diff --git a/2010/CVE-2010-0426.json b/2010/CVE-2010-0426.json new file mode 100644 index 0000000000..964a48af93 --- /dev/null +++ b/2010/CVE-2010-0426.json @@ -0,0 +1,48 @@ +[ + { + "id": 114424141, + "name": "privesc-CVE-2010-0426", + "full_name": "t0kx\/privesc-CVE-2010-0426", + "owner": { + "login": "t0kx", + "id": 24924517, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/24924517?v=4", + "html_url": "https:\/\/github.com\/t0kx" + }, + "html_url": "https:\/\/github.com\/t0kx\/privesc-CVE-2010-0426", + "description": "Sudo 1.6.x <= 1.6.9p21 and 1.7.x <= 1.7.2p4 Local Privilege Escalation and vulnerable container", + "fork": false, + "created_at": "2017-12-16T01:16:44Z", + "updated_at": "2020-04-20T12:29:23Z", + "pushed_at": "2017-12-16T01:19:11Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 6, + "forks": 6, + "watchers": 5, + "score": 0 + }, + { + "id": 164330369, + "name": "cve-2010-0426", + "full_name": "cved-sources\/cve-2010-0426", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2010-0426", + "description": "cve-2010-0426", + "fork": false, + "created_at": "2019-01-06T17:38:19Z", + "updated_at": "2019-02-01T21:14:50Z", + "pushed_at": "2019-02-01T21:14:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2010/CVE-2010-0738.json b/2010/CVE-2010-0738.json index e7da22b3b6..3724dc1834 100644 --- a/2010/CVE-2010-0738.json +++ b/2010/CVE-2010-0738.json @@ -1,4 +1,27 @@ [ + { + "id": 29914821, + "name": "jboss-autopwn", + "full_name": "ChristianPapathanasiou\/jboss-autopwn", + "owner": { + "login": "ChristianPapathanasiou", + "id": 5354349, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/5354349?v=4", + "html_url": "https:\/\/github.com\/ChristianPapathanasiou" + }, + "html_url": "https:\/\/github.com\/ChristianPapathanasiou\/jboss-autopwn", + "description": "JBoss Autopwn as featured at BlackHat Europe 2010 - this version incorporates CVE-2010-0738 the JBoss authentication bypass VERB manipulation vulnerability as discovered by Minded Security", + "fork": false, + "created_at": "2015-01-27T13:16:45Z", + "updated_at": "2020-07-02T11:52:16Z", + "pushed_at": "2015-01-27T13:23:18Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 7, + "forks": 7, + "watchers": 13, + "score": 0 + }, { "id": 62456741, "name": "jboss-autopwn", diff --git a/2010/CVE-2010-1205.json b/2010/CVE-2010-1205.json new file mode 100644 index 0000000000..a2a7366b73 --- /dev/null +++ b/2010/CVE-2010-1205.json @@ -0,0 +1,25 @@ +[ + { + "id": 911174, + "name": "CVE-2010-1205", + "full_name": "mk219533\/CVE-2010-1205", + "owner": { + "login": "mk219533", + "id": 91629, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/91629?v=4", + "html_url": "https:\/\/github.com\/mk219533" + }, + "html_url": "https:\/\/github.com\/mk219533\/CVE-2010-1205", + "description": "sample exploit of buffer overflow in libpng ", + "fork": false, + "created_at": "2010-09-14T22:16:11Z", + "updated_at": "2020-05-07T01:35:39Z", + "pushed_at": "2010-10-03T14:06:12Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 0, + "forks": 0, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2010/CVE-2010-1411.json b/2010/CVE-2010-1411.json new file mode 100644 index 0000000000..107c730281 --- /dev/null +++ b/2010/CVE-2010-1411.json @@ -0,0 +1,25 @@ +[ + { + "id": 235009176, + "name": "httpfuzz-robomiller", + "full_name": "MAVProxyUser\/httpfuzz-robomiller", + "owner": { + "login": "MAVProxyUser", + "id": 2904396, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/2904396?v=4", + "html_url": "https:\/\/github.com\/MAVProxyUser" + }, + "html_url": "https:\/\/github.com\/MAVProxyUser\/httpfuzz-robomiller", + "description": "Dumb Fuzzer used to find CVE-2010-1411 ", + "fork": false, + "created_at": "2020-01-20T03:12:03Z", + "updated_at": "2020-01-20T05:00:06Z", + "pushed_at": "2020-01-20T05:00:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2010/CVE-2010-3332.json b/2010/CVE-2010-3332.json new file mode 100644 index 0000000000..3418e32506 --- /dev/null +++ b/2010/CVE-2010-3332.json @@ -0,0 +1,25 @@ +[ + { + "id": 106621452, + "name": "MS10-070", + "full_name": "bongbongco\/MS10-070", + "owner": { + "login": "bongbongco", + "id": 3170006, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3170006?v=4", + "html_url": "https:\/\/github.com\/bongbongco" + }, + "html_url": "https:\/\/github.com\/bongbongco\/MS10-070", + "description": "CVE-2010-3332 Oracle Padding Vulnerability in Microsoft ASP.NET", + "fork": false, + "created_at": "2017-10-11T23:50:33Z", + "updated_at": "2020-07-17T05:12:24Z", + "pushed_at": "2017-10-11T23:50:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2010/CVE-2010-3437.json b/2010/CVE-2010-3437.json new file mode 100644 index 0000000000..9575a41360 --- /dev/null +++ b/2010/CVE-2010-3437.json @@ -0,0 +1,25 @@ +[ + { + "id": 222810581, + "name": "CVE-2010-3437", + "full_name": "huang-emily\/CVE-2010-3437", + "owner": { + "login": "huang-emily", + "id": 25013982, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/25013982?v=4", + "html_url": "https:\/\/github.com\/huang-emily" + }, + "html_url": "https:\/\/github.com\/huang-emily\/CVE-2010-3437", + "description": null, + "fork": false, + "created_at": "2019-11-19T23:35:57Z", + "updated_at": "2019-11-19T23:36:01Z", + "pushed_at": "2019-11-19T23:35:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2010/CVE-2010-3490.json b/2010/CVE-2010-3490.json new file mode 100644 index 0000000000..8a4e1923bc --- /dev/null +++ b/2010/CVE-2010-3490.json @@ -0,0 +1,25 @@ +[ + { + "id": 226908489, + "name": "CVE-2010-3490", + "full_name": "moayadalmalat\/CVE-2010-3490", + "owner": { + "login": "moayadalmalat", + "id": 42471675, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/42471675?v=4", + "html_url": "https:\/\/github.com\/moayadalmalat" + }, + "html_url": "https:\/\/github.com\/moayadalmalat\/CVE-2010-3490", + "description": "FreePBX exploit <= 2.8.0", + "fork": false, + "created_at": "2019-12-09T15:49:21Z", + "updated_at": "2019-12-09T15:57:52Z", + "pushed_at": "2019-12-09T15:57:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2010/CVE-2010-4221.json b/2010/CVE-2010-4221.json new file mode 100644 index 0000000000..6aaf377106 --- /dev/null +++ b/2010/CVE-2010-4221.json @@ -0,0 +1,25 @@ +[ + { + "id": 108682441, + "name": "cve-2010-4221", + "full_name": "M31MOTH\/cve-2010-4221", + "owner": { + "login": "M31MOTH", + "id": 10201432, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/10201432?v=4", + "html_url": "https:\/\/github.com\/M31MOTH" + }, + "html_url": "https:\/\/github.com\/M31MOTH\/cve-2010-4221", + "description": "This exploit was written to study some concepts, enjoy!", + "fork": false, + "created_at": "2017-10-28T20:37:26Z", + "updated_at": "2020-03-26T15:45:57Z", + "pushed_at": "2017-10-22T19:46:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 11, + "forks": 11, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2010/CVE-2010-4258.json b/2010/CVE-2010-4258.json new file mode 100644 index 0000000000..a7d05d8821 --- /dev/null +++ b/2010/CVE-2010-4258.json @@ -0,0 +1,25 @@ +[ + { + "id": 30897048, + "name": "CVE-2010-4258", + "full_name": "johnreginald\/CVE-2010-4258", + "owner": { + "login": "johnreginald", + "id": 8102802, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8102802?v=4", + "html_url": "https:\/\/github.com\/johnreginald" + }, + "html_url": "https:\/\/github.com\/johnreginald\/CVE-2010-4258", + "description": "Exploit based on a faulty clone(2) implementation in Linux < 2.6.36.2 that allows overwrite of arbitrary kernel word with NULL. Research and personal-security use only. Not malicious.", + "fork": false, + "created_at": "2015-02-17T01:12:55Z", + "updated_at": "2016-09-04T16:50:03Z", + "pushed_at": "2012-07-12T18:58:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2014/CVE-2014-4210.json b/2014/CVE-2014-4210.json index 9f9e43fa7f..8b1e84c4be 100644 --- a/2014/CVE-2014-4210.json +++ b/2014/CVE-2014-4210.json @@ -36,13 +36,13 @@ "description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2020-07-18T02:31:28Z", + "updated_at": "2020-07-19T08:03:38Z", "pushed_at": "2020-07-05T12:59:42Z", - "stargazers_count": 508, - "watchers_count": 508, + "stargazers_count": 511, + "watchers_count": 511, "forks_count": 123, "forks": 123, - "watchers": 508, + "watchers": 511, "score": 0 } ] \ No newline at end of file diff --git a/2015/CVE-2015-3306.json b/2015/CVE-2015-3306.json index 9ddd3bfeea..4303b2eb70 100644 --- a/2015/CVE-2015-3306.json +++ b/2015/CVE-2015-3306.json @@ -59,13 +59,13 @@ "description": "ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container", "fork": false, "created_at": "2017-01-08T14:19:51Z", - "updated_at": "2020-07-13T17:21:06Z", + "updated_at": "2020-07-19T07:51:45Z", "pushed_at": "2018-04-07T01:10:06Z", - "stargazers_count": 57, - "watchers_count": 57, + "stargazers_count": 58, + "watchers_count": 58, "forks_count": 27, "forks": 27, - "watchers": 57, + "watchers": 58, "score": 0 }, { diff --git a/2016/CVE-2016-0638.json b/2016/CVE-2016-0638.json index 397a54f8ab..881ddef5a3 100644 --- a/2016/CVE-2016-0638.json +++ b/2016/CVE-2016-0638.json @@ -13,13 +13,13 @@ "description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2020-07-18T02:31:28Z", + "updated_at": "2020-07-19T08:03:38Z", "pushed_at": "2020-07-05T12:59:42Z", - "stargazers_count": 508, - "watchers_count": 508, + "stargazers_count": 511, + "watchers_count": 511, "forks_count": 123, "forks": 123, - "watchers": 508, + "watchers": 511, "score": 0 } ] \ No newline at end of file diff --git a/2017/CVE-2017-3248.json b/2017/CVE-2017-3248.json index 417552c791..98b1038e96 100644 --- a/2017/CVE-2017-3248.json +++ b/2017/CVE-2017-3248.json @@ -36,13 +36,13 @@ "description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2020-07-18T02:31:28Z", + "updated_at": "2020-07-19T08:03:38Z", "pushed_at": "2020-07-05T12:59:42Z", - "stargazers_count": 508, - "watchers_count": 508, + "stargazers_count": 511, + "watchers_count": 511, "forks_count": 123, "forks": 123, - "watchers": 508, + "watchers": 511, "score": 0 } ] \ No newline at end of file diff --git a/2017/CVE-2017-5792.json b/2017/CVE-2017-5792.json index 345dc0aa07..c1263c162e 100644 --- a/2017/CVE-2017-5792.json +++ b/2017/CVE-2017-5792.json @@ -1,25 +1,25 @@ [ { - "id": 137969508, + "id": 137987555, "name": "HPE-iMC-7.3-RMI-Java-Deserialization", - "full_name": "RealBearcat\/HPE-iMC-7.3-RMI-Java-Deserialization", + "full_name": "scanfsec\/HPE-iMC-7.3-RMI-Java-Deserialization", "owner": { - "login": "RealBearcat", - "id": 22558737, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/22558737?v=4", - "html_url": "https:\/\/github.com\/RealBearcat" + "login": "scanfsec", + "id": 8190138, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/8190138?v=4", + "html_url": "https:\/\/github.com\/scanfsec" }, - "html_url": "https:\/\/github.com\/RealBearcat\/HPE-iMC-7.3-RMI-Java-Deserialization", + "html_url": "https:\/\/github.com\/scanfsec\/HPE-iMC-7.3-RMI-Java-Deserialization", "description": "CVE-2017-5792", "fork": false, - "created_at": "2018-06-20T02:25:38Z", - "updated_at": "2020-04-22T13:24:04Z", + "created_at": "2018-06-20T06:08:47Z", + "updated_at": "2020-07-19T09:02:14Z", "pushed_at": "2018-06-20T02:31:20Z", - "stargazers_count": 4, - "watchers_count": 4, - "forks_count": 1, - "forks": 1, - "watchers": 4, + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, "score": 0 } ] \ No newline at end of file diff --git a/2018/CVE-2018-2628.json b/2018/CVE-2018-2628.json index b316b125f6..16906c269a 100644 --- a/2018/CVE-2018-2628.json +++ b/2018/CVE-2018-2628.json @@ -450,13 +450,13 @@ "description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2020-07-18T02:31:28Z", + "updated_at": "2020-07-19T08:03:38Z", "pushed_at": "2020-07-05T12:59:42Z", - "stargazers_count": 508, - "watchers_count": 508, + "stargazers_count": 511, + "watchers_count": 511, "forks_count": 123, "forks": 123, - "watchers": 508, + "watchers": 511, "score": 0 } ] \ No newline at end of file diff --git a/2018/CVE-2018-2893.json b/2018/CVE-2018-2893.json index 2230ddbc83..8de4025238 100644 --- a/2018/CVE-2018-2893.json +++ b/2018/CVE-2018-2893.json @@ -82,13 +82,13 @@ "description": "CVE-2018-2893-PoC", "fork": false, "created_at": "2018-07-22T01:15:58Z", - "updated_at": "2020-06-24T10:56:07Z", + "updated_at": "2020-07-19T04:48:49Z", "pushed_at": "2018-10-27T01:42:20Z", - "stargazers_count": 86, - "watchers_count": 86, + "stargazers_count": 87, + "watchers_count": 87, "forks_count": 37, "forks": 37, - "watchers": 86, + "watchers": 87, "score": 0 }, { diff --git a/2018/CVE-2018-3191.json b/2018/CVE-2018-3191.json index 784210b12f..bbdd02ee0c 100644 --- a/2018/CVE-2018-3191.json +++ b/2018/CVE-2018-3191.json @@ -17,8 +17,8 @@ "pushed_at": "2018-10-21T17:28:13Z", "stargazers_count": 1, "watchers_count": 1, - "forks_count": 56, - "forks": 56, + "forks_count": 55, + "forks": 55, "watchers": 1, "score": 0 }, @@ -40,8 +40,8 @@ "pushed_at": "2018-10-26T17:54:54Z", "stargazers_count": 92, "watchers_count": 92, - "forks_count": 40, - "forks": 40, + "forks_count": 39, + "forks": 39, "watchers": 92, "score": 0 }, diff --git a/2018/CVE-2018-3245.json b/2018/CVE-2018-3245.json index 8bac5cb93a..fad0585b70 100644 --- a/2018/CVE-2018-3245.json +++ b/2018/CVE-2018-3245.json @@ -17,8 +17,8 @@ "pushed_at": "2018-10-27T01:41:18Z", "stargazers_count": 148, "watchers_count": 148, - "forks_count": 62, - "forks": 62, + "forks_count": 61, + "forks": 61, "watchers": 148, "score": 0 }, diff --git a/2018/CVE-2018-6242.json b/2018/CVE-2018-6242.json index a2927778e7..5c494bab50 100644 --- a/2018/CVE-2018-6242.json +++ b/2018/CVE-2018-6242.json @@ -13,13 +13,13 @@ "description": "My first Android app: Launch Fusée Gelée payloads from stock Android (CVE-2018-6242)", "fork": false, "created_at": "2018-04-28T11:50:00Z", - "updated_at": "2020-07-13T15:00:09Z", + "updated_at": "2020-07-19T09:04:21Z", "pushed_at": "2018-08-30T05:37:03Z", - "stargazers_count": 399, - "watchers_count": 399, + "stargazers_count": 400, + "watchers_count": 400, "forks_count": 52, "forks": 52, - "watchers": 399, + "watchers": 400, "score": 0 }, { diff --git a/2019/CVE-2019-0192.json b/2019/CVE-2019-0192.json new file mode 100644 index 0000000000..3e308aff6c --- /dev/null +++ b/2019/CVE-2019-0192.json @@ -0,0 +1,48 @@ +[ + { + "id": 174814901, + "name": "CVE-2019-0192", + "full_name": "mpgn\/CVE-2019-0192", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-0192", + "description": "RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl", + "fork": false, + "created_at": "2019-03-10T11:35:26Z", + "updated_at": "2020-06-27T16:16:13Z", + "pushed_at": "2019-03-10T18:33:43Z", + "stargazers_count": 206, + "watchers_count": 206, + "forks_count": 58, + "forks": 58, + "watchers": 206, + "score": 0 + }, + { + "id": 218993619, + "name": "Solr-RCE-CVE-2019-0192", + "full_name": "Rapidsafeguard\/Solr-RCE-CVE-2019-0192", + "owner": { + "login": "Rapidsafeguard", + "id": 48471397, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/48471397?v=4", + "html_url": "https:\/\/github.com\/Rapidsafeguard" + }, + "html_url": "https:\/\/github.com\/Rapidsafeguard\/Solr-RCE-CVE-2019-0192", + "description": "Apache Solr remote code execution via dataImportHandler", + "fork": false, + "created_at": "2019-11-01T13:46:37Z", + "updated_at": "2019-12-08T02:19:33Z", + "pushed_at": "2019-11-01T13:58:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0193.json b/2019/CVE-2019-0193.json index 9ea30ff502..13588498d6 100644 --- a/2019/CVE-2019-0193.json +++ b/2019/CVE-2019-0193.json @@ -1,4 +1,50 @@ [ + { + "id": 176290079, + "name": "CVE-2019-0193", + "full_name": "xConsoIe\/CVE-2019-0193", + "owner": { + "login": "xConsoIe", + "id": 48456709, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/48456709?v=4", + "html_url": "https:\/\/github.com\/xConsoIe" + }, + "html_url": "https:\/\/github.com\/xConsoIe\/CVE-2019-0193", + "description": null, + "fork": false, + "created_at": "2019-03-18T13:18:01Z", + "updated_at": "2020-06-01T05:52:53Z", + "pushed_at": "2019-03-18T13:22:48Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 6, + "forks": 6, + "watchers": 6, + "score": 0 + }, + { + "id": 201405406, + "name": "CVE-2019-0193", + "full_name": "jas502n\/CVE-2019-0193", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-0193", + "description": "Apache Solr DataImport Handler RCE", + "fork": false, + "created_at": "2019-08-09T06:27:39Z", + "updated_at": "2020-06-14T22:58:54Z", + "pushed_at": "2019-08-12T02:23:38Z", + "stargazers_count": 72, + "watchers_count": 72, + "forks_count": 35, + "forks": 35, + "watchers": 72, + "score": 0 + }, { "id": 201878363, "name": "solr_exploit", @@ -21,5 +67,28 @@ "forks": 6, "watchers": 28, "score": 0 + }, + { + "id": 206173868, + "name": "CVE-2019-0193-exp", + "full_name": "jaychouzzk\/CVE-2019-0193-exp", + "owner": { + "login": "jaychouzzk", + "id": 45549315, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45549315?v=4", + "html_url": "https:\/\/github.com\/jaychouzzk" + }, + "html_url": "https:\/\/github.com\/jaychouzzk\/CVE-2019-0193-exp", + "description": null, + "fork": false, + "created_at": "2019-09-03T21:16:24Z", + "updated_at": "2019-10-02T11:54:13Z", + "pushed_at": "2019-09-04T15:40:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-0211.json b/2019/CVE-2019-0211.json new file mode 100644 index 0000000000..bf56646983 --- /dev/null +++ b/2019/CVE-2019-0211.json @@ -0,0 +1,25 @@ +[ + { + "id": 186238849, + "name": "Apache-Exploit-2019", + "full_name": "ozkanbilge\/Apache-Exploit-2019", + "owner": { + "login": "ozkanbilge", + "id": 39211596, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/39211596?v=4", + "html_url": "https:\/\/github.com\/ozkanbilge" + }, + "html_url": "https:\/\/github.com\/ozkanbilge\/Apache-Exploit-2019", + "description": "CVE-2019-0211-apache & CVE-2019-6977-imagecolormatch", + "fork": false, + "created_at": "2019-05-12T10:08:57Z", + "updated_at": "2019-12-20T18:01:46Z", + "pushed_at": "2019-05-12T10:09:35Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 4, + "forks": 4, + "watchers": 6, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0227.json b/2019/CVE-2019-0227.json new file mode 100644 index 0000000000..eab1d0effd --- /dev/null +++ b/2019/CVE-2019-0227.json @@ -0,0 +1,25 @@ +[ + { + "id": 217869109, + "name": "cve-2019-0227", + "full_name": "ianxtianxt\/cve-2019-0227", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/cve-2019-0227", + "description": "apache axis1.4远程代码执行漏洞", + "fork": false, + "created_at": "2019-10-27T14:42:54Z", + "updated_at": "2019-10-27T14:51:23Z", + "pushed_at": "2019-10-27T14:51:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0232.json b/2019/CVE-2019-0232.json new file mode 100644 index 0000000000..74b81924a4 --- /dev/null +++ b/2019/CVE-2019-0232.json @@ -0,0 +1,94 @@ +[ + { + "id": 181439043, + "name": "CVE-2019-0232", + "full_name": "pyn3rd\/CVE-2019-0232", + "owner": { + "login": "pyn3rd", + "id": 41412951, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/41412951?v=4", + "html_url": "https:\/\/github.com\/pyn3rd" + }, + "html_url": "https:\/\/github.com\/pyn3rd\/CVE-2019-0232", + "description": "Apache Tomcat Remote Code Execution on Windows", + "fork": false, + "created_at": "2019-04-15T07:54:25Z", + "updated_at": "2020-07-18T16:04:46Z", + "pushed_at": "2019-11-27T07:39:40Z", + "stargazers_count": 174, + "watchers_count": 174, + "forks_count": 48, + "forks": 48, + "watchers": 174, + "score": 0 + }, + { + "id": 181706868, + "name": "CVE-2019-0232", + "full_name": "jas502n\/CVE-2019-0232", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-0232", + "description": "Apache Tomcat Remote Code Execution on Windows - CGI-BIN", + "fork": false, + "created_at": "2019-04-16T14:32:03Z", + "updated_at": "2020-07-14T04:28:05Z", + "pushed_at": "2019-04-17T02:42:03Z", + "stargazers_count": 55, + "watchers_count": 55, + "forks_count": 23, + "forks": 23, + "watchers": 55, + "score": 0 + }, + { + "id": 188168912, + "name": "CVE-2019-0232-EXP", + "full_name": "CherishHair\/CVE-2019-0232-EXP", + "owner": { + "login": "CherishHair", + "id": 16273668, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/16273668?v=4", + "html_url": "https:\/\/github.com\/CherishHair" + }, + "html_url": "https:\/\/github.com\/CherishHair\/CVE-2019-0232-EXP", + "description": null, + "fork": false, + "created_at": "2019-05-23T05:44:29Z", + "updated_at": "2019-11-27T11:05:38Z", + "pushed_at": "2019-05-23T13:13:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + }, + { + "id": 223192188, + "name": "CVE-2019-0232", + "full_name": "setrus\/CVE-2019-0232", + "owner": { + "login": "setrus", + "id": 34648357, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/34648357?v=4", + "html_url": "https:\/\/github.com\/setrus" + }, + "html_url": "https:\/\/github.com\/setrus\/CVE-2019-0232", + "description": "CVE-2019-0232-Remote Code Execution on Apache Tomcat 7.0.42", + "fork": false, + "created_at": "2019-11-21T14:25:39Z", + "updated_at": "2020-05-21T21:39:43Z", + "pushed_at": "2019-11-21T15:03:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0539.json b/2019/CVE-2019-0539.json new file mode 100644 index 0000000000..b51dcba859 --- /dev/null +++ b/2019/CVE-2019-0539.json @@ -0,0 +1,25 @@ +[ + { + "id": 196580913, + "name": "CVE-2019-0539", + "full_name": "0x43434343\/CVE-2019-0539", + "owner": { + "login": "0x43434343", + "id": 28482599, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/28482599?v=4", + "html_url": "https:\/\/github.com\/0x43434343" + }, + "html_url": "https:\/\/github.com\/0x43434343\/CVE-2019-0539", + "description": "R\/W ", + "fork": false, + "created_at": "2019-07-12T13:06:17Z", + "updated_at": "2020-06-15T12:29:01Z", + "pushed_at": "2019-07-12T13:18:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0604.json b/2019/CVE-2019-0604.json new file mode 100644 index 0000000000..b07cf7c445 --- /dev/null +++ b/2019/CVE-2019-0604.json @@ -0,0 +1,117 @@ +[ + { + "id": 177246255, + "name": "CVE-2019-0604", + "full_name": "linhlhq\/CVE-2019-0604", + "owner": { + "login": "linhlhq", + "id": 28854132, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/28854132?v=4", + "html_url": "https:\/\/github.com\/linhlhq" + }, + "html_url": "https:\/\/github.com\/linhlhq\/CVE-2019-0604", + "description": "CVE-2019-0604", + "fork": false, + "created_at": "2019-03-23T05:01:54Z", + "updated_at": "2020-07-13T18:10:36Z", + "pushed_at": "2019-03-22T05:45:44Z", + "stargazers_count": 126, + "watchers_count": 126, + "forks_count": 75, + "forks": 75, + "watchers": 126, + "score": 0 + }, + { + "id": 179413290, + "name": "CVE-2019-0604_sharepoint_CVE", + "full_name": "denmilu\/CVE-2019-0604_sharepoint_CVE", + "owner": { + "login": "denmilu", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/denmilu" + }, + "html_url": "https:\/\/github.com\/denmilu\/CVE-2019-0604_sharepoint_CVE", + "description": null, + "fork": false, + "created_at": "2019-04-04T03:17:30Z", + "updated_at": "2019-04-04T03:17:59Z", + "pushed_at": "2019-04-04T03:17:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 3, + "forks": 3, + "watchers": 0, + "score": 0 + }, + { + "id": 193926769, + "name": "CVE-2019-0604", + "full_name": "k8gege\/CVE-2019-0604", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege" + }, + "html_url": "https:\/\/github.com\/k8gege\/CVE-2019-0604", + "description": "cve-2019-0604 SharePoint RCE exploit", + "fork": false, + "created_at": "2019-06-26T15:00:29Z", + "updated_at": "2020-07-16T09:30:40Z", + "pushed_at": "2019-10-18T14:49:10Z", + "stargazers_count": 81, + "watchers_count": 81, + "forks_count": 57, + "forks": 57, + "watchers": 81, + "score": 0 + }, + { + "id": 208650796, + "name": "CVE-2019-0604", + "full_name": "m5050\/CVE-2019-0604", + "owner": { + "login": "m5050", + "id": 18764171, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/18764171?v=4", + "html_url": "https:\/\/github.com\/m5050" + }, + "html_url": "https:\/\/github.com\/m5050\/CVE-2019-0604", + "description": "CVE-2019-0604: SharePoint RCE detection rules and sample PCAP", + "fork": false, + "created_at": "2019-09-15T20:06:54Z", + "updated_at": "2020-06-25T02:16:52Z", + "pushed_at": "2019-09-17T19:40:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 227013447, + "name": "CVE-2019-0604", + "full_name": "boxhg\/CVE-2019-0604", + "owner": { + "login": "boxhg", + "id": 40994449, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/40994449?v=4", + "html_url": "https:\/\/github.com\/boxhg" + }, + "html_url": "https:\/\/github.com\/boxhg\/CVE-2019-0604", + "description": "详解 k8gege的SharePoint RCE exploit cve-2019-0604-exp.py的代码,动手制作自己的payload", + "fork": false, + "created_at": "2019-12-10T02:39:57Z", + "updated_at": "2020-05-31T02:28:08Z", + "pushed_at": "2019-12-11T09:33:31Z", + "stargazers_count": 18, + "watchers_count": 18, + "forks_count": 3, + "forks": 3, + "watchers": 18, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0678.json b/2019/CVE-2019-0678.json new file mode 100644 index 0000000000..177b3e8348 --- /dev/null +++ b/2019/CVE-2019-0678.json @@ -0,0 +1,25 @@ +[ + { + "id": 197764635, + "name": "CVE-2019-0678", + "full_name": "c0d3G33k\/CVE-2019-0678", + "owner": { + "login": "c0d3G33k", + "id": 16446505, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16446505?v=4", + "html_url": "https:\/\/github.com\/c0d3G33k" + }, + "html_url": "https:\/\/github.com\/c0d3G33k\/CVE-2019-0678", + "description": "Microsoft Edge Elevation of Privilege Vulnerability", + "fork": false, + "created_at": "2019-07-19T11:55:32Z", + "updated_at": "2019-07-19T12:15:21Z", + "pushed_at": "2019-07-19T12:15:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0708.json b/2019/CVE-2019-0708.json index 5629015be1..28223dc0a8 100644 --- a/2019/CVE-2019-0708.json +++ b/2019/CVE-2019-0708.json @@ -1,4 +1,1591 @@ [ + { + "id": 186699764, + "name": "CVE-2019-0708-poc", + "full_name": "hook-s3c\/CVE-2019-0708-poc", + "owner": { + "login": "hook-s3c", + "id": 31825993, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/31825993?v=4", + "html_url": "https:\/\/github.com\/hook-s3c" + }, + "html_url": "https:\/\/github.com\/hook-s3c\/CVE-2019-0708-poc", + "description": "proof of concept exploit for Microsoft Windows 7 and Server 2008 RDP vulnerability", + "fork": false, + "created_at": "2019-05-14T21:00:50Z", + "updated_at": "2019-11-27T19:50:44Z", + "pushed_at": "2019-05-15T14:23:11Z", + "stargazers_count": 41, + "watchers_count": 41, + "forks_count": 10, + "forks": 10, + "watchers": 41, + "score": 0 + }, + { + "id": 186705259, + "name": "CVE-2019-0708", + "full_name": "SherlockSec\/CVE-2019-0708", + "owner": { + "login": "SherlockSec", + "id": 37545173, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/37545173?v=4", + "html_url": "https:\/\/github.com\/SherlockSec" + }, + "html_url": "https:\/\/github.com\/SherlockSec\/CVE-2019-0708", + "description": "A Win7 RDP exploit", + "fork": false, + "created_at": "2019-05-14T21:47:33Z", + "updated_at": "2019-12-12T01:46:35Z", + "pushed_at": "2019-05-14T21:51:14Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 44, + "forks": 44, + "watchers": 11, + "score": 0 + }, + { + "id": 186731659, + "name": "CVE-2019-0708-PoC", + "full_name": "yetiddbb\/CVE-2019-0708-PoC", + "owner": { + "login": "yetiddbb", + "id": 12067282, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/12067282?v=4", + "html_url": "https:\/\/github.com\/yetiddbb" + }, + "html_url": "https:\/\/github.com\/yetiddbb\/CVE-2019-0708-PoC", + "description": "CVE-2019-0708", + "fork": false, + "created_at": "2019-05-15T02:03:50Z", + "updated_at": "2019-05-15T02:06:00Z", + "pushed_at": "2019-05-15T02:03:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 186734186, + "name": "CVE-2019-0708-exploit", + "full_name": "p0p0p0\/CVE-2019-0708-exploit", + "owner": { + "login": "p0p0p0", + "id": 38487045, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/38487045?v=4", + "html_url": "https:\/\/github.com\/p0p0p0" + }, + "html_url": "https:\/\/github.com\/p0p0p0\/CVE-2019-0708-exploit", + "description": "CVE-2019-0708-exploit", + "fork": false, + "created_at": "2019-05-15T02:24:21Z", + "updated_at": "2020-07-15T13:06:32Z", + "pushed_at": "2019-05-15T02:26:46Z", + "stargazers_count": 112, + "watchers_count": 112, + "forks_count": 24, + "forks": 24, + "watchers": 112, + "score": 0 + }, + { + "id": 186738633, + "name": "CVE-2019-0708-Exploit", + "full_name": "rockmelodies\/CVE-2019-0708-Exploit", + "owner": { + "login": "rockmelodies", + "id": 24653177, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/24653177?v=4", + "html_url": "https:\/\/github.com\/rockmelodies" + }, + "html_url": "https:\/\/github.com\/rockmelodies\/CVE-2019-0708-Exploit", + "description": "Using CVE-2019-0708 to Locally Promote Privileges in Windows 10 System", + "fork": false, + "created_at": "2019-05-15T02:58:04Z", + "updated_at": "2020-06-27T16:06:34Z", + "pushed_at": "2019-05-15T02:51:24Z", + "stargazers_count": 30, + "watchers_count": 30, + "forks_count": 34, + "forks": 34, + "watchers": 30, + "score": 0 + }, + { + "id": 186746847, + "name": "CVE-2019-0708", + "full_name": "matengfei000\/CVE-2019-0708", + "owner": { + "login": "matengfei000", + "id": 5724472, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/5724472?v=4", + "html_url": "https:\/\/github.com\/matengfei000" + }, + "html_url": "https:\/\/github.com\/matengfei000\/CVE-2019-0708", + "description": "CVE-2019-0708 exp", + "fork": false, + "created_at": "2019-05-15T04:05:07Z", + "updated_at": "2019-07-09T21:55:13Z", + "pushed_at": "2019-05-15T08:29:38Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 1, + "forks": 1, + "watchers": 8, + "score": 0 + }, + { + "id": 186769422, + "name": "Dark-Network-CVE-2019-0708", + "full_name": "xiyangzuishuai\/Dark-Network-CVE-2019-0708", + "owner": { + "login": "xiyangzuishuai", + "id": 50652254, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/50652254?v=4", + "html_url": "https:\/\/github.com\/xiyangzuishuai" + }, + "html_url": "https:\/\/github.com\/xiyangzuishuai\/Dark-Network-CVE-2019-0708", + "description": "Dark Net Sunset New Release CVE-2019-0708", + "fork": false, + "created_at": "2019-05-15T07:09:24Z", + "updated_at": "2019-05-15T07:09:24Z", + "pushed_at": "2019-05-15T07:09:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 186771926, + "name": "CVE-2019-0708", + "full_name": "temp-user-2014\/CVE-2019-0708", + "owner": { + "login": "temp-user-2014", + "id": 20980272, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20980272?v=4", + "html_url": "https:\/\/github.com\/temp-user-2014" + }, + "html_url": "https:\/\/github.com\/temp-user-2014\/CVE-2019-0708", + "description": "CVE-2019-0708", + "fork": false, + "created_at": "2019-05-15T07:24:34Z", + "updated_at": "2019-05-15T07:32:17Z", + "pushed_at": "2019-05-15T07:32:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 186793386, + "name": "CVE-2019-0708", + "full_name": "areusecure\/CVE-2019-0708", + "owner": { + "login": "areusecure", + "id": 6128864, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/6128864?v=4", + "html_url": "https:\/\/github.com\/areusecure" + }, + "html_url": "https:\/\/github.com\/areusecure\/CVE-2019-0708", + "description": "Proof of concept exploit for CVE-2019-0708", + "fork": false, + "created_at": "2019-05-15T09:25:04Z", + "updated_at": "2019-07-02T14:34:05Z", + "pushed_at": "2019-05-15T09:25:43Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + }, + { + "id": 186794712, + "name": "cve-2019-0708-2", + "full_name": "pry0cc\/cve-2019-0708-2", + "owner": { + "login": "pry0cc", + "id": 4334403, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/4334403?v=4", + "html_url": "https:\/\/github.com\/pry0cc" + }, + "html_url": "https:\/\/github.com\/pry0cc\/cve-2019-0708-2", + "description": "Testing my new bot out", + "fork": false, + "created_at": "2019-05-15T09:32:28Z", + "updated_at": "2020-06-16T14:40:08Z", + "pushed_at": "2019-05-15T14:55:23Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + }, + { + "id": 186836054, + "name": "CVE-2019-0708-EXPloit", + "full_name": "sbkcbig\/CVE-2019-0708-EXPloit", + "owner": { + "login": "sbkcbig", + "id": 50097122, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/50097122?v=4", + "html_url": "https:\/\/github.com\/sbkcbig" + }, + "html_url": "https:\/\/github.com\/sbkcbig\/CVE-2019-0708-EXPloit", + "description": "POCexp:https:\/\/pan.baidu.com\/s\/184gN1tJVIOYqOjaezM_VsA 提取码:e2k8 ", + "fork": false, + "created_at": "2019-05-15T13:49:09Z", + "updated_at": "2019-05-18T21:22:51Z", + "pushed_at": "2019-05-15T20:15:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 186838257, + "name": "CVE-2019-0708-EXPloit-3389", + "full_name": "sbkcbig\/CVE-2019-0708-EXPloit-3389", + "owner": { + "login": "sbkcbig", + "id": 50097122, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/50097122?v=4", + "html_url": "https:\/\/github.com\/sbkcbig" + }, + "html_url": "https:\/\/github.com\/sbkcbig\/CVE-2019-0708-EXPloit-3389", + "description": "EXPloit-poc: https:\/\/pan.baidu.com\/s\/184gN1tJVIOYqOjaezM_VsA 提取码:e2k8", + "fork": false, + "created_at": "2019-05-15T14:00:38Z", + "updated_at": "2019-05-16T02:41:17Z", + "pushed_at": "2019-05-15T14:08:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 186840820, + "name": "MS_T120", + "full_name": "YSheldon\/MS_T120", + "owner": { + "login": "YSheldon", + "id": 36796460, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/36796460?v=4", + "html_url": "https:\/\/github.com\/YSheldon" + }, + "html_url": "https:\/\/github.com\/YSheldon\/MS_T120", + "description": "CVE-2019-0708", + "fork": false, + "created_at": "2019-05-15T14:14:04Z", + "updated_at": "2019-05-22T16:41:18Z", + "pushed_at": "2019-05-15T16:07:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 186849775, + "name": "CVE-2019-0708", + "full_name": "k8gege\/CVE-2019-0708", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege" + }, + "html_url": "https:\/\/github.com\/k8gege\/CVE-2019-0708", + "description": "3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)", + "fork": false, + "created_at": "2019-05-15T15:01:38Z", + "updated_at": "2020-07-09T02:40:21Z", + "pushed_at": "2019-06-13T13:07:03Z", + "stargazers_count": 299, + "watchers_count": 299, + "forks_count": 177, + "forks": 177, + "watchers": 299, + "score": 0 + }, + { + "id": 186851202, + "name": "RDS_CVE-2019-0708", + "full_name": "hotdog777714\/RDS_CVE-2019-0708", + "owner": { + "login": "hotdog777714", + "id": 50670387, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/50670387?v=4", + "html_url": "https:\/\/github.com\/hotdog777714" + }, + "html_url": "https:\/\/github.com\/hotdog777714\/RDS_CVE-2019-0708", + "description": "exploit CVE-2019-0708 RDS", + "fork": false, + "created_at": "2019-05-15T15:09:37Z", + "updated_at": "2019-07-23T12:24:00Z", + "pushed_at": "2019-05-15T08:17:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 186854844, + "name": "CVE-2019-0708", + "full_name": "jiansiting\/CVE-2019-0708", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting" + }, + "html_url": "https:\/\/github.com\/jiansiting\/CVE-2019-0708", + "description": "RDP POC", + "fork": false, + "created_at": "2019-05-15T15:29:05Z", + "updated_at": "2020-02-10T11:52:30Z", + "pushed_at": "2019-06-01T04:12:19Z", + "stargazers_count": 18, + "watchers_count": 18, + "forks_count": 14, + "forks": 14, + "watchers": 18, + "score": 0 + }, + { + "id": 186863422, + "name": "CVE-2019-0708", + "full_name": "NullByteSuiteDevs\/CVE-2019-0708", + "owner": { + "login": "NullByteSuiteDevs", + "id": 15307246, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15307246?v=4", + "html_url": "https:\/\/github.com\/NullByteSuiteDevs" + }, + "html_url": "https:\/\/github.com\/NullByteSuiteDevs\/CVE-2019-0708", + "description": "PoC exploit for BlueKeep (CVE-2019-0708)", + "fork": false, + "created_at": "2019-05-15T16:22:02Z", + "updated_at": "2020-05-15T03:25:45Z", + "pushed_at": "2019-05-15T16:24:12Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 3, + "forks": 3, + "watchers": 6, + "score": 0 + }, + { + "id": 186865180, + "name": "CVE-2019-0708", + "full_name": "thugcrowd\/CVE-2019-0708", + "owner": { + "login": "thugcrowd", + "id": 40207376, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/40207376?v=4", + "html_url": "https:\/\/github.com\/thugcrowd" + }, + "html_url": "https:\/\/github.com\/thugcrowd\/CVE-2019-0708", + "description": "sup pry0cc :3", + "fork": false, + "created_at": "2019-05-15T16:33:31Z", + "updated_at": "2020-03-24T14:55:02Z", + "pushed_at": "2019-08-28T02:51:47Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 0, + "forks": 0, + "watchers": 6, + "score": 0 + }, + { + "id": 186874375, + "name": "CVE-2019-0708-PoC", + "full_name": "omaidf\/CVE-2019-0708-PoC", + "owner": { + "login": "omaidf", + "id": 11565994, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/11565994?v=4", + "html_url": "https:\/\/github.com\/omaidf" + }, + "html_url": "https:\/\/github.com\/omaidf\/CVE-2019-0708-PoC", + "description": "Windows RPD Exploit", + "fork": false, + "created_at": "2019-05-15T17:32:51Z", + "updated_at": "2019-05-15T17:33:12Z", + "pushed_at": "2019-05-15T17:33:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 186877745, + "name": "CVE-2019-0708", + "full_name": "blacksunwen\/CVE-2019-0708", + "owner": { + "login": "blacksunwen", + "id": 26432151, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/26432151?v=4", + "html_url": "https:\/\/github.com\/blacksunwen" + }, + "html_url": "https:\/\/github.com\/blacksunwen\/CVE-2019-0708", + "description": "CVE-2019-0708", + "fork": false, + "created_at": "2019-05-15T17:56:22Z", + "updated_at": "2020-05-15T03:25:41Z", + "pushed_at": "2019-05-29T10:17:16Z", + "stargazers_count": 21, + "watchers_count": 21, + "forks_count": 10, + "forks": 10, + "watchers": 21, + "score": 0 + }, + { + "id": 186887802, + "name": "CVE-2019-0708", + "full_name": "infenet\/CVE-2019-0708", + "owner": { + "login": "infenet", + "id": 34240091, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/34240091?v=4", + "html_url": "https:\/\/github.com\/infenet" + }, + "html_url": "https:\/\/github.com\/infenet\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-05-15T19:11:03Z", + "updated_at": "2019-06-03T05:03:55Z", + "pushed_at": "2019-05-15T18:35:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 186893561, + "name": "CVE-2019-0708", + "full_name": "n0auth\/CVE-2019-0708", + "owner": { + "login": "n0auth", + "id": 50678852, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/50678852?v=4", + "html_url": "https:\/\/github.com\/n0auth" + }, + "html_url": "https:\/\/github.com\/n0auth\/CVE-2019-0708", + "description": "Totally legitimate", + "fork": false, + "created_at": "2019-05-15T19:53:34Z", + "updated_at": "2020-01-11T19:07:22Z", + "pushed_at": "2019-05-15T20:14:13Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 12, + "forks": 12, + "watchers": 11, + "score": 0 + }, + { + "id": 186895051, + "name": "CVE-2019-0708", + "full_name": "gildaaa\/CVE-2019-0708", + "owner": { + "login": "gildaaa", + "id": 46685831, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/46685831?v=4", + "html_url": "https:\/\/github.com\/gildaaa" + }, + "html_url": "https:\/\/github.com\/gildaaa\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-05-15T20:04:23Z", + "updated_at": "2019-05-16T06:13:19Z", + "pushed_at": "2019-05-15T20:05:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 186897948, + "name": "CVE-2019-0708-Poc-exploit", + "full_name": "sbkcbig\/CVE-2019-0708-Poc-exploit", + "owner": { + "login": "sbkcbig", + "id": 50097122, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/50097122?v=4", + "html_url": "https:\/\/github.com\/sbkcbig" + }, + "html_url": "https:\/\/github.com\/sbkcbig\/CVE-2019-0708-Poc-exploit", + "description": "CVE-2019-0708 EXPloit-poc 漏洞描述 微软官方紧急发布安全补丁,修复了一个Windows远程桌面服务的远程代码执行漏洞CVE-2019-0708,该漏洞影响了某些旧版本的Windows系统。此漏洞是预身份验证,无需用户交互。当未经身份验证的攻击者使用RDP(常见端口3389)连接到目标系统并发送特制请求时,可以在目标系统上执行任意命令。甚至传播恶意蠕虫,感染内网其他机器。类似于2017年爆发的WannaCry等恶意勒索软件病毒。 