2022-10-11T13:56:15Z", - "updated_at": "2022-10-09T01:03:06Z", + "updated_at": "2024-12-20T00:00:36Z", "pushed_at": "2022-10-08T04:25:10Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -63,7 +63,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 0 }, diff --git a/2022/CVE-2022-21894.json b/2022/CVE-2022-21894.json index 31e67969f0..ec29624b0b 100644 --- a/2022/CVE-2022-21894.json +++ b/2022/CVE-2022-21894.json @@ -14,10 +14,10 @@ "description": "baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability", "fork": false, "created_at": "2022-08-09T15:53:48Z", - "updated_at": "2024-12-05T04:58:09Z", + "updated_at": "2024-12-19T23:51:56Z", "pushed_at": "2023-09-27T06:44:27Z", - "stargazers_count": 315, - "watchers_count": 315, + "stargazers_count": 317, + "watchers_count": 317, "has_discussions": false, "forks_count": 60, "allow_forking": true, @@ -34,7 +34,7 @@ ], "visibility": "public", "forks": 60, - "watchers": 315, + "watchers": 317, "score": 0, "subscribers_count": 12 }, diff --git a/2022/CVE-2022-32981.json b/2022/CVE-2022-32981.json new file mode 100644 index 0000000000..2707de8193 --- /dev/null +++ b/2022/CVE-2022-32981.json @@ -0,0 +1,33 @@ +[ + { + "id": 905956447, + "name": "CVE-2022-32981", + "full_name": "SpiralBL0CK\/CVE-2022-32981", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2022-32981", + "description": "poc for CVE-2022-32981 under work", + "fork": false, + "created_at": "2024-12-19T21:15:39Z", + "updated_at": "2024-12-19T21:16:33Z", + "pushed_at": "2024-12-19T21:16:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42889.json b/2022/CVE-2022-42889.json index 7d04e321fb..b37dc60119 100644 --- a/2022/CVE-2022-42889.json +++ b/2022/CVE-2022-42889.json @@ -1361,7 +1361,7 @@ "fork": false, "created_at": "2023-09-22T17:17:26Z", "updated_at": "2023-09-22T17:17:44Z", - "pushed_at": "2024-11-23T14:18:37Z", + "pushed_at": "2024-12-20T00:06:26Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2023/CVE-2023-25194.json b/2023/CVE-2023-25194.json index c7ac222d44..c733787986 100644 --- a/2023/CVE-2023-25194.json +++ b/2023/CVE-2023-25194.json @@ -77,7 +77,7 @@ "fork": false, "created_at": "2024-04-17T13:36:34Z", "updated_at": "2024-10-30T14:55:15Z", - "pushed_at": "2024-12-06T22:29:07Z", + "pushed_at": "2024-12-19T22:30:33Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, diff --git a/2023/CVE-2023-32428.json b/2023/CVE-2023-32428.json index d24c721828..7b568ac628 100644 --- a/2023/CVE-2023-32428.json +++ b/2023/CVE-2023-32428.json @@ -14,10 +14,10 @@ "description": null, "fork": false, "created_at": "2024-11-26T07:52:29Z", - "updated_at": "2024-11-30T03:02:36Z", + "updated_at": "2024-12-19T18:47:10Z", "pushed_at": "2024-11-26T08:06:06Z", - "stargazers_count": 14, - "watchers_count": 14, + "stargazers_count": 15, + "watchers_count": 15, "has_discussions": false, "forks_count": 4, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 4, - "watchers": 14, + "watchers": 15, "score": 0, "subscribers_count": 2 } diff --git a/2023/CVE-2023-36845.json b/2023/CVE-2023-36845.json index 67477e3e1c..20adee1930 100644 --- a/2023/CVE-2023-36845.json +++ b/2023/CVE-2023-36845.json @@ -15,7 +15,7 @@ "fork": false, "created_at": "2023-09-16T09:11:21Z", "updated_at": "2024-11-16T19:51:18Z", - "pushed_at": "2024-12-06T18:33:11Z", + "pushed_at": "2024-12-19T18:47:09Z", "stargazers_count": 60, "watchers_count": 60, "has_discussions": false, diff --git a/2023/CVE-2023-45866.json b/2023/CVE-2023-45866.json index 047eaf84b1..1ca35dd319 100644 --- a/2023/CVE-2023-45866.json +++ b/2023/CVE-2023-45866.json @@ -14,7 +14,7 @@ "description": "🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)", "fork": false, "created_at": "2024-01-16T06:52:02Z", - "updated_at": "2024-12-19T00:12:41Z", + "updated_at": "2024-12-19T19:33:11Z", "pushed_at": "2024-08-18T08:26:46Z", "stargazers_count": 1304, "watchers_count": 1304, diff --git a/2023/CVE-2023-48788.json b/2023/CVE-2023-48788.json index 37aca3f9ea..1a73cdcbd7 100644 --- a/2023/CVE-2023-48788.json +++ b/2023/CVE-2023-48788.json @@ -14,10 +14,10 @@ "description": "Fortinet FortiClient EMS SQL Injection", "fork": false, "created_at": "2024-03-18T20:50:48Z", - "updated_at": "2024-11-27T17:51:55Z", + "updated_at": "2024-12-19T22:41:39Z", "pushed_at": "2024-03-20T20:42:41Z", - "stargazers_count": 44, - "watchers_count": 44, + "stargazers_count": 45, + "watchers_count": 45, "has_discussions": false, "forks_count": 11, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 11, - "watchers": 44, + "watchers": 45, "score": 0, "subscribers_count": 5 } diff --git a/2024/CVE-2024-1939.json b/2024/CVE-2024-1939.json index c924dd5812..cd0b056de3 100644 --- a/2024/CVE-2024-1939.json +++ b/2024/CVE-2024-1939.json @@ -14,10 +14,10 @@ "description": "For V8CTF M122", "fork": false, "created_at": "2024-08-25T12:08:54Z", - "updated_at": "2024-12-12T23:59:01Z", + "updated_at": "2024-12-19T20:53:55Z", "pushed_at": "2024-08-25T12:42:14Z", - "stargazers_count": 11, - "watchers_count": 11, + "stargazers_count": 12, + "watchers_count": 12, "has_discussions": false, "forks_count": 2, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 2, - "watchers": 11, + "watchers": 12, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-24919.json b/2024/CVE-2024-24919.json index 8d15253e9e..32b58aff22 100644 --- a/2024/CVE-2024-24919.json +++ b/2024/CVE-2024-24919.json @@ -527,10 +527,10 @@ "description": "CVE-2024-24919 exploit", "fork": false, "created_at": "2024-05-31T13:11:40Z", - "updated_at": "2024-12-06T22:59:11Z", + "updated_at": "2024-12-19T23:51:58Z", "pushed_at": "2024-05-31T15:50:57Z", - "stargazers_count": 11, - "watchers_count": 11, + "stargazers_count": 12, + "watchers_count": 12, "has_discussions": false, "forks_count": 9, "allow_forking": true, @@ -539,7 +539,7 @@ "topics": [], "visibility": "public", "forks": 9, - "watchers": 11, + "watchers": 12, "score": 0, "subscribers_count": 1 }, diff --git a/2024/CVE-2024-35176.json b/2024/CVE-2024-35176.json new file mode 100644 index 0000000000..bfa63c0fdd --- /dev/null +++ b/2024/CVE-2024-35176.json @@ -0,0 +1,33 @@ +[ + { + "id": 905906674, + "name": "CVE-2024-35176", + "full_name": "SpiralBL0CK\/CVE-2024-35176", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2024-35176", + "description": "CVE-2024-35176 poc full", + "fork": false, + "created_at": "2024-12-19T19:01:53Z", + "updated_at": "2024-12-20T00:28:19Z", + "pushed_at": "2024-12-19T22:16:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35250.json b/2024/CVE-2024-35250.json index b0171fc71d..f4657956a1 100644 --- a/2024/CVE-2024-35250.json +++ b/2024/CVE-2024-35250.json @@ -14,10 +14,10 @@ "description": "PoC for the Untrusted Pointer Dereference in the ks.sys driver", "fork": false, "created_at": "2024-10-13T19:30:20Z", - "updated_at": "2024-12-18T22:50:51Z", + "updated_at": "2024-12-19T21:43:46Z", "pushed_at": "2024-11-29T16:56:23Z", - "stargazers_count": 239, - "watchers_count": 239, + "stargazers_count": 240, + "watchers_count": 240, "has_discussions": false, "forks_count": 53, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 53, - "watchers": 239, + "watchers": 240, "score": 0, "subscribers_count": 6 }, diff --git a/2024/CVE-2024-38063.json