漏洞评级 CVE-2019-0708 严重 安全建议 1、针对Windows 7及Windows Server 2008的用户,及时安装官方安全补丁:https:\/\/www.catalog.update.microsoft.com\/Search.aspx?q=KB4499175 2、针对Windows 2003及Windows XP的用户,及时更新系统版本或安装官方补丁:https:\/\/support.microsoft.com\/zh-cn\/help\/4500705\/customer-guidance-for-cve-2019-0708 CVE-2019-0708 EXPloit-poc 影响版本 Windows7 XP Windows 2003 Windows Server 2008 Windows Server 2008 R2 EXPloit-poc: https:\/\/pan.baidu.com\/s\/184gN1tJVIOYqOjaezM_VsA 提取码:e2k8", + "fork": false, + "created_at": "2019-05-15T20:26:34Z", + "updated_at": "2019-05-26T11:08:07Z", + "pushed_at": "2019-05-15T20:26:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 186908816, + "name": "CVE-2019-0708", + "full_name": "HackerJ0e\/CVE-2019-0708", + "owner": { + "login": "HackerJ0e", + "id": 19658269, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/19658269?v=4", + "html_url": "https:\/\/github.com\/HackerJ0e" + }, + "html_url": "https:\/\/github.com\/HackerJ0e\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-05-15T22:03:28Z", + "updated_at": "2019-05-15T22:09:37Z", + "pushed_at": "2019-05-15T22:09:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 186922161, + "name": "CVE-2019-0708", + "full_name": "syriusbughunt\/CVE-2019-0708", + "owner": { + "login": "syriusbughunt", + "id": 45476916, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/45476916?v=4", + "html_url": "https:\/\/github.com\/syriusbughunt" + }, + "html_url": "https:\/\/github.com\/syriusbughunt\/CVE-2019-0708", + "description": "PoC about CVE-2019-0708 (RDP; Windows 7, Windows Server 2003, Windows Server 2008) ", + "fork": false, + "created_at": "2019-05-16T00:34:23Z", + "updated_at": "2020-05-15T03:25:35Z", + "pushed_at": "2019-05-16T02:12:17Z", + "stargazers_count": 40, + "watchers_count": 40, + "forks_count": 9, + "forks": 9, + "watchers": 40, + "score": 0 + }, + { + "id": 186923282, + "name": "CVE-2019-0708", + "full_name": "Barry-McCockiner\/CVE-2019-0708", + "owner": { + "login": "Barry-McCockiner", + "id": 50684175, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/50684175?v=4", + "html_url": "https:\/\/github.com\/Barry-McCockiner" + }, + "html_url": "https:\/\/github.com\/Barry-McCockiner\/CVE-2019-0708", + "description": "A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.", + "fork": false, + "created_at": "2019-05-16T00:45:55Z", + "updated_at": "2019-05-16T00:52:52Z", + "pushed_at": "2019-05-16T00:52:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + }, + { + "id": 186924355, + "name": "CVE-2019-0708", + "full_name": "ShadowBrokers-ExploitLeak\/CVE-2019-0708", + "owner": { + "login": "ShadowBrokers-ExploitLeak", + "id": 50684502, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/50684502?v=4", + "html_url": "https:\/\/github.com\/ShadowBrokers-ExploitLeak" + }, + "html_url": "https:\/\/github.com\/ShadowBrokers-ExploitLeak\/CVE-2019-0708", + "description": "A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.", + "fork": false, + "created_at": "2019-05-16T00:56:58Z", + "updated_at": "2019-06-03T05:04:19Z", + "pushed_at": "2019-05-16T01:00:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 186978771, + "name": "CVE-2019-0708", + "full_name": "shumtheone\/CVE-2019-0708", + "owner": { + "login": "shumtheone", + "id": 41236357, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/41236357?v=4", + "html_url": "https:\/\/github.com\/shumtheone" + }, + "html_url": "https:\/\/github.com\/shumtheone\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-05-16T07:48:55Z", + "updated_at": "2019-05-27T23:09:54Z", + "pushed_at": "2019-05-16T07:58:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 187001080, + "name": "CVE-2019-0708", + "full_name": "safly\/CVE-2019-0708", + "owner": { + "login": "safly", + "id": 10373139, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/10373139?v=4", + "html_url": "https:\/\/github.com\/safly" + }, + "html_url": "https:\/\/github.com\/safly\/CVE-2019-0708", + "description": "CVE-2019-0708 demo", + "fork": false, + "created_at": "2019-05-16T09:55:25Z", + "updated_at": "2019-05-22T06:17:03Z", + "pushed_at": "2019-05-16T04:25:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 187032294, + "name": "cve-2019-0708-exp", + "full_name": "Jaky5155\/cve-2019-0708-exp", + "owner": { + "login": "Jaky5155", + "id": 47801640, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/47801640?v=4", + "html_url": "https:\/\/github.com\/Jaky5155" + }, + "html_url": "https:\/\/github.com\/Jaky5155\/cve-2019-0708-exp", + "description": null, + "fork": false, + "created_at": "2019-05-16T13:21:02Z", + "updated_at": "2020-04-05T08:55:16Z", + "pushed_at": "2019-05-22T04:24:58Z", + "stargazers_count": 30, + "watchers_count": 30, + "forks_count": 25, + "forks": 25, + "watchers": 30, + "score": 0 + }, + { + "id": 187057686, + "name": "CVE-2019-0708-Check-Device-Patch-Status", + "full_name": "fourtwizzy\/CVE-2019-0708-Check-Device-Patch-Status", + "owner": { + "login": "fourtwizzy", + "id": 1735941, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/1735941?v=4", + "html_url": "https:\/\/github.com\/fourtwizzy" + }, + "html_url": "https:\/\/github.com\/fourtwizzy\/CVE-2019-0708-Check-Device-Patch-Status", + "description": "Powershell script to run and determine if a specific device has been patched for CVE-2019-0708. This checks to see if the termdd.sys file has been updated appropriate and is at a version level at or greater than the versions released in the 5\/14\/19 patches.", + "fork": false, + "created_at": "2019-05-16T15:47:29Z", + "updated_at": "2020-07-14T03:50:16Z", + "pushed_at": "2019-08-28T17:14:57Z", + "stargazers_count": 19, + "watchers_count": 19, + "forks_count": 8, + "forks": 8, + "watchers": 19, + "score": 0 + }, + { + "id": 187063902, + "name": "CVE-2019-0708", + "full_name": "303sec\/CVE-2019-0708", + "owner": { + "login": "303sec", + "id": 39656643, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/39656643?v=4", + "html_url": "https:\/\/github.com\/303sec" + }, + "html_url": "https:\/\/github.com\/303sec\/CVE-2019-0708", + "description": "POC for CVE-2019-0708", + "fork": false, + "created_at": "2019-05-16T16:26:30Z", + "updated_at": "2019-05-18T04:43:06Z", + "pushed_at": "2019-05-17T08:34:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 187097173, + "name": "CVE-2019-0708-POC", + "full_name": "f8al\/CVE-2019-0708-POC", + "owner": { + "login": "f8al", + "id": 7221183, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/7221183?v=4", + "html_url": "https:\/\/github.com\/f8al" + }, + "html_url": "https:\/\/github.com\/f8al\/CVE-2019-0708-POC", + "description": "PoC for CVE-2019-0708", + "fork": false, + "created_at": "2019-05-16T20:30:36Z", + "updated_at": "2020-03-25T06:15:05Z", + "pushed_at": "2019-05-28T22:20:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 187139993, + "name": "CVE-2019-0708", + "full_name": "blockchainguard\/CVE-2019-0708", + "owner": { + "login": "blockchainguard", + "id": 43979150, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/43979150?v=4", + "html_url": "https:\/\/github.com\/blockchainguard" + }, + "html_url": "https:\/\/github.com\/blockchainguard\/CVE-2019-0708", + "description": "CVE-2019-0708漏洞MSF批量巡检插件", + "fork": false, + "created_at": "2019-05-17T03:25:42Z", + "updated_at": "2019-08-09T02:10:48Z", + "pushed_at": "2019-05-23T04:21:09Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + }, + { + "id": 187151227, + "name": "CVE-2019-0708", + "full_name": "haoge8090\/CVE-2019-0708", + "owner": { + "login": "haoge8090", + "id": 37906481, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/37906481?v=4", + "html_url": "https:\/\/github.com\/haoge8090" + }, + "html_url": "https:\/\/github.com\/haoge8090\/CVE-2019-0708", + "description": "CVE-2019-0708 Exploit", + "fork": false, + "created_at": "2019-05-17T05:19:32Z", + "updated_at": "2020-06-09T14:59:39Z", + "pushed_at": "2019-05-18T12:03:45Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, + { + "id": 187245631, + "name": "CVE-2019-0708", + "full_name": "branbot1000\/CVE-2019-0708", + "owner": { + "login": "branbot1000", + "id": 48649199, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/48649199?v=4", + "html_url": "https:\/\/github.com\/branbot1000" + }, + "html_url": "https:\/\/github.com\/branbot1000\/CVE-2019-0708", + "description": "Blank repo, promise not a troll, just research", + "fork": false, + "created_at": "2019-05-17T16:03:30Z", + "updated_at": "2019-05-17T16:03:33Z", + "pushed_at": "2019-05-17T16:03:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 187297714, + "name": "CVE-2019-0708", + "full_name": "yushiro\/CVE-2019-0708", + "owner": { + "login": "yushiro", + "id": 415386, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/415386?v=4", + "html_url": "https:\/\/github.com\/yushiro" + }, + "html_url": "https:\/\/github.com\/yushiro\/CVE-2019-0708", + "description": "LOL", + "fork": false, + "created_at": "2019-05-18T00:45:15Z", + "updated_at": "2019-08-21T16:05:32Z", + "pushed_at": "2019-05-17T13:01:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 187336632, + "name": "CVE-2019-0708", + "full_name": "bilawalzardaer\/CVE-2019-0708", + "owner": { + "login": "bilawalzardaer", + "id": 50767001, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/50767001?v=4", + "html_url": "https:\/\/github.com\/bilawalzardaer" + }, + "html_url": "https:\/\/github.com\/bilawalzardaer\/CVE-2019-0708", + "description": "CVE-2019-0708 RDP Remote Code Execute Exploit ", + "fork": false, + "created_at": "2019-05-18T09:02:39Z", + "updated_at": "2019-05-26T07:01:12Z", + "pushed_at": "2019-05-18T09:12:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 187538824, + "name": "CVE-2019-0708-PoC-Hitting-Path", + "full_name": "skyshell20082008\/CVE-2019-0708-PoC-Hitting-Path", + "owner": { + "login": "skyshell20082008", + "id": 32186292, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/32186292?v=4", + "html_url": "https:\/\/github.com\/skyshell20082008" + }, + "html_url": "https:\/\/github.com\/skyshell20082008\/CVE-2019-0708-PoC-Hitting-Path", + "description": "It's only hitting vulnerable path in termdd.sys!!! NOT DOS", + "fork": false, + "created_at": "2019-05-19T23:32:34Z", + "updated_at": "2020-04-01T13:37:05Z", + "pushed_at": "2019-05-19T17:47:28Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 112, + "forks": 112, + "watchers": 13, + "score": 0 + }, + { + "id": 187567229, + "name": "CVE-2019-0708-", + "full_name": "ttsite\/CVE-2019-0708-", + "owner": { + "login": "ttsite", + "id": 43260559, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/43260559?v=4", + "html_url": "https:\/\/github.com\/ttsite" + }, + "html_url": "https:\/\/github.com\/ttsite\/CVE-2019-0708-", + "description": "Announces fraud", + "fork": false, + "created_at": "2019-05-20T04:23:58Z", + "updated_at": "2019-06-11T14:50:34Z", + "pushed_at": "2019-06-11T14:50:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 187758878, + "name": "CVE-2019-0708", + "full_name": "ttsite\/CVE-2019-0708", + "owner": { + "login": "ttsite", + "id": 43260559, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/43260559?v=4", + "html_url": "https:\/\/github.com\/ttsite" + }, + "html_url": "https:\/\/github.com\/ttsite\/CVE-2019-0708", + "description": "Report fraud", + "fork": false, + "created_at": "2019-05-21T04:00:49Z", + "updated_at": "2019-07-04T09:25:15Z", + "pushed_at": "2019-07-04T09:25:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 187768807, + "name": "CVE-2019-0708-poc", + "full_name": "biggerwing\/CVE-2019-0708-poc", + "owner": { + "login": "biggerwing", + "id": 23331519, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/23331519?v=4", + "html_url": "https:\/\/github.com\/biggerwing" + }, + "html_url": "https:\/\/github.com\/biggerwing\/CVE-2019-0708-poc", + "description": "CVE-2019-0708 远程代码执行漏洞批量检测", + "fork": false, + "created_at": "2019-05-21T05:38:54Z", + "updated_at": "2020-07-12T15:43:03Z", + "pushed_at": "2019-05-30T02:43:06Z", + "stargazers_count": 74, + "watchers_count": 74, + "forks_count": 26, + "forks": 26, + "watchers": 74, + "score": 0 + }, + { + "id": 187779603, + "name": "CVE-2019-0708", + "full_name": "n1xbyte\/CVE-2019-0708", + "owner": { + "login": "n1xbyte", + "id": 18420902, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/18420902?v=4", + "html_url": "https:\/\/github.com\/n1xbyte" + }, + "html_url": "https:\/\/github.com\/n1xbyte\/CVE-2019-0708", + "description": "dump", + "fork": false, + "created_at": "2019-05-21T06:57:19Z", + "updated_at": "2020-07-16T08:54:37Z", + "pushed_at": "2019-06-01T05:15:11Z", + "stargazers_count": 463, + "watchers_count": 463, + "forks_count": 188, + "forks": 188, + "watchers": 463, + "score": 0 + }, + { + "id": 187788453, + "name": "CVE-2019-0708", + "full_name": "freeide\/CVE-2019-0708", + "owner": { + "login": "freeide", + "id": 33774184, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/33774184?v=4", + "html_url": "https:\/\/github.com\/freeide" + }, + "html_url": "https:\/\/github.com\/freeide\/CVE-2019-0708", + "description": "High level exploit", + "fork": false, + "created_at": "2019-05-21T07:51:41Z", + "updated_at": "2020-02-07T09:05:09Z", + "pushed_at": "2019-05-15T20:54:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 187816400, + "name": "CVE-2019-0708-POC", + "full_name": "edvacco\/CVE-2019-0708-POC", + "owner": { + "login": "edvacco", + "id": 29772843, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/29772843?v=4", + "html_url": "https:\/\/github.com\/edvacco" + }, + "html_url": "https:\/\/github.com\/edvacco\/CVE-2019-0708-POC", + "description": "根据360的程序,整的CVE-2019-0708批量检测", + "fork": false, + "created_at": "2019-05-21T10:34:21Z", + "updated_at": "2019-06-12T12:53:47Z", + "pushed_at": "2019-05-21T07:51:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 8, + "forks": 8, + "watchers": 0, + "score": 0 + }, + { + "id": 187824958, + "name": "BlueKeepTracker", + "full_name": "pry0cc\/BlueKeepTracker", + "owner": { + "login": "pry0cc", + "id": 4334403, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/4334403?v=4", + "html_url": "https:\/\/github.com\/pry0cc" + }, + "html_url": "https:\/\/github.com\/pry0cc\/BlueKeepTracker", + "description": "My bot (badly written) to search and monitor cve-2019-0708 repositories ", + "fork": false, + "created_at": "2019-05-21T11:37:00Z", + "updated_at": "2020-06-16T14:40:00Z", + "pushed_at": "2019-05-21T11:38:10Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 2, + "forks": 2, + "watchers": 6, + "score": 0 + }, + { + "id": 187840993, + "name": "CVE-2019-0708-win7", + "full_name": "zjw88282740\/CVE-2019-0708-win7", + "owner": { + "login": "zjw88282740", + "id": 10476132, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/10476132?v=4", + "html_url": "https:\/\/github.com\/zjw88282740" + }, + "html_url": "https:\/\/github.com\/zjw88282740\/CVE-2019-0708-win7", + "description": null, + "fork": false, + "created_at": "2019-05-21T13:16:49Z", + "updated_at": "2019-05-21T13:17:43Z", + "pushed_at": "2019-05-21T13:17:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 187931596, + "name": "CVE-2019-0708", + "full_name": "zerosum0x0\/CVE-2019-0708", + "owner": { + "login": "zerosum0x0", + "id": 3971576, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3971576?v=4", + "html_url": "https:\/\/github.com\/zerosum0x0" + }, + "html_url": "https:\/\/github.com\/zerosum0x0\/CVE-2019-0708", + "description": "Scanner PoC for CVE-2019-0708 RDP RCE vuln", + "fork": false, + "created_at": "2019-05-22T00:08:44Z", + "updated_at": "2020-07-18T19:14:10Z", + "pushed_at": "2019-10-01T12:23:59Z", + "stargazers_count": 1108, + "watchers_count": 1108, + "forks_count": 375, + "forks": 375, + "watchers": 1108, + "score": 0 + }, + { + "id": 187953993, + "name": "CVE-2019-0708poc", + "full_name": "herhe\/CVE-2019-0708poc", + "owner": { + "login": "herhe", + "id": 22436480, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/22436480?v=4", + "html_url": "https:\/\/github.com\/herhe" + }, + "html_url": "https:\/\/github.com\/herhe\/CVE-2019-0708poc", + "description": "根据360Vulcan Team开发的CVE-2019-0708单个IP检测工具构造了个批量检测脚本而已", + "fork": false, + "created_at": "2019-05-22T03:10:14Z", + "updated_at": "2019-05-27T09:42:33Z", + "pushed_at": "2019-05-27T09:42:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 187967704, + "name": "rdp0708scanner", + "full_name": "l9c\/rdp0708scanner", + "owner": { + "login": "l9c", + "id": 16722567, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16722567?v=4", + "html_url": "https:\/\/github.com\/l9c" + }, + "html_url": "https:\/\/github.com\/l9c\/rdp0708scanner", + "description": "cve-2019-0708 vulnerablility scanner", + "fork": false, + "created_at": "2019-05-22T05:18:18Z", + "updated_at": "2020-01-19T23:34:36Z", + "pushed_at": "2019-05-22T06:06:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 187990368, + "name": "cve-2019-0708-scan", + "full_name": "major203\/cve-2019-0708-scan", + "owner": { + "login": "major203", + "id": 7425945, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/7425945?v=4", + "html_url": "https:\/\/github.com\/major203" + }, + "html_url": "https:\/\/github.com\/major203\/cve-2019-0708-scan", + "description": null, + "fork": false, + "created_at": "2019-05-22T07:53:50Z", + "updated_at": "2020-01-10T08:22:05Z", + "pushed_at": "2019-05-27T09:36:00Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 1, + "forks": 1, + "watchers": 5, + "score": 0 + }, + { + "id": 188186570, + "name": "Check-vuln-CVE-2019-0708", + "full_name": "SugiB3o\/Check-vuln-CVE-2019-0708", + "owner": { + "login": "SugiB3o", + "id": 24741216, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/24741216?v=4", + "html_url": "https:\/\/github.com\/SugiB3o" + }, + "html_url": "https:\/\/github.com\/SugiB3o\/Check-vuln-CVE-2019-0708", + "description": "Check vuln CVE 2019-0708", + "fork": false, + "created_at": "2019-05-23T07:47:29Z", + "updated_at": "2019-07-18T07:39:28Z", + "pushed_at": "2019-05-23T07:54:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 188244264, + "name": "CVE-2019-0708", + "full_name": "gobysec\/CVE-2019-0708", + "owner": { + "login": "gobysec", + "id": 50955360, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/50955360?v=4", + "html_url": "https:\/\/github.com\/gobysec" + }, + "html_url": "https:\/\/github.com\/gobysec\/CVE-2019-0708", + "description": "Goby support CVE-2019-0708 \"BlueKeep\" vulnerability check", + "fork": false, + "created_at": "2019-05-23T13:54:24Z", + "updated_at": "2020-02-12T12:29:52Z", + "pushed_at": "2019-05-23T14:14:58Z", + "stargazers_count": 15, + "watchers_count": 15, + "forks_count": 0, + "forks": 0, + "watchers": 15, + "score": 0 + }, + { + "id": 188257373, + "name": "CVE-2019-0708-Tool", + "full_name": "adalenv\/CVE-2019-0708-Tool", + "owner": { + "login": "adalenv", + "id": 7238874, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/7238874?v=4", + "html_url": "https:\/\/github.com\/adalenv" + }, + "html_url": "https:\/\/github.com\/adalenv\/CVE-2019-0708-Tool", + "description": "A social experiment", + "fork": false, + "created_at": "2019-05-23T15:08:30Z", + "updated_at": "2020-06-30T02:17:28Z", + "pushed_at": "2019-05-29T17:12:33Z", + "stargazers_count": 86, + "watchers_count": 86, + "forks_count": 12, + "forks": 12, + "watchers": 86, + "score": 0 + }, + { + "id": 188274849, + "name": "CVE-2019-0708-POC", + "full_name": "smallFunction\/CVE-2019-0708-POC", + "owner": { + "login": "smallFunction", + "id": 50961833, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/50961833?v=4", + "html_url": "https:\/\/github.com\/smallFunction" + }, + "html_url": "https:\/\/github.com\/smallFunction\/CVE-2019-0708-POC", + "description": "Working proof of concept for CVE-2019-0708, spawns remote shell.", + "fork": false, + "created_at": "2019-05-23T17:02:00Z", + "updated_at": "2019-08-17T15:27:52Z", + "pushed_at": "2019-05-23T17:02:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 23, + "forks": 23, + "watchers": 0, + "score": 0 + }, + { + "id": 188287755, + "name": "CVE-2019-0708-PoC-Exploit", + "full_name": "freeide\/CVE-2019-0708-PoC-Exploit", + "owner": { + "login": "freeide", + "id": 33774184, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/33774184?v=4", + "html_url": "https:\/\/github.com\/freeide" + }, + "html_url": "https:\/\/github.com\/freeide\/CVE-2019-0708-PoC-Exploit", + "description": "CVE-2019-0708 PoC Exploit", + "fork": false, + "created_at": "2019-05-23T18:37:27Z", + "updated_at": "2020-01-25T02:16:54Z", + "pushed_at": "2019-05-23T15:56:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 188316989, + "name": "rdpscan", + "full_name": "robertdavidgraham\/rdpscan", + "owner": { + "login": "robertdavidgraham", + "id": 3814757, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3814757?v=4", + "html_url": "https:\/\/github.com\/robertdavidgraham" + }, + "html_url": "https:\/\/github.com\/robertdavidgraham\/rdpscan", + "description": "A quick scanner for the CVE-2019-0708 \"BlueKeep\" vulnerability.", + "fork": false, + "created_at": "2019-05-23T22:50:12Z", + "updated_at": "2020-07-16T16:38:28Z", + "pushed_at": "2019-06-22T21:48:45Z", + "stargazers_count": 748, + "watchers_count": 748, + "forks_count": 180, + "forks": 180, + "watchers": 748, + "score": 0 + }, + { + "id": 188376138, + "name": "CVE-2019-0708-POC", + "full_name": "closethe\/CVE-2019-0708-POC", + "owner": { + "login": "closethe", + "id": 8065436, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/8065436?v=4", + "html_url": "https:\/\/github.com\/closethe" + }, + "html_url": "https:\/\/github.com\/closethe\/CVE-2019-0708-POC", + "description": "cve-2019-0708 poc .", + "fork": false, + "created_at": "2019-05-24T07:40:05Z", + "updated_at": "2019-05-26T22:24:19Z", + "pushed_at": "2019-05-24T09:03:16Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 6, + "forks": 6, + "watchers": 12, + "score": 0 + }, + { + "id": 188781634, + "name": "Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit", + "full_name": "krivegasa\/Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit", + "owner": { + "login": "krivegasa", + "id": 26058390, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26058390?v=4", + "html_url": "https:\/\/github.com\/krivegasa" + }, + "html_url": "https:\/\/github.com\/krivegasa\/Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit", + "description": "Scan through given ip list", + "fork": false, + "created_at": "2019-05-27T06:11:51Z", + "updated_at": "2020-01-14T11:35:09Z", + "pushed_at": "2019-05-22T22:32:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 188842935, + "name": "bluekeepscan", + "full_name": "Rostelecom-CERT\/bluekeepscan", + "owner": { + "login": "Rostelecom-CERT", + "id": 36195291, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/36195291?v=4", + "html_url": "https:\/\/github.com\/Rostelecom-CERT" + }, + "html_url": "https:\/\/github.com\/Rostelecom-CERT\/bluekeepscan", + "description": "CVE-2019-0708", + "fork": false, + "created_at": "2019-05-27T12:52:11Z", + "updated_at": "2020-03-25T05:25:43Z", + "pushed_at": "2019-05-27T12:58:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 3, + "forks": 3, + "watchers": 2, + "score": 0 + }, + { + "id": 188939031, + "name": "CVE-2019-0708", + "full_name": "Leoid\/CVE-2019-0708", + "owner": { + "login": "Leoid", + "id": 19527552, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/19527552?v=4", + "html_url": "https:\/\/github.com\/Leoid" + }, + "html_url": "https:\/\/github.com\/Leoid\/CVE-2019-0708", + "description": "Only Hitting PoC [Tested on Windows Server 2008 r2]", + "fork": false, + "created_at": "2019-05-28T02:25:21Z", + "updated_at": "2020-07-09T21:59:35Z", + "pushed_at": "2019-05-28T02:46:19Z", + "stargazers_count": 114, + "watchers_count": 114, + "forks_count": 38, + "forks": 38, + "watchers": 114, + "score": 0 + }, + { + "id": 189061944, + "name": "CVE-2019-0708Poc-BatchScanning", + "full_name": "ht0Ruial\/CVE-2019-0708Poc-BatchScanning", + "owner": { + "login": "ht0Ruial", + "id": 44924427, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/44924427?v=4", + "html_url": "https:\/\/github.com\/ht0Ruial" + }, + "html_url": "https:\/\/github.com\/ht0Ruial\/CVE-2019-0708Poc-BatchScanning", + "description": "基于360公开的无损检测工具的可直接在windows上运行的批量检测程序", + "fork": false, + "created_at": "2019-05-28T16:09:10Z", + "updated_at": "2019-10-20T18:29:55Z", + "pushed_at": "2019-05-28T17:16:24Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + }, + { + "id": 189126322, + "name": "BlueKeep", + "full_name": "oneoy\/BlueKeep", + "owner": { + "login": "oneoy", + "id": 38435398, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/38435398?v=4", + "html_url": "https:\/\/github.com\/oneoy" + }, + "html_url": "https:\/\/github.com\/oneoy\/BlueKeep", + "description": "CVE-2019-0708 bluekeep 漏洞检测", + "fork": false, + "created_at": "2019-05-29T01:08:55Z", + "updated_at": "2020-03-25T06:37:48Z", + "pushed_at": "2019-05-29T01:09:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 189158834, + "name": "CVE-2019-0708", + "full_name": "infiniti-team\/CVE-2019-0708", + "owner": { + "login": "infiniti-team", + "id": 51148759, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/51148759?v=4", + "html_url": "https:\/\/github.com\/infiniti-team" + }, + "html_url": "https:\/\/github.com\/infiniti-team\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-05-29T05:51:07Z", + "updated_at": "2019-06-07T08:19:07Z", + "pushed_at": "2019-05-29T06:10:47Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 0, + "forks": 0, + "watchers": 5, + "score": 0 + }, + { + "id": 189241989, + "name": "CVE-2019-0708-generate-hosts", + "full_name": "haishanzheng\/CVE-2019-0708-generate-hosts", + "owner": { + "login": "haishanzheng", + "id": 3518797, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3518797?v=4", + "html_url": "https:\/\/github.com\/haishanzheng" + }, + "html_url": "https:\/\/github.com\/haishanzheng\/CVE-2019-0708-generate-hosts", + "description": null, + "fork": false, + "created_at": "2019-05-29T14:29:32Z", + "updated_at": "2019-05-29T14:39:55Z", + "pushed_at": "2019-05-29T14:33:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 189265014, + "name": "BlueKeep", + "full_name": "Ekultek\/BlueKeep", + "owner": { + "login": "Ekultek", + "id": 14183473, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/14183473?v=4", + "html_url": "https:\/\/github.com\/Ekultek" + }, + "html_url": "https:\/\/github.com\/Ekultek\/BlueKeep", + "description": "Proof of concept for CVE-2019-0708", + "fork": false, + "created_at": "2019-05-29T16:53:54Z", + "updated_at": "2020-07-17T08:22:06Z", + "pushed_at": "2019-09-03T20:50:28Z", + "stargazers_count": 1037, + "watchers_count": 1037, + "forks_count": 348, + "forks": 348, + "watchers": 1037, + "score": 0 + }, + { + "id": 189380582, + "name": "CVE-2019-0708", + "full_name": "UraSecTeam\/CVE-2019-0708", + "owner": { + "login": "UraSecTeam", + "id": 23280827, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/23280827?v=4", + "html_url": "https:\/\/github.com\/UraSecTeam" + }, + "html_url": "https:\/\/github.com\/UraSecTeam\/CVE-2019-0708", + "description": "CVE-2019-0708", + "fork": false, + "created_at": "2019-05-30T08:59:49Z", + "updated_at": "2019-05-30T18:05:14Z", + "pushed_at": "2019-05-30T18:05:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 189422199, + "name": "rdpscan-BlueKeep", + "full_name": "Gh0st0ne\/rdpscan-BlueKeep", + "owner": { + "login": "Gh0st0ne", + "id": 47971115, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/47971115?v=4", + "html_url": "https:\/\/github.com\/Gh0st0ne" + }, + "html_url": "https:\/\/github.com\/Gh0st0ne\/rdpscan-BlueKeep", + "description": "A quick scanner for the CVE-2019-0708 \"BlueKeep\" vulnerability. ", + "fork": false, + "created_at": "2019-05-30T13:50:32Z", + "updated_at": "2020-03-25T05:24:18Z", + "pushed_at": "2019-05-30T13:51:21Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + }, { "id": 189498490, "name": "bluekeep_CVE-2019-0708_poc_to_exploit", @@ -22,6 +1609,167 @@ "watchers": 331, "score": 0 }, + { + "id": 189513712, + "name": "CVE-2019-0708", + "full_name": "JasonLOU\/CVE-2019-0708", + "owner": { + "login": "JasonLOU", + "id": 45555090, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45555090?v=4", + "html_url": "https:\/\/github.com\/JasonLOU" + }, + "html_url": "https:\/\/github.com\/JasonLOU\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-05-31T02:28:23Z", + "updated_at": "2019-05-31T03:35:33Z", + "pushed_at": "2019-05-31T03:35:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 189549701, + "name": "CVE-2019-0708", + "full_name": "shun-gg\/CVE-2019-0708", + "owner": { + "login": "shun-gg", + "id": 50439612, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/50439612?v=4", + "html_url": "https:\/\/github.com\/shun-gg" + }, + "html_url": "https:\/\/github.com\/shun-gg\/CVE-2019-0708", + "description": "蓝屏poc", + "fork": false, + "created_at": "2019-05-31T07:35:26Z", + "updated_at": "2020-06-05T14:26:10Z", + "pushed_at": "2019-05-31T08:02:54Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 1, + "forks": 1, + "watchers": 6, + "score": 0 + }, + { + "id": 189571928, + "name": "CVE-2019-0708", + "full_name": "AdministratorGithub\/CVE-2019-0708", + "owner": { + "login": "AdministratorGithub", + "id": 19834937, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/19834937?v=4", + "html_url": "https:\/\/github.com\/AdministratorGithub" + }, + "html_url": "https:\/\/github.com\/AdministratorGithub\/CVE-2019-0708", + "description": "CVE-2019-0708批量蓝屏恶搞", + "fork": false, + "created_at": "2019-05-31T09:59:30Z", + "updated_at": "2019-07-09T09:33:49Z", + "pushed_at": "2019-07-09T09:33:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 189634467, + "name": "CVE-2019-0708", + "full_name": "umarfarook882\/CVE-2019-0708", + "owner": { + "login": "umarfarook882", + "id": 22318677, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22318677?v=4", + "html_url": "https:\/\/github.com\/umarfarook882" + }, + "html_url": "https:\/\/github.com\/umarfarook882\/CVE-2019-0708", + "description": "CVE-2019-0708 - BlueKeep (RDP)", + "fork": false, + "created_at": "2019-05-31T17:37:26Z", + "updated_at": "2020-05-15T03:25:13Z", + "pushed_at": "2020-06-14T18:43:51Z", + "stargazers_count": 39, + "watchers_count": 39, + "forks_count": 11, + "forks": 11, + "watchers": 39, + "score": 0 + }, + { + "id": 189959275, + "name": "detect_bluekeep.py", + "full_name": "HynekPetrak\/detect_bluekeep.py", + "owner": { + "login": "HynekPetrak", + "id": 8593983, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/8593983?v=4", + "html_url": "https:\/\/github.com\/HynekPetrak" + }, + "html_url": "https:\/\/github.com\/HynekPetrak\/detect_bluekeep.py", + "description": "Python script to detect bluekeep vulnerability (CVE-2019-0708) with TLS\/SSL and x509 support", + "fork": false, + "created_at": "2019-06-03T07:49:26Z", + "updated_at": "2020-06-17T18:35:35Z", + "pushed_at": "2019-06-12T08:48:17Z", + "stargazers_count": 18, + "watchers_count": 18, + "forks_count": 4, + "forks": 4, + "watchers": 18, + "score": 0 + }, + { + "id": 190510027, + "name": "CVE-2019-0708-Batch-Blue-Screen", + "full_name": "Wileysec\/CVE-2019-0708-Batch-Blue-Screen", + "owner": { + "login": "Wileysec", + "id": 33207361, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/33207361?v=4", + "html_url": "https:\/\/github.com\/Wileysec" + }, + "html_url": "https:\/\/github.com\/Wileysec\/CVE-2019-0708-Batch-Blue-Screen", + "description": "改写某大佬写的0708蓝屏脚本 改为网段批量蓝屏", + "fork": false, + "created_at": "2019-06-06T03:49:26Z", + "updated_at": "2019-06-13T16:56:58Z", + "pushed_at": "2019-06-06T03:57:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 191301322, + "name": "CVE-2019-0708", + "full_name": "Pa55w0rd\/CVE-2019-0708", + "owner": { + "login": "Pa55w0rd", + "id": 16274549, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16274549?v=4", + "html_url": "https:\/\/github.com\/Pa55w0rd" + }, + "html_url": "https:\/\/github.com\/Pa55w0rd\/CVE-2019-0708", + "description": "CVE-2019-0708批量检测", + "fork": false, + "created_at": "2019-06-11T05:38:26Z", + "updated_at": "2020-04-06T14:16:41Z", + "pushed_at": "2019-06-11T06:40:41Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 2, + "forks": 2, + "watchers": 10, + "score": 0 + }, { "id": 191340467, "name": "CVE-2019-0708-PoC", @@ -45,6 +1793,650 @@ "watchers": 16, "score": 0 }, + { + "id": 191491863, + "name": "CVE-2019-0708-Msf--", + "full_name": "cream492\/CVE-2019-0708-Msf--", + "owner": { + "login": "cream492", + "id": 29266660, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29266660?v=4", + "html_url": "https:\/\/github.com\/cream492" + }, + "html_url": "https:\/\/github.com\/cream492\/CVE-2019-0708-Msf--", + "description": "CVE-2019-0708-Msf-验证", + "fork": false, + "created_at": "2019-06-12T03:37:39Z", + "updated_at": "2019-06-12T03:40:17Z", + "pushed_at": "2019-06-12T03:38:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 192833438, + "name": "CVE-2019-0708", + "full_name": "wdfcc\/CVE-2019-0708", + "owner": { + "login": "wdfcc", + "id": 14845586, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/14845586?v=4", + "html_url": "https:\/\/github.com\/wdfcc" + }, + "html_url": "https:\/\/github.com\/wdfcc\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-06-20T02:19:17Z", + "updated_at": "2019-06-20T02:26:29Z", + "pushed_at": "2019-06-20T02:26:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 193537193, + "name": "cve-2019-0708", + "full_name": "cvencoder\/cve-2019-0708", + "owner": { + "login": "cvencoder", + "id": 52171059, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/52171059?v=4", + "html_url": "https:\/\/github.com\/cvencoder" + }, + "html_url": "https:\/\/github.com\/cvencoder\/cve-2019-0708", + "description": "POC CVE-2019-0708 with python script!", + "fork": false, + "created_at": "2019-06-24T16:03:08Z", + "updated_at": "2019-07-28T09:20:55Z", + "pushed_at": "2019-06-24T16:03:58Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 0, + "forks": 0, + "watchers": 14, + "score": 0 + }, + { + "id": 195150954, + "name": "CVE-2019-0708-exp", + "full_name": "ze0r\/CVE-2019-0708-exp", + "owner": { + "login": "ze0r", + "id": 43227253, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/43227253?v=4", + "html_url": "https:\/\/github.com\/ze0r" + }, + "html_url": "https:\/\/github.com\/ze0r\/CVE-2019-0708-exp", + "description": null, + "fork": false, + "created_at": "2019-07-04T01:49:22Z", + "updated_at": "2020-06-07T11:48:45Z", + "pushed_at": "2019-07-25T07:31:57Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 4, + "forks": 4, + "watchers": 11, + "score": 0 + }, + { + "id": 196871345, + "name": "cve-2019-0708", + "full_name": "mekhalleh\/cve-2019-0708", + "owner": { + "login": "mekhalleh", + "id": 5225129, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/5225129?v=4", + "html_url": "https:\/\/github.com\/mekhalleh" + }, + "html_url": "https:\/\/github.com\/mekhalleh\/cve-2019-0708", + "description": "Metasploit module for massive Denial of Service using #Bluekeep vector.", + "fork": false, + "created_at": "2019-07-14T18:43:48Z", + "updated_at": "2020-04-05T04:23:16Z", + "pushed_at": "2019-10-01T15:31:26Z", + "stargazers_count": 21, + "watchers_count": 21, + "forks_count": 7, + "forks": 7, + "watchers": 21, + "score": 0 + }, + { + "id": 197547695, + "name": "cve-2019-0708", + "full_name": "cve-2019-0708-poc\/cve-2019-0708", + "owner": { + "login": "cve-2019-0708-poc", + "id": 53038783, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/53038783?v=4", + "html_url": "https:\/\/github.com\/cve-2019-0708-poc" + }, + "html_url": "https:\/\/github.com\/cve-2019-0708-poc\/cve-2019-0708", + "description": "CVE-2019-0708 Exploit Tool", + "fork": false, + "created_at": "2019-07-18T08:41:01Z", + "updated_at": "2019-08-29T04:15:45Z", + "pushed_at": "2019-07-18T08:44:51Z", + "stargazers_count": 18, + "watchers_count": 18, + "forks_count": 0, + "forks": 0, + "watchers": 18, + "score": 0 + }, + { + "id": 197655376, + "name": "CVE-2019-0708", + "full_name": "andripwn\/CVE-2019-0708", + "owner": { + "login": "andripwn", + "id": 52893492, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/52893492?v=4", + "html_url": "https:\/\/github.com\/andripwn" + }, + "html_url": "https:\/\/github.com\/andripwn\/CVE-2019-0708", + "description": "Scanner PoC for CVE-2019-0708 RDP RCE vuln", + "fork": false, + "created_at": "2019-07-18T20:53:54Z", + "updated_at": "2020-01-24T04:49:58Z", + "pushed_at": "2019-07-18T20:57:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 198343084, + "name": "bluekeep", + "full_name": "0xeb-bp\/bluekeep", + "owner": { + "login": "0xeb-bp", + "id": 53204152, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/53204152?v=4", + "html_url": "https:\/\/github.com\/0xeb-bp" + }, + "html_url": "https:\/\/github.com\/0xeb-bp\/bluekeep", + "description": "Public work for CVE-2019-0708", + "fork": false, + "created_at": "2019-07-23T03:15:53Z", + "updated_at": "2020-07-08T11:08:52Z", + "pushed_at": "2019-11-19T02:43:38Z", + "stargazers_count": 273, + "watchers_count": 273, + "forks_count": 89, + "forks": 89, + "watchers": 273, + "score": 0 + }, + { + "id": 198731225, + "name": "CVE-2019-0708", + "full_name": "ntkernel0\/CVE-2019-0708", + "owner": { + "login": "ntkernel0", + "id": 46866847, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/46866847?v=4", + "html_url": "https:\/\/github.com\/ntkernel0" + }, + "html_url": "https:\/\/github.com\/ntkernel0\/CVE-2019-0708", + "description": "收集网上CVE-2018-0708的poc和exp(目前没有找到exp)", + "fork": false, + "created_at": "2019-07-25T01:05:21Z", + "updated_at": "2019-12-07T02:05:23Z", + "pushed_at": "2019-07-25T01:03:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 202911823, + "name": "Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-", + "full_name": "dorkerdevil\/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-", + "owner": { + "login": "dorkerdevil", + "id": 15796745, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15796745?v=4", + "html_url": "https:\/\/github.com\/dorkerdevil" + }, + "html_url": "https:\/\/github.com\/dorkerdevil\/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-", + "description": "rce exploit , made to work with pocsuite3", + "fork": false, + "created_at": "2019-08-17T17:23:53Z", + "updated_at": "2020-06-24T22:43:12Z", + "pushed_at": "2019-08-19T02:52:11Z", + "stargazers_count": 108, + "watchers_count": 108, + "forks_count": 53, + "forks": 53, + "watchers": 108, + "score": 0 + }, + { + "id": 202951481, + "name": "bluekeep", + "full_name": "turingcompl33t\/bluekeep", + "owner": { + "login": "turingcompl33t", + "id": 19956905, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/19956905?v=4", + "html_url": "https:\/\/github.com\/turingcompl33t" + }, + "html_url": "https:\/\/github.com\/turingcompl33t\/bluekeep", + "description": "Research Regarding CVE-2019-0708.", + "fork": false, + "created_at": "2019-08-18T02:34:31Z", + "updated_at": "2020-03-09T19:52:03Z", + "pushed_at": "2019-11-04T01:15:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 3, + "forks": 3, + "watchers": 3, + "score": 0 + }, + { + "id": 203477227, + "name": "CVE-2019-0708-test", + "full_name": "fade-vivida\/CVE-2019-0708-test", + "owner": { + "login": "fade-vivida", + "id": 38774342, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/38774342?v=4", + "html_url": "https:\/\/github.com\/fade-vivida" + }, + "html_url": "https:\/\/github.com\/fade-vivida\/CVE-2019-0708-test", + "description": null, + "fork": false, + "created_at": "2019-08-21T00:48:55Z", + "updated_at": "2020-03-11T13:53:42Z", + "pushed_at": "2019-11-28T01:38:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 206050892, + "name": "CVE-2019-0708", + "full_name": "skommando\/CVE-2019-0708", + "owner": { + "login": "skommando", + "id": 22767889, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/22767889?v=4", + "html_url": "https:\/\/github.com\/skommando" + }, + "html_url": "https:\/\/github.com\/skommando\/CVE-2019-0708", + "description": "CVE-2019-0708 BlueKeep漏洞批量扫描工具和POC,暂时只有蓝屏。", + "fork": false, + "created_at": "2019-09-03T10:25:48Z", + "updated_at": "2019-10-02T17:51:34Z", + "pushed_at": "2019-09-12T02:29:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 206863569, + "name": "msf-module-CVE-2019-0708", + "full_name": "RickGeex\/msf-module-CVE-2019-0708", + "owner": { + "login": "RickGeex", + "id": 7975904, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/7975904?v=4", + "html_url": "https:\/\/github.com\/RickGeex" + }, + "html_url": "https:\/\/github.com\/RickGeex\/msf-module-CVE-2019-0708", + "description": "Metasploit module for CVE-2019-0708 (BlueKeep) - https:\/\/github.com\/rapid7\/metasploit-framework\/tree\/5a0119b04309c8e61b44763ac08811cd3ecbbf8d\/modules\/exploits\/windows\/rdp", + "fork": false, + "created_at": "2019-09-06T19:46:03Z", + "updated_at": "2020-03-25T05:25:37Z", + "pushed_at": "2019-09-07T09:41:22Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 3, + "forks": 3, + "watchers": 9, + "score": 0 + }, + { + "id": 206893335, + "name": "CVE-2019-0708", + "full_name": "wqsemc\/CVE-2019-0708", + "owner": { + "login": "wqsemc", + "id": 36132717, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/36132717?v=4", + "html_url": "https:\/\/github.com\/wqsemc" + }, + "html_url": "https:\/\/github.com\/wqsemc\/CVE-2019-0708", + "description": "initial exploit for CVE-2019-0708, BlueKeep CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free The RDP termdd.sys driver improperly handles binds to internal-only channel MS_T120, allowing a malformed Disconnect Provider Indication message to cause use-after-free. With a controllable data\/size remote nonpaged pool spray, an indirect call gadget of the freed channel is used to achieve arbitrary code execution.", + "fork": false, + "created_at": "2019-09-07T00:28:45Z", + "updated_at": "2020-07-17T15:41:30Z", + "pushed_at": "2019-09-16T10:35:57Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 3, + "forks": 3, + "watchers": 11, + "score": 0 + }, + { + "id": 206919373, + "name": "CVE-2019-0708-RCE", + "full_name": "mai-lang-chai\/CVE-2019-0708-RCE", + "owner": { + "login": "mai-lang-chai", + "id": 36095584, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/36095584?v=4", + "html_url": "https:\/\/github.com\/mai-lang-chai" + }, + "html_url": "https:\/\/github.com\/mai-lang-chai\/CVE-2019-0708-RCE", + "description": "CVE-2019-0708 POC RCE 远程代码执行getshell教程", + "fork": false, + "created_at": "2019-09-07T05:15:23Z", + "updated_at": "2020-04-06T02:00:19Z", + "pushed_at": "2019-09-20T04:53:41Z", + "stargazers_count": 37, + "watchers_count": 37, + "forks_count": 14, + "forks": 14, + "watchers": 37, + "score": 0 + }, + { + "id": 206926531, + "name": "CVE-2019-0708RDP-MSF", + "full_name": "Micr067\/CVE-2019-0708RDP-MSF", + "owner": { + "login": "Micr067", + "id": 49861012, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/49861012?v=4", + "html_url": "https:\/\/github.com\/Micr067" + }, + "html_url": "https:\/\/github.com\/Micr067\/CVE-2019-0708RDP-MSF", + "description": "CVE-2019-0708RDP MSF", + "fork": false, + "created_at": "2019-09-07T06:32:25Z", + "updated_at": "2019-09-07T06:32:25Z", + "pushed_at": "2019-09-07T06:32:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 206928449, + "name": "CVE-2019-0708-BlueKeep", + "full_name": "adkinguzi\/CVE-2019-0708-BlueKeep", + "owner": { + "login": "adkinguzi", + "id": 31617622, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/31617622?v=4", + "html_url": "https:\/\/github.com\/adkinguzi" + }, + "html_url": "https:\/\/github.com\/adkinguzi\/CVE-2019-0708-BlueKeep", + "description": null, + "fork": false, + "created_at": "2019-09-07T06:50:47Z", + "updated_at": "2020-03-25T05:24:54Z", + "pushed_at": "2019-09-07T07:05:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, + { + "id": 206932731, + "name": "CVE-2019-0708", + "full_name": "FrostsaberX\/CVE-2019-0708", + "owner": { + "login": "FrostsaberX", + "id": 24857203, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/24857203?v=4", + "html_url": "https:\/\/github.com\/FrostsaberX" + }, + "html_url": "https:\/\/github.com\/FrostsaberX\/CVE-2019-0708", + "description": "CVE-2019-0708 With Metasploit-Framework Exploit", + "fork": false, + "created_at": "2019-09-07T07:32:14Z", + "updated_at": "2019-09-09T01:17:19Z", + "pushed_at": "2019-09-07T08:50:59Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, + { + "id": 206976374, + "name": "CVE-2019-0708-EXP-MSF-", + "full_name": "qinggegeya\/CVE-2019-0708-EXP-MSF-", + "owner": { + "login": "qinggegeya", + "id": 30001685, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/30001685?v=4", + "html_url": "https:\/\/github.com\/qinggegeya" + }, + "html_url": "https:\/\/github.com\/qinggegeya\/CVE-2019-0708-EXP-MSF-", + "description": "CVE-2019-0708-EXP(MSF) Vulnerability exploit program for cve-2019-0708", + "fork": false, + "created_at": "2019-09-07T14:02:50Z", + "updated_at": "2020-03-25T16:07:00Z", + "pushed_at": "2019-09-07T15:07:24Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 5, + "forks": 5, + "watchers": 3, + "score": 0 + }, + { + "id": 207703935, + "name": "CVE-2019-0708", + "full_name": "distance-vector\/CVE-2019-0708", + "owner": { + "login": "distance-vector", + "id": 35881006, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/35881006?v=4", + "html_url": "https:\/\/github.com\/distance-vector" + }, + "html_url": "https:\/\/github.com\/distance-vector\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-09-11T02:19:19Z", + "updated_at": "2019-09-11T02:23:01Z", + "pushed_at": "2019-09-11T02:23:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 207790184, + "name": "CVE-2019-0708-test", + "full_name": "0xFlag\/CVE-2019-0708-test", + "owner": { + "login": "0xFlag", + "id": 54313514, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/54313514?v=4", + "html_url": "https:\/\/github.com\/0xFlag" + }, + "html_url": "https:\/\/github.com\/0xFlag\/CVE-2019-0708-test", + "description": "CVE-2019-0708 C#验证漏洞", + "fork": false, + "created_at": "2019-09-11T10:58:04Z", + "updated_at": "2019-09-13T01:46:23Z", + "pushed_at": "2019-09-13T01:46:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 208964787, + "name": "CVE-2019-0708", + "full_name": "1aa87148377\/CVE-2019-0708", + "owner": { + "login": "1aa87148377", + "id": 51265955, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/51265955?v=4", + "html_url": "https:\/\/github.com\/1aa87148377" + }, + "html_url": "https:\/\/github.com\/1aa87148377\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-09-17T05:15:28Z", + "updated_at": "2019-09-17T05:17:33Z", + "pushed_at": "2019-09-17T05:17:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 211623683, + "name": "cve-2019-0708_bluekeep_rce", + "full_name": "coolboy4me\/cve-2019-0708_bluekeep_rce", + "owner": { + "login": "coolboy4me", + "id": 10040130, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/10040130?v=4", + "html_url": "https:\/\/github.com\/coolboy4me" + }, + "html_url": "https:\/\/github.com\/coolboy4me\/cve-2019-0708_bluekeep_rce", + "description": "it works on xp (all version sp2 sp3)", + "fork": false, + "created_at": "2019-09-29T07:38:41Z", + "updated_at": "2020-06-24T02:31:24Z", + "pushed_at": "2019-09-30T03:44:18Z", + "stargazers_count": 63, + "watchers_count": 63, + "forks_count": 12, + "forks": 12, + "watchers": 63, + "score": 0 + }, + { + "id": 211942417, + "name": "ispy", + "full_name": "Cyb0r9\/ispy", + "owner": { + "login": "Cyb0r9", + "id": 43474676, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/43474676?v=4", + "html_url": "https:\/\/github.com\/Cyb0r9" + }, + "html_url": "https:\/\/github.com\/Cyb0r9\/ispy", + "description": "ispy V1.0 - Eternalblue(ms17-010)\/Bluekeep(CVE-2019-0708) Scanner and exploit ( Metasploit automation )", + "fork": false, + "created_at": "2019-09-30T19:46:21Z", + "updated_at": "2020-07-09T08:15:59Z", + "pushed_at": "2019-10-16T01:04:12Z", + "stargazers_count": 159, + "watchers_count": 159, + "forks_count": 55, + "forks": 55, + "watchers": 159, + "score": 0 + }, + { + "id": 214051334, + "name": "CVE-2019-0708", + "full_name": "shishibabyq\/CVE-2019-0708", + "owner": { + "login": "shishibabyq", + "id": 56372841, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/56372841?v=4", + "html_url": "https:\/\/github.com\/shishibabyq" + }, + "html_url": "https:\/\/github.com\/shishibabyq\/CVE-2019-0708", + "description": "CVE-2019-0708", + "fork": false, + "created_at": "2019-10-10T00:34:41Z", + "updated_at": "2020-03-25T05:23:01Z", + "pushed_at": "2019-10-10T00:50:48Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + }, + { + "id": 214524140, + "name": "Wincrash", + "full_name": "pwnhacker0x18\/Wincrash", + "owner": { + "login": "pwnhacker0x18", + "id": 51971493, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/51971493?v=4", + "html_url": "https:\/\/github.com\/pwnhacker0x18" + }, + "html_url": "https:\/\/github.com\/pwnhacker0x18\/Wincrash", + "description": "Mass exploit for CVE-2019-0708", + "fork": false, + "created_at": "2019-10-11T20:33:35Z", + "updated_at": "2020-07-18T04:11:40Z", + "pushed_at": "2019-10-11T20:42:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + }, + { + "id": 221436919, + "name": "CVE-2019-0708-DOS", + "full_name": "R4v3nG\/CVE-2019-0708-DOS", + "owner": { + "login": "R4v3nG", + "id": 43517528, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/43517528?v=4", + "html_url": "https:\/\/github.com\/R4v3nG" + }, + "html_url": "https:\/\/github.com\/R4v3nG\/CVE-2019-0708-DOS", + "description": "CVE-2019-0708 DOS RDP", + "fork": false, + "created_at": "2019-11-13T10:49:51Z", + "updated_at": "2019-12-01T20:58:13Z", + "pushed_at": "2019-12-01T20:58:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, { "id": 222191780, "name": "sudoku.py", @@ -68,6 +2460,29 @@ "watchers": 0, "score": 0 }, + { + "id": 223320391, + "name": "-2-CVE-2019-0708", + "full_name": "ulisesrc\/-2-CVE-2019-0708", + "owner": { + "login": "ulisesrc", + "id": 3741400, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3741400?v=4", + "html_url": "https:\/\/github.com\/ulisesrc" + }, + "html_url": "https:\/\/github.com\/ulisesrc\/-2-CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-11-22T04:00:49Z", + "updated_at": "2019-11-22T04:01:11Z", + "pushed_at": "2019-11-22T04:01:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 226491441, "name": "CVE-2019-0708", @@ -91,6 +2506,29 @@ "watchers": 71, "score": 0 }, + { + "id": 235239045, + "name": "CVE-2019-0708-EXP-Windows", + "full_name": "cbwang505\/CVE-2019-0708-EXP-Windows", + "owner": { + "login": "cbwang505", + "id": 4487329, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/4487329?v=4", + "html_url": "https:\/\/github.com\/cbwang505" + }, + "html_url": "https:\/\/github.com\/cbwang505\/CVE-2019-0708-EXP-Windows", + "description": "CVE-2019-0708-EXP-Windows版单文件exe版,运行后直接在当前控制台反弹System权限Shell", + "fork": false, + "created_at": "2020-01-21T02:22:29Z", + "updated_at": "2020-07-17T20:45:08Z", + "pushed_at": "2020-01-21T03:15:41Z", + "stargazers_count": 50, + "watchers_count": 50, + "forks_count": 17, + "forks": 17, + "watchers": 50, + "score": 0 + }, { "id": 241542314, "name": "CVE-2019-0708-Windows", diff --git a/2019/CVE-2019-0709.json b/2019/CVE-2019-0709.json new file mode 100644 index 0000000000..e6532cea6f --- /dev/null +++ b/2019/CVE-2019-0709.json @@ -0,0 +1,48 @@ +[ + { + "id": 189502228, + "name": "CVE-2019-0709", + "full_name": "YHZX2013\/CVE-2019-0709", + "owner": { + "login": "YHZX2013", + "id": 17893549, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/17893549?v=4", + "html_url": "https:\/\/github.com\/YHZX2013" + }, + "html_url": "https:\/\/github.com\/YHZX2013\/CVE-2019-0709", + "description": "CVE-2019-0708 Exploit using Python", + "fork": false, + "created_at": "2019-05-31T00:48:49Z", + "updated_at": "2019-08-02T13:38:41Z", + "pushed_at": "2019-05-30T22:52:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 189527128, + "name": "CVE-2019-0709", + "full_name": "qq431169079\/CVE-2019-0709", + "owner": { + "login": "qq431169079", + "id": 42376039, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/42376039?v=4", + "html_url": "https:\/\/github.com\/qq431169079" + }, + "html_url": "https:\/\/github.com\/qq431169079\/CVE-2019-0709", + "description": "Exploit In Progress", + "fork": false, + "created_at": "2019-05-31T04:23:39Z", + "updated_at": "2019-05-31T23:10:21Z", + "pushed_at": "2019-05-26T15:25:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0768.json b/2019/CVE-2019-0768.json new file mode 100644 index 0000000000..b6ed7ec15f --- /dev/null +++ b/2019/CVE-2019-0768.json @@ -0,0 +1,25 @@ +[ + { + "id": 188212551, + "name": "ie11_vbscript_exploit", + "full_name": "ruthlezs\/ie11_vbscript_exploit", + "owner": { + "login": "ruthlezs", + "id": 15887791, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/15887791?v=4", + "html_url": "https:\/\/github.com\/ruthlezs" + }, + "html_url": "https:\/\/github.com\/ruthlezs\/ie11_vbscript_exploit", + "description": "Exploit Generator for CVE-2018-8174 & CVE-2019-0768 (RCE via VBScript Execution in IE11)", + "fork": false, + "created_at": "2019-05-23T10:28:40Z", + "updated_at": "2020-06-06T05:40:44Z", + "pushed_at": "2019-05-23T11:26:38Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 5, + "forks": 5, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0785.json b/2019/CVE-2019-0785.json new file mode 100644 index 0000000000..c17cf66341 --- /dev/null +++ b/2019/CVE-2019-0785.json @@ -0,0 +1,25 @@ +[ + { + "id": 196208560, + "name": "CVE-2019-0785", + "full_name": "Jaky5155\/CVE-2019-0785", + "owner": { + "login": "Jaky5155", + "id": 47801640, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/47801640?v=4", + "html_url": "https:\/\/github.com\/Jaky5155" + }, + "html_url": "https:\/\/github.com\/Jaky5155\/CVE-2019-0785", + "description": "CVE-2019-0785", + "fork": false, + "created_at": "2019-07-10T13:16:42Z", + "updated_at": "2020-04-05T09:53:47Z", + "pushed_at": "2019-07-10T13:18:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0803.json b/2019/CVE-2019-0803.json new file mode 100644 index 0000000000..20379b4bd8 --- /dev/null +++ b/2019/CVE-2019-0803.json @@ -0,0 +1,25 @@ +[ + { + "id": 187201710, + "name": "CVE-2019-0803", + "full_name": "ExpLife0011\/CVE-2019-0803", + "owner": { + "login": "ExpLife0011", + "id": 37372761, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/37372761?v=4", + "html_url": "https:\/\/github.com\/ExpLife0011" + }, + "html_url": "https:\/\/github.com\/ExpLife0011\/CVE-2019-0803", + "description": "Win32k Elevation of Privilege Poc", + "fork": false, + "created_at": "2019-05-17T11:05:22Z", + "updated_at": "2020-04-22T11:25:54Z", + "pushed_at": "2019-05-17T10:53:29Z", + "stargazers_count": 73, + "watchers_count": 73, + "forks_count": 65, + "forks": 65, + "watchers": 73, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0808.json b/2019/CVE-2019-0808.json index a6e3a2ccdf..4af3823bf6 100644 --- a/2019/CVE-2019-0808.json +++ b/2019/CVE-2019-0808.json @@ -1,4 +1,73 @@ [ + { + "id": 177576776, + "name": "cve-2019-0808-poc", + "full_name": "ze0r\/cve-2019-0808-poc", + "owner": { + "login": "ze0r", + "id": 43227253, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/43227253?v=4", + "html_url": "https:\/\/github.com\/ze0r" + }, + "html_url": "https:\/\/github.com\/ze0r\/cve-2019-0808-poc", + "description": "cve-2019-0808-poc", + "fork": false, + "created_at": "2019-03-25T11:53:35Z", + "updated_at": "2020-06-07T11:49:31Z", + "pushed_at": "2019-03-25T12:10:40Z", + "stargazers_count": 39, + "watchers_count": 39, + "forks_count": 17, + "forks": 17, + "watchers": 39, + "score": 0 + }, + { + "id": 182577297, + "name": "CVE-2019-0808", + "full_name": "rakesh143\/CVE-2019-0808", + "owner": { + "login": "rakesh143", + "id": 12870599, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/12870599?v=4", + "html_url": "https:\/\/github.com\/rakesh143" + }, + "html_url": "https:\/\/github.com\/rakesh143\/CVE-2019-0808", + "description": null, + "fork": false, + "created_at": "2019-04-21T20:04:34Z", + "updated_at": "2019-04-21T20:07:45Z", + "pushed_at": "2019-04-21T20:07:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 187227372, + "name": "CVE-2019-0808", + "full_name": "exodusintel\/CVE-2019-0808", + "owner": { + "login": "exodusintel", + "id": 16653014, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16653014?v=4", + "html_url": "https:\/\/github.com\/exodusintel" + }, + "html_url": "https:\/\/github.com\/exodusintel\/CVE-2019-0808", + "description": "Win32k Exploit by Grant Willcox", + "fork": false, + "created_at": "2019-05-17T14:08:01Z", + "updated_at": "2020-07-14T15:58:42Z", + "pushed_at": "2019-05-17T14:17:00Z", + "stargazers_count": 78, + "watchers_count": 78, + "forks_count": 37, + "forks": 37, + "watchers": 78, + "score": 0 + }, { "id": 264669775, "name": "CVE-2019-0808-32-64-exp", diff --git a/2019/CVE-2019-0841.json b/2019/CVE-2019-0841.json new file mode 100644 index 0000000000..5cd344a6f6 --- /dev/null +++ b/2019/CVE-2019-0841.json @@ -0,0 +1,71 @@ +[ + { + "id": 179680988, + "name": "CVE-2019-0841", + "full_name": "rogue-kdc\/CVE-2019-0841", + "owner": { + "login": "rogue-kdc", + "id": 49311295, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/49311295?v=4", + "html_url": "https:\/\/github.com\/rogue-kdc" + }, + "html_url": "https:\/\/github.com\/rogue-kdc\/CVE-2019-0841", + "description": "PoC code for CVE-2019-0841 Privilege Escalation vulnerability", + "fork": false, + "created_at": "2019-04-05T12:53:52Z", + "updated_at": "2020-07-09T02:13:28Z", + "pushed_at": "2019-04-09T16:49:19Z", + "stargazers_count": 219, + "watchers_count": 219, + "forks_count": 97, + "forks": 97, + "watchers": 219, + "score": 0 + }, + { + "id": 180605162, + "name": "CVE-2019-0841", + "full_name": "denmilu\/CVE-2019-0841", + "owner": { + "login": "denmilu", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/denmilu" + }, + "html_url": "https:\/\/github.com\/denmilu\/CVE-2019-0841", + "description": null, + "fork": false, + "created_at": "2019-04-10T14:58:22Z", + "updated_at": "2019-05-26T06:57:44Z", + "pushed_at": "2019-04-10T14:58:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 191441504, + "name": "CVE-2019-0841-BYPASS", + "full_name": "0x00-0x00\/CVE-2019-0841-BYPASS", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2019-0841-BYPASS", + "description": "A fully automatic CVE-2019-0841 bypass targeting all versions of Edge in Windows 10.", + "fork": false, + "created_at": "2019-06-11T20:05:26Z", + "updated_at": "2020-06-09T12:34:13Z", + "pushed_at": "2019-06-11T20:49:42Z", + "stargazers_count": 51, + "watchers_count": 51, + "forks_count": 27, + "forks": 27, + "watchers": 51, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0888.json b/2019/CVE-2019-0888.json new file mode 100644 index 0000000000..30a3719400 --- /dev/null +++ b/2019/CVE-2019-0888.json @@ -0,0 +1,25 @@ +[ + { + "id": 193166704, + "name": "CVE-2019-0888", + "full_name": "sophoslabs\/CVE-2019-0888", + "owner": { + "login": "sophoslabs", + "id": 40878494, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/40878494?v=4", + "html_url": "https:\/\/github.com\/sophoslabs" + }, + "html_url": "https:\/\/github.com\/sophoslabs\/CVE-2019-0888", + "description": "PoC for CVE-2019-0888 - Use-After-Free in Windows ActiveX Data Objects (ADO)", + "fork": false, + "created_at": "2019-06-21T22:26:52Z", + "updated_at": "2020-03-21T18:23:15Z", + "pushed_at": "2019-07-09T18:40:05Z", + "stargazers_count": 41, + "watchers_count": 41, + "forks_count": 22, + "forks": 22, + "watchers": 41, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0986.json b/2019/CVE-2019-0986.json new file mode 100644 index 0000000000..d9e1a3804d --- /dev/null +++ b/2019/CVE-2019-0986.json @@ -0,0 +1,25 @@ +[ + { + "id": 176955881, + "name": "CVE-2019-0986", + "full_name": "padovah4ck\/CVE-2019-0986", + "owner": { + "login": "padovah4ck", + "id": 13963076, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/13963076?v=4", + "html_url": "https:\/\/github.com\/padovah4ck" + }, + "html_url": "https:\/\/github.com\/padovah4ck\/CVE-2019-0986", + "description": "Security Research", + "fork": false, + "created_at": "2019-03-21T13:58:25Z", + "updated_at": "2020-05-07T22:56:23Z", + "pushed_at": "2019-06-17T08:10:53Z", + "stargazers_count": 34, + "watchers_count": 34, + "forks_count": 10, + "forks": 10, + "watchers": 34, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10008.json b/2019/CVE-2019-10008.json new file mode 100644 index 0000000000..aaeaf00ab6 --- /dev/null +++ b/2019/CVE-2019-10008.json @@ -0,0 +1,25 @@ +[ + { + "id": 179552575, + "name": "CVE-2019-10008", + "full_name": "FlameOfIgnis\/CVE-2019-10008", + "owner": { + "login": "FlameOfIgnis", + "id": 16636092, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/16636092?v=4", + "html_url": "https:\/\/github.com\/FlameOfIgnis" + }, + "html_url": "https:\/\/github.com\/FlameOfIgnis\/CVE-2019-10008", + "description": "ManageEngine Service Desk Plus 10.0 Privilaged account Hijacking", + "fork": false, + "created_at": "2019-04-04T18:20:23Z", + "updated_at": "2020-05-04T08:50:11Z", + "pushed_at": "2019-08-17T15:17:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1002101.json b/2019/CVE-2019-1002101.json new file mode 100644 index 0000000000..e2c4167a02 --- /dev/null +++ b/2019/CVE-2019-1002101.json @@ -0,0 +1,25 @@ +[ + { + "id": 179330253, + "name": "CVE-2019-1002101-Helpers", + "full_name": "brompwnie\/CVE-2019-1002101-Helpers", + "owner": { + "login": "brompwnie", + "id": 8638589, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8638589?v=4", + "html_url": "https:\/\/github.com\/brompwnie" + }, + "html_url": "https:\/\/github.com\/brompwnie\/CVE-2019-1002101-Helpers", + "description": "PoC helper scripts and Dockerfile for CVE-2019-1002101", + "fork": false, + "created_at": "2019-04-03T16:36:58Z", + "updated_at": "2020-07-14T14:11:03Z", + "pushed_at": "2019-04-03T17:35:03Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 5, + "forks": 5, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1003000.json b/2019/CVE-2019-1003000.json index c6a2a5d22f..1e02a202a9 100644 --- a/2019/CVE-2019-1003000.json +++ b/2019/CVE-2019-1003000.json @@ -21,5 +21,74 @@ "forks": 28, "watchers": 50, "score": 0 + }, + { + "id": 170809838, + "name": "cve-2019-1003000-jenkins-rce-poc", + "full_name": "adamyordan\/cve-2019-1003000-jenkins-rce-poc", + "owner": { + "login": "adamyordan", + "id": 9531164, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/9531164?v=4", + "html_url": "https:\/\/github.com\/adamyordan" + }, + "html_url": "https:\/\/github.com\/adamyordan\/cve-2019-1003000-jenkins-rce-poc", + "description": "Jenkins RCE Proof-of-Concept: SECURITY-1266 \/ CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)", + "fork": false, + "created_at": "2019-02-15T05:59:24Z", + "updated_at": "2020-07-03T03:04:36Z", + "pushed_at": "2019-04-01T13:19:49Z", + "stargazers_count": 263, + "watchers_count": 263, + "forks_count": 77, + "forks": 77, + "watchers": 263, + "score": 0 + }, + { + "id": 172198653, + "name": "CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins", + "full_name": "0xtavian\/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins", + "owner": { + "login": "0xtavian", + "id": 21030907, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/21030907?v=4", + "html_url": "https:\/\/github.com\/0xtavian" + }, + "html_url": "https:\/\/github.com\/0xtavian\/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins", + "description": "Python CVE-2019-1003000 and CVE-2018-1999002 Pre-Auth RCE Jenkins ", + "fork": false, + "created_at": "2019-02-23T10:00:03Z", + "updated_at": "2020-04-20T00:16:50Z", + "pushed_at": "2019-02-23T10:01:26Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 3, + "forks": 3, + "watchers": 7, + "score": 0 + }, + { + "id": 183322760, + "name": "CVE-2019-1003000_RCE-DETECTION", + "full_name": "1NTheKut\/CVE-2019-1003000_RCE-DETECTION", + "owner": { + "login": "1NTheKut", + "id": 26243759, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/26243759?v=4", + "html_url": "https:\/\/github.com\/1NTheKut" + }, + "html_url": "https:\/\/github.com\/1NTheKut\/CVE-2019-1003000_RCE-DETECTION", + "description": "A C# module to detect if a Jenkins server is vulnerable to the RCE vulnerability found in CVE-2019-1003000 (chained with CVE-2018-1000861 for pre-auth RCE)", + "fork": false, + "created_at": "2019-04-24T23:52:42Z", + "updated_at": "2019-05-13T06:00:34Z", + "pushed_at": "2019-05-01T07:11:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-10086.json b/2019/CVE-2019-10086.json new file mode 100644 index 0000000000..03c978b085 --- /dev/null +++ b/2019/CVE-2019-10086.json @@ -0,0 +1,25 @@ +[ + { + "id": 218899327, + "name": "CVE-2019-10086", + "full_name": "evilangelplus\/CVE-2019-10086", + "owner": { + "login": "evilangelplus", + "id": 56948123, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/56948123?v=4", + "html_url": "https:\/\/github.com\/evilangelplus" + }, + "html_url": "https:\/\/github.com\/evilangelplus\/CVE-2019-10086", + "description": "wait for exp.", + "fork": false, + "created_at": "2019-11-01T02:36:17Z", + "updated_at": "2019-11-01T02:36:17Z", + "pushed_at": "2019-11-01T02:36:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10092.json b/2019/CVE-2019-10092.json new file mode 100644 index 0000000000..7862f61227 --- /dev/null +++ b/2019/CVE-2019-10092.json @@ -0,0 +1,25 @@ +[ + { + "id": 228854670, + "name": "CVE-2019-10092_Docker", + "full_name": "motikan2010\/CVE-2019-10092_Docker", + "owner": { + "login": "motikan2010", + "id": 3177297, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3177297?v=4", + "html_url": "https:\/\/github.com\/motikan2010" + }, + "html_url": "https:\/\/github.com\/motikan2010\/CVE-2019-10092_Docker", + "description": "CVE-2019-10092 Docker - Apache HTTP Server", + "fork": false, + "created_at": "2019-12-18T14:15:13Z", + "updated_at": "2020-05-18T10:43:29Z", + "pushed_at": "2020-01-07T03:22:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1010298.json b/2019/CVE-2019-1010298.json new file mode 100644 index 0000000000..7f5a422f85 --- /dev/null +++ b/2019/CVE-2019-1010298.json @@ -0,0 +1,25 @@ +[ + { + "id": 201962859, + "name": "CVE-2019-1010298", + "full_name": "RKX1209\/CVE-2019-1010298", + "owner": { + "login": "RKX1209", + "id": 964758, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/964758?v=4", + "html_url": "https:\/\/github.com\/RKX1209" + }, + "html_url": "https:\/\/github.com\/RKX1209\/CVE-2019-1010298", + "description": "Proof of Concept of TrustZone exploit ", + "fork": false, + "created_at": "2019-08-12T15:58:06Z", + "updated_at": "2020-05-17T11:41:51Z", + "pushed_at": "2019-08-12T16:01:24Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 4, + "forks": 4, + "watchers": 12, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10149.json b/2019/CVE-2019-10149.json index 50f6015b88..6c52f9bfe0 100644 --- a/2019/CVE-2019-10149.json +++ b/2019/CVE-2019-10149.json @@ -1,4 +1,211 @@ [ + { + "id": 191233980, + "name": "exim-rce-quickfix", + "full_name": "bananaphones\/exim-rce-quickfix", + "owner": { + "login": "bananaphones", + "id": 4877449, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/4877449?v=4", + "html_url": "https:\/\/github.com\/bananaphones" + }, + "html_url": "https:\/\/github.com\/bananaphones\/exim-rce-quickfix", + "description": "quick fix for CVE-2019-10149, works on Debian\\Ubuntu\\Centos", + "fork": false, + "created_at": "2019-06-10T19:37:05Z", + "updated_at": "2020-06-28T05:13:41Z", + "pushed_at": "2019-06-14T10:16:02Z", + "stargazers_count": 22, + "watchers_count": 22, + "forks_count": 19, + "forks": 19, + "watchers": 22, + "score": 0 + }, + { + "id": 191493140, + "name": "eximrce-CVE-2019-10149", + "full_name": "cowbe0x004\/eximrce-CVE-2019-10149", + "owner": { + "login": "cowbe0x004", + "id": 3072913, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3072913?v=4", + "html_url": "https:\/\/github.com\/cowbe0x004" + }, + "html_url": "https:\/\/github.com\/cowbe0x004\/eximrce-CVE-2019-10149", + "description": "simple python socket connection to test if exim is vulnerable to CVE-2019-10149. The payload simply touch a file in \/tmp\/eximrce.", + "fork": false, + "created_at": "2019-06-12T03:47:16Z", + "updated_at": "2020-06-10T21:55:54Z", + "pushed_at": "2019-07-08T18:25:12Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 11, + "forks": 11, + "watchers": 12, + "score": 0 + }, + { + "id": 191845568, + "name": "PoC--CVE-2019-10149_Exim", + "full_name": "MNEMO-CERT\/PoC--CVE-2019-10149_Exim", + "owner": { + "login": "MNEMO-CERT", + "id": 51804856, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/51804856?v=4", + "html_url": "https:\/\/github.com\/MNEMO-CERT" + }, + "html_url": "https:\/\/github.com\/MNEMO-CERT\/PoC--CVE-2019-10149_Exim", + "description": "PoC for CVE-2019-10149, this vulnerability could be xploited betwen 4-87 to 4.91 version of Exim server.", + "fork": false, + "created_at": "2019-06-13T23:21:53Z", + "updated_at": "2020-06-28T05:23:37Z", + "pushed_at": "2019-06-18T14:57:22Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 5, + "forks": 5, + "watchers": 14, + "score": 0 + }, + { + "id": 191952969, + "name": "CVE-2019-10149-quick", + "full_name": "aishee\/CVE-2019-10149-quick", + "owner": { + "login": "aishee", + "id": 8377283, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/8377283?v=4", + "html_url": "https:\/\/github.com\/aishee" + }, + "html_url": "https:\/\/github.com\/aishee\/CVE-2019-10149-quick", + "description": "Simple Bash shell quick fix CVE-2019-10149", + "fork": false, + "created_at": "2019-06-14T14:02:43Z", + "updated_at": "2019-06-14T14:03:33Z", + "pushed_at": "2019-06-14T14:03:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 194002154, + "name": "CVE-2019-10149-privilege-escalation", + "full_name": "AzizMea\/CVE-2019-10149-privilege-escalation", + "owner": { + "login": "AzizMea", + "id": 30970260, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/30970260?v=4", + "html_url": "https:\/\/github.com\/AzizMea" + }, + "html_url": "https:\/\/github.com\/AzizMea\/CVE-2019-10149-privilege-escalation", + "description": "CVE-2019-10149 privilege escalation", + "fork": false, + "created_at": "2019-06-27T01:34:41Z", + "updated_at": "2020-05-30T20:35:51Z", + "pushed_at": "2019-06-27T17:46:25Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 6, + "forks": 6, + "watchers": 9, + "score": 0 + }, + { + "id": 198729185, + "name": "StickyExim", + "full_name": "Brets0150\/StickyExim", + "owner": { + "login": "Brets0150", + "id": 40045956, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/40045956?v=4", + "html_url": "https:\/\/github.com\/Brets0150" + }, + "html_url": "https:\/\/github.com\/Brets0150\/StickyExim", + "description": "Exim Honey Pot for CVE-2019-10149 exploit attempts.", + "fork": false, + "created_at": "2019-07-25T00:46:37Z", + "updated_at": "2019-08-06T20:21:47Z", + "pushed_at": "2019-08-06T20:21:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 206647936, + "name": "exim.exp", + "full_name": "ChrissHack\/exim.exp", + "owner": { + "login": "ChrissHack", + "id": 36897897, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/36897897?v=4", + "html_url": "https:\/\/github.com\/ChrissHack" + }, + "html_url": "https:\/\/github.com\/ChrissHack\/exim.exp", + "description": "CVE-2019-10149", + "fork": false, + "created_at": "2019-09-05T20:04:14Z", + "updated_at": "2019-09-11T01:27:28Z", + "pushed_at": "2019-09-05T20:34:18Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, + { + "id": 216513053, + "name": "CVE-2019-10149", + "full_name": "darsigovrustam\/CVE-2019-10149", + "owner": { + "login": "darsigovrustam", + "id": 36308333, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/36308333?v=4", + "html_url": "https:\/\/github.com\/darsigovrustam" + }, + "html_url": "https:\/\/github.com\/darsigovrustam\/CVE-2019-10149", + "description": "Instructions for installing a vulnerable version of Exim and its expluatation", + "fork": false, + "created_at": "2019-10-21T08:13:27Z", + "updated_at": "2020-04-13T06:36:31Z", + "pushed_at": "2019-10-24T07:19:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 217788444, + "name": "CVE-2019-10149", + "full_name": "Diefunction\/CVE-2019-10149", + "owner": { + "login": "Diefunction", + "id": 17242631, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/17242631?v=4", + "html_url": "https:\/\/github.com\/Diefunction" + }, + "html_url": "https:\/\/github.com\/Diefunction\/CVE-2019-10149", + "description": "CVE-2019-10149 : A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in \/src\/deliver.c may lead to remote command execution.", + "fork": false, + "created_at": "2019-10-27T01:03:11Z", + "updated_at": "2020-06-03T08:06:04Z", + "pushed_at": "2019-10-27T01:08:17Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 4, + "forks": 4, + "watchers": 11, + "score": 0 + }, { "id": 263372042, "name": "CVE-2019-10149", diff --git a/2019/CVE-2019-10207.json b/2019/CVE-2019-10207.json new file mode 100644 index 0000000000..c5186842df --- /dev/null +++ b/2019/CVE-2019-10207.json @@ -0,0 +1,25 @@ +[ + { + "id": 199611138, + "name": "CVE-2019-10207", + "full_name": "butterflyhack\/CVE-2019-10207", + "owner": { + "login": "butterflyhack", + "id": 11525772, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/11525772?v=4", + "html_url": "https:\/\/github.com\/butterflyhack" + }, + "html_url": "https:\/\/github.com\/butterflyhack\/CVE-2019-10207", + "description": "PoC for CVE-2019-10207", + "fork": false, + "created_at": "2019-07-30T08:39:21Z", + "updated_at": "2019-12-18T03:34:41Z", + "pushed_at": "2019-07-30T08:50:32Z", + "stargazers_count": 17, + "watchers_count": 17, + "forks_count": 7, + "forks": 7, + "watchers": 17, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10392.json b/2019/CVE-2019-10392.json new file mode 100644 index 0000000000..6e4bf3d940 --- /dev/null +++ b/2019/CVE-2019-10392.json @@ -0,0 +1,48 @@ +[ + { + "id": 211009198, + "name": "CVE-2019-10392", + "full_name": "jas502n\/CVE-2019-10392", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-10392", + "description": "CVE-2019-10392 RCE Jackson with Git Client Plugin 2.8.2 (Authenticated)", + "fork": false, + "created_at": "2019-09-26T05:45:00Z", + "updated_at": "2019-10-16T07:34:14Z", + "pushed_at": "2019-09-26T05:49:21Z", + "stargazers_count": 19, + "watchers_count": 19, + "forks_count": 4, + "forks": 4, + "watchers": 19, + "score": 0 + }, + { + "id": 211651844, + "name": "CVE-2019-10392_EXP", + "full_name": "ftk-sostupid\/CVE-2019-10392_EXP", + "owner": { + "login": "ftk-sostupid", + "id": 30171892, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/30171892?v=4", + "html_url": "https:\/\/github.com\/ftk-sostupid" + }, + "html_url": "https:\/\/github.com\/ftk-sostupid\/CVE-2019-10392_EXP", + "description": "Jenkins Git Client RCE CVE-2019-10392_Exp", + "fork": false, + "created_at": "2019-09-29T11:22:41Z", + "updated_at": "2019-10-27T17:19:37Z", + "pushed_at": "2019-10-21T02:02:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1040.json b/2019/CVE-2019-1040.json index 7b4616fbf0..158e5b5af7 100644 --- a/2019/CVE-2019-1040.json +++ b/2019/CVE-2019-1040.json @@ -22,6 +22,29 @@ "watchers": 175, "score": 0 }, + { + "id": 192691928, + "name": "UltraRealy_with_CVE-2019-1040", + "full_name": "lazaars\/UltraRealy_with_CVE-2019-1040", + "owner": { + "login": "lazaars", + "id": 36127186, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/36127186?v=4", + "html_url": "https:\/\/github.com\/lazaars" + }, + "html_url": "https:\/\/github.com\/lazaars\/UltraRealy_with_CVE-2019-1040", + "description": "Updated version for the tool UltraRealy with support of the CVE-2019-1040 exploit", + "fork": false, + "created_at": "2019-06-19T08:32:31Z", + "updated_at": "2020-06-15T02:28:16Z", + "pushed_at": "2019-06-19T09:15:16Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 5, + "forks": 5, + "watchers": 11, + "score": 0 + }, { "id": 193532426, "name": "cve-2019-1040-scanner", @@ -44,5 +67,28 @@ "forks": 47, "watchers": 220, "score": 0 + }, + { + "id": 209096168, + "name": "CVE-2019-1040", + "full_name": "wzxmt\/CVE-2019-1040", + "owner": { + "login": "wzxmt", + "id": 44249535, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/44249535?v=4", + "html_url": "https:\/\/github.com\/wzxmt" + }, + "html_url": "https:\/\/github.com\/wzxmt\/CVE-2019-1040", + "description": null, + "fork": false, + "created_at": "2019-09-17T15:53:25Z", + "updated_at": "2020-04-01T05:23:50Z", + "pushed_at": "2019-09-17T15:53:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-10475.json b/2019/CVE-2019-10475.json new file mode 100644 index 0000000000..6d9dbe6110 --- /dev/null +++ b/2019/CVE-2019-10475.json @@ -0,0 +1,25 @@ +[ + { + "id": 220101094, + "name": "CVE-2019-10475", + "full_name": "vesche\/CVE-2019-10475", + "owner": { + "login": "vesche", + "id": 8083281, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/8083281?v=4", + "html_url": "https:\/\/github.com\/vesche" + }, + "html_url": "https:\/\/github.com\/vesche\/CVE-2019-10475", + "description": null, + "fork": false, + "created_at": "2019-11-06T22:19:01Z", + "updated_at": "2020-03-02T00:23:05Z", + "pushed_at": "2019-11-06T23:33:11Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 3, + "forks": 3, + "watchers": 12, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1064.json b/2019/CVE-2019-1064.json new file mode 100644 index 0000000000..b9ce1f1082 --- /dev/null +++ b/2019/CVE-2019-1064.json @@ -0,0 +1,71 @@ +[ + { + "id": 191548642, + "name": "CVE-2019-1064", + "full_name": "RythmStick\/CVE-2019-1064", + "owner": { + "login": "RythmStick", + "id": 43847240, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/43847240?v=4", + "html_url": "https:\/\/github.com\/RythmStick" + }, + "html_url": "https:\/\/github.com\/RythmStick\/CVE-2019-1064", + "description": "CVE-2019-1064 Local Privilege Escalation Vulnerability", + "fork": false, + "created_at": "2019-06-12T10:21:35Z", + "updated_at": "2020-06-12T21:35:59Z", + "pushed_at": "2019-06-13T09:55:07Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 10, + "forks": 10, + "watchers": 14, + "score": 0 + }, + { + "id": 191602145, + "name": "CVE-2019-1064", + "full_name": "0x00-0x00\/CVE-2019-1064", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2019-1064", + "description": "CVE-2019-1064 Local Privilege Escalation Vulnerability", + "fork": false, + "created_at": "2019-06-12T15:54:55Z", + "updated_at": "2020-07-13T12:07:03Z", + "pushed_at": "2019-06-12T12:25:42Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 17, + "forks": 17, + "watchers": 11, + "score": 0 + }, + { + "id": 192173000, + "name": "CVE-2019-1064", + "full_name": "attackgithub\/CVE-2019-1064", + "owner": { + "login": "attackgithub", + "id": 45205753, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/45205753?v=4", + "html_url": "https:\/\/github.com\/attackgithub" + }, + "html_url": "https:\/\/github.com\/attackgithub\/CVE-2019-1064", + "description": "CVE-2019-1064 - AppXSVC Local Privilege Escalation", + "fork": false, + "created_at": "2019-06-16T09:31:11Z", + "updated_at": "2019-06-18T21:49:16Z", + "pushed_at": "2019-06-14T07:47:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10678.json b/2019/CVE-2019-10678.json new file mode 100644 index 0000000000..e72b43be23 --- /dev/null +++ b/2019/CVE-2019-10678.json @@ -0,0 +1,25 @@ +[ + { + "id": 185265234, + "name": "cve-2019-10678", + "full_name": "cved-sources\/cve-2019-10678", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2019-10678", + "description": "cve-2019-10678", + "fork": false, + "created_at": "2019-05-06T20:15:47Z", + "updated_at": "2019-05-06T20:16:09Z", + "pushed_at": "2019-05-06T20:16:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10685.json b/2019/CVE-2019-10685.json new file mode 100644 index 0000000000..f013a5d423 --- /dev/null +++ b/2019/CVE-2019-10685.json @@ -0,0 +1,25 @@ +[ + { + "id": 179077030, + "name": "CVE-2019-10685", + "full_name": "alt3kx\/CVE-2019-10685", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2019-10685", + "description": "A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Print Archive System v2015 release 2.6", + "fork": false, + "created_at": "2019-04-02T12:50:46Z", + "updated_at": "2019-05-11T02:51:22Z", + "pushed_at": "2019-05-07T11:50:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1069.json b/2019/CVE-2019-1069.json new file mode 100644 index 0000000000..4eb85dfd96 --- /dev/null +++ b/2019/CVE-2019-1069.json @@ -0,0 +1,25 @@ +[ + { + "id": 189962146, + "name": "SharpPolarBear", + "full_name": "S3cur3Th1sSh1t\/SharpPolarBear", + "owner": { + "login": "S3cur3Th1sSh1t", + "id": 27858067, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/27858067?v=4", + "html_url": "https:\/\/github.com\/S3cur3Th1sSh1t" + }, + "html_url": "https:\/\/github.com\/S3cur3Th1sSh1t\/SharpPolarBear", + "description": "Privesc through import of Sheduled tasks + Hardlinks - CVE-2019-1069", + "fork": false, + "created_at": "2019-06-03T08:07:32Z", + "updated_at": "2020-07-09T13:30:56Z", + "pushed_at": "2019-06-26T11:53:08Z", + "stargazers_count": 32, + "watchers_count": 32, + "forks_count": 14, + "forks": 14, + "watchers": 32, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10708.json b/2019/CVE-2019-10708.json new file mode 100644 index 0000000000..3b026c5fd4 --- /dev/null +++ b/2019/CVE-2019-10708.json @@ -0,0 +1,25 @@ +[ + { + "id": 202295806, + "name": "CVE-2019-10708", + "full_name": "stavhaygn\/CVE-2019-10708", + "owner": { + "login": "stavhaygn", + "id": 17663058, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/17663058?v=4", + "html_url": "https:\/\/github.com\/stavhaygn" + }, + "html_url": "https:\/\/github.com\/stavhaygn\/CVE-2019-10708", + "description": "CVE-2019-10708 SQL injection PoC", + "fork": false, + "created_at": "2019-08-14T07:15:58Z", + "updated_at": "2019-08-18T10:17:37Z", + "pushed_at": "2019-08-18T10:17:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10758.json b/2019/CVE-2019-10758.json new file mode 100644 index 0000000000..a0db91501c --- /dev/null +++ b/2019/CVE-2019-10758.json @@ -0,0 +1,48 @@ +[ + { + "id": 230212773, + "name": "CVE-2019-10758", + "full_name": "masahiro331\/CVE-2019-10758", + "owner": { + "login": "masahiro331", + "id": 20438853, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/20438853?v=4", + "html_url": "https:\/\/github.com\/masahiro331" + }, + "html_url": "https:\/\/github.com\/masahiro331\/CVE-2019-10758", + "description": null, + "fork": false, + "created_at": "2019-12-26T06:58:56Z", + "updated_at": "2020-07-13T06:23:56Z", + "pushed_at": "2019-12-26T08:44:54Z", + "stargazers_count": 107, + "watchers_count": 107, + "forks_count": 23, + "forks": 23, + "watchers": 107, + "score": 0 + }, + { + "id": 231926488, + "name": "CVE-2019-10758", + "full_name": "lp008\/CVE-2019-10758", + "owner": { + "login": "lp008", + "id": 11436275, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/11436275?v=4", + "html_url": "https:\/\/github.com\/lp008" + }, + "html_url": "https:\/\/github.com\/lp008\/CVE-2019-10758", + "description": "CVE-2019-10758", + "fork": false, + "created_at": "2020-01-05T14:05:56Z", + "updated_at": "2020-04-08T09:00:56Z", + "pushed_at": "2020-01-05T14:21:15Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 0, + "forks": 0, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10869.json b/2019/CVE-2019-10869.json new file mode 100644 index 0000000000..e75deb8f16 --- /dev/null +++ b/2019/CVE-2019-10869.json @@ -0,0 +1,25 @@ +[ + { + "id": 186229171, + "name": "CVE-2019-10869", + "full_name": "KTN1990\/CVE-2019-10869", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2019-10869", + "description": "(Wordpress) Ninja Forms File Uploads Extension <= 3.0.22 – Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2019-05-12T08:20:16Z", + "updated_at": "2020-02-15T08:35:59Z", + "pushed_at": "2019-05-17T10:41:43Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 5, + "forks": 5, + "watchers": 13, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10915.json b/2019/CVE-2019-10915.json new file mode 100644 index 0000000000..69e2b33078 --- /dev/null +++ b/2019/CVE-2019-10915.json @@ -0,0 +1,25 @@ +[ + { + "id": 198133475, + "name": "CVE-2019-10915", + "full_name": "jiansiting\/CVE-2019-10915", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting" + }, + "html_url": "https:\/\/github.com\/jiansiting\/CVE-2019-10915", + "description": "Siemens TIA administrator Tool RCE", + "fork": false, + "created_at": "2019-07-22T02:38:54Z", + "updated_at": "2020-03-18T01:41:48Z", + "pushed_at": "2019-07-22T11:48:39Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1096.json b/2019/CVE-2019-1096.json new file mode 100644 index 0000000000..53eafaa5fc --- /dev/null +++ b/2019/CVE-2019-1096.json @@ -0,0 +1,25 @@ +[ + { + "id": 198776283, + "name": "cve-2019-1096-poc", + "full_name": "ze0r\/cve-2019-1096-poc", + "owner": { + "login": "ze0r", + "id": 43227253, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/43227253?v=4", + "html_url": "https:\/\/github.com\/ze0r" + }, + "html_url": "https:\/\/github.com\/ze0r\/cve-2019-1096-poc", + "description": null, + "fork": false, + "created_at": "2019-07-25T07:01:45Z", + "updated_at": "2020-06-07T11:48:48Z", + "pushed_at": "2019-07-25T07:24:11Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 3, + "forks": 3, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11043.json b/2019/CVE-2019-11043.json index bf5cf7d4e5..03fe560236 100644 --- a/2019/CVE-2019-11043.json +++ b/2019/CVE-2019-11043.json @@ -1,4 +1,96 @@ [ + { + "id": 210457246, + "name": "phuip-fpizdam", + "full_name": "neex\/phuip-fpizdam", + "owner": { + "login": "neex", + "id": 684237, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/684237?v=4", + "html_url": "https:\/\/github.com\/neex" + }, + "html_url": "https:\/\/github.com\/neex\/phuip-fpizdam", + "description": "Exploit for CVE-2019-11043", + "fork": false, + "created_at": "2019-09-23T21:37:27Z", + "updated_at": "2020-07-17T22:57:34Z", + "pushed_at": "2019-11-12T18:53:14Z", + "stargazers_count": 1595, + "watchers_count": 1595, + "forks_count": 229, + "forks": 229, + "watchers": 1595, + "score": 0 + }, + { + "id": 217065303, + "name": "CVE-2019-11043", + "full_name": "B1gd0g\/CVE-2019-11043", + "owner": { + "login": "B1gd0g", + "id": 49259860, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/49259860?v=4", + "html_url": "https:\/\/github.com\/B1gd0g" + }, + "html_url": "https:\/\/github.com\/B1gd0g\/CVE-2019-11043", + "description": "CVE-2019-11043", + "fork": false, + "created_at": "2019-10-23T13:32:14Z", + "updated_at": "2019-10-23T13:35:49Z", + "pushed_at": "2019-10-23T13:35:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 217065801, + "name": "CVE-2019-11043", + "full_name": "tinker-li\/CVE-2019-11043", + "owner": { + "login": "tinker-li", + "id": 41416976, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/41416976?v=4", + "html_url": "https:\/\/github.com\/tinker-li" + }, + "html_url": "https:\/\/github.com\/tinker-li\/CVE-2019-11043", + "description": null, + "fork": false, + "created_at": "2019-10-23T13:34:28Z", + "updated_at": "2019-10-23T13:41:53Z", + "pushed_at": "2019-10-23T13:41:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 217171261, + "name": "CVE-2019-11043", + "full_name": "jas502n\/CVE-2019-11043", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-11043", + "description": "php-fpm+Nginx RCE", + "fork": false, + "created_at": "2019-10-23T23:26:57Z", + "updated_at": "2020-06-11T06:48:49Z", + "pushed_at": "2019-10-29T02:02:34Z", + "stargazers_count": 74, + "watchers_count": 74, + "forks_count": 29, + "forks": 29, + "watchers": 74, + "score": 0 + }, { "id": 217218372, "name": "PHP-FPM-Remote-Code-Execution-Vulnerability-CVE-2019-11043-", @@ -22,6 +114,259 @@ "watchers": 3, "score": 0 }, + { + "id": 217257852, + "name": "CVE-2019-11043", + "full_name": "ianxtianxt\/CVE-2019-11043", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2019-11043", + "description": null, + "fork": false, + "created_at": "2019-10-24T09:09:01Z", + "updated_at": "2019-10-24T09:12:19Z", + "pushed_at": "2019-10-24T09:12:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 217258558, + "name": "CVE-2019-11043", + "full_name": "fairyming\/CVE-2019-11043", + "owner": { + "login": "fairyming", + "id": 44915879, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/44915879?v=4", + "html_url": "https:\/\/github.com\/fairyming" + }, + "html_url": "https:\/\/github.com\/fairyming\/CVE-2019-11043", + "description": null, + "fork": false, + "created_at": "2019-10-24T09:12:38Z", + "updated_at": "2020-04-05T08:53:01Z", + "pushed_at": "2019-10-24T10:04:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 217294430, + "name": "CVE-2019-11043-Docker", + "full_name": "akamajoris\/CVE-2019-11043-Docker", + "owner": { + "login": "akamajoris", + "id": 4648441, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/4648441?v=4", + "html_url": "https:\/\/github.com\/akamajoris" + }, + "html_url": "https:\/\/github.com\/akamajoris\/CVE-2019-11043-Docker", + "description": null, + "fork": false, + "created_at": "2019-10-24T12:32:02Z", + "updated_at": "2019-11-17T16:02:45Z", + "pushed_at": "2019-10-28T10:23:17Z", + "stargazers_count": 26, + "watchers_count": 26, + "forks_count": 7, + "forks": 7, + "watchers": 26, + "score": 0 + }, + { + "id": 218028044, + "name": "CVE-2019-11043", + "full_name": "theMiddleBlue\/CVE-2019-11043", + "owner": { + "login": "theMiddleBlue", + "id": 4454961, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/4454961?v=4", + "html_url": "https:\/\/github.com\/theMiddleBlue" + }, + "html_url": "https:\/\/github.com\/theMiddleBlue\/CVE-2019-11043", + "description": "(PoC) Python version of CVE-2019-11043 exploit by neex", + "fork": false, + "created_at": "2019-10-28T11:09:06Z", + "updated_at": "2020-06-27T15:50:27Z", + "pushed_at": "2019-10-29T15:47:02Z", + "stargazers_count": 125, + "watchers_count": 125, + "forks_count": 27, + "forks": 27, + "watchers": 125, + "score": 0 + }, + { + "id": 218080163, + "name": "cve-2019-11043", + "full_name": "shadow-horse\/cve-2019-11043", + "owner": { + "login": "shadow-horse", + "id": 5432330, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/5432330?v=4", + "html_url": "https:\/\/github.com\/shadow-horse" + }, + "html_url": "https:\/\/github.com\/shadow-horse\/cve-2019-11043", + "description": "CVE-2019-11043 PHP远程代码执行", + "fork": false, + "created_at": "2019-10-28T15:31:34Z", + "updated_at": "2019-10-29T15:39:20Z", + "pushed_at": "2019-10-29T15:39:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 218269194, + "name": "CVE-2019-11043", + "full_name": "huowen\/CVE-2019-11043", + "owner": { + "login": "huowen", + "id": 31957041, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/31957041?v=4", + "html_url": "https:\/\/github.com\/huowen" + }, + "html_url": "https:\/\/github.com\/huowen\/CVE-2019-11043", + "description": "Python exp for CVE-2019-11043", + "fork": false, + "created_at": "2019-10-29T11:16:12Z", + "updated_at": "2019-11-27T04:14:03Z", + "pushed_at": "2019-10-30T06:19:21Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 0, + "forks": 0, + "watchers": 4, + "score": 0 + }, + { + "id": 218500391, + "name": "docker-CVE-2019-11043", + "full_name": "ypereirareis\/docker-CVE-2019-11043", + "owner": { + "login": "ypereirareis", + "id": 6838923, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/6838923?v=4", + "html_url": "https:\/\/github.com\/ypereirareis" + }, + "html_url": "https:\/\/github.com\/ypereirareis\/docker-CVE-2019-11043", + "description": "Docker image and commands to check CVE-2019-11043 vulnerability on nginx\/php-fpm applications.", + "fork": false, + "created_at": "2019-10-30T10:22:41Z", + "updated_at": "2020-04-13T12:25:26Z", + "pushed_at": "2019-10-30T12:53:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 220021213, + "name": "CVE-2019-11043", + "full_name": "MRdoulestar\/CVE-2019-11043", + "owner": { + "login": "MRdoulestar", + "id": 18137763, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/18137763?v=4", + "html_url": "https:\/\/github.com\/MRdoulestar" + }, + "html_url": "https:\/\/github.com\/MRdoulestar\/CVE-2019-11043", + "description": "CVE-2019-11043 && PHP7.x && RCE EXP", + "fork": false, + "created_at": "2019-11-06T14:53:13Z", + "updated_at": "2019-11-06T15:29:35Z", + "pushed_at": "2019-11-06T15:24:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 220032292, + "name": "CVE-2019-11043", + "full_name": "0th3rs-Security-Team\/CVE-2019-11043", + "owner": { + "login": "0th3rs-Security-Team", + "id": 57450857, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/57450857?v=4", + "html_url": "https:\/\/github.com\/0th3rs-Security-Team" + }, + "html_url": "https:\/\/github.com\/0th3rs-Security-Team\/CVE-2019-11043", + "description": "CVE-2019-11043 PHP7.x RCE", + "fork": false, + "created_at": "2019-11-06T15:44:47Z", + "updated_at": "2020-05-21T06:24:43Z", + "pushed_at": "2019-11-06T15:48:18Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 1, + "forks": 1, + "watchers": 9, + "score": 0 + }, + { + "id": 220966609, + "name": "CVE-2019-11043", + "full_name": "k8gege\/CVE-2019-11043", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege" + }, + "html_url": "https:\/\/github.com\/k8gege\/CVE-2019-11043", + "description": "Ladon POC Moudle CVE-2019-11043 (PHP-FPM + Ngnix)", + "fork": false, + "created_at": "2019-11-11T11:29:54Z", + "updated_at": "2020-04-27T11:25:06Z", + "pushed_at": "2019-11-11T11:59:52Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 8, + "forks": 8, + "watchers": 12, + "score": 0 + }, + { + "id": 222200768, + "name": "CVE-2019-11043_env", + "full_name": "moniik\/CVE-2019-11043_env", + "owner": { + "login": "moniik", + "id": 40794673, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/40794673?v=4", + "html_url": "https:\/\/github.com\/moniik" + }, + "html_url": "https:\/\/github.com\/moniik\/CVE-2019-11043_env", + "description": "remote debug environment for CLion", + "fork": false, + "created_at": "2019-11-17T05:16:02Z", + "updated_at": "2019-11-17T05:24:29Z", + "pushed_at": "2019-11-17T05:19:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 263386812, "name": "cve-2019-11043", diff --git a/2019/CVE-2019-11061.json b/2019/CVE-2019-11061.json new file mode 100644 index 0000000000..34b1b3605f --- /dev/null +++ b/2019/CVE-2019-11061.json @@ -0,0 +1,25 @@ +[ + { + "id": 178342166, + "name": "ASUS-SmartHome-Exploit", + "full_name": "tim124058\/ASUS-SmartHome-Exploit", + "owner": { + "login": "tim124058", + "id": 12321191, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/12321191?v=4", + "html_url": "https:\/\/github.com\/tim124058" + }, + "html_url": "https:\/\/github.com\/tim124058\/ASUS-SmartHome-Exploit", + "description": "ASUS SmartHome Exploit for CVE-2019-11061 and CVE-2019-11063", + "fork": false, + "created_at": "2019-03-29T06:01:49Z", + "updated_at": "2019-09-29T03:45:29Z", + "pushed_at": "2019-08-27T04:23:24Z", + "stargazers_count": 22, + "watchers_count": 22, + "forks_count": 7, + "forks": 7, + "watchers": 22, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11076.json b/2019/CVE-2019-11076.json new file mode 100644 index 0000000000..e318aba139 --- /dev/null +++ b/2019/CVE-2019-11076.json @@ -0,0 +1,25 @@ +[ + { + "id": 180679185, + "name": "poc-cribl-rce", + "full_name": "livehybrid\/poc-cribl-rce", + "owner": { + "login": "livehybrid", + "id": 5527349, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/5527349?v=4", + "html_url": "https:\/\/github.com\/livehybrid" + }, + "html_url": "https:\/\/github.com\/livehybrid\/poc-cribl-rce", + "description": "CVE-2019-11076 - Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthenticated web request", + "fork": false, + "created_at": "2019-04-10T23:31:39Z", + "updated_at": "2020-03-15T20:21:00Z", + "pushed_at": "2019-04-11T12:50:39Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 0, + "forks": 0, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1108.json b/2019/CVE-2019-1108.json new file mode 100644 index 0000000000..84a24177b4 --- /dev/null +++ b/2019/CVE-2019-1108.json @@ -0,0 +1,25 @@ +[ + { + "id": 233756730, + "name": "cve-2019-1108", + "full_name": "Lanph3re\/cve-2019-1108", + "owner": { + "login": "Lanph3re", + "id": 47443280, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/47443280?v=4", + "html_url": "https:\/\/github.com\/Lanph3re" + }, + "html_url": "https:\/\/github.com\/Lanph3re\/cve-2019-1108", + "description": null, + "fork": false, + "created_at": "2020-01-14T04:31:17Z", + "updated_at": "2020-04-04T15:51:05Z", + "pushed_at": "2020-01-14T04:36:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11157.json b/2019/CVE-2019-11157.json new file mode 100644 index 0000000000..1108a20119 --- /dev/null +++ b/2019/CVE-2019-11157.json @@ -0,0 +1,25 @@ +[ + { + "id": 228203919, + "name": "v0ltpwn", + "full_name": "zkenjar\/v0ltpwn", + "owner": { + "login": "zkenjar", + "id": 9324632, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/9324632?v=4", + "html_url": "https:\/\/github.com\/zkenjar" + }, + "html_url": "https:\/\/github.com\/zkenjar\/v0ltpwn", + "description": "Tool Suite for V0LTpwn (CVE-2019-11157). Code will be published soon.", + "fork": false, + "created_at": "2019-12-15T15:11:07Z", + "updated_at": "2020-04-12T13:02:11Z", + "pushed_at": "2019-12-16T22:32:06Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 3, + "forks": 3, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11223.json b/2019/CVE-2019-11223.json new file mode 100644 index 0000000000..8dedf1a380 --- /dev/null +++ b/2019/CVE-2019-11223.json @@ -0,0 +1,25 @@ +[ + { + "id": 181940820, + "name": "CVE-2019-11223", + "full_name": "AngelCtulhu\/CVE-2019-11223", + "owner": { + "login": "AngelCtulhu", + "id": 36587659, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/36587659?v=4", + "html_url": "https:\/\/github.com\/AngelCtulhu" + }, + "html_url": "https:\/\/github.com\/AngelCtulhu\/CVE-2019-11223", + "description": "CVE-2019-11223 - Arbitrary File Upload in Wordpress Support Candy Plugin Version 2.0 Below", + "fork": false, + "created_at": "2019-04-17T17:43:46Z", + "updated_at": "2019-04-19T16:43:54Z", + "pushed_at": "2019-04-19T04:32:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 5, + "forks": 5, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1132.json b/2019/CVE-2019-1132.json new file mode 100644 index 0000000000..c9f94e7677 --- /dev/null +++ b/2019/CVE-2019-1132.json @@ -0,0 +1,48 @@ +[ + { + "id": 198963113, + "name": "CVE-2019-1132", + "full_name": "Vlad-tri\/CVE-2019-1132", + "owner": { + "login": "Vlad-tri", + "id": 20975540, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/20975540?v=4", + "html_url": "https:\/\/github.com\/Vlad-tri" + }, + "html_url": "https:\/\/github.com\/Vlad-tri\/CVE-2019-1132", + "description": "EoP POC for CVE-2019-1132", + "fork": false, + "created_at": "2019-07-26T06:51:28Z", + "updated_at": "2020-03-21T23:32:28Z", + "pushed_at": "2019-09-08T07:58:12Z", + "stargazers_count": 59, + "watchers_count": 59, + "forks_count": 37, + "forks": 37, + "watchers": 59, + "score": 0 + }, + { + "id": 199763019, + "name": "CVE-2019-1132", + "full_name": "petercc\/CVE-2019-1132", + "owner": { + "login": "petercc", + "id": 1819628, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/1819628?v=4", + "html_url": "https:\/\/github.com\/petercc" + }, + "html_url": "https:\/\/github.com\/petercc\/CVE-2019-1132", + "description": "CVE-2019-1132", + "fork": false, + "created_at": "2019-07-31T02:30:28Z", + "updated_at": "2019-11-05T07:24:12Z", + "pushed_at": "2019-07-31T02:38:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11358.json b/2019/CVE-2019-11358.json index 5b573bf1ca..630b0cc32a 100644 --- a/2019/CVE-2019-11358.json +++ b/2019/CVE-2019-11358.json @@ -22,6 +22,29 @@ "watchers": 21, "score": 0 }, + { + "id": 197643691, + "name": "jquery-prototype-pollution-fix", + "full_name": "bitnesswise\/jquery-prototype-pollution-fix", + "owner": { + "login": "bitnesswise", + "id": 32780182, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/32780182?v=4", + "html_url": "https:\/\/github.com\/bitnesswise" + }, + "html_url": "https:\/\/github.com\/bitnesswise\/jquery-prototype-pollution-fix", + "description": "A fix for CVE-2019-11358 (prototype pollution in jquery)", + "fork": false, + "created_at": "2019-07-18T19:15:33Z", + "updated_at": "2020-04-04T15:02:00Z", + "pushed_at": "2019-07-18T20:00:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + }, { "id": 255702097, "name": "snyk-js-jquery-565129", diff --git a/2019/CVE-2019-11477.json b/2019/CVE-2019-11477.json new file mode 100644 index 0000000000..af5126209d --- /dev/null +++ b/2019/CVE-2019-11477.json @@ -0,0 +1,25 @@ +[ + { + "id": 198296662, + "name": "cve-2019-11477-poc", + "full_name": "sasqwatch\/cve-2019-11477-poc", + "owner": { + "login": "sasqwatch", + "id": 22352904, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/22352904?v=4", + "html_url": "https:\/\/github.com\/sasqwatch" + }, + "html_url": "https:\/\/github.com\/sasqwatch\/cve-2019-11477-poc", + "description": null, + "fork": false, + "created_at": "2019-07-22T20:23:08Z", + "updated_at": "2020-06-28T07:56:08Z", + "pushed_at": "2019-07-21T15:56:43Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11510.json b/2019/CVE-2019-11510.json index b72d5c1a71..1344139fbf 100644 --- a/2019/CVE-2019-11510.json +++ b/2019/CVE-2019-11510.json @@ -1,4 +1,27 @@ [ + { + "id": 203542766, + "name": "CVE-2019-11510", + "full_name": "projectzeroindia\/CVE-2019-11510", + "owner": { + "login": "projectzeroindia", + "id": 54312442, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/54312442?v=4", + "html_url": "https:\/\/github.com\/projectzeroindia" + }, + "html_url": "https:\/\/github.com\/projectzeroindia\/CVE-2019-11510", + "description": "Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)", + "fork": false, + "created_at": "2019-08-21T08:40:26Z", + "updated_at": "2020-07-04T15:43:00Z", + "pushed_at": "2020-01-11T13:55:33Z", + "stargazers_count": 318, + "watchers_count": 318, + "forks_count": 128, + "forks": 128, + "watchers": 318, + "score": 0 + }, { "id": 203567273, "name": "Pulse", @@ -22,6 +45,144 @@ "watchers": 4, "score": 0 }, + { + "id": 203747377, + "name": "CVE-2019-11510-poc", + "full_name": "imjdl\/CVE-2019-11510-poc", + "owner": { + "login": "imjdl", + "id": 31382943, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/31382943?v=4", + "html_url": "https:\/\/github.com\/imjdl" + }, + "html_url": "https:\/\/github.com\/imjdl\/CVE-2019-11510-poc", + "description": "Pulse Secure SSL VPN pre-auth file reading", + "fork": false, + "created_at": "2019-08-22T08:18:19Z", + "updated_at": "2020-06-22T09:44:45Z", + "pushed_at": "2019-08-26T19:33:43Z", + "stargazers_count": 46, + "watchers_count": 46, + "forks_count": 16, + "forks": 16, + "watchers": 46, + "score": 0 + }, + { + "id": 204579243, + "name": "CVE-2019-11510_poc", + "full_name": "es0\/CVE-2019-11510_poc", + "owner": { + "login": "es0", + "id": 10739380, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/10739380?v=4", + "html_url": "https:\/\/github.com\/es0" + }, + "html_url": "https:\/\/github.com\/es0\/CVE-2019-11510_poc", + "description": "PoC for CVE-2019-11510 | Pulse Secure 8.1R15.1\/8.2\/8.3\/9.0 SSL VPN - Arbitrary File Disclosure vulnerability", + "fork": false, + "created_at": "2019-08-26T23:30:15Z", + "updated_at": "2020-07-07T01:57:08Z", + "pushed_at": "2019-08-27T00:52:49Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 3, + "forks": 3, + "watchers": 4, + "score": 0 + }, + { + "id": 204608508, + "name": "http-pulse_ssl_vpn.nse", + "full_name": "r00tpgp\/http-pulse_ssl_vpn.nse", + "owner": { + "login": "r00tpgp", + "id": 29351179, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29351179?v=4", + "html_url": "https:\/\/github.com\/r00tpgp" + }, + "html_url": "https:\/\/github.com\/r00tpgp\/http-pulse_ssl_vpn.nse", + "description": "Nmap NSE script to detect Pulse Secure SSL VPN file disclosure CVE-2019-11510", + "fork": false, + "created_at": "2019-08-27T03:04:19Z", + "updated_at": "2020-04-21T06:45:53Z", + "pushed_at": "2019-08-27T07:03:26Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 4, + "forks": 4, + "watchers": 13, + "score": 0 + }, + { + "id": 204666616, + "name": "CVE-2019-11510-1", + "full_name": "jas502n\/CVE-2019-11510-1", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-11510-1", + "description": "SSL VPN Rce", + "fork": false, + "created_at": "2019-08-27T09:21:10Z", + "updated_at": "2020-06-27T03:05:40Z", + "pushed_at": "2019-08-27T09:29:05Z", + "stargazers_count": 50, + "watchers_count": 50, + "forks_count": 18, + "forks": 18, + "watchers": 50, + "score": 0 + }, + { + "id": 205106127, + "name": "CVE-2019-11510", + "full_name": "jason3e7\/CVE-2019-11510", + "owner": { + "login": "jason3e7", + "id": 3059297, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/3059297?v=4", + "html_url": "https:\/\/github.com\/jason3e7" + }, + "html_url": "https:\/\/github.com\/jason3e7\/CVE-2019-11510", + "description": null, + "fork": false, + "created_at": "2019-08-29T07:27:57Z", + "updated_at": "2019-08-29T07:28:54Z", + "pushed_at": "2019-08-29T07:28:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 207348255, + "name": "pwn-pulse", + "full_name": "BishopFox\/pwn-pulse", + "owner": { + "login": "BishopFox", + "id": 4523757, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/4523757?v=4", + "html_url": "https:\/\/github.com\/BishopFox" + }, + "html_url": "https:\/\/github.com\/BishopFox\/pwn-pulse", + "description": "Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)", + "fork": false, + "created_at": "2019-09-09T15:58:39Z", + "updated_at": "2020-07-08T14:09:16Z", + "pushed_at": "2020-01-15T17:01:50Z", + "stargazers_count": 79, + "watchers_count": 79, + "forks_count": 37, + "forks": 37, + "watchers": 79, + "score": 0 + }, { "id": 226548291, "name": "pulsexploit", diff --git a/2019/CVE-2019-11523.json b/2019/CVE-2019-11523.json new file mode 100644 index 0000000000..e8af18ab58 --- /dev/null +++ b/2019/CVE-2019-11523.json @@ -0,0 +1,25 @@ +[ + { + "id": 182799429, + "name": "anviz-m3-rfid-cve-2019-11523-poc", + "full_name": "wizlab-it\/anviz-m3-rfid-cve-2019-11523-poc", + "owner": { + "login": "wizlab-it", + "id": 19650583, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/19650583?v=4", + "html_url": "https:\/\/github.com\/wizlab-it" + }, + "html_url": "https:\/\/github.com\/wizlab-it\/anviz-m3-rfid-cve-2019-11523-poc", + "description": "Anviz M3 RFID CVE-2019-11523 PoC", + "fork": false, + "created_at": "2019-04-22T14:00:50Z", + "updated_at": "2019-06-13T16:23:09Z", + "pushed_at": "2019-06-13T16:23:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11539.json b/2019/CVE-2019-11539.json new file mode 100644 index 0000000000..d503cff2fc --- /dev/null +++ b/2019/CVE-2019-11539.json @@ -0,0 +1,25 @@ +[ + { + "id": 206321288, + "name": "CVE-2019-11539", + "full_name": "0xDezzy\/CVE-2019-11539", + "owner": { + "login": "0xDezzy", + "id": 4141697, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4141697?v=4", + "html_url": "https:\/\/github.com\/0xDezzy" + }, + "html_url": "https:\/\/github.com\/0xDezzy\/CVE-2019-11539", + "description": "Exploit for the Post-Auth RCE vulnerability in Pulse Secure Connect", + "fork": false, + "created_at": "2019-09-04T13:06:02Z", + "updated_at": "2020-07-08T07:20:45Z", + "pushed_at": "2019-09-04T17:39:35Z", + "stargazers_count": 110, + "watchers_count": 110, + "forks_count": 28, + "forks": 28, + "watchers": 110, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11580.json b/2019/CVE-2019-11580.json index 2fde645756..080678d92a 100644 --- a/2019/CVE-2019-11580.json +++ b/2019/CVE-2019-11580.json @@ -1,4 +1,27 @@ [ + { + "id": 197342430, + "name": "CVE-2019-11580", + "full_name": "jas502n\/CVE-2019-11580", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-11580", + "description": "CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE", + "fork": false, + "created_at": "2019-07-17T07:54:38Z", + "updated_at": "2020-05-26T03:05:04Z", + "pushed_at": "2019-07-18T10:03:28Z", + "stargazers_count": 77, + "watchers_count": 77, + "forks_count": 17, + "forks": 17, + "watchers": 77, + "score": 0 + }, { "id": 245476096, "name": "CVE-2019-11580", diff --git a/2019/CVE-2019-11581.json b/2019/CVE-2019-11581.json new file mode 100644 index 0000000000..01823dd6f3 --- /dev/null +++ b/2019/CVE-2019-11581.json @@ -0,0 +1,48 @@ +[ + { + "id": 197105656, + "name": "CVE-2019-11581", + "full_name": "jas502n\/CVE-2019-11581", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-11581", + "description": "Atlassian JIRA Template injection vulnerability RCE", + "fork": false, + "created_at": "2019-07-16T02:27:00Z", + "updated_at": "2020-07-16T07:17:49Z", + "pushed_at": "2019-07-22T06:47:52Z", + "stargazers_count": 66, + "watchers_count": 66, + "forks_count": 23, + "forks": 23, + "watchers": 66, + "score": 0 + }, + { + "id": 198763431, + "name": "CVE-2019-11581", + "full_name": "kobs0N\/CVE-2019-11581", + "owner": { + "login": "kobs0N", + "id": 23138815, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/23138815?v=4", + "html_url": "https:\/\/github.com\/kobs0N" + }, + "html_url": "https:\/\/github.com\/kobs0N\/CVE-2019-11581", + "description": "CVE-2019–11581 PoC", + "fork": false, + "created_at": "2019-07-25T05:29:23Z", + "updated_at": "2020-03-17T18:01:38Z", + "pushed_at": "2019-12-13T13:03:39Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 3, + "forks": 3, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11707.json b/2019/CVE-2019-11707.json index 37b476c026..9fca9caa2b 100644 --- a/2019/CVE-2019-11707.json +++ b/2019/CVE-2019-11707.json @@ -1,4 +1,27 @@ [ + { + "id": 202974494, + "name": "CVE-2019-11707", + "full_name": "vigneshsrao\/CVE-2019-11707", + "owner": { + "login": "vigneshsrao", + "id": 20860267, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/20860267?v=4", + "html_url": "https:\/\/github.com\/vigneshsrao" + }, + "html_url": "https:\/\/github.com\/vigneshsrao\/CVE-2019-11707", + "description": "Exploit code for CVE-2019-11707 on Firefox 66.0.3 running on Ubuntu ", + "fork": false, + "created_at": "2019-08-18T07:41:01Z", + "updated_at": "2020-05-17T11:41:32Z", + "pushed_at": "2019-08-18T07:42:36Z", + "stargazers_count": 43, + "watchers_count": 43, + "forks_count": 9, + "forks": 9, + "watchers": 43, + "score": 0 + }, { "id": 255362000, "name": "cve-2019-11707", diff --git a/2019/CVE-2019-11730.json b/2019/CVE-2019-11730.json new file mode 100644 index 0000000000..32f92f2635 --- /dev/null +++ b/2019/CVE-2019-11730.json @@ -0,0 +1,25 @@ +[ + { + "id": 229617717, + "name": "CVE-2019-11730", + "full_name": "alidnf\/CVE-2019-11730", + "owner": { + "login": "alidnf", + "id": 54067374, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/54067374?v=4", + "html_url": "https:\/\/github.com\/alidnf" + }, + "html_url": "https:\/\/github.com\/alidnf\/CVE-2019-11730", + "description": null, + "fork": false, + "created_at": "2019-12-22T19:14:05Z", + "updated_at": "2020-04-04T01:29:38Z", + "pushed_at": "2019-12-22T19:18:35Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 3, + "forks": 3, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1181.json b/2019/CVE-2019-1181.json new file mode 100644 index 0000000000..a59ca943f7 --- /dev/null +++ b/2019/CVE-2019-1181.json @@ -0,0 +1,25 @@ +[ + { + "id": 202264461, + "name": "cve-2019-1181", + "full_name": "major203\/cve-2019-1181", + "owner": { + "login": "major203", + "id": 7425945, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/7425945?v=4", + "html_url": "https:\/\/github.com\/major203" + }, + "html_url": "https:\/\/github.com\/major203\/cve-2019-1181", + "description": null, + "fork": false, + "created_at": "2019-08-14T03:07:02Z", + "updated_at": "2019-08-14T03:07:02Z", + "pushed_at": "2019-08-14T03:07:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11881.json b/2019/CVE-2019-11881.json new file mode 100644 index 0000000000..a88c1a03e0 --- /dev/null +++ b/2019/CVE-2019-11881.json @@ -0,0 +1,25 @@ +[ + { + "id": 188323560, + "name": "VanCleef", + "full_name": "MauroEldritch\/VanCleef", + "owner": { + "login": "MauroEldritch", + "id": 1292978, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/1292978?v=4", + "html_url": "https:\/\/github.com\/MauroEldritch" + }, + "html_url": "https:\/\/github.com\/MauroEldritch\/VanCleef", + "description": "Exploit for CVE-2019-11881 (Rancher 2.1.4 Web Parameter Tampering)", + "fork": false, + "created_at": "2019-05-24T00:09:21Z", + "updated_at": "2020-03-04T21:42:00Z", + "pushed_at": "2019-06-10T22:10:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11931.json b/2019/CVE-2019-11931.json new file mode 100644 index 0000000000..eabc099275 --- /dev/null +++ b/2019/CVE-2019-11931.json @@ -0,0 +1,48 @@ +[ + { + "id": 222086842, + "name": "whatsapp-rce-patched", + "full_name": "kasif-dekel\/whatsapp-rce-patched", + "owner": { + "login": "kasif-dekel", + "id": 5827021, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/5827021?v=4", + "html_url": "https:\/\/github.com\/kasif-dekel" + }, + "html_url": "https:\/\/github.com\/kasif-dekel\/whatsapp-rce-patched", + "description": "cve-2019-11931", + "fork": false, + "created_at": "2019-11-16T11:06:52Z", + "updated_at": "2020-07-14T09:22:51Z", + "pushed_at": "2019-11-16T11:15:06Z", + "stargazers_count": 30, + "watchers_count": 30, + "forks_count": 13, + "forks": 13, + "watchers": 30, + "score": 0 + }, + { + "id": 223598650, + "name": "CVE-2019-11931", + "full_name": "nop-team\/CVE-2019-11931", + "owner": { + "login": "nop-team", + "id": 58111818, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/58111818?v=4", + "html_url": "https:\/\/github.com\/nop-team" + }, + "html_url": "https:\/\/github.com\/nop-team\/CVE-2019-11931", + "description": null, + "fork": false, + "created_at": "2019-11-23T14:06:13Z", + "updated_at": "2019-11-23T14:06:17Z", + "pushed_at": "2019-11-23T14:06:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11932.json b/2019/CVE-2019-11932.json index 9053444f87..43d5feb74c 100644 --- a/2019/CVE-2019-11932.json +++ b/2019/CVE-2019-11932.json @@ -1,4 +1,234 @@ [ + { + "id": 212541592, + "name": "CVE-2019-11932", + "full_name": "dorkerdevil\/CVE-2019-11932", + "owner": { + "login": "dorkerdevil", + "id": 15796745, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15796745?v=4", + "html_url": "https:\/\/github.com\/dorkerdevil" + }, + "html_url": "https:\/\/github.com\/dorkerdevil\/CVE-2019-11932", + "description": " double-free bug in WhatsApp exploit poc", + "fork": false, + "created_at": "2019-10-03T09:26:24Z", + "updated_at": "2020-07-05T05:03:17Z", + "pushed_at": "2019-10-03T09:43:55Z", + "stargazers_count": 244, + "watchers_count": 244, + "forks_count": 75, + "forks": 75, + "watchers": 244, + "score": 0 + }, + { + "id": 212824676, + "name": "WhatsRCE", + "full_name": "KeepWannabe\/WhatsRCE", + "owner": { + "login": "KeepWannabe", + "id": 31374361, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/31374361?v=4", + "html_url": "https:\/\/github.com\/KeepWannabe" + }, + "html_url": "https:\/\/github.com\/KeepWannabe\/WhatsRCE", + "description": "This is a Automated Generate Payload for CVE-2019-11932 (WhatsApp Remote Code Execution)", + "fork": false, + "created_at": "2019-10-04T13:45:44Z", + "updated_at": "2020-07-07T12:15:29Z", + "pushed_at": "2019-12-13T19:07:53Z", + "stargazers_count": 70, + "watchers_count": 70, + "forks_count": 29, + "forks": 29, + "watchers": 70, + "score": 0 + }, + { + "id": 212837105, + "name": "CVE-2019-11932", + "full_name": "awakened1712\/CVE-2019-11932", + "owner": { + "login": "awakened1712", + "id": 628212, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/628212?v=4", + "html_url": "https:\/\/github.com\/awakened1712" + }, + "html_url": "https:\/\/github.com\/awakened1712\/CVE-2019-11932", + "description": "Simple POC for exploiting WhatsApp double-free bug in DDGifSlurp in decoding.c in libpl_droidsonroids_gif", + "fork": false, + "created_at": "2019-10-04T14:43:57Z", + "updated_at": "2020-07-11T17:44:00Z", + "pushed_at": "2019-11-30T10:28:01Z", + "stargazers_count": 120, + "watchers_count": 120, + "forks_count": 66, + "forks": 66, + "watchers": 120, + "score": 0 + }, + { + "id": 212954402, + "name": "CVE-2019-11932", + "full_name": "TulungagungCyberLink\/CVE-2019-11932", + "owner": { + "login": "TulungagungCyberLink", + "id": 46483873, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/46483873?v=4", + "html_url": "https:\/\/github.com\/TulungagungCyberLink" + }, + "html_url": "https:\/\/github.com\/TulungagungCyberLink\/CVE-2019-11932", + "description": "Double-Free BUG in WhatsApp exploit poc.", + "fork": false, + "created_at": "2019-10-05T06:24:08Z", + "updated_at": "2019-11-03T03:01:39Z", + "pushed_at": "2019-10-08T06:17:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 213187543, + "name": "CVE-2019-11932", + "full_name": "infiniteLoopers\/CVE-2019-11932", + "owner": { + "login": "infiniteLoopers", + "id": 27885817, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/27885817?v=4", + "html_url": "https:\/\/github.com\/infiniteLoopers" + }, + "html_url": "https:\/\/github.com\/infiniteLoopers\/CVE-2019-11932", + "description": null, + "fork": false, + "created_at": "2019-10-06T14:54:35Z", + "updated_at": "2019-10-18T20:41:54Z", + "pushed_at": "2019-10-06T15:34:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 3, + "forks": 3, + "watchers": 3, + "score": 0 + }, + { + "id": 213971107, + "name": "CVE-2019-11932", + "full_name": "alexanderstonec\/CVE-2019-11932", + "owner": { + "login": "alexanderstonec", + "id": 52692998, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/52692998?v=4", + "html_url": "https:\/\/github.com\/alexanderstonec" + }, + "html_url": "https:\/\/github.com\/alexanderstonec\/CVE-2019-11932", + "description": "The exploit works well until WhatsApp version 2.19.230. The vulnerability is official patched in WhatsApp version 2.19.244", + "fork": false, + "created_at": "2019-10-09T16:41:38Z", + "updated_at": "2020-03-19T03:06:30Z", + "pushed_at": "2019-10-09T17:00:02Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 2, + "forks": 2, + "watchers": 6, + "score": 0 + }, + { + "id": 215516489, + "name": "CVE-2019-11932-SupportApp", + "full_name": "valbrux\/CVE-2019-11932-SupportApp", + "owner": { + "login": "valbrux", + "id": 20357515, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20357515?v=4", + "html_url": "https:\/\/github.com\/valbrux" + }, + "html_url": "https:\/\/github.com\/valbrux\/CVE-2019-11932-SupportApp", + "description": "This native code file aims to be complementary to the published Whatsapp GIF RCE exploit by Awakened , by calculating the system() function address and ROP gadget address for different types of devices, which then can be used to successfully exploit the vulnerability. ", + "fork": false, + "created_at": "2019-10-16T10:04:30Z", + "updated_at": "2020-07-16T04:23:00Z", + "pushed_at": "2019-10-16T12:20:53Z", + "stargazers_count": 22, + "watchers_count": 22, + "forks_count": 12, + "forks": 12, + "watchers": 22, + "score": 0 + }, + { + "id": 215635890, + "name": "CVE-2019-11932", + "full_name": "fastmo\/CVE-2019-11932", + "owner": { + "login": "fastmo", + "id": 53575270, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/53575270?v=4", + "html_url": "https:\/\/github.com\/fastmo" + }, + "html_url": "https:\/\/github.com\/fastmo\/CVE-2019-11932", + "description": "Programa para hackear Whatsapp Mediante Gif ,asiendo un exploit con el puerto.", + "fork": false, + "created_at": "2019-10-16T20:13:23Z", + "updated_at": "2020-03-30T02:16:58Z", + "pushed_at": "2019-10-16T20:24:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 3, + "forks": 3, + "watchers": 1, + "score": 0 + }, + { + "id": 217001772, + "name": "CVE-2019-11932-whatsApp-exploit", + "full_name": "mRanonyMousTZ\/CVE-2019-11932-whatsApp-exploit", + "owner": { + "login": "mRanonyMousTZ", + "id": 38766899, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/38766899?v=4", + "html_url": "https:\/\/github.com\/mRanonyMousTZ" + }, + "html_url": "https:\/\/github.com\/mRanonyMousTZ\/CVE-2019-11932-whatsApp-exploit", + "description": "Double-free vulnerability in DDGifSlurp in decoding.c in libpl_droidsonroids_gif can read more https:\/\/awakened1712.github.io\/hacking\/hacking-whatsapp-gif-rce\/", + "fork": false, + "created_at": "2019-10-23T08:02:15Z", + "updated_at": "2020-07-07T12:13:32Z", + "pushed_at": "2019-10-23T08:25:48Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 7, + "forks": 7, + "watchers": 6, + "score": 0 + }, + { + "id": 228222453, + "name": "CVE-2019-11932", + "full_name": "SmoZy92\/CVE-2019-11932", + "owner": { + "login": "SmoZy92", + "id": 58377338, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/58377338?v=4", + "html_url": "https:\/\/github.com\/SmoZy92" + }, + "html_url": "https:\/\/github.com\/SmoZy92\/CVE-2019-11932", + "description": null, + "fork": false, + "created_at": "2019-12-15T17:21:26Z", + "updated_at": "2020-02-12T00:00:14Z", + "pushed_at": "2019-12-15T17:40:15Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 0, + "forks": 0, + "watchers": 5, + "score": 0 + }, { "id": 239654888, "name": "https-github.com-awakened171", diff --git a/2019/CVE-2019-12086.json b/2019/CVE-2019-12086.json index e0c95adcf9..bedf62c4a2 100644 --- a/2019/CVE-2019-12086.json +++ b/2019/CVE-2019-12086.json @@ -1,4 +1,27 @@ [ + { + "id": 188635290, + "name": "CVE-2019-12086-jackson-databind-file-read", + "full_name": "codeplutos\/CVE-2019-12086-jackson-databind-file-read", + "owner": { + "login": "codeplutos", + "id": 