b/2024/CVE-2024-38063.json index c65b3c4d85..571ee98d13 100644 --- a/2024/CVE-2024-38063.json +++ b/2024/CVE-2024-38063.json @@ -265,10 +265,10 @@ "description": "poc for CVE-2024-38063 (RCE in tcpip.sys)", "fork": false, "created_at": "2024-08-24T18:25:46Z", - "updated_at": "2024-12-19T17:05:28Z", + "updated_at": "2024-12-19T20:46:08Z", "pushed_at": "2024-08-27T12:22:39Z", - "stargazers_count": 636, - "watchers_count": 636, + "stargazers_count": 637, + "watchers_count": 637, "has_discussions": false, "forks_count": 115, "allow_forking": true, @@ -277,7 +277,7 @@ "topics": [], "visibility": "public", "forks": 115, - "watchers": 636, + "watchers": 637, "score": 0, "subscribers_count": 4 }, diff --git a/2024/CVE-2024-39908.json b/2024/CVE-2024-39908.json new file mode 100644 index 0000000000..2bea92b712 --- /dev/null +++ b/2024/CVE-2024-39908.json @@ -0,0 +1,33 @@ +[ + { + "id": 905905924, + "name": "CVE-2024-39908", + "full_name": "SpiralBL0CK\/CVE-2024-39908", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2024-39908", + "description": "CVE-2024-39908 full poc", + "fork": false, + "created_at": "2024-12-19T18:59:52Z", + "updated_at": "2024-12-19T19:00:06Z", + "pushed_at": "2024-12-19T19:00:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-49112.json b/2024/CVE-2024-49112.json index 23746b0742..ec00d16f32 100644 --- a/2024/CVE-2024-49112.json +++ b/2024/CVE-2024-49112.json @@ -45,10 +45,10 @@ "description": "CVE-2024-49112 LDAP RCE PoC and Metasploit Module", "fork": false, "created_at": "2024-12-18T01:06:54Z", - "updated_at": "2024-12-18T13:25:59Z", + "updated_at": "2024-12-19T23:05:45Z", "pushed_at": "2024-12-18T01:17:11Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 4, + "watchers_count": 4, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -57,7 +57,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 3, + "watchers": 4, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-50944.json b/2024/CVE-2024-50944.json new file mode 100644 index 0000000000..38ebfc56fe --- /dev/null +++ b/2024/CVE-2024-50944.json @@ -0,0 +1,33 @@ +[ + { + "id": 905989849, + "name": "CVE-2024-50944", + "full_name": "AbdullahAlmutawa\/CVE-2024-50944", + "owner": { + "login": "AbdullahAlmutawa", + "id": 53648024, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53648024?v=4", + "html_url": "https:\/\/github.com\/AbdullahAlmutawa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbdullahAlmutawa\/CVE-2024-50944", + "description": "Integer Overflow in Cart Logic in SimplCommerce allows remote attackers to manipulate product quantities and total prices via crafted inputs that exploit insufficient validation of the quantity parameter.", + "fork": false, + "created_at": "2024-12-19T23:33:21Z", + "updated_at": "2024-12-20T00:29:43Z", + "pushed_at": "2024-12-20T00:29:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5274.json b/2024/CVE-2024-5274.json index 617850b849..ca8318b882 100644 --- a/2024/CVE-2024-5274.json +++ b/2024/CVE-2024-5274.json @@ -50,13 +50,13 @@ "stargazers_count": 76, "watchers_count": 76, "has_discussions": false, - "forks_count": 13, + "forks_count": 12, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 13, + "forks": 12, "watchers": 76, "score": 0, "subscribers_count": 2 diff --git a/2024/CVE-2024-52940.json b/2024/CVE-2024-52940.json index 0cec9d03d2..94ea890c6b 100644 --- a/2024/CVE-2024-52940.json +++ b/2024/CVE-2024-52940.json @@ -19,7 +19,7 @@ "stargazers_count": 28, "watchers_count": 28, "has_discussions": true, - "forks_count": 10, + "forks_count": 9, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -37,7 +37,7 @@ "zero-day-vulnerability" ], "visibility": "public", - "forks": 10, + "forks": 9, "watchers": 28, "score": 0, "subscribers_count": 1 diff --git a/2024/CVE-2024-53476.json b/2024/CVE-2024-53476.json new file mode 100644 index 0000000000..032cc74b9a --- /dev/null +++ b/2024/CVE-2024-53476.json @@ -0,0 +1,33 @@ +[ + { + "id": 906000848, + "name": "CVE-2024-53476", + "full_name": "AbdullahAlmutawa\/CVE-2024-53476", + "owner": { + "login": "AbdullahAlmutawa", + "id": 53648024, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53648024?v=4", + "html_url": "https:\/\/github.com\/AbdullahAlmutawa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbdullahAlmutawa\/CVE-2024-53476", + "description": "SimplCommerce is affected by a race condition vulnerability in the checkout logic, allowing multiple users to purchase more products than are in stock via simultaneous checkout requests.", + "fork": false, + "created_at": "2024-12-20T00:27:22Z", + "updated_at": "2024-12-20T00:27:25Z", + "pushed_at": "2024-12-20T00:27:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-54679.json b/2024/CVE-2024-54679.json index 2bd7b2db78..e1636e8d84 100644 --- a/2024/CVE-2024-54679.json +++ b/2024/CVE-2024-54679.json @@ -14,7 +14,7 @@ "description": "CVE-2024-54679 - CyberPanel (aka Cyber Panel) Denial of Service (https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-54679)", "fork": false, "created_at": "2024-12-06T06:02:34Z", - "updated_at": "2024-12-12T13:07:15Z", + "updated_at": "2024-12-19T20:35:12Z", "pushed_at": "2024-12-06T06:19:42Z", "stargazers_count": 3, "watchers_count": 3, diff --git a/README.md b/README.md index 0259f9cb50..43238021e7 100644 --- a/README.md +++ b/README.md @@ -5216,6 +5216,13 @@ - [Ozozuz/Ozozuz-IBM-Security-Verify-CVE-2024-35133](https://github.com/Ozozuz/Ozozuz-IBM-Security-Verify-CVE-2024-35133) +### CVE-2024-35176 (2024-05-16) + + REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many `<`s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this vulnerability. As a workaround, don't parse untrusted XMLs. + + +- [SpiralBL0CK/CVE-2024-35176](https://github.com/SpiralBL0CK/CVE-2024-35176) + ### CVE-2024-35205 (-) The WPS Office (aka cn.wps.moffice_eng) application before 17.0.0 for Android fails to properly sanitize file names before processing them through external application interactions, leading to a form of path traversal. This potentially enables any application to dispatch a crafted library file, aiming to overwrite an existing native library utilized by WPS Office. Successful exploitation could result in the execution of arbitrary commands under the guise of WPS Office's application ID. @@ -5899,6 +5906,13 @@ - [ph1ns/CVE-2024-39844](https://github.com/ph1ns/CVE-2024-39844) +### CVE-2024-39908 (2024-07-16) + + REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as `<`, `0` and `%>`. If you need to parse untrusted XMLs, you many be impacted to these vulnerabilities. The REXML gem 3.3.2 or later include the patches to fix these vulnerabilities. Users are advised to upgrade. Users unable to upgrade should avoid parsing untrusted XML strings. + + +- [SpiralBL0CK/CVE-2024-39908](https://github.com/SpiralBL0CK/CVE-2024-39908) + ### CVE-2024-39929 (2024-07-04) Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users. @@ -7227,6 +7241,9 @@ - [Wh1teSnak3/CVE-2024-50849](https://github.com/Wh1teSnak3/CVE-2024-50849) +### CVE-2024-50944 +- [AbdullahAlmutawa/CVE-2024-50944](https://github.com/AbdullahAlmutawa/CVE-2024-50944) + ### CVE-2024-50961 - [fdzdev/CVE-2024-50961](https://github.com/fdzdev/CVE-2024-50961) @@ -7518,6 +7535,9 @@ - [ThottySploity/CVE-2024-53376](https://github.com/ThottySploity/CVE-2024-53376) +### CVE-2024-53476 +- [AbdullahAlmutawa/CVE-2024-53476](https://github.com/AbdullahAlmutawa/CVE-2024-53476) + ### CVE-2024-53617 (2024-12-02) A Cross Site Scripting vulnerability in LibrePhotos before commit 32237 allows attackers to takeover any account via uploading an HTML file on behalf of the admin user using IDOR in file upload. @@ -20558,6 +20578,13 @@ - [asahilina/agx-exploit](https://github.com/asahilina/agx-exploit) +### CVE-2022-32981 (2022-06-10) + +An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers. + + +- [SpiralBL0CK/CVE-2022-32981](https://github.com/SpiralBL0CK/CVE-2022-32981) + ### CVE-2022-32988 (2022-06-30) Cross Site Scripting (XSS) vulnerability in router Asus DSL-N14U-B1 1.1.2.3_805 via the "*list" parameters (e.g. filter_lwlist, keyword_rulelist, etc) in every ".asp" page containing a list of stored strings. The following asp files are affected: (1) cgi-bin/APP_Installation.asp, (2) cgi-bin/Advanced_ACL_Content.asp, (3) cgi-bin/Advanced_ADSL_Content.asp, (4) cgi-bin/Advanced_ASUSDDNS_Content.asp, (5) cgi-bin/Advanced_AiDisk_ftp.asp, (6) cgi-bin/Advanced_AiDisk_samba.asp, (7) cgi-bin/Advanced_DSL_Content.asp, (8) cgi-bin/Advanced_Firewall_Content.asp, (9) cgi-bin/Advanced_FirmwareUpgrade_Content.asp, (10) cgi-bin/Advanced_GWStaticRoute_Content.asp, (11) cgi-bin/Advanced_IPTV_Content.asp, (12) cgi-bin/Advanced_IPv6_Content.asp, (13) cgi-bin/Advanced_KeywordFilter_Content.asp, (14) cgi-bin/Advanced_LAN_Content.asp, (15) cgi-bin/Advanced_Modem_Content.asp, (16) cgi-bin/Advanced_PortTrigger_Content.asp, (17) cgi-bin/Advanced_QOSUserPrio_Content.asp, (18) cgi-bin/Advanced_QOSUserRules_Content.asp, (19) cgi-bin/Advanced_SettingBackup_Content.asp, (20) cgi-bin/Advanced_System_Content.asp, (21) cgi-bin/Advanced_URLFilter_Content.asp, (22) cgi-bin/Advanced_VPN_PPTP.asp, (23) cgi-bin/Advanced_VirtualServer_Content.asp, (24) cgi-bin/Advanced_WANPort_Content.asp, (25) cgi-bin/Advanced_WAdvanced_Content.asp, (26) cgi-bin/Advanced_WMode_Content.asp, (27) cgi-bin/Advanced_WWPS_Content.asp, (28) cgi-bin/Advanced_Wireless_Content.asp, (29) cgi-bin/Bandwidth_Limiter.asp, (30) cgi-bin/Guest_network.asp, (31) cgi-bin/Main_AccessLog_Content.asp, (32) cgi-bin/Main_AdslStatus_Content.asp, (33) cgi-bin/Main_Spectrum_Content.asp, (34) cgi-bin/Main_WebHistory_Content.asp, (35) cgi-bin/ParentalControl.asp, (36) cgi-bin/QIS_wizard.asp, (37) cgi-bin/QoS_EZQoS.asp, (38) cgi-bin/aidisk.asp, (39) cgi-bin/aidisk/Aidisk-1.asp, (40) cgi-bin/aidisk/Aidisk-2.asp, (41) cgi-bin/aidisk/Aidisk-3.asp, (42) cgi-bin/aidisk/Aidisk-4.asp, (43) cgi-bin/blocking.asp, (44) cgi-bin/cloud_main.asp, (45) cgi-bin/cloud_router_sync.asp, (46) cgi-bin/cloud_settings.asp, (47) cgi-bin/cloud_sync.asp, (48) cgi-bin/device-map/DSL_dashboard.asp, (49) cgi-bin/device-map/clients.asp, (50) cgi-bin/device-map/disk.asp, (51) cgi-bin/device-map/internet.asp, (52) cgi-bin/error_page.asp, (53) cgi-bin/index.asp, (54) cgi-bin/index2.asp, (55) cgi-bin/qis/QIS_PTM_manual_setting.asp, (56) cgi-bin/qis/QIS_admin_pass.asp, (57) cgi-bin/qis/QIS_annex_setting.asp, (58) cgi-bin/qis/QIS_bridge_cfg_tmp.asp, (59) cgi-bin/qis/QIS_detect.asp, (60) cgi-bin/qis/QIS_finish.asp, (61) cgi-bin/qis/QIS_ipoa_cfg_tmp.asp, (62) cgi-bin/qis/QIS_manual_setting.asp, (63) cgi-bin/qis/QIS_mer_cfg.asp, (64) cgi-bin/qis/QIS_mer_cfg_tmp.asp, (65) cgi-bin/qis/QIS_ppp_cfg.asp, (66) cgi-bin/qis/QIS_ppp_cfg_tmp.asp, (67) cgi-bin/qis/QIS_wireless.asp, (68) cgi-bin/query_wan_status.asp, (69) cgi-bin/query_wan_status2.asp, and (70) cgi-bin/start_apply.asp.