59257067, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/59257067?v=4", + "html_url": "https:\/\/github.com\/codeplutos" + }, + "html_url": "https:\/\/github.com\/codeplutos\/CVE-2019-12086-jackson-databind-file-read", + "description": null, + "fork": false, + "created_at": "2019-05-26T03:19:49Z", + "updated_at": "2020-06-27T16:08:29Z", + "pushed_at": "2020-07-01T23:13:17Z", + "stargazers_count": 109, + "watchers_count": 109, + "forks_count": 22, + "forks": 22, + "watchers": 109, + "score": 0 + }, { "id": 266165766, "name": "CVE-2019-12086", diff --git a/2019/CVE-2019-1215.json b/2019/CVE-2019-1215.json new file mode 100644 index 0000000000..eaa4d469a4 --- /dev/null +++ b/2019/CVE-2019-1215.json @@ -0,0 +1,25 @@ +[ + { + "id": 232197518, + "name": "CVE-2019-1215", + "full_name": "bluefrostsecurity\/CVE-2019-1215", + "owner": { + "login": "bluefrostsecurity", + "id": 4976074, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/4976074?v=4", + "html_url": "https:\/\/github.com\/bluefrostsecurity" + }, + "html_url": "https:\/\/github.com\/bluefrostsecurity\/CVE-2019-1215", + "description": null, + "fork": false, + "created_at": "2020-01-06T22:34:16Z", + "updated_at": "2020-07-13T11:39:22Z", + "pushed_at": "2020-01-07T14:29:45Z", + "stargazers_count": 127, + "watchers_count": 127, + "forks_count": 40, + "forks": 40, + "watchers": 127, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12169.json b/2019/CVE-2019-12169.json new file mode 100644 index 0000000000..31532e06c7 --- /dev/null +++ b/2019/CVE-2019-12169.json @@ -0,0 +1,25 @@ +[ + { + "id": 188356491, + "name": "ATutor-2.2.4-Language-Exploit", + "full_name": "fuzzlove\/ATutor-2.2.4-Language-Exploit", + "owner": { + "login": "fuzzlove", + "id": 44779781, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/44779781?v=4", + "html_url": "https:\/\/github.com\/fuzzlove" + }, + "html_url": "https:\/\/github.com\/fuzzlove\/ATutor-2.2.4-Language-Exploit", + "description": "ATutor 2.2.4 Arbitrary File Upload \/ RCE (CVE-2019-12169)", + "fork": false, + "created_at": "2019-05-24T05:15:17Z", + "updated_at": "2019-10-02T06:32:26Z", + "pushed_at": "2019-06-09T21:39:55Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12170.json b/2019/CVE-2019-12170.json new file mode 100644 index 0000000000..f1ad356c75 --- /dev/null +++ b/2019/CVE-2019-12170.json @@ -0,0 +1,25 @@ +[ + { + "id": 186354983, + "name": "ATutor-Instructor-Backup-Arbitrary-File", + "full_name": "fuzzlove\/ATutor-Instructor-Backup-Arbitrary-File", + "owner": { + "login": "fuzzlove", + "id": 44779781, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/44779781?v=4", + "html_url": "https:\/\/github.com\/fuzzlove" + }, + "html_url": "https:\/\/github.com\/fuzzlove\/ATutor-Instructor-Backup-Arbitrary-File", + "description": "ATutor 2.2.4 'Backup' Remote Command Execution (CVE-2019-12170)", + "fork": false, + "created_at": "2019-05-13T06:01:47Z", + "updated_at": "2019-06-03T04:12:28Z", + "pushed_at": "2019-06-03T04:12:26Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12181.json b/2019/CVE-2019-12181.json new file mode 100644 index 0000000000..9203d62984 --- /dev/null +++ b/2019/CVE-2019-12181.json @@ -0,0 +1,25 @@ +[ + { + "id": 191652233, + "name": "CVE-2019-12181", + "full_name": "guywhataguy\/CVE-2019-12181", + "owner": { + "login": "guywhataguy", + "id": 33753158, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/33753158?v=4", + "html_url": "https:\/\/github.com\/guywhataguy" + }, + "html_url": "https:\/\/github.com\/guywhataguy\/CVE-2019-12181", + "description": "LPE Exploit For CVE-2019-12181 (Serv-U FTP 15.1.6)", + "fork": false, + "created_at": "2019-06-12T22:18:45Z", + "updated_at": "2020-05-14T17:28:26Z", + "pushed_at": "2019-10-20T21:36:23Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12185.json b/2019/CVE-2019-12185.json new file mode 100644 index 0000000000..7f8c40edba --- /dev/null +++ b/2019/CVE-2019-12185.json @@ -0,0 +1,25 @@ +[ + { + "id": 187415847, + "name": "eLabFTW-1.8.5-EntityController-Arbitrary-File-Upload-RCE", + "full_name": "fuzzlove\/eLabFTW-1.8.5-EntityController-Arbitrary-File-Upload-RCE", + "owner": { + "login": "fuzzlove", + "id": 44779781, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/44779781?v=4", + "html_url": "https:\/\/github.com\/fuzzlove" + }, + "html_url": "https:\/\/github.com\/fuzzlove\/eLabFTW-1.8.5-EntityController-Arbitrary-File-Upload-RCE", + "description": "eLabFTW 1.8.5 'EntityController' Arbitrary File Upload \/ RCE (CVE-2019-12185)", + "fork": false, + "created_at": "2019-05-18T23:56:52Z", + "updated_at": "2019-11-12T06:27:17Z", + "pushed_at": "2019-05-20T00:29:16Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 1, + "forks": 1, + "watchers": 7, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12189.json b/2019/CVE-2019-12189.json new file mode 100644 index 0000000000..d1277d50a1 --- /dev/null +++ b/2019/CVE-2019-12189.json @@ -0,0 +1,48 @@ +[ + { + "id": 187569819, + "name": "CVE-2019-12189", + "full_name": "falconz\/CVE-2019-12189", + "owner": { + "login": "falconz", + "id": 9218490, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/9218490?v=4", + "html_url": "https:\/\/github.com\/falconz" + }, + "html_url": "https:\/\/github.com\/falconz\/CVE-2019-12189", + "description": null, + "fork": false, + "created_at": "2019-05-20T04:52:38Z", + "updated_at": "2019-05-20T06:03:05Z", + "pushed_at": "2019-05-20T06:03:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + }, + { + "id": 187589027, + "name": "CVE-2019-12189", + "full_name": "tuyenhva\/CVE-2019-12189", + "owner": { + "login": "tuyenhva", + "id": 17802001, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/17802001?v=4", + "html_url": "https:\/\/github.com\/tuyenhva" + }, + "html_url": "https:\/\/github.com\/tuyenhva\/CVE-2019-12189", + "description": "CVE-2019-12189 - Zoho ManageEngine ServiceDesk Plus 9.3 XSS vulnerability", + "fork": false, + "created_at": "2019-05-20T07:23:51Z", + "updated_at": "2019-05-20T07:44:03Z", + "pushed_at": "2019-05-20T07:44:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12190.json b/2019/CVE-2019-12190.json new file mode 100644 index 0000000000..47c6186cc1 --- /dev/null +++ b/2019/CVE-2019-12190.json @@ -0,0 +1,25 @@ +[ + { + "id": 187596474, + "name": "CVE-2019-12190", + "full_name": "tuyenhva\/CVE-2019-12190", + "owner": { + "login": "tuyenhva", + "id": 17802001, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/17802001?v=4", + "html_url": "https:\/\/github.com\/tuyenhva" + }, + "html_url": "https:\/\/github.com\/tuyenhva\/CVE-2019-12190", + "description": "CVE-2019-12190 - CentOS-WebPanel XSS vulnerability", + "fork": false, + "created_at": "2019-05-20T08:09:49Z", + "updated_at": "2019-05-20T08:13:09Z", + "pushed_at": "2019-05-20T08:13:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12252.json b/2019/CVE-2019-12252.json new file mode 100644 index 0000000000..26746b0def --- /dev/null +++ b/2019/CVE-2019-12252.json @@ -0,0 +1,25 @@ +[ + { + "id": 187880000, + "name": "CVE-2019-12252", + "full_name": "tuyenhva\/CVE-2019-12252", + "owner": { + "login": "tuyenhva", + "id": 17802001, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/17802001?v=4", + "html_url": "https:\/\/github.com\/tuyenhva" + }, + "html_url": "https:\/\/github.com\/tuyenhva\/CVE-2019-12252", + "description": "CVE-2019-12252 Zoho ManageEngine ServiceDesk Plus < 10.5 Incorrect Access Control", + "fork": false, + "created_at": "2019-05-21T16:59:23Z", + "updated_at": "2019-05-21T17:01:52Z", + "pushed_at": "2019-05-21T17:01:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12255.json b/2019/CVE-2019-12255.json new file mode 100644 index 0000000000..e6c76c06d3 --- /dev/null +++ b/2019/CVE-2019-12255.json @@ -0,0 +1,25 @@ +[ + { + "id": 221308311, + "name": "Urgent11-Suricata-LUA-scripts", + "full_name": "sud0woodo\/Urgent11-Suricata-LUA-scripts", + "owner": { + "login": "sud0woodo", + "id": 40278342, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/40278342?v=4", + "html_url": "https:\/\/github.com\/sud0woodo" + }, + "html_url": "https:\/\/github.com\/sud0woodo\/Urgent11-Suricata-LUA-scripts", + "description": "Suricata LUA scripts to detect CVE-2019-12255, CVE-2019-12256, CVE-2019-12258, and CVE-2019-12260", + "fork": false, + "created_at": "2019-11-12T20:43:46Z", + "updated_at": "2020-07-04T20:50:43Z", + "pushed_at": "2019-11-28T20:16:35Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 3, + "forks": 3, + "watchers": 12, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12272.json b/2019/CVE-2019-12272.json new file mode 100644 index 0000000000..f43198ee0c --- /dev/null +++ b/2019/CVE-2019-12272.json @@ -0,0 +1,48 @@ +[ + { + "id": 195171033, + "name": "LuCI_RCE_exp", + "full_name": "HACHp1\/LuCI_RCE_exp", + "owner": { + "login": "HACHp1", + "id": 25722416, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/25722416?v=4", + "html_url": "https:\/\/github.com\/HACHp1" + }, + "html_url": "https:\/\/github.com\/HACHp1\/LuCI_RCE_exp", + "description": "Exp of cve-2019-12272", + "fork": false, + "created_at": "2019-07-04T04:54:36Z", + "updated_at": "2020-04-22T15:44:21Z", + "pushed_at": "2019-07-10T04:33:30Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 4, + "forks": 4, + "watchers": 14, + "score": 0 + }, + { + "id": 226418974, + "name": "lede-17.01.3", + "full_name": "roguedream\/lede-17.01.3", + "owner": { + "login": "roguedream", + "id": 15247135, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/15247135?v=4", + "html_url": "https:\/\/github.com\/roguedream" + }, + "html_url": "https:\/\/github.com\/roguedream\/lede-17.01.3", + "description": "Version-contains-cve-2019-12272", + "fork": false, + "created_at": "2019-12-06T22:04:24Z", + "updated_at": "2019-12-06T22:19:00Z", + "pushed_at": "2019-12-06T22:18:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12314.json b/2019/CVE-2019-12314.json new file mode 100644 index 0000000000..0cb3e27561 --- /dev/null +++ b/2019/CVE-2019-12314.json @@ -0,0 +1,25 @@ +[ + { + "id": 219755425, + "name": "CVE-2019-12314", + "full_name": "ras313\/CVE-2019-12314", + "owner": { + "login": "ras313", + "id": 57402076, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/57402076?v=4", + "html_url": "https:\/\/github.com\/ras313" + }, + "html_url": "https:\/\/github.com\/ras313\/CVE-2019-12314", + "description": "Optional Mitigation Steps", + "fork": false, + "created_at": "2019-11-05T13:45:58Z", + "updated_at": "2019-11-05T13:53:04Z", + "pushed_at": "2019-11-05T13:51:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12384.json b/2019/CVE-2019-12384.json index 82bb6ccaaf..7771a6741d 100644 --- a/2019/CVE-2019-12384.json +++ b/2019/CVE-2019-12384.json @@ -1,4 +1,27 @@ [ + { + "id": 198579428, + "name": "CVE-2019-12384", + "full_name": "jas502n\/CVE-2019-12384", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-12384", + "description": "Jackson Rce For CVE-2019-12384 ", + "fork": false, + "created_at": "2019-07-24T07:12:14Z", + "updated_at": "2020-06-04T06:10:41Z", + "pushed_at": "2019-07-24T07:31:42Z", + "stargazers_count": 55, + "watchers_count": 55, + "forks_count": 12, + "forks": 12, + "watchers": 55, + "score": 0 + }, { "id": 198939305, "name": "Jackson_RCE-CVE-2019-12384", diff --git a/2019/CVE-2019-12409.json b/2019/CVE-2019-12409.json new file mode 100644 index 0000000000..eadf39a407 --- /dev/null +++ b/2019/CVE-2019-12409.json @@ -0,0 +1,25 @@ +[ + { + "id": 222651199, + "name": "CVE-2019-12409", + "full_name": "jas502n\/CVE-2019-12409", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-12409", + "description": "Apache Solr RCE (ENABLE_REMOTE_JMX_OPTS=\"true\")", + "fork": false, + "created_at": "2019-11-19T08:53:56Z", + "updated_at": "2020-06-25T05:24:04Z", + "pushed_at": "2019-11-19T09:18:00Z", + "stargazers_count": 90, + "watchers_count": 90, + "forks_count": 31, + "forks": 31, + "watchers": 90, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12453.json b/2019/CVE-2019-12453.json new file mode 100644 index 0000000000..a9149c4ddc --- /dev/null +++ b/2019/CVE-2019-12453.json @@ -0,0 +1,25 @@ +[ + { + "id": 197012907, + "name": "CVE-2019-12453", + "full_name": "undefinedmode\/CVE-2019-12453", + "owner": { + "login": "undefinedmode", + "id": 4165481, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4165481?v=4", + "html_url": "https:\/\/github.com\/undefinedmode" + }, + "html_url": "https:\/\/github.com\/undefinedmode\/CVE-2019-12453", + "description": "Authenticated XSS in Microstrategy Web - Versions prior to 10.1 patch 10", + "fork": false, + "created_at": "2019-07-15T14:17:10Z", + "updated_at": "2019-07-15T14:44:49Z", + "pushed_at": "2019-07-15T14:44:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12460.json b/2019/CVE-2019-12460.json new file mode 100644 index 0000000000..6641dc7b70 --- /dev/null +++ b/2019/CVE-2019-12460.json @@ -0,0 +1,25 @@ +[ + { + "id": 188212424, + "name": "WebPort-v1.19.1-Reflected-XSS", + "full_name": "EmreOvunc\/WebPort-v1.19.1-Reflected-XSS", + "owner": { + "login": "EmreOvunc", + "id": 15659223, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15659223?v=4", + "html_url": "https:\/\/github.com\/EmreOvunc" + }, + "html_url": "https:\/\/github.com\/EmreOvunc\/WebPort-v1.19.1-Reflected-XSS", + "description": "CVE-2019-12460|Reflected XSS in WebPort-v1.19.1 impacts users who open a maliciously crafted link or third-party web page.", + "fork": false, + "created_at": "2019-05-23T10:27:49Z", + "updated_at": "2020-05-16T12:47:54Z", + "pushed_at": "2019-05-30T16:21:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12475.json b/2019/CVE-2019-12475.json new file mode 100644 index 0000000000..fe32271de5 --- /dev/null +++ b/2019/CVE-2019-12475.json @@ -0,0 +1,25 @@ +[ + { + "id": 197017455, + "name": "CVE-2019-12475", + "full_name": "undefinedmode\/CVE-2019-12475", + "owner": { + "login": "undefinedmode", + "id": 4165481, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4165481?v=4", + "html_url": "https:\/\/github.com\/undefinedmode" + }, + "html_url": "https:\/\/github.com\/undefinedmode\/CVE-2019-12475", + "description": "Stored XSS in MicroStrategy Web prior to 10.4.6", + "fork": false, + "created_at": "2019-07-15T14:42:53Z", + "updated_at": "2019-07-15T14:47:02Z", + "pushed_at": "2019-07-15T14:47:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1253.json b/2019/CVE-2019-1253.json new file mode 100644 index 0000000000..87566a14db --- /dev/null +++ b/2019/CVE-2019-1253.json @@ -0,0 +1,94 @@ +[ + { + "id": 180551311, + "name": "CVE-2019-1253", + "full_name": "rogue-kdc\/CVE-2019-1253", + "owner": { + "login": "rogue-kdc", + "id": 49311295, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/49311295?v=4", + "html_url": "https:\/\/github.com\/rogue-kdc" + }, + "html_url": "https:\/\/github.com\/rogue-kdc\/CVE-2019-1253", + "description": null, + "fork": false, + "created_at": "2019-04-10T09:44:38Z", + "updated_at": "2020-07-09T02:24:48Z", + "pushed_at": "2019-09-11T08:46:24Z", + "stargazers_count": 47, + "watchers_count": 47, + "forks_count": 17, + "forks": 17, + "watchers": 47, + "score": 0 + }, + { + "id": 207780184, + "name": "CVE-2019-1253", + "full_name": "denmilu\/CVE-2019-1253", + "owner": { + "login": "denmilu", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/denmilu" + }, + "html_url": "https:\/\/github.com\/denmilu\/CVE-2019-1253", + "description": null, + "fork": false, + "created_at": "2019-09-11T09:59:22Z", + "updated_at": "2019-09-11T09:59:44Z", + "pushed_at": "2019-09-11T09:59:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 207902814, + "name": "CVE-2019-1253", + "full_name": "padovah4ck\/CVE-2019-1253", + "owner": { + "login": "padovah4ck", + "id": 13963076, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/13963076?v=4", + "html_url": "https:\/\/github.com\/padovah4ck" + }, + "html_url": "https:\/\/github.com\/padovah4ck\/CVE-2019-1253", + "description": "Poc for CVE-2019-1253", + "fork": false, + "created_at": "2019-09-11T20:40:15Z", + "updated_at": "2020-06-10T14:04:05Z", + "pushed_at": "2019-09-12T14:43:47Z", + "stargazers_count": 133, + "watchers_count": 133, + "forks_count": 39, + "forks": 39, + "watchers": 133, + "score": 0 + }, + { + "id": 207924388, + "name": "CVE-2019-1253", + "full_name": "sgabe\/CVE-2019-1253", + "owner": { + "login": "sgabe", + "id": 5206619, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/5206619?v=4", + "html_url": "https:\/\/github.com\/sgabe" + }, + "html_url": "https:\/\/github.com\/sgabe\/CVE-2019-1253", + "description": "AppXSvc Arbitrary File Security Descriptor Overwrite EoP", + "fork": false, + "created_at": "2019-09-11T23:28:59Z", + "updated_at": "2020-04-14T21:19:18Z", + "pushed_at": "2019-09-15T17:09:51Z", + "stargazers_count": 16, + "watchers_count": 16, + "forks_count": 4, + "forks": 4, + "watchers": 16, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12538.json b/2019/CVE-2019-12538.json new file mode 100644 index 0000000000..9774720b4b --- /dev/null +++ b/2019/CVE-2019-12538.json @@ -0,0 +1,25 @@ +[ + { + "id": 190171110, + "name": "CVE-2019-12538", + "full_name": "tarantula-team\/CVE-2019-12538", + "owner": { + "login": "tarantula-team", + "id": 51333391, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/51333391?v=4", + "html_url": "https:\/\/github.com\/tarantula-team" + }, + "html_url": "https:\/\/github.com\/tarantula-team\/CVE-2019-12538", + "description": null, + "fork": false, + "created_at": "2019-06-04T09:32:10Z", + "updated_at": "2019-11-19T08:18:53Z", + "pushed_at": "2019-11-19T08:18:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12541.json b/2019/CVE-2019-12541.json new file mode 100644 index 0000000000..6a4a379c59 --- /dev/null +++ b/2019/CVE-2019-12541.json @@ -0,0 +1,25 @@ +[ + { + "id": 190172498, + "name": "CVE-2019-12541", + "full_name": "tarantula-team\/CVE-2019-12541", + "owner": { + "login": "tarantula-team", + "id": 51333391, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/51333391?v=4", + "html_url": "https:\/\/github.com\/tarantula-team" + }, + "html_url": "https:\/\/github.com\/tarantula-team\/CVE-2019-12541", + "description": null, + "fork": false, + "created_at": "2019-06-04T09:40:20Z", + "updated_at": "2019-11-19T08:17:08Z", + "pushed_at": "2019-11-19T08:17:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12542.json b/2019/CVE-2019-12542.json new file mode 100644 index 0000000000..ab076c1cda --- /dev/null +++ b/2019/CVE-2019-12542.json @@ -0,0 +1,25 @@ +[ + { + "id": 190173583, + "name": "CVE-2019-12542", + "full_name": "tarantula-team\/CVE-2019-12542", + "owner": { + "login": "tarantula-team", + "id": 51333391, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/51333391?v=4", + "html_url": "https:\/\/github.com\/tarantula-team" + }, + "html_url": "https:\/\/github.com\/tarantula-team\/CVE-2019-12542", + "description": null, + "fork": false, + "created_at": "2019-06-04T09:46:51Z", + "updated_at": "2019-11-19T08:17:50Z", + "pushed_at": "2019-11-19T08:17:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12543.json b/2019/CVE-2019-12543.json new file mode 100644 index 0000000000..f161470643 --- /dev/null +++ b/2019/CVE-2019-12543.json @@ -0,0 +1,25 @@ +[ + { + "id": 190174353, + "name": "CVE-2019-12543", + "full_name": "tarantula-team\/CVE-2019-12543", + "owner": { + "login": "tarantula-team", + "id": 51333391, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/51333391?v=4", + "html_url": "https:\/\/github.com\/tarantula-team" + }, + "html_url": "https:\/\/github.com\/tarantula-team\/CVE-2019-12543", + "description": null, + "fork": false, + "created_at": "2019-06-04T09:51:42Z", + "updated_at": "2019-11-19T08:18:20Z", + "pushed_at": "2019-11-19T08:18:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12562.json b/2019/CVE-2019-12562.json new file mode 100644 index 0000000000..152b44c1bf --- /dev/null +++ b/2019/CVE-2019-12562.json @@ -0,0 +1,25 @@ +[ + { + "id": 212626761, + "name": "CVE-2019-12562", + "full_name": "MAYASEVEN\/CVE-2019-12562", + "owner": { + "login": "MAYASEVEN", + "id": 1219852, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/1219852?v=4", + "html_url": "https:\/\/github.com\/MAYASEVEN" + }, + "html_url": "https:\/\/github.com\/MAYASEVEN\/CVE-2019-12562", + "description": "Stored Cross-Site Scripting in DotNetNuke (DNN) Version before 9.4.0 | XSS to RCE", + "fork": false, + "created_at": "2019-10-03T16:29:58Z", + "updated_at": "2020-07-12T12:12:02Z", + "pushed_at": "2019-10-03T17:28:50Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 3, + "forks": 3, + "watchers": 7, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12586.json b/2019/CVE-2019-12586.json new file mode 100644 index 0000000000..2c05ca2bef --- /dev/null +++ b/2019/CVE-2019-12586.json @@ -0,0 +1,25 @@ +[ + { + "id": 206106300, + "name": "esp32_esp8266_attacks", + "full_name": "Matheus-Garbelini\/esp32_esp8266_attacks", + "owner": { + "login": "Matheus-Garbelini", + "id": 6465668, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/6465668?v=4", + "html_url": "https:\/\/github.com\/Matheus-Garbelini" + }, + "html_url": "https:\/\/github.com\/Matheus-Garbelini\/esp32_esp8266_attacks", + "description": "Proof of Concept of ESP32\/8266 Wi-Fi vulnerabilties (CVE-2019-12586, CVE-2019-12587, CVE-2019-12588)", + "fork": false, + "created_at": "2019-09-03T15:08:49Z", + "updated_at": "2020-07-12T08:01:51Z", + "pushed_at": "2019-09-08T06:09:11Z", + "stargazers_count": 666, + "watchers_count": 666, + "forks_count": 57, + "forks": 57, + "watchers": 666, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12594.json b/2019/CVE-2019-12594.json new file mode 100644 index 0000000000..12db5736b2 --- /dev/null +++ b/2019/CVE-2019-12594.json @@ -0,0 +1,25 @@ +[ + { + "id": 194123487, + "name": "CVE-2019-12594", + "full_name": "Alexandre-Bartel\/CVE-2019-12594", + "owner": { + "login": "Alexandre-Bartel", + "id": 655248, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/655248?v=4", + "html_url": "https:\/\/github.com\/Alexandre-Bartel" + }, + "html_url": "https:\/\/github.com\/Alexandre-Bartel\/CVE-2019-12594", + "description": null, + "fork": false, + "created_at": "2019-06-27T15:49:16Z", + "updated_at": "2019-07-04T14:08:18Z", + "pushed_at": "2019-07-01T17:36:42Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 2, + "forks": 2, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12735.json b/2019/CVE-2019-12735.json new file mode 100644 index 0000000000..28e134683a --- /dev/null +++ b/2019/CVE-2019-12735.json @@ -0,0 +1,48 @@ +[ + { + "id": 190523226, + "name": "ace-vim-neovim", + "full_name": "pcy190\/ace-vim-neovim", + "owner": { + "login": "pcy190", + "id": 40729789, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/40729789?v=4", + "html_url": "https:\/\/github.com\/pcy190" + }, + "html_url": "https:\/\/github.com\/pcy190\/ace-vim-neovim", + "description": "Vim\/Neovim Arbitrary Code Execution via Modelines (CVE-2019-12735)", + "fork": false, + "created_at": "2019-06-06T06:00:06Z", + "updated_at": "2020-03-30T01:39:50Z", + "pushed_at": "2019-06-06T06:09:56Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 7, + "forks": 7, + "watchers": 6, + "score": 0 + }, + { + "id": 192580764, + "name": "CVE-2019-12735-VIM-NEOVIM", + "full_name": "oldthree3\/CVE-2019-12735-VIM-NEOVIM", + "owner": { + "login": "oldthree3", + "id": 51964995, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/51964995?v=4", + "html_url": "https:\/\/github.com\/oldthree3" + }, + "html_url": "https:\/\/github.com\/oldthree3\/CVE-2019-12735-VIM-NEOVIM", + "description": null, + "fork": false, + "created_at": "2019-06-18T16:59:39Z", + "updated_at": "2019-06-19T07:30:04Z", + "pushed_at": "2019-06-19T07:30:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12750.json b/2019/CVE-2019-12750.json new file mode 100644 index 0000000000..2e6c1072c2 --- /dev/null +++ b/2019/CVE-2019-12750.json @@ -0,0 +1,25 @@ +[ + { + "id": 229357043, + "name": "cve-2019-12750", + "full_name": "v-p-b\/cve-2019-12750", + "owner": { + "login": "v-p-b", + "id": 540246, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/540246?v=4", + "html_url": "https:\/\/github.com\/v-p-b" + }, + "html_url": "https:\/\/github.com\/v-p-b\/cve-2019-12750", + "description": "sploit", + "fork": false, + "created_at": "2019-12-21T00:44:25Z", + "updated_at": "2020-07-04T09:58:21Z", + "pushed_at": "2019-12-21T00:56:27Z", + "stargazers_count": 65, + "watchers_count": 65, + "forks_count": 14, + "forks": 14, + "watchers": 65, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12796.json b/2019/CVE-2019-12796.json new file mode 100644 index 0000000000..bc7e1c102c --- /dev/null +++ b/2019/CVE-2019-12796.json @@ -0,0 +1,25 @@ +[ + { + "id": 192375622, + "name": "CVE-2019-12796", + "full_name": "PeterUpfold\/CVE-2019-12796", + "owner": { + "login": "PeterUpfold", + "id": 1255375, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/1255375?v=4", + "html_url": "https:\/\/github.com\/PeterUpfold" + }, + "html_url": "https:\/\/github.com\/PeterUpfold\/CVE-2019-12796", + "description": "This repository will contain information regarding CVE-2019-12796 once it is made public.", + "fork": false, + "created_at": "2019-06-17T15:47:12Z", + "updated_at": "2019-06-17T17:02:01Z", + "pushed_at": "2019-06-17T15:49:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12815.json b/2019/CVE-2019-12815.json new file mode 100644 index 0000000000..03e6fa8de9 --- /dev/null +++ b/2019/CVE-2019-12815.json @@ -0,0 +1,25 @@ +[ + { + "id": 199214840, + "name": "CVE-2019-12815", + "full_name": "KTN1990\/CVE-2019-12815", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2019-12815", + "description": "ProFTPd mod_copy - arbitrary file copy without authentication", + "fork": false, + "created_at": "2019-07-27T21:26:06Z", + "updated_at": "2019-09-27T04:28:05Z", + "pushed_at": "2019-09-24T02:06:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 4, + "forks": 4, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12840.json b/2019/CVE-2019-12840.json new file mode 100644 index 0000000000..e052a23cca --- /dev/null +++ b/2019/CVE-2019-12840.json @@ -0,0 +1,48 @@ +[ + { + "id": 219832922, + "name": "CVE-2019-12840_POC", + "full_name": "bkaraceylan\/CVE-2019-12840_POC", + "owner": { + "login": "bkaraceylan", + "id": 22098635, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/22098635?v=4", + "html_url": "https:\/\/github.com\/bkaraceylan" + }, + "html_url": "https:\/\/github.com\/bkaraceylan\/CVE-2019-12840_POC", + "description": "PoC for Webmin Package Update Authenticated Remote Command Execution", + "fork": false, + "created_at": "2019-11-05T19:22:45Z", + "updated_at": "2020-07-09T08:26:39Z", + "pushed_at": "2019-11-05T19:27:31Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 0, + "forks": 0, + "watchers": 4, + "score": 0 + }, + { + "id": 220680650, + "name": "webmin_cve-2019-12840_poc", + "full_name": "KrE80r\/webmin_cve-2019-12840_poc", + "owner": { + "login": "KrE80r", + "id": 13027962, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/13027962?v=4", + "html_url": "https:\/\/github.com\/KrE80r" + }, + "html_url": "https:\/\/github.com\/KrE80r\/webmin_cve-2019-12840_poc", + "description": "A standalone POC for CVE-2019-12840", + "fork": false, + "created_at": "2019-11-09T17:48:39Z", + "updated_at": "2020-05-18T15:37:25Z", + "pushed_at": "2019-11-10T13:26:41Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12889.json b/2019/CVE-2019-12889.json new file mode 100644 index 0000000000..317ff1adc6 --- /dev/null +++ b/2019/CVE-2019-12889.json @@ -0,0 +1,25 @@ +[ + { + "id": 196251116, + "name": "CVE-2019-12889", + "full_name": "nulsect0r\/CVE-2019-12889", + "owner": { + "login": "nulsect0r", + "id": 52004761, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/52004761?v=4", + "html_url": "https:\/\/github.com\/nulsect0r" + }, + "html_url": "https:\/\/github.com\/nulsect0r\/CVE-2019-12889", + "description": null, + "fork": false, + "created_at": "2019-07-10T17:49:51Z", + "updated_at": "2019-08-12T15:14:04Z", + "pushed_at": "2019-08-12T15:14:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12890.json b/2019/CVE-2019-12890.json new file mode 100644 index 0000000000..f16e8cf5e1 --- /dev/null +++ b/2019/CVE-2019-12890.json @@ -0,0 +1,25 @@ +[ + { + "id": 221921802, + "name": "CVE-2019-12890", + "full_name": "EthicalHackingCOP\/CVE-2019-12890", + "owner": { + "login": "EthicalHackingCOP", + "id": 33833733, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/33833733?v=4", + "html_url": "https:\/\/github.com\/EthicalHackingCOP" + }, + "html_url": "https:\/\/github.com\/EthicalHackingCOP\/CVE-2019-12890", + "description": "Use RedxploitHQ to create a new Admin user into redwoodhq and get all the functions on the framework", + "fork": false, + "created_at": "2019-11-15T12:41:19Z", + "updated_at": "2019-11-15T13:02:49Z", + "pushed_at": "2019-11-15T13:02:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12949.json b/2019/CVE-2019-12949.json new file mode 100644 index 0000000000..1e07019769 --- /dev/null +++ b/2019/CVE-2019-12949.json @@ -0,0 +1,25 @@ +[ + { + "id": 193627360, + "name": "CVE-2019-12949", + "full_name": "tarantula-team\/CVE-2019-12949", + "owner": { + "login": "tarantula-team", + "id": 51333391, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/51333391?v=4", + "html_url": "https:\/\/github.com\/tarantula-team" + }, + "html_url": "https:\/\/github.com\/tarantula-team\/CVE-2019-12949", + "description": "CVE-2019-12949 ", + "fork": false, + "created_at": "2019-06-25T03:22:23Z", + "updated_at": "2020-05-04T07:57:28Z", + "pushed_at": "2019-06-28T04:19:38Z", + "stargazers_count": 27, + "watchers_count": 27, + "forks_count": 9, + "forks": 9, + "watchers": 27, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12999.json b/2019/CVE-2019-12999.json new file mode 100644 index 0000000000..10851cd944 --- /dev/null +++ b/2019/CVE-2019-12999.json @@ -0,0 +1,25 @@ +[ + { + "id": 211231317, + "name": "chanleakcheck", + "full_name": "lightninglabs\/chanleakcheck", + "owner": { + "login": "lightninglabs", + "id": 24724349, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/24724349?v=4", + "html_url": "https:\/\/github.com\/lightninglabs" + }, + "html_url": "https:\/\/github.com\/lightninglabs\/chanleakcheck", + "description": "A tool to check if your lnd node was targeted by CVE-2019-12999", + "fork": false, + "created_at": "2019-09-27T03:47:09Z", + "updated_at": "2020-01-16T10:24:17Z", + "pushed_at": "2019-09-27T21:08:41Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 1, + "forks": 1, + "watchers": 7, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13000.json b/2019/CVE-2019-13000.json new file mode 100644 index 0000000000..c3b33d60a8 --- /dev/null +++ b/2019/CVE-2019-13000.json @@ -0,0 +1,25 @@ +[ + { + "id": 211268436, + "name": "detection-tool-cve-2019-13000", + "full_name": "ACINQ\/detection-tool-cve-2019-13000", + "owner": { + "login": "ACINQ", + "id": 7670721, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7670721?v=4", + "html_url": "https:\/\/github.com\/ACINQ" + }, + "html_url": "https:\/\/github.com\/ACINQ\/detection-tool-cve-2019-13000", + "description": "A tool that detect if your node has been victim of the invalid funding tx attack.", + "fork": false, + "created_at": "2019-09-27T08:07:07Z", + "updated_at": "2019-09-27T15:02:33Z", + "pushed_at": "2019-09-27T13:44:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13024.json b/2019/CVE-2019-13024.json new file mode 100644 index 0000000000..6461dd012e --- /dev/null +++ b/2019/CVE-2019-13024.json @@ -0,0 +1,48 @@ +[ + { + "id": 204202778, + "name": "CVE-2019-13024", + "full_name": "mhaskar\/CVE-2019-13024", + "owner": { + "login": "mhaskar", + "id": 6861215, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/6861215?v=4", + "html_url": "https:\/\/github.com\/mhaskar" + }, + "html_url": "https:\/\/github.com\/mhaskar\/CVE-2019-13024", + "description": "The official exploit code for Centreon v19.04 Remote Code Execution CVE-2019-13024", + "fork": false, + "created_at": "2019-08-24T19:26:19Z", + "updated_at": "2020-05-08T13:25:40Z", + "pushed_at": "2019-08-24T19:27:24Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 5, + "forks": 5, + "watchers": 10, + "score": 0 + }, + { + "id": 220509225, + "name": "Centreon-RCE", + "full_name": "get-get-get-get\/Centreon-RCE", + "owner": { + "login": "get-get-get-get", + "id": 51015518, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/51015518?v=4", + "html_url": "https:\/\/github.com\/get-get-get-get" + }, + "html_url": "https:\/\/github.com\/get-get-get-get\/Centreon-RCE", + "description": "Centreon v.19.04 Remote Code Execution exploit (CVE-2019-13024)", + "fork": false, + "created_at": "2019-11-08T16:46:13Z", + "updated_at": "2019-11-25T03:44:16Z", + "pushed_at": "2019-11-08T17:39:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13025.json b/2019/CVE-2019-13025.json new file mode 100644 index 0000000000..83a9c97e88 --- /dev/null +++ b/2019/CVE-2019-13025.json @@ -0,0 +1,25 @@ +[ + { + "id": 212197607, + "name": "CVE-2019-13025", + "full_name": "x1tan\/CVE-2019-13025", + "owner": { + "login": "x1tan", + "id": 5700584, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5700584?v=4", + "html_url": "https:\/\/github.com\/x1tan" + }, + "html_url": "https:\/\/github.com\/x1tan\/CVE-2019-13025", + "description": "Connect Box CH7465LG (CVE-2019-13025)", + "fork": false, + "created_at": "2019-10-01T20:53:47Z", + "updated_at": "2019-12-09T07:44:24Z", + "pushed_at": "2019-10-04T18:40:51Z", + "stargazers_count": 28, + "watchers_count": 28, + "forks_count": 6, + "forks": 6, + "watchers": 28, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13027.json b/2019/CVE-2019-13027.json new file mode 100644 index 0000000000..0ae462e7fd --- /dev/null +++ b/2019/CVE-2019-13027.json @@ -0,0 +1,25 @@ +[ + { + "id": 195768661, + "name": "CVE-2019-13027", + "full_name": "IckoGZ\/CVE-2019-13027", + "owner": { + "login": "IckoGZ", + "id": 52542268, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/52542268?v=4", + "html_url": "https:\/\/github.com\/IckoGZ" + }, + "html_url": "https:\/\/github.com\/IckoGZ\/CVE-2019-13027", + "description": "Details for disclosing CVE-2019-13027", + "fork": false, + "created_at": "2019-07-08T08:25:07Z", + "updated_at": "2019-07-11T08:33:11Z", + "pushed_at": "2019-07-11T08:33:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13051.json b/2019/CVE-2019-13051.json new file mode 100644 index 0000000000..6123f5c693 --- /dev/null +++ b/2019/CVE-2019-13051.json @@ -0,0 +1,25 @@ +[ + { + "id": 216841467, + "name": "CVE-2019-13051", + "full_name": "pr0tean\/CVE-2019-13051", + "owner": { + "login": "pr0tean", + "id": 52039659, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/52039659?v=4", + "html_url": "https:\/\/github.com\/pr0tean" + }, + "html_url": "https:\/\/github.com\/pr0tean\/CVE-2019-13051", + "description": null, + "fork": false, + "created_at": "2019-10-22T15:00:48Z", + "updated_at": "2019-11-29T03:08:07Z", + "pushed_at": "2019-10-22T15:03:34Z", + "stargazers_count": 17, + "watchers_count": 17, + "forks_count": 4, + "forks": 4, + "watchers": 17, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13063.json b/2019/CVE-2019-13063.json new file mode 100644 index 0000000000..46b4665d54 --- /dev/null +++ b/2019/CVE-2019-13063.json @@ -0,0 +1,25 @@ +[ + { + "id": 196970646, + "name": "CVE-2019-13063-POC", + "full_name": "0x6b7966\/CVE-2019-13063-POC", + "owner": { + "login": "0x6b7966", + "id": 22814832, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/22814832?v=4", + "html_url": "https:\/\/github.com\/0x6b7966" + }, + "html_url": "https:\/\/github.com\/0x6b7966\/CVE-2019-13063-POC", + "description": "Proof of concept tool to exploit the directory traversal and local file inclusion vulnerability that resides in the Sahi-pro web application CVE-2019-13063", + "fork": false, + "created_at": "2019-07-15T09:45:36Z", + "updated_at": "2019-08-18T02:47:49Z", + "pushed_at": "2019-07-01T19:16:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13101.json b/2019/CVE-2019-13101.json new file mode 100644 index 0000000000..2e796677dc --- /dev/null +++ b/2019/CVE-2019-13101.json @@ -0,0 +1,25 @@ +[ + { + "id": 202451022, + "name": "dlkploit600", + "full_name": "halencarjunior\/dlkploit600", + "owner": { + "login": "halencarjunior", + "id": 403088, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/403088?v=4", + "html_url": "https:\/\/github.com\/halencarjunior" + }, + "html_url": "https:\/\/github.com\/halencarjunior\/dlkploit600", + "description": "Simple Python script for D-Link vulnerability scan and test [CVE-2019-13101]", + "fork": false, + "created_at": "2019-08-15T01:20:45Z", + "updated_at": "2019-08-15T15:17:18Z", + "pushed_at": "2019-08-15T15:17:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13115.json b/2019/CVE-2019-13115.json new file mode 100644 index 0000000000..13672cd362 --- /dev/null +++ b/2019/CVE-2019-13115.json @@ -0,0 +1,25 @@ +[ + { + "id": 212644372, + "name": "libssh2-Exploit", + "full_name": "CSSProject\/libssh2-Exploit", + "owner": { + "login": "CSSProject", + "id": 56131742, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/56131742?v=4", + "html_url": "https:\/\/github.com\/CSSProject" + }, + "html_url": "https:\/\/github.com\/CSSProject\/libssh2-Exploit", + "description": "Create an exploit to libssh2 vulnerabulity described in CVE-2019-13115", + "fork": false, + "created_at": "2019-10-03T17:58:03Z", + "updated_at": "2019-10-03T17:59:45Z", + "pushed_at": "2019-10-03T17:59:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13143.json b/2019/CVE-2019-13143.json new file mode 100644 index 0000000000..e7a6037a04 --- /dev/null +++ b/2019/CVE-2019-13143.json @@ -0,0 +1,25 @@ +[ + { + "id": 200684724, + "name": "pwnfb50", + "full_name": "securelayer7\/pwnfb50", + "owner": { + "login": "securelayer7", + "id": 14994455, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/14994455?v=4", + "html_url": "https:\/\/github.com\/securelayer7" + }, + "html_url": "https:\/\/github.com\/securelayer7\/pwnfb50", + "description": ":unlock: transfer ownership of any FB50 smart lock to yourself (CVE-2019-13143)", + "fork": false, + "created_at": "2019-08-05T15:45:02Z", + "updated_at": "2020-01-22T09:47:57Z", + "pushed_at": "2019-08-07T13:06:15Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 4, + "forks": 4, + "watchers": 13, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1315.json b/2019/CVE-2019-1315.json new file mode 100644 index 0000000000..f4a1dc684c --- /dev/null +++ b/2019/CVE-2019-1315.json @@ -0,0 +1,25 @@ +[ + { + "id": 218240051, + "name": "CVE-2019-1315", + "full_name": "Mayter\/CVE-2019-1315", + "owner": { + "login": "Mayter", + "id": 6148807, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/6148807?v=4", + "html_url": "https:\/\/github.com\/Mayter" + }, + "html_url": "https:\/\/github.com\/Mayter\/CVE-2019-1315", + "description": null, + "fork": false, + "created_at": "2019-10-29T08:36:25Z", + "updated_at": "2020-04-10T07:24:49Z", + "pushed_at": "2019-10-29T08:46:08Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 1, + "forks": 1, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13272.json b/2019/CVE-2019-13272.json index 3328a0fee2..7a400f8641 100644 --- a/2019/CVE-2019-13272.json +++ b/2019/CVE-2019-13272.json @@ -1,4 +1,119 @@ [ + { + "id": 199781061, + "name": "CVE-2019-13272", + "full_name": "jas502n\/CVE-2019-13272", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-13272", + "description": "Linux 4.10 < 5.1.17 PTRACE_TRACEME local root", + "fork": false, + "created_at": "2019-07-31T04:51:43Z", + "updated_at": "2020-07-18T18:12:15Z", + "pushed_at": "2019-08-01T16:02:59Z", + "stargazers_count": 233, + "watchers_count": 233, + "forks_count": 87, + "forks": 87, + "watchers": 233, + "score": 0 + }, + { + "id": 199794841, + "name": "CVE-2019-13272", + "full_name": "Cyc1eC\/CVE-2019-13272", + "owner": { + "login": "Cyc1eC", + "id": 26767829, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26767829?v=4", + "html_url": "https:\/\/github.com\/Cyc1eC" + }, + "html_url": "https:\/\/github.com\/Cyc1eC\/CVE-2019-13272", + "description": "The exploit for CVE-2019-13272", + "fork": false, + "created_at": "2019-07-31T06:36:21Z", + "updated_at": "2019-12-17T14:57:32Z", + "pushed_at": "2019-07-31T07:05:04Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 7, + "forks": 7, + "watchers": 3, + "score": 0 + }, + { + "id": 200459882, + "name": "cve-2019-13272", + "full_name": "bigbigliang-malwarebenchmark\/cve-2019-13272", + "owner": { + "login": "bigbigliang-malwarebenchmark", + "id": 45776349, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/45776349?v=4", + "html_url": "https:\/\/github.com\/bigbigliang-malwarebenchmark" + }, + "html_url": "https:\/\/github.com\/bigbigliang-malwarebenchmark\/cve-2019-13272", + "description": "提权漏洞", + "fork": false, + "created_at": "2019-08-04T06:51:36Z", + "updated_at": "2019-09-12T15:32:19Z", + "pushed_at": "2019-08-04T07:06:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 200948343, + "name": "CVE-2019-13272", + "full_name": "oneoy\/CVE-2019-13272", + "owner": { + "login": "oneoy", + "id": 38435398, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/38435398?v=4", + "html_url": "https:\/\/github.com\/oneoy" + }, + "html_url": "https:\/\/github.com\/oneoy\/CVE-2019-13272", + "description": "linux 提权", + "fork": false, + "created_at": "2019-08-07T01:21:26Z", + "updated_at": "2020-03-25T06:34:45Z", + "pushed_at": "2019-08-07T01:21:38Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 4, + "forks": 4, + "watchers": 3, + "score": 0 + }, + { + "id": 209440455, + "name": "CVE-2019-13272", + "full_name": "Huandtx\/CVE-2019-13272", + "owner": { + "login": "Huandtx", + "id": 44591522, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/44591522?v=4", + "html_url": "https:\/\/github.com\/Huandtx" + }, + "html_url": "https:\/\/github.com\/Huandtx\/CVE-2019-13272", + "description": "5.1.17之前的Linux内核中普通用户执行文件提权为root用户", + "fork": false, + "created_at": "2019-09-19T01:58:35Z", + "updated_at": "2019-09-26T00:58:12Z", + "pushed_at": "2019-09-19T02:09:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, { "id": 245129315, "name": "CVE-2019-13272", diff --git a/2019/CVE-2019-13361.json b/2019/CVE-2019-13361.json new file mode 100644 index 0000000000..6db84c7c1d --- /dev/null +++ b/2019/CVE-2019-13361.json @@ -0,0 +1,25 @@ +[ + { + "id": 201811193, + "name": "CVE-2019-13361", + "full_name": "lodi-g\/CVE-2019-13361", + "owner": { + "login": "lodi-g", + "id": 4528943, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4528943?v=4", + "html_url": "https:\/\/github.com\/lodi-g" + }, + "html_url": "https:\/\/github.com\/lodi-g\/CVE-2019-13361", + "description": "Smanos W100 1.0.0 devices have Insecure Permissions, exploitable by an attacker on the same Wi-Fi network.", + "fork": false, + "created_at": "2019-08-11T20:21:07Z", + "updated_at": "2019-08-11T20:36:22Z", + "pushed_at": "2019-08-11T20:35:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13403.json b/2019/CVE-2019-13403.json new file mode 100644 index 0000000000..8de9baef85 --- /dev/null +++ b/2019/CVE-2019-13403.json @@ -0,0 +1,25 @@ +[ + { + "id": 196799368, + "name": "CVE-2019-13403", + "full_name": "B3Bo1d\/CVE-2019-13403", + "owner": { + "login": "B3Bo1d", + "id": 19810607, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/19810607?v=4", + "html_url": "https:\/\/github.com\/B3Bo1d" + }, + "html_url": "https:\/\/github.com\/B3Bo1d\/CVE-2019-13403", + "description": "CVE-2019-13403", + "fork": false, + "created_at": "2019-07-14T05:52:01Z", + "updated_at": "2019-07-14T06:10:02Z", + "pushed_at": "2019-07-14T06:10:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13404.json b/2019/CVE-2019-13404.json new file mode 100644 index 0000000000..194d50b83e --- /dev/null +++ b/2019/CVE-2019-13404.json @@ -0,0 +1,25 @@ +[ + { + "id": 231223198, + "name": "CVE-2019-13404", + "full_name": "alidnf\/CVE-2019-13404", + "owner": { + "login": "alidnf", + "id": 54067374, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/54067374?v=4", + "html_url": "https:\/\/github.com\/alidnf" + }, + "html_url": "https:\/\/github.com\/alidnf\/CVE-2019-13404", + "description": null, + "fork": false, + "created_at": "2020-01-01T14:00:55Z", + "updated_at": "2020-01-02T01:47:57Z", + "pushed_at": "2020-01-01T14:09:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13496.json b/2019/CVE-2019-13496.json new file mode 100644 index 0000000000..dc01289cf7 --- /dev/null +++ b/2019/CVE-2019-13496.json @@ -0,0 +1,25 @@ +[ + { + "id": 219145624, + "name": "CVE-2019-13496", + "full_name": "FurqanKhan1\/CVE-2019-13496", + "owner": { + "login": "FurqanKhan1", + "id": 15893015, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15893015?v=4", + "html_url": "https:\/\/github.com\/FurqanKhan1" + }, + "html_url": "https:\/\/github.com\/FurqanKhan1\/CVE-2019-13496", + "description": null, + "fork": false, + "created_at": "2019-11-02T11:41:25Z", + "updated_at": "2019-12-18T14:03:06Z", + "pushed_at": "2019-11-10T20:59:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13497.json b/2019/CVE-2019-13497.json new file mode 100644 index 0000000000..b1154603c2 --- /dev/null +++ b/2019/CVE-2019-13497.json @@ -0,0 +1,25 @@ +[ + { + "id": 219150734, + "name": "CVE-2019-13497", + "full_name": "FurqanKhan1\/CVE-2019-13497", + "owner": { + "login": "FurqanKhan1", + "id": 15893015, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15893015?v=4", + "html_url": "https:\/\/github.com\/FurqanKhan1" + }, + "html_url": "https:\/\/github.com\/FurqanKhan1\/CVE-2019-13497", + "description": null, + "fork": false, + "created_at": "2019-11-02T12:29:26Z", + "updated_at": "2019-12-18T14:03:04Z", + "pushed_at": "2019-11-02T12:38:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13498.json b/2019/CVE-2019-13498.json new file mode 100644 index 0000000000..de4afbba86 --- /dev/null +++ b/2019/CVE-2019-13498.json @@ -0,0 +1,25 @@ +[ + { + "id": 200299320, + "name": "CVE-2019-13498", + "full_name": "FurqanKhan1\/CVE-2019-13498", + "owner": { + "login": "FurqanKhan1", + "id": 15893015, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15893015?v=4", + "html_url": "https:\/\/github.com\/FurqanKhan1" + }, + "html_url": "https:\/\/github.com\/FurqanKhan1\/CVE-2019-13498", + "description": "CVE-2019-13498", + "fork": false, + "created_at": "2019-08-02T21:22:23Z", + "updated_at": "2020-03-16T02:30:51Z", + "pushed_at": "2019-11-10T20:58:40Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 1, + "forks": 1, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13504.json b/2019/CVE-2019-13504.json new file mode 100644 index 0000000000..b39e03aec4 --- /dev/null +++ b/2019/CVE-2019-13504.json @@ -0,0 +1,25 @@ +[ + { + "id": 207112945, + "name": "fuzzenv-exiv2", + "full_name": "hazedic\/fuzzenv-exiv2", + "owner": { + "login": "hazedic", + "id": 13882826, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/13882826?v=4", + "html_url": "https:\/\/github.com\/hazedic" + }, + "html_url": "https:\/\/github.com\/hazedic\/fuzzenv-exiv2", + "description": "https:\/\/fuzzit.dev\/2019\/07\/11\/discovering-cve-2019-13504-cve-2019-13503-and-the-importance-of-api-fuzzing\/", + "fork": false, + "created_at": "2019-09-08T12:58:45Z", + "updated_at": "2019-09-08T13:00:07Z", + "pushed_at": "2019-09-08T12:59:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13574.json b/2019/CVE-2019-13574.json new file mode 100644 index 0000000000..aa44172bca --- /dev/null +++ b/2019/CVE-2019-13574.json @@ -0,0 +1,25 @@ +[ + { + "id": 197141535, + "name": "CVE-2019-13574", + "full_name": "masahiro331\/CVE-2019-13574", + "owner": { + "login": "masahiro331", + "id": 20438853, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/20438853?v=4", + "html_url": "https:\/\/github.com\/masahiro331" + }, + "html_url": "https:\/\/github.com\/masahiro331\/CVE-2019-13574", + "description": null, + "fork": false, + "created_at": "2019-07-16T07:17:57Z", + "updated_at": "2020-06-06T08:27:22Z", + "pushed_at": "2019-11-01T15:33:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1367.json b/2019/CVE-2019-1367.json new file mode 100644 index 0000000000..dbf11e119d --- /dev/null +++ b/2019/CVE-2019-1367.json @@ -0,0 +1,25 @@ +[ + { + "id": 210525167, + "name": "CVE-2019-1367", + "full_name": "mandarenmanman\/CVE-2019-1367", + "owner": { + "login": "mandarenmanman", + "id": 11764268, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/11764268?v=4", + "html_url": "https:\/\/github.com\/mandarenmanman" + }, + "html_url": "https:\/\/github.com\/mandarenmanman\/CVE-2019-1367", + "description": "CVE-2019-1367", + "fork": false, + "created_at": "2019-09-24T06:11:10Z", + "updated_at": "2019-10-15T06:44:17Z", + "pushed_at": "2019-09-24T06:13:32Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13720.json b/2019/CVE-2019-13720.json index 885556a120..d4beacf369 100644 --- a/2019/CVE-2019-13720.json +++ b/2019/CVE-2019-13720.json @@ -1,4 +1,27 @@ [ + { + "id": 219498737, + "name": "cve-2019-13720", + "full_name": "cve-2019-13720\/cve-2019-13720", + "owner": { + "login": "cve-2019-13720", + "id": 57355337, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/57355337?v=4", + "html_url": "https:\/\/github.com\/cve-2019-13720" + }, + "html_url": "https:\/\/github.com\/cve-2019-13720\/cve-2019-13720", + "description": "POC for CVE-2019-13720", + "fork": false, + "created_at": "2019-11-04T12:40:28Z", + "updated_at": "2019-11-10T00:08:30Z", + "pushed_at": "2019-11-04T19:40:31Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, { "id": 249014343, "name": "CVE-2019-13720", diff --git a/2019/CVE-2019-1385.json b/2019/CVE-2019-1385.json new file mode 100644 index 0000000000..145e786334 --- /dev/null +++ b/2019/CVE-2019-1385.json @@ -0,0 +1,25 @@ +[ + { + "id": 269204367, + "name": "CVE-2019-1385", + "full_name": "0x413x4\/CVE-2019-1385", + "owner": { + "login": "0x413x4", + "id": 11176964, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/11176964?v=4", + "html_url": "https:\/\/github.com\/0x413x4" + }, + "html_url": "https:\/\/github.com\/0x413x4\/CVE-2019-1385", + "description": "Enjoy hacking ;)", + "fork": false, + "created_at": "2020-06-03T22:06:49Z", + "updated_at": "2020-07-15T19:44:52Z", + "pushed_at": "2019-12-25T11:20:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1388.json b/2019/CVE-2019-1388.json index 3638705c1d..3c97d1ecc9 100644 --- a/2019/CVE-2019-1388.json +++ b/2019/CVE-2019-1388.json @@ -1,4 +1,50 @@ [ + { + "id": 223103877, + "name": "CVE-2019-1388", + "full_name": "jas502n\/CVE-2019-1388", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-1388", + "description": "CVE-2019-1388 UAC提权 (nt authority\\system)", + "fork": false, + "created_at": "2019-11-21T06:26:27Z", + "updated_at": "2020-06-27T20:05:41Z", + "pushed_at": "2019-11-21T09:27:59Z", + "stargazers_count": 83, + "watchers_count": 83, + "forks_count": 32, + "forks": 32, + "watchers": 83, + "score": 0 + }, + { + "id": 223127146, + "name": "CVE-2019-1388", + "full_name": "jaychouzzk\/CVE-2019-1388", + "owner": { + "login": "jaychouzzk", + "id": 45549315, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45549315?v=4", + "html_url": "https:\/\/github.com\/jaychouzzk" + }, + "html_url": "https:\/\/github.com\/jaychouzzk\/CVE-2019-1388", + "description": null, + "fork": false, + "created_at": "2019-11-21T08:38:38Z", + "updated_at": "2019-11-21T08:41:25Z", + "pushed_at": "2019-11-21T08:41:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + }, { "id": 224330054, "name": "CVE-2019-1388", diff --git a/2019/CVE-2019-1402.json b/2019/CVE-2019-1402.json new file mode 100644 index 0000000000..a5db901af1 --- /dev/null +++ b/2019/CVE-2019-1402.json @@ -0,0 +1,25 @@ +[ + { + "id": 221768702, + "name": "CorruptQueryAccessWorkaround", + "full_name": "lauxjpn\/CorruptQueryAccessWorkaround", + "owner": { + "login": "lauxjpn", + "id": 14178357, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/14178357?v=4", + "html_url": "https:\/\/github.com\/lauxjpn" + }, + "html_url": "https:\/\/github.com\/lauxjpn\/CorruptQueryAccessWorkaround", + "description": "The latest workaround for the \"Query is corrupt\" error introduced with CVE-2019-1402", + "fork": false, + "created_at": "2019-11-14T19:11:27Z", + "updated_at": "2019-12-17T13:49:23Z", + "pushed_at": "2019-12-10T18:51:25Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1405.json b/2019/CVE-2019-1405.json new file mode 100644 index 0000000000..46e388f0c6 --- /dev/null +++ b/2019/CVE-2019-1405.json @@ -0,0 +1,25 @@ +[ + { + "id": 221504958, + "name": "COMahawk", + "full_name": "apt69\/COMahawk", + "owner": { + "login": "apt69", + "id": 55776655, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/55776655?v=4", + "html_url": "https:\/\/github.com\/apt69" + }, + "html_url": "https:\/\/github.com\/apt69\/COMahawk", + "description": "Privilege Escalation: Weaponizing CVE-2019-1405 and CVE-2019-1322", + "fork": false, + "created_at": "2019-11-13T16:34:03Z", + "updated_at": "2020-07-13T15:44:29Z", + "pushed_at": "2019-11-14T14:16:54Z", + "stargazers_count": 237, + "watchers_count": 237, + "forks_count": 59, + "forks": 59, + "watchers": 237, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14205.json b/2019/CVE-2019-14205.json new file mode 100644 index 0000000000..977236e2f2 --- /dev/null +++ b/2019/CVE-2019-14205.json @@ -0,0 +1,25 @@ +[ + { + "id": 219652435, + "name": "EXPLOITING-CVE-2019-14205", + "full_name": "security-kma\/EXPLOITING-CVE-2019-14205", + "owner": { + "login": "security-kma", + "id": 52393069, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/52393069?v=4", + "html_url": "https:\/\/github.com\/security-kma" + }, + "html_url": "https:\/\/github.com\/security-kma\/EXPLOITING-CVE-2019-14205", + "description": "EXPLOITING CVE 2019-14205", + "fork": false, + "created_at": "2019-11-05T03:47:06Z", + "updated_at": "2019-11-05T04:49:51Z", + "pushed_at": "2019-11-05T04:49:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1422.json b/2019/CVE-2019-1422.json new file mode 100644 index 0000000000..8a80518b46 --- /dev/null +++ b/2019/CVE-2019-1422.json @@ -0,0 +1,25 @@ +[ + { + "id": 224766189, + "name": "cve-2019-1422", + "full_name": "ze0r\/cve-2019-1422", + "owner": { + "login": "ze0r", + "id": 43227253, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/43227253?v=4", + "html_url": "https:\/\/github.com\/ze0r" + }, + "html_url": "https:\/\/github.com\/ze0r\/cve-2019-1422", + "description": null, + "fork": false, + "created_at": "2019-11-29T02:58:32Z", + "updated_at": "2020-06-07T11:48:13Z", + "pushed_at": "2019-11-29T07:26:27Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 5, + "forks": 5, + "watchers": 12, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14220.json b/2019/CVE-2019-14220.json new file mode 100644 index 0000000000..73b3d289d6 --- /dev/null +++ b/2019/CVE-2019-14220.json @@ -0,0 +1,25 @@ +[ + { + "id": 211860095, + "name": "cve-2019-14220", + "full_name": "seqred-s-a\/cve-2019-14220", + "owner": { + "login": "seqred-s-a", + "id": 49437606, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/49437606?v=4", + "html_url": "https:\/\/github.com\/seqred-s-a" + }, + "html_url": "https:\/\/github.com\/seqred-s-a\/cve-2019-14220", + "description": "Arbitrary file read in BlueStacks", + "fork": false, + "created_at": "2019-09-30T12:57:35Z", + "updated_at": "2019-10-01T11:53:47Z", + "pushed_at": "2019-09-30T13:11:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14287.json b/2019/CVE-2019-14287.json index c13d2f5798..de35c5394a 100644 --- a/2019/CVE-2019-14287.json +++ b/2019/CVE-2019-14287.json @@ -1,4 +1,257 @@ [ + { + "id": 215227089, + "name": "sudo-cve-2019-14287", + "full_name": "FauxFaux\/sudo-cve-2019-14287", + "owner": { + "login": "FauxFaux", + "id": 328180, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/328180?v=4", + "html_url": "https:\/\/github.com\/FauxFaux" + }, + "html_url": "https:\/\/github.com\/FauxFaux\/sudo-cve-2019-14287", + "description": null, + "fork": false, + "created_at": "2019-10-15T06:47:58Z", + "updated_at": "2019-10-20T12:06:59Z", + "pushed_at": "2019-10-15T06:48:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 215363376, + "name": "CVE-2019-14287-demo", + "full_name": "CashWilliams\/CVE-2019-14287-demo", + "owner": { + "login": "CashWilliams", + "id": 613573, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/613573?v=4", + "html_url": "https:\/\/github.com\/CashWilliams" + }, + "html_url": "https:\/\/github.com\/CashWilliams\/CVE-2019-14287-demo", + "description": null, + "fork": false, + "created_at": "2019-10-15T17:58:36Z", + "updated_at": "2019-10-25T08:40:09Z", + "pushed_at": "2019-10-15T20:15:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 215379835, + "name": "CVE-2019-14287", + "full_name": "n0w4n\/CVE-2019-14287", + "owner": { + "login": "n0w4n", + "id": 43784479, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/43784479?v=4", + "html_url": "https:\/\/github.com\/n0w4n" + }, + "html_url": "https:\/\/github.com\/n0w4n\/CVE-2019-14287", + "description": "Sudo exploit", + "fork": false, + "created_at": "2019-10-15T19:26:42Z", + "updated_at": "2020-02-10T19:04:26Z", + "pushed_at": "2019-10-15T20:02:57Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 3, + "forks": 3, + "watchers": 4, + "score": 0 + }, + { + "id": 215573200, + "name": "CVE-2019-14287-write-up", + "full_name": "gurneesh\/CVE-2019-14287-write-up", + "owner": { + "login": "gurneesh", + "id": 26605645, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26605645?v=4", + "html_url": "https:\/\/github.com\/gurneesh" + }, + "html_url": "https:\/\/github.com\/gurneesh\/CVE-2019-14287-write-up", + "description": null, + "fork": false, + "created_at": "2019-10-16T14:47:08Z", + "updated_at": "2019-10-16T15:09:22Z", + "pushed_at": "2019-10-16T15:09:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 215939284, + "name": "Sudo-Security-Bypass-CVE-2019-14287", + "full_name": "shellvhack\/Sudo-Security-Bypass-CVE-2019-14287", + "owner": { + "login": "shellvhack", + "id": 15109539, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15109539?v=4", + "html_url": "https:\/\/github.com\/shellvhack" + }, + "html_url": "https:\/\/github.com\/shellvhack\/Sudo-Security-Bypass-CVE-2019-14287", + "description": "Sudo Security Bypass (CVE-2019-14287)", + "fork": false, + "created_at": "2019-10-18T04:11:14Z", + "updated_at": "2019-10-21T14:36:17Z", + "pushed_at": "2019-10-19T06:34:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 3, + "forks": 3, + "watchers": 1, + "score": 0 + }, + { + "id": 216456479, + "name": "cve-2019-14287sudoexp", + "full_name": "Janette88\/cve-2019-14287sudoexp", + "owner": { + "login": "Janette88", + "id": 20410684, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/20410684?v=4", + "html_url": "https:\/\/github.com\/Janette88" + }, + "html_url": "https:\/\/github.com\/Janette88\/cve-2019-14287sudoexp", + "description": null, + "fork": false, + "created_at": "2019-10-21T01:54:45Z", + "updated_at": "2019-10-21T02:01:14Z", + "pushed_at": "2019-10-21T02:01:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 217958958, + "name": "cve-2019-14287-PPT", + "full_name": "huang919\/cve-2019-14287-PPT", + "owner": { + "login": "huang919", + "id": 54520509, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/54520509?v=4", + "html_url": "https:\/\/github.com\/huang919" + }, + "html_url": "https:\/\/github.com\/huang919\/cve-2019-14287-PPT", + "description": null, + "fork": false, + "created_at": "2019-10-28T03:27:23Z", + "updated_at": "2019-11-13T13:21:56Z", + "pushed_at": "2019-11-13T13:21:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 220971939, + "name": "sudo-", + "full_name": "wenyu1999\/sudo-", + "owner": { + "login": "wenyu1999", + "id": 55389198, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/55389198?v=4", + "html_url": "https:\/\/github.com\/wenyu1999" + }, + "html_url": "https:\/\/github.com\/wenyu1999\/sudo-", + "description": "cve-2019-14287", + "fork": false, + "created_at": "2019-11-11T12:01:02Z", + "updated_at": "2019-11-11T12:02:10Z", + "pushed_at": "2019-11-11T12:02:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 221210783, + "name": "cve-2019-14287", + "full_name": "Sindadziy\/cve-2019-14287", + "owner": { + "login": "Sindadziy", + "id": 55396899, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/55396899?v=4", + "html_url": "https:\/\/github.com\/Sindadziy" + }, + "html_url": "https:\/\/github.com\/Sindadziy\/cve-2019-14287", + "description": null, + "fork": false, + "created_at": "2019-11-12T12:17:48Z", + "updated_at": "2019-11-12T12:18:23Z", + "pushed_at": "2019-11-12T12:18:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 221475763, + "name": "CVE-2019-14287-CVE-2014-6271", + "full_name": "Sindayifu\/CVE-2019-14287-CVE-2014-6271", + "owner": { + "login": "Sindayifu", + "id": 55397670, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/55397670?v=4", + "html_url": "https:\/\/github.com\/Sindayifu" + }, + "html_url": "https:\/\/github.com\/Sindayifu\/CVE-2019-14287-CVE-2014-6271", + "description": null, + "fork": false, + "created_at": "2019-11-13T14:17:19Z", + "updated_at": "2020-01-08T13:20:02Z", + "pushed_at": "2020-01-08T13:20:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 225805220, + "name": "sudo-vulnerability-CVE-2019-14287", + "full_name": "Unam3dd\/sudo-vulnerability-CVE-2019-14287", + "owner": { + "login": "Unam3dd", + "id": 34691959, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/34691959?v=4", + "html_url": "https:\/\/github.com\/Unam3dd" + }, + "html_url": "https:\/\/github.com\/Unam3dd\/sudo-vulnerability-CVE-2019-14287", + "description": "Sudo Vulnerability CVE-2019-14287", + "fork": false, + "created_at": "2019-12-04T07:24:51Z", + "updated_at": "2020-02-04T04:35:35Z", + "pushed_at": "2019-12-04T07:25:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, { "id": 239374146, "name": "Dockerized-CVE-2019-14287", diff --git a/2019/CVE-2019-14319.json b/2019/CVE-2019-14319.json new file mode 100644 index 0000000000..b98d96bac5 --- /dev/null +++ b/2019/CVE-2019-14319.json @@ -0,0 +1,25 @@ +[ + { + "id": 206061423, + "name": "CVE-2019-14319", + "full_name": "MelroyB\/CVE-2019-14319", + "owner": { + "login": "MelroyB", + "id": 39052594, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/39052594?v=4", + "html_url": "https:\/\/github.com\/MelroyB" + }, + "html_url": "https:\/\/github.com\/MelroyB\/CVE-2019-14319", + "description": null, + "fork": false, + "created_at": "2019-09-03T11:29:51Z", + "updated_at": "2020-06-20T04:58:51Z", + "pushed_at": "2019-09-03T11:30:26Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 0, + "forks": 0, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14339.json b/2019/CVE-2019-14339.json new file mode 100644 index 0000000000..6473ea14c0 --- /dev/null +++ b/2019/CVE-2019-14339.json @@ -0,0 +1,25 @@ +[ + { + "id": 198801002, + "name": "CVE-2019-14339", + "full_name": "0x48piraj\/CVE-2019-14339", + "owner": { + "login": "0x48piraj", + "id": 5800726, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/5800726?v=4", + "html_url": "https:\/\/github.com\/0x48piraj" + }, + "html_url": "https:\/\/github.com\/0x48piraj\/CVE-2019-14339", + "description": "POC for CVE-2019-14339 Canon PRINT 2.5.5", + "fork": false, + "created_at": "2019-07-25T09:30:02Z", + "updated_at": "2020-02-20T05:22:22Z", + "pushed_at": "2019-09-15T16:45:19Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 4, + "forks": 4, + "watchers": 12, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14439.json b/2019/CVE-2019-14439.json new file mode 100644 index 0000000000..f6c3d0159c --- /dev/null +++ b/2019/CVE-2019-14439.json @@ -0,0 +1,25 @@ +[ + { + "id": 199983488, + "name": "CVE-2019-14439", + "full_name": "jas502n\/CVE-2019-14439", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-14439", + "description": "Jackson-databind RCE", + "fork": false, + "created_at": "2019-08-01T05:33:06Z", + "updated_at": "2019-12-15T16:09:26Z", + "pushed_at": "2019-08-01T05:33:07Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 2, + "forks": 2, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14529.json b/2019/CVE-2019-14529.json new file mode 100644 index 0000000000..97a8ec807b --- /dev/null +++ b/2019/CVE-2019-14529.json @@ -0,0 +1,25 @@ +[ + { + "id": 202034341, + "name": "CVE-2019-14529", + "full_name": "Wezery\/CVE-2019-14529", + "owner": { + "login": "Wezery", + "id": 53606486, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/53606486?v=4", + "html_url": "https:\/\/github.com\/Wezery" + }, + "html_url": "https:\/\/github.com\/Wezery\/CVE-2019-14529", + "description": "OpenEMR Security issue", + "fork": false, + "created_at": "2019-08-13T01:01:51Z", + "updated_at": "2019-10-14T10:21:18Z", + "pushed_at": "2019-10-14T10:21:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14530.json b/2019/CVE-2019-14530.json new file mode 100644 index 0000000000..17a3d24cb8 --- /dev/null +++ b/2019/CVE-2019-14530.json @@ -0,0 +1,25 @@ +[ + { + "id": 202038918, + "name": "CVE-2019-14530", + "full_name": "Wezery\/CVE-2019-14530", + "owner": { + "login": "Wezery", + "id": 53606486, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/53606486?v=4", + "html_url": "https:\/\/github.com\/Wezery" + }, + "html_url": "https:\/\/github.com\/Wezery\/CVE-2019-14530", + "description": "OpenEMR security issue", + "fork": false, + "created_at": "2019-08-13T01:33:11Z", + "updated_at": "2019-08-14T01:32:29Z", + "pushed_at": "2019-08-14T01:32:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14537.json b/2019/CVE-2019-14537.json new file mode 100644 index 0000000000..2278f008ae --- /dev/null +++ b/2019/CVE-2019-14537.json @@ -0,0 +1,25 @@ +[ + { + "id": 201036325, + "name": "CVE-2019-14537", + "full_name": "Wocanilo\/CVE-2019-14537", + "owner": { + "login": "Wocanilo", + "id": 25706428, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/25706428?v=4", + "html_url": "https:\/\/github.com\/Wocanilo" + }, + "html_url": "https:\/\/github.com\/Wocanilo\/CVE-2019-14537", + "description": "CVE-2019-14537 PoC", + "fork": false, + "created_at": "2019-08-07T11:25:39Z", + "updated_at": "2020-04-06T06:33:05Z", + "pushed_at": "2019-08-08T08:04:22Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 1, + "forks": 1, + "watchers": 7, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14540.json b/2019/CVE-2019-14540.json new file mode 100644 index 0000000000..226238b996 --- /dev/null +++ b/2019/CVE-2019-14540.json @@ -0,0 +1,25 @@ +[ + { + "id": 203497733, + "name": "cve-2019-14540-exploit", + "full_name": "LeadroyaL\/cve-2019-14540-exploit", + "owner": { + "login": "LeadroyaL", + "id": 9478918, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/9478918?v=4", + "html_url": "https:\/\/github.com\/LeadroyaL" + }, + "html_url": "https:\/\/github.com\/LeadroyaL\/cve-2019-14540-exploit", + "description": "CVE-2019-14540 Exploit", + "fork": false, + "created_at": "2019-08-21T03:19:19Z", + "updated_at": "2020-05-01T10:32:47Z", + "pushed_at": "2019-08-21T03:59:02Z", + "stargazers_count": 15, + "watchers_count": 15, + "forks_count": 8, + "forks": 8, + "watchers": 15, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14745.json b/2019/CVE-2019-14745.json new file mode 100644 index 0000000000..6b80d2d8e8 --- /dev/null +++ b/2019/CVE-2019-14745.json @@ -0,0 +1,25 @@ +[ + { + "id": 219609133, + "name": "CVE-2019-14745", + "full_name": "xooxo\/CVE-2019-14745", + "owner": { + "login": "xooxo", + "id": 9900851, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/9900851?v=4", + "html_url": "https:\/\/github.com\/xooxo" + }, + "html_url": "https:\/\/github.com\/xooxo\/CVE-2019-14745", + "description": "weaponized radare2 vulnerability found by @CaptnBanana and blenk92", + "fork": false, + "created_at": "2019-11-04T22:31:27Z", + "updated_at": "2019-12-26T17:04:10Z", + "pushed_at": "2019-11-04T22:46:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14751.json b/2019/CVE-2019-14751.json new file mode 100644 index 0000000000..5d8c10f261 --- /dev/null +++ b/2019/CVE-2019-14751.json @@ -0,0 +1,25 @@ +[ + { + "id": 201508767, + "name": "CVE-2019-14751_PoC", + "full_name": "mssalvatore\/CVE-2019-14751_PoC", + "owner": { + "login": "mssalvatore", + "id": 19957806, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/19957806?v=4", + "html_url": "https:\/\/github.com\/mssalvatore" + }, + "html_url": "https:\/\/github.com\/mssalvatore\/CVE-2019-14751_PoC", + "description": "A Proof of Concept for CVE-2019-14751", + "fork": false, + "created_at": "2019-08-09T16:56:54Z", + "updated_at": "2019-08-29T15:44:59Z", + "pushed_at": "2019-08-20T13:02:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1476.json b/2019/CVE-2019-1476.json new file mode 100644 index 0000000000..8162337f19 --- /dev/null +++ b/2019/CVE-2019-1476.json @@ -0,0 +1,25 @@ +[ + { + "id": 226188349, + "name": "CVE-2019-1476", + "full_name": "sgabe\/CVE-2019-1476", + "owner": { + "login": "sgabe", + "id": 5206619, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/5206619?v=4", + "html_url": "https:\/\/github.com\/sgabe" + }, + "html_url": "https:\/\/github.com\/sgabe\/CVE-2019-1476", + "description": "AppXSvc Arbitrary File Overwrite DoS", + "fork": false, + "created_at": "2019-12-05T21:00:16Z", + "updated_at": "2020-04-14T21:21:44Z", + "pushed_at": "2019-12-10T18:12:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14830.json b/2019/CVE-2019-14830.json new file mode 100644 index 0000000000..b604653eae --- /dev/null +++ b/2019/CVE-2019-14830.json @@ -0,0 +1,25 @@ +[ + { + "id": 209007546, + "name": "moodle-token-stealer", + "full_name": "Fr3d-\/moodle-token-stealer", + "owner": { + "login": "Fr3d-", + "id": 6999865, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/6999865?v=4", + "html_url": "https:\/\/github.com\/Fr3d-" + }, + "html_url": "https:\/\/github.com\/Fr3d-\/moodle-token-stealer", + "description": "CVE-2019-14830", + "fork": false, + "created_at": "2019-09-17T09:04:41Z", + "updated_at": "2019-09-17T09:05:16Z", + "pushed_at": "2019-09-17T09:05:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14912.json b/2019/CVE-2019-14912.json new file mode 100644 index 0000000000..7ff50dde2c --- /dev/null +++ b/2019/CVE-2019-14912.json @@ -0,0 +1,25 @@ +[ + { + "id": 208986817, + "name": "adaPwn", + "full_name": "Wocanilo\/adaPwn", + "owner": { + "login": "Wocanilo", + "id": 25706428, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/25706428?v=4", + "html_url": "https:\/\/github.com\/Wocanilo" + }, + "html_url": "https:\/\/github.com\/Wocanilo\/adaPwn", + "description": "CVE-2019-14912 PoC", + "fork": false, + "created_at": "2019-09-17T07:24:23Z", + "updated_at": "2019-09-19T07:50:59Z", + "pushed_at": "2019-09-17T07:32:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15029.json b/2019/CVE-2019-15029.json new file mode 100644 index 0000000000..ae88e465b2 --- /dev/null +++ b/2019/CVE-2019-15029.json @@ -0,0 +1,25 @@ +[ + { + "id": 204203015, + "name": "CVE-2019-15029", + "full_name": "mhaskar\/CVE-2019-15029", + "owner": { + "login": "mhaskar", + "id": 6861215, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/6861215?v=4", + "html_url": "https:\/\/github.com\/mhaskar" + }, + "html_url": "https:\/\/github.com\/mhaskar\/CVE-2019-15029", + "description": "The official exploit code for FusionPBX v4.4.8 Remote Code Execution CVE-2019-15029", + "fork": false, + "created_at": "2019-08-24T19:28:36Z", + "updated_at": "2020-05-08T13:25:12Z", + "pushed_at": "2019-09-23T13:39:09Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 1, + "forks": 1, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15053.json b/2019/CVE-2019-15053.json new file mode 100644 index 0000000000..a12e1fea8b --- /dev/null +++ b/2019/CVE-2019-15053.json @@ -0,0 +1,25 @@ +[ + { + "id": 202405759, + "name": "CVE-2019-15053", + "full_name": "l0nax\/CVE-2019-15053", + "owner": { + "login": "l0nax", + "id": 29659953, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29659953?v=4", + "html_url": "https:\/\/github.com\/l0nax" + }, + "html_url": "https:\/\/github.com\/l0nax\/CVE-2019-15053", + "description": "(FAB-2019-00156) Vulnerability discoverd by me CVE-2019-15053 ", + "fork": false, + "created_at": "2019-08-14T18:35:36Z", + "updated_at": "2019-11-05T05:17:21Z", + "pushed_at": "2019-10-04T09:15:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15107.json b/2019/CVE-2019-15107.json index 2fa1717b05..629caeb246 100644 --- a/2019/CVE-2019-15107.json +++ b/2019/CVE-2019-15107.json @@ -1,4 +1,234 @@ [ + { + "id": 203123412, + "name": "CVE-2019-15107", + "full_name": "jas502n\/CVE-2019-15107", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-15107", + "description": "CVE-2019-15107 Webmin RCE (unauthorized)", + "fork": false, + "created_at": "2019-08-19T07:43:16Z", + "updated_at": "2020-04-13T15:23:24Z", + "pushed_at": "2019-09-02T16:06:19Z", + "stargazers_count": 44, + "watchers_count": 44, + "forks_count": 17, + "forks": 17, + "watchers": 44, + "score": 0 + }, + { + "id": 203752840, + "name": "webmin_docker_and_exp", + "full_name": "HACHp1\/webmin_docker_and_exp", + "owner": { + "login": "HACHp1", + "id": 25722416, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/25722416?v=4", + "html_url": "https:\/\/github.com\/HACHp1" + }, + "html_url": "https:\/\/github.com\/HACHp1\/webmin_docker_and_exp", + "description": "Dockerfiles for CVE-2019-15107(webmin RCE) recurrence including v1.890 and v1.920 with Exp for each version.", + "fork": false, + "created_at": "2019-08-22T08:48:07Z", + "updated_at": "2019-08-29T11:15:41Z", + "pushed_at": "2019-08-22T08:58:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 203787157, + "name": "CVE-2019-15107", + "full_name": "ketlerd\/CVE-2019-15107", + "owner": { + "login": "ketlerd", + "id": 4441136, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4441136?v=4", + "html_url": "https:\/\/github.com\/ketlerd" + }, + "html_url": "https:\/\/github.com\/ketlerd\/CVE-2019-15107", + "description": "Implementation of CVE-2019-15107 exploit in python", + "fork": false, + "created_at": "2019-08-22T12:07:16Z", + "updated_at": "2019-12-17T15:16:20Z", + "pushed_at": "2019-08-24T01:37:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 203983183, + "name": "CVE-2019-15107", + "full_name": "AdministratorGithub\/CVE-2019-15107", + "owner": { + "login": "AdministratorGithub", + "id": 19834937, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/19834937?v=4", + "html_url": "https:\/\/github.com\/AdministratorGithub" + }, + "html_url": "https:\/\/github.com\/AdministratorGithub\/CVE-2019-15107", + "description": "CVE-2019-15107 webmin python3", + "fork": false, + "created_at": "2019-08-23T11:10:01Z", + "updated_at": "2019-12-17T15:16:20Z", + "pushed_at": "2019-08-23T11:11:43Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + }, + { + "id": 204250667, + "name": "CVE-2019-15107", + "full_name": "Pichuuuuu\/CVE-2019-15107", + "owner": { + "login": "Pichuuuuu", + "id": 36177626, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/36177626?v=4", + "html_url": "https:\/\/github.com\/Pichuuuuu" + }, + "html_url": "https:\/\/github.com\/Pichuuuuu\/CVE-2019-15107", + "description": null, + "fork": false, + "created_at": "2019-08-25T05:31:11Z", + "updated_at": "2020-02-14T08:42:33Z", + "pushed_at": "2019-08-25T06:03:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 210371345, + "name": "Make-and-Break", + "full_name": "Rayferrufino\/Make-and-Break", + "owner": { + "login": "Rayferrufino", + "id": 52383730, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/52383730?v=4", + "html_url": "https:\/\/github.com\/Rayferrufino" + }, + "html_url": "https:\/\/github.com\/Rayferrufino\/Make-and-Break", + "description": "Built a custom Virtual Machine, running Ubuntu 18.04.1 and Webmin 1.810. Using CVE-2019-15107 to exploit a backdoor in the Linux machine", + "fork": false, + "created_at": "2019-09-23T14:07:03Z", + "updated_at": "2019-09-30T13:28:14Z", + "pushed_at": "2019-09-26T03:33:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, + { + "id": 217217171, + "name": "WebminRCE-EXP-CVE-2019-15107-", + "full_name": "AleWong\/WebminRCE-EXP-CVE-2019-15107-", + "owner": { + "login": "AleWong", + "id": 13904980, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/13904980?v=4", + "html_url": "https:\/\/github.com\/AleWong" + }, + "html_url": "https:\/\/github.com\/AleWong\/WebminRCE-EXP-CVE-2019-15107-", + "description": "Remote Code Execution Vulnerability in Webmin", + "fork": false, + "created_at": "2019-10-24T05:19:20Z", + "updated_at": "2020-03-13T11:51:37Z", + "pushed_at": "2019-11-01T07:16:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 3, + "forks": 3, + "watchers": 3, + "score": 0 + }, + { + "id": 228190849, + "name": "CVE-2019-15107", + "full_name": "ianxtianxt\/CVE-2019-15107", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2019-15107", + "description": null, + "fork": false, + "created_at": "2019-12-15T13:42:28Z", + "updated_at": "2020-07-03T03:58:55Z", + "pushed_at": "2019-12-15T13:42:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 230108996, + "name": "webminex", + "full_name": "hannob\/webminex", + "owner": { + "login": "hannob", + "id": 990588, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/990588?v=4", + "html_url": "https:\/\/github.com\/hannob" + }, + "html_url": "https:\/\/github.com\/hannob\/webminex", + "description": "poc exploit for webmin backdoor (CVE-2019-15107 and CVE-2019-15231)", + "fork": false, + "created_at": "2019-12-25T13:47:02Z", + "updated_at": "2020-06-19T21:34:25Z", + "pushed_at": "2019-12-25T13:48:27Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 2, + "forks": 2, + "watchers": 8, + "score": 0 + }, + { + "id": 230738228, + "name": "webmin_CVE-2019-15107", + "full_name": "ChakoMoonFish\/webmin_CVE-2019-15107", + "owner": { + "login": "ChakoMoonFish", + "id": 5085275, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/5085275?v=4", + "html_url": "https:\/\/github.com\/ChakoMoonFish" + }, + "html_url": "https:\/\/github.com\/ChakoMoonFish\/webmin_CVE-2019-15107", + "description": "webmin_CVE-2019-15107", + "fork": false, + "created_at": "2019-12-29T11:02:35Z", + "updated_at": "2019-12-29T11:03:18Z", + "pushed_at": "2019-12-29T11:03:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 273768106, "name": "CVE-2019-15107", diff --git a/2019/CVE-2019-15120.json b/2019/CVE-2019-15120.json new file mode 100644 index 0000000000..fa7d675444 --- /dev/null +++ b/2019/CVE-2019-15120.json @@ -0,0 +1,25 @@ +[ + { + "id": 210601259, + "name": "CVE-2019-15120", + "full_name": "h3llraiser\/CVE-2019-15120", + "owner": { + "login": "h3llraiser", + "id": 52741391, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/52741391?v=4", + "html_url": "https:\/\/github.com\/h3llraiser" + }, + "html_url": "https:\/\/github.com\/h3llraiser\/CVE-2019-15120", + "description": "Exploit for XSS via BBCode on Kunena extension before 5.1.14 for Joomla!", + "fork": false, + "created_at": "2019-09-24T12:47:09Z", + "updated_at": "2019-11-16T17:11:30Z", + "pushed_at": "2019-11-16T17:11:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15224.json b/2019/CVE-2019-15224.json new file mode 100644 index 0000000000..f9495cc163 --- /dev/null +++ b/2019/CVE-2019-15224.json @@ -0,0 +1,25 @@ +[ + { + "id": 204066882, + "name": "inspec_cve_2019_15224", + "full_name": "chef-cft\/inspec_cve_2019_15224", + "owner": { + "login": "chef-cft", + "id": 13543320, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/13543320?v=4", + "html_url": "https:\/\/github.com\/chef-cft" + }, + "html_url": "https:\/\/github.com\/chef-cft\/inspec_cve_2019_15224", + "description": "Example InSpec profile to detect presence of a malicious rest-client gem (CVE-2019-15224)", + "fork": false, + "created_at": "2019-08-23T20:38:44Z", + "updated_at": "2019-09-09T08:22:43Z", + "pushed_at": "2019-08-26T14:07:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15233.json b/2019/CVE-2019-15233.json new file mode 100644 index 0000000000..90de0efc10 --- /dev/null +++ b/2019/CVE-2019-15233.json @@ -0,0 +1,25 @@ +[ + { + "id": 203378087, + "name": "CVE-2019-15233", + "full_name": "l0nax\/CVE-2019-15233", + "owner": { + "login": "l0nax", + "id": 29659953, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29659953?v=4", + "html_url": "https:\/\/github.com\/l0nax" + }, + "html_url": "https:\/\/github.com\/l0nax\/CVE-2019-15233", + "description": "(FAB-2019-00157) Vulnerability discoverd by me CVE-2019-15233", + "fork": false, + "created_at": "2019-08-20T13:05:56Z", + "updated_at": "2019-11-05T05:17:21Z", + "pushed_at": "2019-10-04T09:10:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15511.json b/2019/CVE-2019-15511.json new file mode 100644 index 0000000000..642cc55630 --- /dev/null +++ b/2019/CVE-2019-15511.json @@ -0,0 +1,25 @@ +[ + { + "id": 203594549, + "name": "CVE-2019-15511", + "full_name": "adenkiewicz\/CVE-2019-15511", + "owner": { + "login": "adenkiewicz", + "id": 1060275, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/1060275?v=4", + "html_url": "https:\/\/github.com\/adenkiewicz" + }, + "html_url": "https:\/\/github.com\/adenkiewicz\/CVE-2019-15511", + "description": "GOG Galaxy Exploit for CVE-2019-15511", + "fork": false, + "created_at": "2019-08-21T13:52:13Z", + "updated_at": "2019-12-03T13:12:22Z", + "pushed_at": "2019-11-15T14:50:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15642.json b/2019/CVE-2019-15642.json new file mode 100644 index 0000000000..36d946d049 --- /dev/null +++ b/2019/CVE-2019-15642.json @@ -0,0 +1,25 @@ +[ + { + "id": 205655418, + "name": "CVE-2019-15642", + "full_name": "jas502n\/CVE-2019-15642", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-15642", + "description": "Webmin Remote Code Execution (authenticated) ", + "fork": false, + "created_at": "2019-09-01T09:28:56Z", + "updated_at": "2020-04-04T03:02:51Z", + "pushed_at": "2019-09-01T11:35:43Z", + "stargazers_count": 29, + "watchers_count": 29, + "forks_count": 7, + "forks": 7, + "watchers": 29, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1579.json b/2019/CVE-2019-1579.json new file mode 100644 index 0000000000..52d0f5e61f --- /dev/null +++ b/2019/CVE-2019-1579.json @@ -0,0 +1,25 @@ +[ + { + "id": 207451672, + "name": "CVE-2019-1579", + "full_name": "securifera\/CVE-2019-1579", + "owner": { + "login": "securifera", + "id": 12126525, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/12126525?v=4", + "html_url": "https:\/\/github.com\/securifera" + }, + "html_url": "https:\/\/github.com\/securifera\/CVE-2019-1579", + "description": null, + "fork": false, + "created_at": "2019-09-10T02:53:03Z", + "updated_at": "2020-07-18T08:52:02Z", + "pushed_at": "2019-09-10T15:57:23Z", + "stargazers_count": 52, + "watchers_count": 52, + "forks_count": 23, + "forks": 23, + "watchers": 52, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15802.json b/2019/CVE-2019-15802.json new file mode 100644 index 0000000000..bc77c81973 --- /dev/null +++ b/2019/CVE-2019-15802.json @@ -0,0 +1,25 @@ +[ + { + "id": 205449007, + "name": "CVE-2019-15802", + "full_name": "jasperla\/CVE-2019-15802", + "owner": { + "login": "jasperla", + "id": 637504, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/637504?v=4", + "html_url": "https:\/\/github.com\/jasperla" + }, + "html_url": "https:\/\/github.com\/jasperla\/CVE-2019-15802", + "description": null, + "fork": false, + "created_at": "2019-08-30T20:00:06Z", + "updated_at": "2020-02-13T22:11:03Z", + "pushed_at": "2019-09-01T08:56:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15846.json b/2019/CVE-2019-15846.json new file mode 100644 index 0000000000..cd68c450de --- /dev/null +++ b/2019/CVE-2019-15846.json @@ -0,0 +1,25 @@ +[ + { + "id": 213952894, + "name": "Exim-CVE-2019-15846", + "full_name": "synacktiv\/Exim-CVE-2019-15846", + "owner": { + "login": "synacktiv", + "id": 50145679, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/50145679?v=4", + "html_url": "https:\/\/github.com\/synacktiv" + }, + "html_url": "https:\/\/github.com\/synacktiv\/Exim-CVE-2019-15846", + "description": "PoC materials to exploit CVE-2019-15846", + "fork": false, + "created_at": "2019-10-09T15:19:58Z", + "updated_at": "2020-06-11T05:06:43Z", + "pushed_at": "2019-10-10T09:55:59Z", + "stargazers_count": 25, + "watchers_count": 25, + "forks_count": 7, + "forks": 7, + "watchers": 25, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15858.json b/2019/CVE-2019-15858.json new file mode 100644 index 0000000000..a7ed8d652a --- /dev/null +++ b/2019/CVE-2019-15858.json @@ -0,0 +1,25 @@ +[ + { + "id": 208152610, + "name": "CVE-2019-15858", + "full_name": "GeneralEG\/CVE-2019-15858", + "owner": { + "login": "GeneralEG", + "id": 20465962, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/20465962?v=4", + "html_url": "https:\/\/github.com\/GeneralEG" + }, + "html_url": "https:\/\/github.com\/GeneralEG\/CVE-2019-15858", + "description": "Unauthenticated RCE at Woody Ad Snippets \/ CVE-2019-15858 (PoC)", + "fork": false, + "created_at": "2019-09-12T21:52:55Z", + "updated_at": "2020-06-09T18:27:58Z", + "pushed_at": "2019-09-12T22:19:47Z", + "stargazers_count": 26, + "watchers_count": 26, + "forks_count": 4, + "forks": 4, + "watchers": 26, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15972.json b/2019/CVE-2019-15972.json new file mode 100644 index 0000000000..593c13979f --- /dev/null +++ b/2019/CVE-2019-15972.json @@ -0,0 +1,25 @@ +[ + { + "id": 222742364, + "name": "Cisco-UCM-SQLi-Scripts", + "full_name": "FSecureLABS\/Cisco-UCM-SQLi-Scripts", + "owner": { + "login": "FSecureLABS", + "id": 1469843, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/1469843?v=4", + "html_url": "https:\/\/github.com\/FSecureLABS" + }, + "html_url": "https:\/\/github.com\/FSecureLABS\/Cisco-UCM-SQLi-Scripts", + "description": "Scripts that can be used to exploit CVE-2019-15972 which was an Authenticated SQLi issue in Cisco Unified Call Manager (UCM).", + "fork": false, + "created_at": "2019-11-19T16:38:39Z", + "updated_at": "2020-03-21T02:52:32Z", + "pushed_at": "2019-11-20T15:05:54Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 5, + "forks": 5, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16097.json b/2019/CVE-2019-16097.json new file mode 100644 index 0000000000..99a574b552 --- /dev/null +++ b/2019/CVE-2019-16097.json @@ -0,0 +1,140 @@ +[ + { + "id": 209584763, + "name": "CVE-2019-16097", + "full_name": "evilAdan0s\/CVE-2019-16097", + "owner": { + "login": "evilAdan0s", + "id": 37237766, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/37237766?v=4", + "html_url": "https:\/\/github.com\/evilAdan0s" + }, + "html_url": "https:\/\/github.com\/evilAdan0s\/CVE-2019-16097", + "description": "CVE-2019-16097 PoC", + "fork": false, + "created_at": "2019-09-19T15:12:11Z", + "updated_at": "2020-01-08T07:00:02Z", + "pushed_at": "2019-09-19T15:27:48Z", + "stargazers_count": 18, + "watchers_count": 18, + "forks_count": 7, + "forks": 7, + "watchers": 18, + "score": 0 + }, + { + "id": 209684562, + "name": "CVE-2019-16097-batch", + "full_name": "rockmelodies\/CVE-2019-16097-batch", + "owner": { + "login": "rockmelodies", + "id": 24653177, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/24653177?v=4", + "html_url": "https:\/\/github.com\/rockmelodies" + }, + "html_url": "https:\/\/github.com\/rockmelodies\/CVE-2019-16097-batch", + "description": "CVE-2019-16097-batch", + "fork": false, + "created_at": "2019-09-20T02:03:45Z", + "updated_at": "2019-09-27T14:48:34Z", + "pushed_at": "2019-09-21T04:51:38Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 2, + "forks": 2, + "watchers": 5, + "score": 0 + }, + { + "id": 210135326, + "name": "CVE-2019-16097", + "full_name": "ianxtianxt\/CVE-2019-16097", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2019-16097", + "description": null, + "fork": false, + "created_at": "2019-09-22T11:24:28Z", + "updated_at": "2019-09-22T11:26:55Z", + "pushed_at": "2019-09-22T11:26:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + }, + { + "id": 210735062, + "name": "cve-2019-16097", + "full_name": "dacade\/cve-2019-16097", + "owner": { + "login": "dacade", + "id": 31815137, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/31815137?v=4", + "html_url": "https:\/\/github.com\/dacade" + }, + "html_url": "https:\/\/github.com\/dacade\/cve-2019-16097", + "description": "cve-2019-1609", + "fork": false, + "created_at": "2019-09-25T02:05:49Z", + "updated_at": "2020-01-08T07:00:47Z", + "pushed_at": "2019-09-25T02:24:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 212393854, + "name": "harbor-give-me-admin", + "full_name": "theLSA\/harbor-give-me-admin", + "owner": { + "login": "theLSA", + "id": 28248956, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/28248956?v=4", + "html_url": "https:\/\/github.com\/theLSA" + }, + "html_url": "https:\/\/github.com\/theLSA\/harbor-give-me-admin", + "description": "harbor(<1.7.6\/1.8.3) privilege escalation (CVE-2019-16097)", + "fork": false, + "created_at": "2019-10-02T16:53:06Z", + "updated_at": "2019-10-02T17:01:53Z", + "pushed_at": "2019-10-02T17:01:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 221669111, + "name": "CVE-2019-16097", + "full_name": "luckybool1020\/CVE-2019-16097", + "owner": { + "login": "luckybool1020", + "id": 16422202, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16422202?v=4", + "html_url": "https:\/\/github.com\/luckybool1020" + }, + "html_url": "https:\/\/github.com\/luckybool1020\/CVE-2019-16097", + "description": "Harbor 未授权创建管理员漏洞原理 docker及poc[基于pocsuite框架]", + "fork": false, + "created_at": "2019-11-14T10:19:47Z", + "updated_at": "2019-11-15T05:30:53Z", + "pushed_at": "2019-11-14T10:22:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16098.json b/2019/CVE-2019-16098.json new file mode 100644 index 0000000000..1fe334006b --- /dev/null +++ b/2019/CVE-2019-16098.json @@ -0,0 +1,25 @@ +[ + { + "id": 207602452, + "name": "CVE-2019-16098", + "full_name": "Barakat\/CVE-2019-16098", + "owner": { + "login": "Barakat", + "id": 11032985, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/11032985?v=4", + "html_url": "https:\/\/github.com\/Barakat" + }, + "html_url": "https:\/\/github.com\/Barakat\/CVE-2019-16098", + "description": "Local privilege escalation PoC exploit for CVE-2019-16098", + "fork": false, + "created_at": "2019-09-10T15:57:36Z", + "updated_at": "2020-07-18T19:05:19Z", + "pushed_at": "2019-09-13T20:05:43Z", + "stargazers_count": 125, + "watchers_count": 125, + "forks_count": 39, + "forks": 39, + "watchers": 125, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16278.json b/2019/CVE-2019-16278.json index 8935e50d29..12c58460da 100644 --- a/2019/CVE-2019-16278.json +++ b/2019/CVE-2019-16278.json @@ -1,4 +1,188 @@ [ + { + "id": 215200285, + "name": "CVE-2019-16278", + "full_name": "jas502n\/CVE-2019-16278", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-16278", + "description": "Directory transversal to remote code execution", + "fork": false, + "created_at": "2019-10-15T03:40:13Z", + "updated_at": "2020-06-27T15:51:03Z", + "pushed_at": "2019-10-15T03:53:55Z", + "stargazers_count": 64, + "watchers_count": 64, + "forks_count": 25, + "forks": 25, + "watchers": 64, + "score": 0 + }, + { + "id": 215258157, + "name": "CVE-2019-16278-PoC", + "full_name": "imjdl\/CVE-2019-16278-PoC", + "owner": { + "login": "imjdl", + "id": 31382943, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/31382943?v=4", + "html_url": "https:\/\/github.com\/imjdl" + }, + "html_url": "https:\/\/github.com\/imjdl\/CVE-2019-16278-PoC", + "description": "CVE-2019-16728 Proof of Concept", + "fork": false, + "created_at": "2019-10-15T09:22:36Z", + "updated_at": "2020-05-18T10:43:21Z", + "pushed_at": "2019-10-15T09:28:25Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 1, + "forks": 1, + "watchers": 6, + "score": 0 + }, + { + "id": 215297351, + "name": "CVE-2019-16278", + "full_name": "ianxtianxt\/CVE-2019-16278", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2019-16278", + "description": "CVE-2019-16278Nostromo httpd命令执行", + "fork": false, + "created_at": "2019-10-15T12:47:59Z", + "updated_at": "2020-05-18T10:43:21Z", + "pushed_at": "2020-01-11T07:25:38Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 4, + "forks": 4, + "watchers": 3, + "score": 0 + }, + { + "id": 217164072, + "name": "Nostromo_Python3", + "full_name": "darkerego\/Nostromo_Python3", + "owner": { + "login": "darkerego", + "id": 8583665, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8583665?v=4", + "html_url": "https:\/\/github.com\/darkerego" + }, + "html_url": "https:\/\/github.com\/darkerego\/Nostromo_Python3", + "description": "CVE-2019-16278 Python3 Exploit Code", + "fork": false, + "created_at": "2019-10-23T22:24:18Z", + "updated_at": "2019-10-23T22:26:43Z", + "pushed_at": "2019-10-23T22:26:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 223463242, + "name": "CVE-2019-16278", + "full_name": "AnubisSec\/CVE-2019-16278", + "owner": { + "login": "AnubisSec", + "id": 38790814, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/38790814?v=4", + "html_url": "https:\/\/github.com\/AnubisSec" + }, + "html_url": "https:\/\/github.com\/AnubisSec\/CVE-2019-16278", + "description": "A quick python exploit for the Nostromo 1.9.6 remote code execution vulnerability. Simply takes a host and port that the web server is running on. ", + "fork": false, + "created_at": "2019-11-22T18:35:14Z", + "updated_at": "2020-05-18T10:43:26Z", + "pushed_at": "2019-11-22T18:57:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 3, + "forks": 3, + "watchers": 1, + "score": 0 + }, + { + "id": 224208624, + "name": "CVE-2019-16278-Nostromo_1.9.6-RCE", + "full_name": "theRealFr13nd\/CVE-2019-16278-Nostromo_1.9.6-RCE", + "owner": { + "login": "theRealFr13nd", + "id": 36172640, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/36172640?v=4", + "html_url": "https:\/\/github.com\/theRealFr13nd" + }, + "html_url": "https:\/\/github.com\/theRealFr13nd\/CVE-2019-16278-Nostromo_1.9.6-RCE", + "description": "Python script to exploit RCE in Nostromo nhttpd <= 1.9.6.", + "fork": false, + "created_at": "2019-11-26T14:15:44Z", + "updated_at": "2019-11-26T14:26:05Z", + "pushed_at": "2019-11-26T14:26:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 231114950, + "name": "cve-2019-16278", + "full_name": "Kr0ff\/cve-2019-16278", + "owner": { + "login": "Kr0ff", + "id": 35173514, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/35173514?v=4", + "html_url": "https:\/\/github.com\/Kr0ff" + }, + "html_url": "https:\/\/github.com\/Kr0ff\/cve-2019-16278", + "description": "(Nhttpd) Nostromo 1.9.6 RCE due to Directory Traversal ", + "fork": false, + "created_at": "2019-12-31T16:06:13Z", + "updated_at": "2020-02-19T19:35:33Z", + "pushed_at": "2019-12-31T16:07:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 231220055, + "name": "CVE-2019-16278", + "full_name": "NHPT\/CVE-2019-16278", + "owner": { + "login": "NHPT", + "id": 42366434, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/42366434?v=4", + "html_url": "https:\/\/github.com\/NHPT" + }, + "html_url": "https:\/\/github.com\/NHPT\/CVE-2019-16278", + "description": "CVE-2019-16278:Nostromo Web服务器的RCE漏洞", + "fork": false, + "created_at": "2020-01-01T13:28:40Z", + "updated_at": "2020-05-18T10:43:31Z", + "pushed_at": "2020-01-01T13:36:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 243942211, "name": "nostromo_1_9_6_rce", diff --git a/2019/CVE-2019-16279.json b/2019/CVE-2019-16279.json new file mode 100644 index 0000000000..6422e8cefe --- /dev/null +++ b/2019/CVE-2019-16279.json @@ -0,0 +1,25 @@ +[ + { + "id": 215296435, + "name": "CVE-2019-16279", + "full_name": "ianxtianxt\/CVE-2019-16279", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2019-16279", + "description": "(CVE-2019-16279)dos", + "fork": false, + "created_at": "2019-10-15T12:43:28Z", + "updated_at": "2019-10-15T12:46:09Z", + "pushed_at": "2019-10-15T12:46:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16405.json b/2019/CVE-2019-16405.json new file mode 100644 index 0000000000..00eafe99f6 --- /dev/null +++ b/2019/CVE-2019-16405.json @@ -0,0 +1,25 @@ +[ + { + "id": 216111903, + "name": "CVE-2019-16405.rb", + "full_name": "TheCyberGeek\/CVE-2019-16405.rb", + "owner": { + "login": "TheCyberGeek", + "id": 52138157, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/52138157?v=4", + "html_url": "https:\/\/github.com\/TheCyberGeek" + }, + "html_url": "https:\/\/github.com\/TheCyberGeek\/CVE-2019-16405.rb", + "description": "Metasploit module & Python script for CVE-2019-16405", + "fork": false, + "created_at": "2019-10-18T21:50:37Z", + "updated_at": "2020-02-05T18:04:37Z", + "pushed_at": "2020-01-16T13:59:23Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 1, + "forks": 1, + "watchers": 9, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1652.json b/2019/CVE-2019-1652.json new file mode 100644 index 0000000000..015278897c --- /dev/null +++ b/2019/CVE-2019-1652.json @@ -0,0 +1,25 @@ +[ + { + "id": 167347037, + "name": "CiscoRV320Dump", + "full_name": "0x27\/CiscoRV320Dump", + "owner": { + "login": "0x27", + "id": 9094330, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/9094330?v=4", + "html_url": "https:\/\/github.com\/0x27" + }, + "html_url": "https:\/\/github.com\/0x27\/CiscoRV320Dump", + "description": "CVE-2019-1652 \/CVE-2019-1653 Exploits For Dumping Cisco RV320 Configurations & Debugging Data AND Remote Root Exploit!", + "fork": false, + "created_at": "2019-01-24T10:12:44Z", + "updated_at": "2020-06-12T03:47:41Z", + "pushed_at": "2019-02-08T12:38:05Z", + "stargazers_count": 191, + "watchers_count": 191, + "forks_count": 62, + "forks": 62, + "watchers": 191, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1653.json b/2019/CVE-2019-1653.json new file mode 100644 index 0000000000..7f6c86397b --- /dev/null +++ b/2019/CVE-2019-1653.json @@ -0,0 +1,48 @@ +[ + { + "id": 168361115, + "name": "CVE-2019-1653", + "full_name": "dubfr33\/CVE-2019-1653", + "owner": { + "login": "dubfr33", + "id": 20056018, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/20056018?v=4", + "html_url": "https:\/\/github.com\/dubfr33" + }, + "html_url": "https:\/\/github.com\/dubfr33\/CVE-2019-1653", + "description": "NSE script to scan for Cisco routers vulnerable to CVE-2019-1653", + "fork": false, + "created_at": "2019-01-30T14:58:48Z", + "updated_at": "2020-04-21T04:04:11Z", + "pushed_at": "2019-01-30T15:01:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 178810790, + "name": "CiscoSpill", + "full_name": "shaheemirza\/CiscoSpill", + "owner": { + "login": "shaheemirza", + "id": 4853436, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/4853436?v=4", + "html_url": "https:\/\/github.com\/shaheemirza" + }, + "html_url": "https:\/\/github.com\/shaheemirza\/CiscoSpill", + "description": "Just a PoC tool to extract password using CVE-2019-1653.", + "fork": false, + "created_at": "2019-04-01T07:40:01Z", + "updated_at": "2019-04-02T04:57:33Z", + "pushed_at": "2019-04-01T07:50:48Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 3, + "forks": 3, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16662.json b/2019/CVE-2019-16662.json new file mode 100644 index 0000000000..3e04eb13b0 --- /dev/null +++ b/2019/CVE-2019-16662.json @@ -0,0 +1,25 @@ +[ + { + "id": 220831587, + "name": "CVE-2019-16662", + "full_name": "mhaskar\/CVE-2019-16662", + "owner": { + "login": "mhaskar", + "id": 6861215, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/6861215?v=4", + "html_url": "https:\/\/github.com\/mhaskar" + }, + "html_url": "https:\/\/github.com\/mhaskar\/CVE-2019-16662", + "description": "The official exploit for rConfig 3.9.2 Pre-auth Remote Code Execution CVE-2019-16662", + "fork": false, + "created_at": "2019-11-10T18:26:25Z", + "updated_at": "2020-05-18T10:43:24Z", + "pushed_at": "2019-11-10T18:27:02Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 3, + "forks": 3, + "watchers": 6, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16663.json b/2019/CVE-2019-16663.json new file mode 100644 index 0000000000..8acd77f1a4 --- /dev/null +++ b/2019/CVE-2019-16663.json @@ -0,0 +1,25 @@ +[ + { + "id": 220831806, + "name": "CVE-2019-16663", + "full_name": "mhaskar\/CVE-2019-16663", + "owner": { + "login": "mhaskar", + "id": 6861215, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/6861215?v=4", + "html_url": "https:\/\/github.com\/mhaskar" + }, + "html_url": "https:\/\/github.com\/mhaskar\/CVE-2019-16663", + "description": "The official exploit for rConfig 3.9.2 Post-auth Remote Code Execution CVE-2019-16663", + "fork": false, + "created_at": "2019-11-10T18:28:11Z", + "updated_at": "2020-05-18T10:43:24Z", + "pushed_at": "2019-11-10T18:28:40Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 5, + "forks": 5, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16692.json b/2019/CVE-2019-16692.json new file mode 100644 index 0000000000..0503975f21 --- /dev/null +++ b/2019/CVE-2019-16692.json @@ -0,0 +1,25 @@ +[ + { + "id": 211323513, + "name": "CVE-2019-16692", + "full_name": "kkirsche\/CVE-2019-16692", + "owner": { + "login": "kkirsche", + "id": 947110, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/947110?v=4", + "html_url": "https:\/\/github.com\/kkirsche" + }, + "html_url": "https:\/\/github.com\/kkirsche\/CVE-2019-16692", + "description": "Exploit code for CVE-2019-16692", + "fork": false, + "created_at": "2019-09-27T13:18:00Z", + "updated_at": "2019-10-11T18:34:37Z", + "pushed_at": "2019-10-11T18:34:36Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 3, + "forks": 3, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16759.json b/2019/CVE-2019-16759.json index 163497f5c2..df3c6d71c0 100644 --- a/2019/CVE-2019-16759.json +++ b/2019/CVE-2019-16759.json @@ -1,4 +1,119 @@ [ + { + "id": 210888122, + "name": "CVE-2019-16759-Vbulletin-rce-exploit", + "full_name": "M0sterHxck\/CVE-2019-16759-Vbulletin-rce-exploit", + "owner": { + "login": "M0sterHxck", + "id": 32819554, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/32819554?v=4", + "html_url": "https:\/\/github.com\/M0sterHxck" + }, + "html_url": "https:\/\/github.com\/M0sterHxck\/CVE-2019-16759-Vbulletin-rce-exploit", + "description": "Vbulletin rce exploit CVE-2019-16759", + "fork": false, + "created_at": "2019-09-25T16:12:27Z", + "updated_at": "2020-06-14T23:45:57Z", + "pushed_at": "2019-09-25T16:32:27Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 4, + "forks": 4, + "watchers": 6, + "score": 0 + }, + { + "id": 210991486, + "name": "http-vuln-CVE-2019-16759", + "full_name": "r00tpgp\/http-vuln-CVE-2019-16759", + "owner": { + "login": "r00tpgp", + "id": 29351179, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29351179?v=4", + "html_url": "https:\/\/github.com\/r00tpgp" + }, + "html_url": "https:\/\/github.com\/r00tpgp\/http-vuln-CVE-2019-16759", + "description": "Nmap NSE Script to Detect vBulletin pre-auth 5.x RCE CVE-2019-16759", + "fork": false, + "created_at": "2019-09-26T03:27:17Z", + "updated_at": "2019-12-06T04:30:18Z", + "pushed_at": "2019-09-26T03:35:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 210995647, + "name": "CVE-2019-16759", + "full_name": "jas502n\/CVE-2019-16759", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-16759", + "description": "vBulletin 5.x 未授权远程代码执行漏洞", + "fork": false, + "created_at": "2019-09-26T03:56:22Z", + "updated_at": "2020-03-20T02:13:02Z", + "pushed_at": "2019-09-26T04:25:36Z", + "stargazers_count": 18, + "watchers_count": 18, + "forks_count": 3, + "forks": 3, + "watchers": 18, + "score": 0 + }, + { + "id": 214698783, + "name": "CVE-2019-16759", + "full_name": "FarjaalAhmad\/CVE-2019-16759", + "owner": { + "login": "FarjaalAhmad", + "id": 45895453, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45895453?v=4", + "html_url": "https:\/\/github.com\/FarjaalAhmad" + }, + "html_url": "https:\/\/github.com\/FarjaalAhmad\/CVE-2019-16759", + "description": "Interactive-Like Command-Line Console for CVE-2019-16759", + "fork": false, + "created_at": "2019-10-12T18:51:16Z", + "updated_at": "2020-04-16T18:56:32Z", + "pushed_at": "2019-10-12T18:56:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 230790251, + "name": "pwn-vbulletin", + "full_name": "andripwn\/pwn-vbulletin", + "owner": { + "login": "andripwn", + "id": 52893492, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/52893492?v=4", + "html_url": "https:\/\/github.com\/andripwn" + }, + "html_url": "https:\/\/github.com\/andripwn\/pwn-vbulletin", + "description": "Identify vulnerable (RCE) vBulletin 5.0.0 - 5.5.4 instances using Shodan (CVE-2019-16759)", + "fork": false, + "created_at": "2019-12-29T18:49:15Z", + "updated_at": "2020-05-06T10:32:33Z", + "pushed_at": "2019-12-29T18:49:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 242010562, "name": "vbull", diff --git a/2019/CVE-2019-16889.json b/2019/CVE-2019-16889.json new file mode 100644 index 0000000000..fc23e2d89f --- /dev/null +++ b/2019/CVE-2019-16889.json @@ -0,0 +1,25 @@ +[ + { + "id": 226750951, + "name": "meep", + "full_name": "grampae\/meep", + "owner": { + "login": "grampae", + "id": 36344197, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/36344197?v=4", + "html_url": "https:\/\/github.com\/grampae" + }, + "html_url": "https:\/\/github.com\/grampae\/meep", + "description": "Proof of conecept for CVE-2019-16889 (Resource consumption on Ubiquiti Edgemax 1.10.6 and earlier", + "fork": false, + "created_at": "2019-12-09T00:09:08Z", + "updated_at": "2019-12-22T20:22:21Z", + "pushed_at": "2019-12-22T20:22:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16920.json b/2019/CVE-2019-16920.json new file mode 100644 index 0000000000..e83c02715d --- /dev/null +++ b/2019/CVE-2019-16920.json @@ -0,0 +1,25 @@ +[ + { + "id": 215362480, + "name": "CVE-2019-16920-MassPwn3r", + "full_name": "pwnhacker0x18\/CVE-2019-16920-MassPwn3r", + "owner": { + "login": "pwnhacker0x18", + "id": 51971493, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/51971493?v=4", + "html_url": "https:\/\/github.com\/pwnhacker0x18" + }, + "html_url": "https:\/\/github.com\/pwnhacker0x18\/CVE-2019-16920-MassPwn3r", + "description": "Exploit and Mass Pwn3r for CVE-2019-16920", + "fork": false, + "created_at": "2019-10-15T17:54:03Z", + "updated_at": "2020-07-18T04:09:38Z", + "pushed_at": "2019-12-21T17:31:56Z", + "stargazers_count": 24, + "watchers_count": 24, + "forks_count": 14, + "forks": 14, + "watchers": 24, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16941.json b/2019/CVE-2019-16941.json new file mode 100644 index 0000000000..0af8ab182b --- /dev/null +++ b/2019/CVE-2019-16941.json @@ -0,0 +1,25 @@ +[ + { + "id": 212068191, + "name": "CVE-2019-16941", + "full_name": "purpleracc00n\/CVE-2019-16941", + "owner": { + "login": "purpleracc00n", + "id": 47504061, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/47504061?v=4", + "html_url": "https:\/\/github.com\/purpleracc00n" + }, + "html_url": "https:\/\/github.com\/purpleracc00n\/CVE-2019-16941", + "description": "PoC for CVE-2019-16941", + "fork": false, + "created_at": "2019-10-01T10:26:27Z", + "updated_at": "2020-02-12T10:12:03Z", + "pushed_at": "2019-10-03T18:08:50Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17080.json b/2019/CVE-2019-17080.json new file mode 100644 index 0000000000..ce8772dba3 --- /dev/null +++ b/2019/CVE-2019-17080.json @@ -0,0 +1,25 @@ +[ + { + "id": 212289598, + "name": "Mintinstall-object-injection", + "full_name": "Andhrimnirr\/Mintinstall-object-injection", + "owner": { + "login": "Andhrimnirr", + "id": 38662689, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/38662689?v=4", + "html_url": "https:\/\/github.com\/Andhrimnirr" + }, + "html_url": "https:\/\/github.com\/Andhrimnirr\/Mintinstall-object-injection", + "description": "CVE-2019-17080 ", + "fork": false, + "created_at": "2019-10-02T08:26:34Z", + "updated_at": "2019-10-08T16:58:37Z", + "pushed_at": "2019-10-08T16:58:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17124.json b/2019/CVE-2019-17124.json new file mode 100644 index 0000000000..87c2405b9b --- /dev/null +++ b/2019/CVE-2019-17124.json @@ -0,0 +1,25 @@ +[ + { + "id": 213818580, + "name": "CVE-2019-17124", + "full_name": "hessandrew\/CVE-2019-17124", + "owner": { + "login": "hessandrew", + "id": 45692132, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45692132?v=4", + "html_url": "https:\/\/github.com\/hessandrew" + }, + "html_url": "https:\/\/github.com\/hessandrew\/CVE-2019-17124", + "description": "KRAMER VIAware 2.5.0719.1034 - Remote Code Execution", + "fork": false, + "created_at": "2019-10-09T04:10:25Z", + "updated_at": "2019-12-22T15:02:04Z", + "pushed_at": "2019-10-11T02:32:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17221.json b/2019/CVE-2019-17221.json new file mode 100644 index 0000000000..03cac7a3cd --- /dev/null +++ b/2019/CVE-2019-17221.json @@ -0,0 +1,25 @@ +[ + { + "id": 234381096, + "name": "CVE-2019-17221", + "full_name": "h4ckologic\/CVE-2019-17221", + "owner": { + "login": "h4ckologic", + "id": 10551871, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/10551871?v=4", + "html_url": "https:\/\/github.com\/h4ckologic" + }, + "html_url": "https:\/\/github.com\/h4ckologic\/CVE-2019-17221", + "description": "PhantomJS uses internal module: webpage, to open, close, render, and perform multiple actions on webpages, which suffers from an arbitrary file read vulnerability. The vulnerability exists in the page.open() function of the webpage module, which loads the specified URL and calls a given callback. When opening a HTML file, an attacker can supply specially crafted file content, which allows reading arbitrary files on the filesystem. The vulnerability is demonstrated by using page.render() as the function callback, resulting in the generation of a PDF or an image of the targeted file.", + "fork": false, + "created_at": "2020-01-16T18:07:07Z", + "updated_at": "2020-06-02T16:05:24Z", + "pushed_at": "2020-01-16T18:08:13Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17234.json b/2019/CVE-2019-17234.json new file mode 100644 index 0000000000..6d113b30a8 --- /dev/null +++ b/2019/CVE-2019-17234.json @@ -0,0 +1,25 @@ +[ + { + "id": 221713137, + "name": "CVE-2019-17234-Wordpress-DirStroyer", + "full_name": "administra1tor\/CVE-2019-17234-Wordpress-DirStroyer", + "owner": { + "login": "administra1tor", + "id": 57760715, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/57760715?v=4", + "html_url": "https:\/\/github.com\/administra1tor" + }, + "html_url": "https:\/\/github.com\/administra1tor\/CVE-2019-17234-Wordpress-DirStroyer", + "description": "Wordpress IgniteUp plugin < 3.4.1 allows unauthenticated users to arbitrarily delete files on the webserver possibly causing DoS.", + "fork": false, + "created_at": "2019-11-14T14:12:36Z", + "updated_at": "2019-11-14T17:32:35Z", + "pushed_at": "2019-11-14T17:32:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17424.json b/2019/CVE-2019-17424.json new file mode 100644 index 0000000000..f346555708 --- /dev/null +++ b/2019/CVE-2019-17424.json @@ -0,0 +1,25 @@ +[ + { + "id": 216429041, + "name": "CVE-2019-17424", + "full_name": "guywhataguy\/CVE-2019-17424", + "owner": { + "login": "guywhataguy", + "id": 33753158, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/33753158?v=4", + "html_url": "https:\/\/github.com\/guywhataguy" + }, + "html_url": "https:\/\/github.com\/guywhataguy\/CVE-2019-17424", + "description": "RCE Exploit For CVE-2019-17424 (nipper-ng 0.11.10)", + "fork": false, + "created_at": "2019-10-20T21:20:28Z", + "updated_at": "2020-04-20T05:07:36Z", + "pushed_at": "2019-11-16T09:47:12Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17427.json b/2019/CVE-2019-17427.json new file mode 100644 index 0000000000..b496b8b711 --- /dev/null +++ b/2019/CVE-2019-17427.json @@ -0,0 +1,25 @@ +[ + { + "id": 231651324, + "name": "CVE-2019-17427", + "full_name": "RealLinkers\/CVE-2019-17427", + "owner": { + "login": "RealLinkers", + "id": 22389074, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/22389074?v=4", + "html_url": "https:\/\/github.com\/RealLinkers" + }, + "html_url": "https:\/\/github.com\/RealLinkers\/CVE-2019-17427", + "description": "CVE-2019-17427 Persistent XSS POC", + "fork": false, + "created_at": "2020-01-03T19:25:54Z", + "updated_at": "2020-01-03T19:32:33Z", + "pushed_at": "2020-01-03T19:32:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17495.json b/2019/CVE-2019-17495.json new file mode 100644 index 0000000000..b471018b2d --- /dev/null +++ b/2019/CVE-2019-17495.json @@ -0,0 +1,25 @@ +[ + { + "id": 229946045, + "name": "CVE-2019-17495-test", + "full_name": "SecT0uch\/CVE-2019-17495-test", + "owner": { + "login": "SecT0uch", + "id": 26085417, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/26085417?v=4", + "html_url": "https:\/\/github.com\/SecT0uch" + }, + "html_url": "https:\/\/github.com\/SecT0uch\/CVE-2019-17495-test", + "description": null, + "fork": false, + "created_at": "2019-12-24T13:23:06Z", + "updated_at": "2019-12-24T13:33:21Z", + "pushed_at": "2019-12-24T13:33:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17558.json b/2019/CVE-2019-17558.json index 379dc8ac89..202dbe4510 100644 --- a/2019/CVE-2019-17558.json +++ b/2019/CVE-2019-17558.json @@ -1,4 +1,27 @@ [ + { + "id": 223926579, + "name": "CVE-2019-17558_Solr_Vul_Tool", + "full_name": "SDNDTeam\/CVE-2019-17558_Solr_Vul_Tool", + "owner": { + "login": "SDNDTeam", + "id": 58170137, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/58170137?v=4", + "html_url": "https:\/\/github.com\/SDNDTeam" + }, + "html_url": "https:\/\/github.com\/SDNDTeam\/CVE-2019-17558_Solr_Vul_Tool", + "description": "CVE-2019-17558 Solr模板注入漏洞图形化一键检测工具。CVE-2019-17558 Solr Velocity Template Vul POC Tool.", + "fork": false, + "created_at": "2019-11-25T10:54:20Z", + "updated_at": "2020-05-08T13:20:51Z", + "pushed_at": "2020-01-10T10:58:44Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 2, + "forks": 2, + "watchers": 8, + "score": 0 + }, { "id": 252131233, "name": "exphub", @@ -13,13 +36,13 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-5902、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2020-07-18T15:07:07Z", + "updated_at": "2020-07-19T08:45:17Z", "pushed_at": "2020-07-14T10:20:14Z", - "stargazers_count": 1299, - "watchers_count": 1299, + "stargazers_count": 1300, + "watchers_count": 1300, "forks_count": 325, "forks": 325, - "watchers": 1299, + "watchers": 1300, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-17570.json b/2019/CVE-2019-17570.json index 3ab7b1c8ca..d851a15ef0 100644 --- a/2019/CVE-2019-17570.json +++ b/2019/CVE-2019-17570.json @@ -1,4 +1,27 @@ [ + { + "id": 234831125, + "name": "CVE-2019-17570", + "full_name": "r00t4dm\/CVE-2019-17570", + "owner": { + "login": "r00t4dm", + "id": 36941976, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/36941976?v=4", + "html_url": "https:\/\/github.com\/r00t4dm" + }, + "html_url": "https:\/\/github.com\/r00t4dm\/CVE-2019-17570", + "description": null, + "fork": false, + "created_at": "2020-01-19T02:57:26Z", + "updated_at": "2020-01-20T03:04:52Z", + "pushed_at": "2020-06-15T22:01:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, { "id": 235991076, "name": "xmlrpc-common-deserialization", diff --git a/2019/CVE-2019-17571.json b/2019/CVE-2019-17571.json new file mode 100644 index 0000000000..c1291ba9f7 --- /dev/null +++ b/2019/CVE-2019-17571.json @@ -0,0 +1,25 @@ +[ + { + "id": 230129409, + "name": "CVE-2019-17571", + "full_name": "shadow-horse\/CVE-2019-17571", + "owner": { + "login": "shadow-horse", + "id": 5432330, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/5432330?v=4", + "html_url": "https:\/\/github.com\/shadow-horse" + }, + "html_url": "https:\/\/github.com\/shadow-horse\/CVE-2019-17571", + "description": "Apache Log4j 1.2.X存在反序列化远程代码执行漏洞", + "fork": false, + "created_at": "2019-12-25T16:46:11Z", + "updated_at": "2020-04-08T02:02:09Z", + "pushed_at": "2019-12-25T16:48:41Z", + "stargazers_count": 64, + "watchers_count": 64, + "forks_count": 3, + "forks": 3, + "watchers": 64, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17596.json b/2019/CVE-2019-17596.json new file mode 100644 index 0000000000..3b5293a9be --- /dev/null +++ b/2019/CVE-2019-17596.json @@ -0,0 +1,25 @@ +[ + { + "id": 216283040, + "name": "poc-dsa-verify-CVE-2019-17596", + "full_name": "pquerna\/poc-dsa-verify-CVE-2019-17596", + "owner": { + "login": "pquerna", + "id": 110123, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/110123?v=4", + "html_url": "https:\/\/github.com\/pquerna" + }, + "html_url": "https:\/\/github.com\/pquerna\/poc-dsa-verify-CVE-2019-17596", + "description": "Demonstration of Go's dsa.Verify bug (CVE-2019-17596)", + "fork": false, + "created_at": "2019-10-19T23:32:02Z", + "updated_at": "2019-10-24T17:18:50Z", + "pushed_at": "2019-10-24T15:00:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17633.json b/2019/CVE-2019-17633.json new file mode 100644 index 0000000000..12d8233b48 --- /dev/null +++ b/2019/CVE-2019-17633.json @@ -0,0 +1,25 @@ +[ + { + "id": 229132579, + "name": "CVE-2019-17633", + "full_name": "mgrube\/CVE-2019-17633", + "owner": { + "login": "mgrube", + "id": 90159, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/90159?v=4", + "html_url": "https:\/\/github.com\/mgrube" + }, + "html_url": "https:\/\/github.com\/mgrube\/CVE-2019-17633", + "description": "Eclipse Che CSRF leading to RCE", + "fork": false, + "created_at": "2019-12-19T20:22:12Z", + "updated_at": "2019-12-24T12:47:52Z", + "pushed_at": "2019-12-20T16:45:35Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 0, + "forks": 0, + "watchers": 11, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1821.json b/2019/CVE-2019-1821.json new file mode 100644 index 0000000000..f2e0c9401b --- /dev/null +++ b/2019/CVE-2019-1821.json @@ -0,0 +1,25 @@ +[ + { + "id": 187835108, + "name": "CiscoExploit", + "full_name": "k8gege\/CiscoExploit", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege" + }, + "html_url": "https:\/\/github.com\/k8gege\/CiscoExploit", + "description": "Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution\/CVE-2019-1653\/Cisco SNMP RCE\/Dump Cisco RV320 Password)", + "fork": false, + "created_at": "2019-05-21T12:42:54Z", + "updated_at": "2020-07-12T15:43:53Z", + "pushed_at": "2019-05-21T14:52:36Z", + "stargazers_count": 53, + "watchers_count": 53, + "forks_count": 37, + "forks": 37, + "watchers": 53, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18371.json b/2019/CVE-2019-18371.json new file mode 100644 index 0000000000..f713ae32c4 --- /dev/null +++ b/2019/CVE-2019-18371.json @@ -0,0 +1,25 @@ +[ + { + "id": 205419461, + "name": "Xiaomi_Mi_WiFi_R3G_Vulnerability_POC", + "full_name": "UltramanGaia\/Xiaomi_Mi_WiFi_R3G_Vulnerability_POC", + "owner": { + "login": "UltramanGaia", + "id": 17355647, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/17355647?v=4", + "html_url": "https:\/\/github.com\/UltramanGaia" + }, + "html_url": "https:\/\/github.com\/UltramanGaia\/Xiaomi_Mi_WiFi_R3G_Vulnerability_POC", + "description": "A login bypass(CVE-2019-18371) and a command injection vulnerability(CVE-2019-18370) in Xiaomi Router R3G up to version 2.28.23.", + "fork": false, + "created_at": "2019-08-30T16:32:13Z", + "updated_at": "2020-07-14T04:37:00Z", + "pushed_at": "2020-01-12T02:34:45Z", + "stargazers_count": 126, + "watchers_count": 126, + "forks_count": 23, + "forks": 23, + "watchers": 126, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18418.json b/2019/CVE-2019-18418.json new file mode 100644 index 0000000000..5427ef1874 --- /dev/null +++ b/2019/CVE-2019-18418.json @@ -0,0 +1,25 @@ +[ + { + "id": 216395601, + "name": "ClonOS-WEB-control-panel-multi-vulnerability", + "full_name": "Andhrimnirr\/ClonOS-WEB-control-panel-multi-vulnerability", + "owner": { + "login": "Andhrimnirr", + "id": 38662689, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/38662689?v=4", + "html_url": "https:\/\/github.com\/Andhrimnirr" + }, + "html_url": "https:\/\/github.com\/Andhrimnirr\/ClonOS-WEB-control-panel-multi-vulnerability", + "description": "CVE-2019-18418\/18419", + "fork": false, + "created_at": "2019-10-20T16:55:00Z", + "updated_at": "2020-02-06T18:57:37Z", + "pushed_at": "2019-10-20T19:18:53Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 0, + "forks": 0, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18873.json b/2019/CVE-2019-18873.json new file mode 100644 index 0000000000..4ef6c69467 --- /dev/null +++ b/2019/CVE-2019-18873.json @@ -0,0 +1,25 @@ +[ + { + "id": 217798293, + "name": "FUDforum-XSS-RCE", + "full_name": "fuzzlove\/FUDforum-XSS-RCE", + "owner": { + "login": "fuzzlove", + "id": 44779781, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/44779781?v=4", + "html_url": "https:\/\/github.com\/fuzzlove" + }, + "html_url": "https:\/\/github.com\/fuzzlove\/FUDforum-XSS-RCE", + "description": "FUDForum 3.0.9 - XSS \/ Remote Code Execution (CVE-2019-18873, CVE-2019-18839)", + "fork": false, + "created_at": "2019-10-27T03:07:26Z", + "updated_at": "2019-11-15T12:35:24Z", + "pushed_at": "2019-11-13T20:56:14Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 3, + "forks": 3, + "watchers": 7, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18885.json b/2019/CVE-2019-18885.json new file mode 100644 index 0000000000..4cfaf436fc --- /dev/null +++ b/2019/CVE-2019-18885.json @@ -0,0 +1,25 @@ +[ + { + "id": 221140075, + "name": "CVE-2019-18885", + "full_name": "bobfuzzer\/CVE-2019-18885", + "owner": { + "login": "bobfuzzer", + "id": 57654744, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/57654744?v=4", + "html_url": "https:\/\/github.com\/bobfuzzer" + }, + "html_url": "https:\/\/github.com\/bobfuzzer\/CVE-2019-18885", + "description": null, + "fork": false, + "created_at": "2019-11-12T05:50:00Z", + "updated_at": "2019-12-28T02:19:57Z", + "pushed_at": "2019-12-28T02:19:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 4, + "forks": 4, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18890.json b/2019/CVE-2019-18890.json new file mode 100644 index 0000000000..95ee8f7a20 --- /dev/null +++ b/2019/CVE-2019-18890.json @@ -0,0 +1,25 @@ +[ + { + "id": 231370688, + "name": "CVE-2019-18890", + "full_name": "RealLinkers\/CVE-2019-18890", + "owner": { + "login": "RealLinkers", + "id": 22389074, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/22389074?v=4", + "html_url": "https:\/\/github.com\/RealLinkers" + }, + "html_url": "https:\/\/github.com\/RealLinkers\/CVE-2019-18890", + "description": "CVE-2019-18890 POC (Proof of Concept)", + "fork": false, + "created_at": "2020-01-02T11:44:47Z", + "updated_at": "2020-05-03T00:09:03Z", + "pushed_at": "2020-01-06T13:13:58Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 2, + "forks": 2, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19012.json b/2019/CVE-2019-19012.json new file mode 100644 index 0000000000..7980eccaff --- /dev/null +++ b/2019/CVE-2019-19012.json @@ -0,0 +1,48 @@ +[ + { + "id": 222906322, + "name": "CVE-2019-19012", + "full_name": "ManhNDd\/CVE-2019-19012", + "owner": { + "login": "ManhNDd", + "id": 18594865, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/18594865?v=4", + "html_url": "https:\/\/github.com\/ManhNDd" + }, + "html_url": "https:\/\/github.com\/ManhNDd\/CVE-2019-19012", + "description": "Integer overflow in Oniguruma", + "fork": false, + "created_at": "2019-11-20T10:00:18Z", + "updated_at": "2019-12-03T08:44:25Z", + "pushed_at": "2019-11-20T15:53:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 222956814, + "name": "CVE-2019-19012", + "full_name": "tarantula-team\/CVE-2019-19012", + "owner": { + "login": "tarantula-team", + "id": 51333391, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/51333391?v=4", + "html_url": "https:\/\/github.com\/tarantula-team" + }, + "html_url": "https:\/\/github.com\/tarantula-team\/CVE-2019-19012", + "description": "An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read", + "fork": false, + "created_at": "2019-11-20T14:32:23Z", + "updated_at": "2019-11-20T15:24:36Z", + "pushed_at": "2019-11-20T15:24:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19033.json b/2019/CVE-2019-19033.json new file mode 100644 index 0000000000..5cac32ed1c --- /dev/null +++ b/2019/CVE-2019-19033.json @@ -0,0 +1,25 @@ +[ + { + "id": 222300876, + "name": "CVE-2019-19033", + "full_name": "ricardojoserf\/CVE-2019-19033", + "owner": { + "login": "ricardojoserf", + "id": 11477353, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/11477353?v=4", + "html_url": "https:\/\/github.com\/ricardojoserf" + }, + "html_url": "https:\/\/github.com\/ricardojoserf\/CVE-2019-19033", + "description": "CVE-2019-19033 description and scripts to check the vulnerability in Jalios JCMS 10 (Authentication Bypass)", + "fork": false, + "created_at": "2019-11-17T19:32:10Z", + "updated_at": "2020-06-27T22:04:00Z", + "pushed_at": "2019-12-03T19:22:32Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19203.json b/2019/CVE-2019-19203.json new file mode 100644 index 0000000000..347ae7a7c3 --- /dev/null +++ b/2019/CVE-2019-19203.json @@ -0,0 +1,48 @@ +[ + { + "id": 223278825, + "name": "CVE-2019-19203", + "full_name": "ManhNDd\/CVE-2019-19203", + "owner": { + "login": "ManhNDd", + "id": 18594865, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/18594865?v=4", + "html_url": "https:\/\/github.com\/ManhNDd" + }, + "html_url": "https:\/\/github.com\/ManhNDd\/CVE-2019-19203", + "description": "Heap-buffer-overflow in Oniguruma (function gb18030_mbc_enc_len)", + "fork": false, + "created_at": "2019-11-21T22:43:34Z", + "updated_at": "2019-11-22T00:04:53Z", + "pushed_at": "2019-11-22T00:04:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 229900382, + "name": "CVE-2019-19203", + "full_name": "tarantula-team\/CVE-2019-19203", + "owner": { + "login": "tarantula-team", + "id": 51333391, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/51333391?v=4", + "html_url": "https:\/\/github.com\/tarantula-team" + }, + "html_url": "https:\/\/github.com\/tarantula-team\/CVE-2019-19203", + "description": "An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read", + "fork": false, + "created_at": "2019-12-24T08:11:11Z", + "updated_at": "2019-12-24T08:18:12Z", + "pushed_at": "2019-12-24T08:18:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19204.json b/2019/CVE-2019-19204.json new file mode 100644 index 0000000000..11f7918be5 --- /dev/null +++ b/2019/CVE-2019-19204.json @@ -0,0 +1,48 @@ +[ + { + "id": 223286619, + "name": "CVE-2019-19204", + "full_name": "ManhNDd\/CVE-2019-19204", + "owner": { + "login": "ManhNDd", + "id": 18594865, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/18594865?v=4", + "html_url": "https:\/\/github.com\/ManhNDd" + }, + "html_url": "https:\/\/github.com\/ManhNDd\/CVE-2019-19204", + "description": "Heap-buffer-overflow in Oniguruma (function fetch_interval_quantifier)", + "fork": false, + "created_at": "2019-11-21T23:53:16Z", + "updated_at": "2019-11-22T00:04:39Z", + "pushed_at": "2019-11-22T00:04:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 229901564, + "name": "CVE-2019-19204", + "full_name": "tarantula-team\/CVE-2019-19204", + "owner": { + "login": "tarantula-team", + "id": 51333391, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/51333391?v=4", + "html_url": "https:\/\/github.com\/tarantula-team" + }, + "html_url": "https:\/\/github.com\/tarantula-team\/CVE-2019-19204", + "description": "Heap-buffer-overflow in Oniguruma (function fetch_interval_quantifier)", + "fork": false, + "created_at": "2019-12-24T08:19:02Z", + "updated_at": "2019-12-24T08:29:30Z", + "pushed_at": "2019-12-24T08:27:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19231.json b/2019/CVE-2019-19231.json new file mode 100644 index 0000000000..db5dd006f5 --- /dev/null +++ b/2019/CVE-2019-19231.json @@ -0,0 +1,25 @@ +[ + { + "id": 229404870, + "name": "CVE-2019-19231", + "full_name": "hessandrew\/CVE-2019-19231", + "owner": { + "login": "hessandrew", + "id": 45692132, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45692132?v=4", + "html_url": "https:\/\/github.com\/hessandrew" + }, + "html_url": "https:\/\/github.com\/hessandrew\/CVE-2019-19231", + "description": "https:\/\/techdocs.broadcom.com\/us\/product-content\/recommended-reading\/security-notices\/CA20191218-01-security-notice-for-ca-client-automation-agent-for-windows.html", + "fork": false, + "created_at": "2019-12-21T09:23:51Z", + "updated_at": "2019-12-22T15:02:16Z", + "pushed_at": "2019-12-21T09:23:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19268.json b/2019/CVE-2019-19268.json new file mode 100644 index 0000000000..b0490c87dc --- /dev/null +++ b/2019/CVE-2019-19268.json @@ -0,0 +1,25 @@ +[ + { + "id": 223930097, + "name": "CVE-2019-19268", + "full_name": "TheCyberGeek\/CVE-2019-19268", + "owner": { + "login": "TheCyberGeek", + "id": 52138157, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/52138157?v=4", + "html_url": "https:\/\/github.com\/TheCyberGeek" + }, + "html_url": "https:\/\/github.com\/TheCyberGeek\/CVE-2019-19268", + "description": "New Found 0-days!", + "fork": false, + "created_at": "2019-11-25T11:14:26Z", + "updated_at": "2020-06-29T13:17:14Z", + "pushed_at": "2019-12-04T10:14:51Z", + "stargazers_count": 34, + "watchers_count": 34, + "forks_count": 2, + "forks": 2, + "watchers": 34, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19315.json b/2019/CVE-2019-19315.json new file mode 100644 index 0000000000..23ed2d9304 --- /dev/null +++ b/2019/CVE-2019-19315.json @@ -0,0 +1,25 @@ +[ + { + "id": 228518016, + "name": "mailorder", + "full_name": "monoxgas\/mailorder", + "owner": { + "login": "monoxgas", + "id": 1223016, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/1223016?v=4", + "html_url": "https:\/\/github.com\/monoxgas" + }, + "html_url": "https:\/\/github.com\/monoxgas\/mailorder", + "description": "Nalpeiron Licensing Service (NLSSRV32) arbitrary disk read [CVE-2019-19315]", + "fork": false, + "created_at": "2019-12-17T02:41:20Z", + "updated_at": "2019-12-18T02:11:23Z", + "pushed_at": "2019-12-17T03:54:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19511.json b/2019/CVE-2019-19511.json new file mode 100644 index 0000000000..95a0df7aff --- /dev/null +++ b/2019/CVE-2019-19511.json @@ -0,0 +1,25 @@ +[ + { + "id": 225830647, + "name": "CVE-2019-19511", + "full_name": "jra89\/CVE-2019-19511", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19511", + "description": "Chevereto - 1.0.0 Free - 1.1.4 Free, 3.13.4 Core, Remote Code Execution", + "fork": false, + "created_at": "2019-12-04T09:37:29Z", + "updated_at": "2020-01-11T13:33:07Z", + "pushed_at": "2020-01-06T20:24:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19576.json b/2019/CVE-2019-19576.json new file mode 100644 index 0000000000..0d34ee9ce8 --- /dev/null +++ b/2019/CVE-2019-19576.json @@ -0,0 +1,25 @@ +[ + { + "id": 225892994, + "name": "CVE-2019-19576", + "full_name": "jra89\/CVE-2019-19576", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19576", + "description": "This is a filter bypass exploit that results in arbitrary file upload and remote code execution in class.upload.php <= 2.0.3", + "fork": false, + "created_at": "2019-12-04T15:01:00Z", + "updated_at": "2020-01-11T20:06:52Z", + "pushed_at": "2020-01-23T15:48:37Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 3, + "forks": 3, + "watchers": 9, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19633.json b/2019/CVE-2019-19633.json new file mode 100644 index 0000000000..655b2677c2 --- /dev/null +++ b/2019/CVE-2019-19633.json @@ -0,0 +1,25 @@ +[ + { + "id": 226651422, + "name": "CVE-2019-19633", + "full_name": "jra89\/CVE-2019-19633", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19633", + "description": "lib\/G\/functions.php in Chevereto 1.0.0 through 1.1.4 Free, and through 3.13.5 Core, allows an attacker to perform bruteforce attacks without triggering the implemented protection mechanism by manipulating the X-Forwarded-For header in the request.", + "fork": false, + "created_at": "2019-12-08T10:42:28Z", + "updated_at": "2020-01-11T13:35:20Z", + "pushed_at": "2019-12-21T12:35:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19634.json b/2019/CVE-2019-19634.json new file mode 100644 index 0000000000..40285a074c --- /dev/null +++ b/2019/CVE-2019-19634.json @@ -0,0 +1,25 @@ +[ + { + "id": 226651675, + "name": "CVE-2019-19634", + "full_name": "jra89\/CVE-2019-19634", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19634", + "description": "This is a filter bypass exploit that results in arbitrary file upload and remote code execution in class.upload.php <= 2.0.4", + "fork": false, + "created_at": "2019-12-08T10:44:51Z", + "updated_at": "2020-07-13T06:24:01Z", + "pushed_at": "2019-12-08T17:55:01Z", + "stargazers_count": 32, + "watchers_count": 32, + "forks_count": 7, + "forks": 7, + "watchers": 32, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19651.json b/2019/CVE-2019-19651.json new file mode 100644 index 0000000000..4778567aec --- /dev/null +++ b/2019/CVE-2019-19651.json @@ -0,0 +1,25 @@ +[ + { + "id": 227379066, + "name": "CVE-2019-19651", + "full_name": "jra89\/CVE-2019-19651", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19651", + "description": "Chevereto reflected XSS in Website Name - 1.0.0 - 1.1.4 Free, <= 3.13.5 Core", + "fork": false, + "created_at": "2019-12-11T14:00:32Z", + "updated_at": "2020-02-15T22:38:06Z", + "pushed_at": "2019-12-11T14:11:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19652.json b/2019/CVE-2019-19652.json new file mode 100644 index 0000000000..7dcc6bd334 --- /dev/null +++ b/2019/CVE-2019-19652.json @@ -0,0 +1,25 @@ +[ + { + "id": 227375117, + "name": "CVE-2019-19652", + "full_name": "jra89\/CVE-2019-19652", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19652", + "description": "Chevereto downgrade attack - 1.0.0 - 1.1.4 Free, <= 3.13.5 Core", + "fork": false, + "created_at": "2019-12-11T13:42:18Z", + "updated_at": "2020-01-11T13:36:18Z", + "pushed_at": "2019-12-11T14:41:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19653.json b/2019/CVE-2019-19653.json new file mode 100644 index 0000000000..f710f7d3fb --- /dev/null +++ b/2019/CVE-2019-19653.json @@ -0,0 +1,25 @@ +[ + { + "id": 227376725, + "name": "CVE-2019-19653", + "full_name": "jra89\/CVE-2019-19653", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19653", + "description": "Chevereto information disclosure <= 3.13.5 Core", + "fork": false, + "created_at": "2019-12-11T13:49:51Z", + "updated_at": "2020-01-11T13:34:47Z", + "pushed_at": "2020-01-06T13:57:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19654.json b/2019/CVE-2019-19654.json new file mode 100644 index 0000000000..46a36d5dcc --- /dev/null +++ b/2019/CVE-2019-19654.json @@ -0,0 +1,25 @@ +[ + { + "id": 227360451, + "name": "CVE-2019-19654", + "full_name": "jra89\/CVE-2019-19654", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19654", + "description": "Chevereto denial of service - <= 3.13.5 Core", + "fork": false, + "created_at": "2019-12-11T12:26:16Z", + "updated_at": "2020-01-11T13:34:03Z", + "pushed_at": "2020-01-06T13:58:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19658.json b/2019/CVE-2019-19658.json new file mode 100644 index 0000000000..e3d9424fbe --- /dev/null +++ b/2019/CVE-2019-19658.json @@ -0,0 +1,25 @@ +[ + { + "id": 227381894, + "name": "CVE-2019-19658", + "full_name": "jra89\/CVE-2019-19658", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19658", + "description": "Chevereto stored XSS in profile page - 1.0.0 - 1.1.4 Free, <= 3.13.5 Core", + "fork": false, + "created_at": "2019-12-11T14:13:51Z", + "updated_at": "2020-01-11T13:35:52Z", + "pushed_at": "2019-12-12T12:07:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19732.json b/2019/CVE-2019-19732.json new file mode 100644 index 0000000000..d43922a114 --- /dev/null +++ b/2019/CVE-2019-19732.json @@ -0,0 +1,25 @@ +[ + { + "id": 227598056, + "name": "CVE-2019-19732", + "full_name": "jra89\/CVE-2019-19732", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19732", + "description": "Yetishare SQL Injection (sSortDir_0) - v3.5.2 - v4.5.3", + "fork": false, + "created_at": "2019-12-12T12:08:49Z", + "updated_at": "2020-02-15T22:37:58Z", + "pushed_at": "2019-12-12T14:30:01Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19733.json b/2019/CVE-2019-19733.json new file mode 100644 index 0000000000..a3431c952a --- /dev/null +++ b/2019/CVE-2019-19733.json @@ -0,0 +1,25 @@ +[ + { + "id": 228708634, + "name": "CVE-2019-19733", + "full_name": "jra89\/CVE-2019-19733", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19733", + "description": "YetiShare v3.5.2 - v4.5.3 Cross-site scripting in get_all_file_server_paths.ajax.php", + "fork": false, + "created_at": "2019-12-17T21:56:56Z", + "updated_at": "2019-12-23T08:51:49Z", + "pushed_at": "2019-12-17T22:01:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19734.json b/2019/CVE-2019-19734.json new file mode 100644 index 0000000000..713fb91dc7 --- /dev/null +++ b/2019/CVE-2019-19734.json @@ -0,0 +1,25 @@ +[ + { + "id": 227626239, + "name": "CVE-2019-19734", + "full_name": "jra89\/CVE-2019-19734", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19734", + "description": "YetiShare SQL Injection in the fileIds parameter in _account_move_file_in_folder.ajax.php - v3.5.2", + "fork": false, + "created_at": "2019-12-12T14:31:49Z", + "updated_at": "2019-12-23T08:52:10Z", + "pushed_at": "2019-12-12T14:34:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19735.json b/2019/CVE-2019-19735.json new file mode 100644 index 0000000000..79d46aa32d --- /dev/null +++ b/2019/CVE-2019-19735.json @@ -0,0 +1,25 @@ +[ + { + "id": 227595700, + "name": "CVE-2019-19735", + "full_name": "jra89\/CVE-2019-19735", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19735", + "description": "YetiShare password reset hash bruteforce - v3.5.2 - v4.5.3", + "fork": false, + "created_at": "2019-12-12T11:56:00Z", + "updated_at": "2019-12-23T08:51:01Z", + "pushed_at": "2019-12-21T00:04:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19738.json b/2019/CVE-2019-19738.json new file mode 100644 index 0000000000..82c09731ac --- /dev/null +++ b/2019/CVE-2019-19738.json @@ -0,0 +1,25 @@ +[ + { + "id": 228709394, + "name": "CVE-2019-19738", + "full_name": "jra89\/CVE-2019-19738", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19738", + "description": "YetiShare v3.5.2 - v4.5.3 Cross-site scripting in log_file_viewer.php", + "fork": false, + "created_at": "2019-12-17T22:02:40Z", + "updated_at": "2019-12-23T08:51:28Z", + "pushed_at": "2019-12-17T22:04:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19781.json b/2019/CVE-2019-19781.json index 4a1be2d8aa..d55fd60544 100644 --- a/2019/CVE-2019-19781.json +++ b/2019/CVE-2019-19781.json @@ -1,4 +1,50 @@ [ + { + "id": 232945335, + "name": "CVE-2019-19781", + "full_name": "mekoko\/CVE-2019-19781", + "owner": { + "login": "mekoko", + "id": 22165228, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22165228?v=4", + "html_url": "https:\/\/github.com\/mekoko" + }, + "html_url": "https:\/\/github.com\/mekoko\/CVE-2019-19781", + "description": null, + "fork": false, + "created_at": "2020-01-10T02:05:51Z", + "updated_at": "2020-01-11T18:51:18Z", + "pushed_at": "2020-01-10T05:12:02Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 1, + "forks": 1, + "watchers": 8, + "score": 0 + }, + { + "id": 233143985, + "name": "CVE-2019-19781", + "full_name": "projectzeroindia\/CVE-2019-19781", + "owner": { + "login": "projectzeroindia", + "id": 54312442, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/54312442?v=4", + "html_url": "https:\/\/github.com\/projectzeroindia" + }, + "html_url": "https:\/\/github.com\/projectzeroindia\/CVE-2019-19781", + "description": "Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ]", + "fork": false, + "created_at": "2020-01-10T22:56:35Z", + "updated_at": "2020-07-17T07:50:31Z", + "pushed_at": "2020-01-18T07:01:29Z", + "stargazers_count": 339, + "watchers_count": 339, + "forks_count": 108, + "forks": 108, + "watchers": 339, + "score": 0 + }, { "id": 233151210, "name": "cve-2019-19781", @@ -45,6 +91,52 @@ "watchers": 98, "score": 0 }, + { + "id": 233168483, + "name": "CVE-2019-19781", + "full_name": "jas502n\/CVE-2019-19781", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-19781", + "description": "Citrix ADC Remote Code Execution", + "fork": false, + "created_at": "2020-01-11T03:10:12Z", + "updated_at": "2020-06-22T17:16:29Z", + "pushed_at": "2020-01-11T14:03:52Z", + "stargazers_count": 68, + "watchers_count": 68, + "forks_count": 16, + "forks": 16, + "watchers": 68, + "score": 0 + }, + { + "id": 233192322, + "name": "CVE-2019-19781", + "full_name": "ianxtianxt\/CVE-2019-19781", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2019-19781", + "description": "Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ]", + "fork": false, + "created_at": "2020-01-11T07:16:23Z", + "updated_at": "2020-07-03T03:52:57Z", + "pushed_at": "2020-01-11T07:20:44Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 1, + "forks": 1, + "watchers": 8, + "score": 0 + }, { "id": 233209505, "name": "CVE-2019-19781", @@ -68,6 +160,144 @@ "watchers": 83, "score": 0 }, + { + "id": 233232989, + "name": "CVE-2019-19781", + "full_name": "oways\/CVE-2019-19781", + "owner": { + "login": "oways", + "id": 11142952, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/11142952?v=4", + "html_url": "https:\/\/github.com\/oways" + }, + "html_url": "https:\/\/github.com\/oways\/CVE-2019-19781", + "description": "CVE-2019-19781 Citrix RCE", + "fork": false, + "created_at": "2020-01-11T13:05:28Z", + "updated_at": "2020-01-13T02:15:20Z", + "pushed_at": "2020-01-11T13:09:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 233274912, + "name": "Citrix_CVE-2019-19781", + "full_name": "becrevex\/Citrix_CVE-2019-19781", + "owner": { + "login": "becrevex", + "id": 8326868, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/8326868?v=4", + "html_url": "https:\/\/github.com\/becrevex" + }, + "html_url": "https:\/\/github.com\/becrevex\/Citrix_CVE-2019-19781", + "description": "Took at stab at an NSE discovery script for CVE-2019-19781.", + "fork": false, + "created_at": "2020-01-11T18:04:17Z", + "updated_at": "2020-01-12T03:24:08Z", + "pushed_at": "2020-01-11T19:48:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 233294562, + "name": "Exploits_CVE-2019-19781", + "full_name": "unknowndevice64\/Exploits_CVE-2019-19781", + "owner": { + "login": "unknowndevice64", + "id": 23033569, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/23033569?v=4", + "html_url": "https:\/\/github.com\/unknowndevice64" + }, + "html_url": "https:\/\/github.com\/unknowndevice64\/Exploits_CVE-2019-19781", + "description": "All Working Exploits", + "fork": false, + "created_at": "2020-01-11T20:43:09Z", + "updated_at": "2020-03-05T01:05:55Z", + "pushed_at": "2020-01-11T22:09:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + }, + { + "id": 233359795, + "name": "CVE-2019-19781", + "full_name": "bufsnake\/CVE-2019-19781", + "owner": { + "login": "bufsnake", + "id": 46959268, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/46959268?v=4", + "html_url": "https:\/\/github.com\/bufsnake" + }, + "html_url": "https:\/\/github.com\/bufsnake\/CVE-2019-19781", + "description": "CVE-2019-19781漏洞批量测试脚本", + "fork": false, + "created_at": "2020-01-12T08:16:30Z", + "updated_at": "2020-01-12T08:18:26Z", + "pushed_at": "2020-01-12T08:18:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 233412280, + "name": "citrixmash_scanner", + "full_name": "x1sec\/citrixmash_scanner", + "owner": { + "login": "x1sec", + "id": 11153104, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/11153104?v=4", + "html_url": "https:\/\/github.com\/x1sec" + }, + "html_url": "https:\/\/github.com\/x1sec\/citrixmash_scanner", + "description": "A fast multi threaded scanner for Citrix ADC (NetScaler) CVE-2019-19781 - Citrixmash \/ Shitrix", + "fork": false, + "created_at": "2020-01-12T15:16:54Z", + "updated_at": "2020-06-04T23:24:26Z", + "pushed_at": "2020-01-17T22:01:20Z", + "stargazers_count": 26, + "watchers_count": 26, + "forks_count": 8, + "forks": 8, + "watchers": 26, + "score": 0 + }, + { + "id": 233441884, + "name": "Shitrix-CVE-2019-19781", + "full_name": "Jabo-SCO\/Shitrix-CVE-2019-19781", + "owner": { + "login": "Jabo-SCO", + "id": 1792678, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/1792678?v=4", + "html_url": "https:\/\/github.com\/Jabo-SCO" + }, + "html_url": "https:\/\/github.com\/Jabo-SCO\/Shitrix-CVE-2019-19781", + "description": "My working exploit script for Shitrix (CVE-2019-19781)", + "fork": false, + "created_at": "2020-01-12T18:53:29Z", + "updated_at": "2020-01-18T16:00:28Z", + "pushed_at": "2020-01-18T16:00:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 233473212, "name": "CVE-2019-19781", @@ -91,6 +321,98 @@ "watchers": 38, "score": 0 }, + { + "id": 233493025, + "name": "CVE-2019-19781", + "full_name": "hollerith\/CVE-2019-19781", + "owner": { + "login": "hollerith", + "id": 659626, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/659626?v=4", + "html_url": "https:\/\/github.com\/hollerith" + }, + "html_url": "https:\/\/github.com\/hollerith\/CVE-2019-19781", + "description": "Citrix Netscaler RCE", + "fork": false, + "created_at": "2020-01-13T02:14:59Z", + "updated_at": "2020-01-13T02:29:06Z", + "pushed_at": "2020-01-13T02:29:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 233538988, + "name": "CVE-2019-19781", + "full_name": "aqhmal\/CVE-2019-19781", + "owner": { + "login": "aqhmal", + "id": 22043590, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/22043590?v=4", + "html_url": "https:\/\/github.com\/aqhmal" + }, + "html_url": "https:\/\/github.com\/aqhmal\/CVE-2019-19781", + "description": "Automated script for Citrix ADC scanner (CVE-2019-19781) using hosts retrieved from Shodan API. You must have a Shodan account to use this script.", + "fork": false, + "created_at": "2020-01-13T07:42:27Z", + "updated_at": "2020-02-26T19:27:56Z", + "pushed_at": "2020-01-14T15:53:14Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 3, + "forks": 3, + "watchers": 8, + "score": 0 + }, + { + "id": 233566324, + "name": "CitrixHoneypot", + "full_name": "MalwareTech\/CitrixHoneypot", + "owner": { + "login": "MalwareTech", + "id": 7256561, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7256561?v=4", + "html_url": "https:\/\/github.com\/MalwareTech" + }, + "html_url": "https:\/\/github.com\/MalwareTech\/CitrixHoneypot", + "description": "Detect and log CVE-2019-19781 scan and exploitation attempts.", + "fork": false, + "created_at": "2020-01-13T10:09:31Z", + "updated_at": "2020-07-18T12:23:42Z", + "pushed_at": "2020-01-15T13:58:22Z", + "stargazers_count": 97, + "watchers_count": 97, + "forks_count": 25, + "forks": 25, + "watchers": 97, + "score": 0 + }, + { + "id": 233609919, + "name": "citrix_dir_traversal_rce", + "full_name": "mekhalleh\/citrix_dir_traversal_rce", + "owner": { + "login": "mekhalleh", + "id": 5225129, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/5225129?v=4", + "html_url": "https:\/\/github.com\/mekhalleh" + }, + "html_url": "https:\/\/github.com\/mekhalleh\/citrix_dir_traversal_rce", + "description": "The exploitation module for the CVE-2019-19781 #Shitrix (Vulnerability in Citrix Application Delivery Controller and Citrix Gateway).", + "fork": false, + "created_at": "2020-01-13T14:07:15Z", + "updated_at": "2020-04-05T04:22:21Z", + "pushed_at": "2020-01-18T12:12:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, { "id": 233943421, "name": "cve-2019-19781-web", @@ -114,6 +436,52 @@ "watchers": 0, "score": 0 }, + { + "id": 234053519, + "name": "CVE-2019-19781-Checker", + "full_name": "zgelici\/CVE-2019-19781-Checker", + "owner": { + "login": "zgelici", + "id": 5995033, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5995033?v=4", + "html_url": "https:\/\/github.com\/zgelici" + }, + "html_url": "https:\/\/github.com\/zgelici\/CVE-2019-19781-Checker", + "description": "Check your website for CVE-2019-19781 Vulnerable", + "fork": false, + "created_at": "2020-01-15T10:15:11Z", + "updated_at": "2020-01-15T10:20:33Z", + "pushed_at": "2020-01-15T10:20:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 234157094, + "name": "CVE-2019-19781_IOCs", + "full_name": "digitalshadows\/CVE-2019-19781_IOCs", + "owner": { + "login": "digitalshadows", + "id": 11042971, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/11042971?v=4", + "html_url": "https:\/\/github.com\/digitalshadows" + }, + "html_url": "https:\/\/github.com\/digitalshadows\/CVE-2019-19781_IOCs", + "description": "IOCs for CVE-2019-19781", + "fork": false, + "created_at": "2020-01-15T19:32:14Z", + "updated_at": "2020-01-15T19:37:59Z", + "pushed_at": "2020-01-15T19:36:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 234169492, "name": "CVE-2019-19781-Forensic", @@ -137,6 +505,52 @@ "watchers": 5, "score": 0 }, + { + "id": 234275841, + "name": "CVE-NetScalerFileSystemCheck", + "full_name": "DanielWep\/CVE-NetScalerFileSystemCheck", + "owner": { + "login": "DanielWep", + "id": 35801653, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/35801653?v=4", + "html_url": "https:\/\/github.com\/DanielWep" + }, + "html_url": "https:\/\/github.com\/DanielWep\/CVE-NetScalerFileSystemCheck", + "description": "This script checks the Citrix Netscaler if it has been compromised by CVE-2019-19781 attacks and collects all file system information", + "fork": false, + "created_at": "2020-01-16T08:52:14Z", + "updated_at": "2020-01-16T14:22:06Z", + "pushed_at": "2020-01-16T14:22:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 234291404, + "name": "Detect-CVE-2019-19781", + "full_name": "Castaldio86\/Detect-CVE-2019-19781", + "owner": { + "login": "Castaldio86", + "id": 12892740, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/12892740?v=4", + "html_url": "https:\/\/github.com\/Castaldio86" + }, + "html_url": "https:\/\/github.com\/Castaldio86\/Detect-CVE-2019-19781", + "description": null, + "fork": false, + "created_at": "2020-01-16T10:09:05Z", + "updated_at": "2020-01-16T10:35:07Z", + "pushed_at": "2020-01-16T10:35:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 234315880, "name": "ADC-19781", @@ -160,6 +574,144 @@ "watchers": 1, "score": 0 }, + { + "id": 234474221, + "name": "Citrix_CVE-2019-19781", + "full_name": "clm123321\/Citrix_CVE-2019-19781", + "owner": { + "login": "clm123321", + "id": 32051094, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/32051094?v=4", + "html_url": "https:\/\/github.com\/clm123321" + }, + "html_url": "https:\/\/github.com\/clm123321\/Citrix_CVE-2019-19781", + "description": "citrix adc rce", + "fork": false, + "created_at": "2020-01-17T05:01:57Z", + "updated_at": "2020-05-08T12:32:06Z", + "pushed_at": "2020-01-17T05:03:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 234482699, + "name": "CVE-2019-19781", + "full_name": "b510\/CVE-2019-19781", + "owner": { + "login": "b510", + "id": 47598258, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/47598258?v=4", + "html_url": "https:\/\/github.com\/b510" + }, + "html_url": "https:\/\/github.com\/b510\/CVE-2019-19781", + "description": "批量概念驗證用", + "fork": false, + "created_at": "2020-01-17T06:09:18Z", + "updated_at": "2020-01-17T06:23:10Z", + "pushed_at": "2020-01-17T06:23:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 234586442, + "name": "CVE-2019-19781", + "full_name": "redscan\/CVE-2019-19781", + "owner": { + "login": "redscan", + "id": 37875760, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/37875760?v=4", + "html_url": "https:\/\/github.com\/redscan" + }, + "html_url": "https:\/\/github.com\/redscan\/CVE-2019-19781", + "description": "CVE-2019-19781 Attack Triage Script", + "fork": false, + "created_at": "2020-01-17T16:14:30Z", + "updated_at": "2020-01-21T16:48:21Z", + "pushed_at": "2020-01-17T21:13:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 235032279, + "name": "Citrix-CVE-2019-19781", + "full_name": "DIVD-NL\/Citrix-CVE-2019-19781", + "owner": { + "login": "DIVD-NL", + "id": 56316504, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/56316504?v=4", + "html_url": "https:\/\/github.com\/DIVD-NL" + }, + "html_url": "https:\/\/github.com\/DIVD-NL\/Citrix-CVE-2019-19781", + "description": null, + "fork": false, + "created_at": "2020-01-20T06:18:39Z", + "updated_at": "2020-01-20T06:18:43Z", + "pushed_at": "2020-01-20T06:18:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 235133886, + "name": "citrix.sh", + "full_name": "ynsmroztas\/citrix.sh", + "owner": { + "login": "ynsmroztas", + "id": 58443521, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/58443521?v=4", + "html_url": "https:\/\/github.com\/ynsmroztas" + }, + "html_url": "https:\/\/github.com\/ynsmroztas\/citrix.sh", + "description": "CVE-2019-19781 bash exploit ", + "fork": false, + "created_at": "2020-01-20T15:30:30Z", + "updated_at": "2020-07-19T01:10:14Z", + "pushed_at": "2020-01-20T15:40:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 235372759, + "name": "massCitrix", + "full_name": "digitalgangst\/massCitrix", + "owner": { + "login": "digitalgangst", + "id": 23701624, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23701624?v=4", + "html_url": "https:\/\/github.com\/digitalgangst" + }, + "html_url": "https:\/\/github.com\/digitalgangst\/massCitrix", + "description": "Código desenvolvido para a verificação em massa da vulnerabilidade CVE-2019-19781 de hosts descobertos pelo Shodan. Pull requests são bem vindas. ", + "fork": false, + "created_at": "2020-01-21T15:18:08Z", + "updated_at": "2020-03-10T23:34:40Z", + "pushed_at": "2020-01-21T15:19:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 235373247, "name": "ioc-scanner-CVE-2019-19781", diff --git a/2019/CVE-2019-19844.json b/2019/CVE-2019-19844.json index 000c0efb2b..ba651137a8 100644 --- a/2019/CVE-2019-19844.json +++ b/2019/CVE-2019-19844.json @@ -1,4 +1,27 @@ [ + { + "id": 229376107, + "name": "django_cve_2019_19844_poc", + "full_name": "ryu22e\/django_cve_2019_19844_poc", + "owner": { + "login": "ryu22e", + "id": 301892, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/301892?v=4", + "html_url": "https:\/\/github.com\/ryu22e" + }, + "html_url": "https:\/\/github.com\/ryu22e\/django_cve_2019_19844_poc", + "description": "PoC for CVE-2019-19844(https:\/\/www.djangoproject.com\/weblog\/2019\/dec\/18\/security-releases\/)", + "fork": false, + "created_at": "2019-12-21T04:30:34Z", + "updated_at": "2020-07-17T13:33:34Z", + "pushed_at": "2019-12-24T12:31:47Z", + "stargazers_count": 94, + "watchers_count": 94, + "forks_count": 10, + "forks": 10, + "watchers": 94, + "score": 0 + }, { "id": 230083007, "name": "django_cve201919844", diff --git a/2019/CVE-2019-1987.json b/2019/CVE-2019-1987.json new file mode 100644 index 0000000000..ad77b08c9b --- /dev/null +++ b/2019/CVE-2019-1987.json @@ -0,0 +1,25 @@ +[ + { + "id": 171108223, + "name": "android-7-9-png-bug", + "full_name": "marcinguy\/android-7-9-png-bug", + "owner": { + "login": "marcinguy", + "id": 20355405, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20355405?v=4", + "html_url": "https:\/\/github.com\/marcinguy" + }, + "html_url": "https:\/\/github.com\/marcinguy\/android-7-9-png-bug", + "description": "CVE-2019-1987", + "fork": false, + "created_at": "2019-02-17T10:22:01Z", + "updated_at": "2020-05-18T10:42:55Z", + "pushed_at": "2019-03-02T19:54:06Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 4, + "forks": 4, + "watchers": 12, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-20197.json b/2019/CVE-2019-20197.json new file mode 100644 index 0000000000..8a8c4bcefa --- /dev/null +++ b/2019/CVE-2019-20197.json @@ -0,0 +1,48 @@ +[ + { + "id": 232512469, + "name": "CVE-2019-20197", + "full_name": "lp008\/CVE-2019-20197", + "owner": { + "login": "lp008", + "id": 11436275, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/11436275?v=4", + "html_url": "https:\/\/github.com\/lp008" + }, + "html_url": "https:\/\/github.com\/lp008\/CVE-2019-20197", + "description": "CVE-2019-20197", + "fork": false, + "created_at": "2020-01-08T08:11:58Z", + "updated_at": "2020-01-08T08:20:44Z", + "pushed_at": "2020-01-08T08:19:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 232513269, + "name": "CVE-2019-20197", + "full_name": "jas502n\/CVE-2019-20197", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-20197", + "description": "Nagios XI远程命令执行漏洞 \/confluence\/WEB-INF\/)文件读取漏洞", + "fork": false, + "created_at": "2019-08-30T07:44:17Z", + "updated_at": "2020-06-17T22:26:17Z", + "pushed_at": "2019-09-02T13:37:00Z", + "stargazers_count": 15, + "watchers_count": 15, + "forks_count": 4, + "forks": 4, + "watchers": 15, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3396.json b/2019/CVE-2019-3396.json index b3ac9675ba..5681e1c9b4 100644 --- a/2019/CVE-2019-3396.json +++ b/2019/CVE-2019-3396.json @@ -1,4 +1,257 @@ [ + { + "id": 180277406, + "name": "CVE-2019-3396", + "full_name": "dothanthitiendiettiende\/CVE-2019-3396", + "owner": { + "login": "dothanthitiendiettiende", + "id": 29480786, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/29480786?v=4", + "html_url": "https:\/\/github.com\/dothanthitiendiettiende" + }, + "html_url": "https:\/\/github.com\/dothanthitiendiettiende\/CVE-2019-3396", + "description": "Confluence Widget Connector RCE", + "fork": false, + "created_at": "2019-04-09T03:26:06Z", + "updated_at": "2019-04-09T11:34:37Z", + "pushed_at": "2019-04-09T03:25:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 4, + "forks": 4, + "watchers": 0, + "score": 0 + }, + { + "id": 180298650, + "name": "CVE-2019-3396", + "full_name": "x-f1v3\/CVE-2019-3396", + "owner": { + "login": "x-f1v3", + "id": 26115807, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/26115807?v=4", + "html_url": "https:\/\/github.com\/x-f1v3" + }, + "html_url": "https:\/\/github.com\/x-f1v3\/CVE-2019-3396", + "description": "Confluence Widget Connector path traversal (CVE-2019-3396)", + "fork": false, + "created_at": "2019-04-09T06:20:51Z", + "updated_at": "2020-06-05T22:38:47Z", + "pushed_at": "2019-10-04T22:25:03Z", + "stargazers_count": 21, + "watchers_count": 21, + "forks_count": 15, + "forks": 15, + "watchers": 21, + "score": 0 + }, + { + "id": 180347878, + "name": "CVE-2019-3396", + "full_name": "xiaoshuier\/CVE-2019-3396", + "owner": { + "login": "xiaoshuier", + "id": 28529214, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/28529214?v=4", + "html_url": "https:\/\/github.com\/xiaoshuier" + }, + "html_url": "https:\/\/github.com\/xiaoshuier\/CVE-2019-3396", + "description": null, + "fork": false, + "created_at": "2019-04-09T11:01:41Z", + "updated_at": "2020-07-11T12:06:45Z", + "pushed_at": "2019-04-09T10:59:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 180483984, + "name": "CVE-2019-3396_EXP", + "full_name": "Yt1g3r\/CVE-2019-3396_EXP", + "owner": { + "login": "Yt1g3r", + "id": 12625147, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/12625147?v=4", + "html_url": "https:\/\/github.com\/Yt1g3r" + }, + "html_url": "https:\/\/github.com\/Yt1g3r\/CVE-2019-3396_EXP", + "description": "CVE-2019-3396 confluence SSTI RCE", + "fork": false, + "created_at": "2019-04-10T02:15:47Z", + "updated_at": "2020-06-24T02:13:08Z", + "pushed_at": "2019-04-12T01:46:33Z", + "stargazers_count": 150, + "watchers_count": 150, + "forks_count": 61, + "forks": 61, + "watchers": 150, + "score": 0 + }, + { + "id": 180484942, + "name": "CVE-2019-3396", + "full_name": "jas502n\/CVE-2019-3396", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-3396", + "description": "Confluence 未授权 RCE (CVE-2019-3396) 漏洞", + "fork": false, + "created_at": "2019-04-10T02:22:24Z", + "updated_at": "2020-06-02T03:31:31Z", + "pushed_at": "2019-11-01T14:33:21Z", + "stargazers_count": 103, + "watchers_count": 103, + "forks_count": 51, + "forks": 51, + "watchers": 103, + "score": 0 + }, + { + "id": 180485239, + "name": "CVE-2019-3396", + "full_name": "pyn3rd\/CVE-2019-3396", + "owner": { + "login": "pyn3rd", + "id": 41412951, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/41412951?v=4", + "html_url": "https:\/\/github.com\/pyn3rd" + }, + "html_url": "https:\/\/github.com\/pyn3rd\/CVE-2019-3396", + "description": "Confluence Widget Connector RCE", + "fork": false, + "created_at": "2019-04-10T02:24:29Z", + "updated_at": "2020-07-12T16:14:50Z", + "pushed_at": "2019-04-10T02:26:45Z", + "stargazers_count": 34, + "watchers_count": 34, + "forks_count": 15, + "forks": 15, + "watchers": 34, + "score": 0 + }, + { + "id": 180528467, + "name": "CVE-2019-3396", + "full_name": "s1xg0d\/CVE-2019-3396", + "owner": { + "login": "s1xg0d", + "id": 8321329, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8321329?v=4", + "html_url": "https:\/\/github.com\/s1xg0d" + }, + "html_url": "https:\/\/github.com\/s1xg0d\/CVE-2019-3396", + "description": null, + "fork": false, + "created_at": "2019-04-10T07:39:42Z", + "updated_at": "2019-05-13T11:39:51Z", + "pushed_at": "2019-05-13T11:39:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 180627265, + "name": "CVE-2019-3396", + "full_name": "quanpt103\/CVE-2019-3396", + "owner": { + "login": "quanpt103", + "id": 45188297, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/45188297?v=4", + "html_url": "https:\/\/github.com\/quanpt103" + }, + "html_url": "https:\/\/github.com\/quanpt103\/CVE-2019-3396", + "description": "Confluence Widget Connector RCE - ptquan", + "fork": false, + "created_at": "2019-04-10T17:05:10Z", + "updated_at": "2019-04-10T17:06:24Z", + "pushed_at": "2019-04-10T17:06:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 183862751, + "name": "confluence_CVE-2019-3396", + "full_name": "vntest11\/confluence_CVE-2019-3396", + "owner": { + "login": "vntest11", + "id": 46453327, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/46453327?v=4", + "html_url": "https:\/\/github.com\/vntest11" + }, + "html_url": "https:\/\/github.com\/vntest11\/confluence_CVE-2019-3396", + "description": " Confluence Widget Connector path traversal (CVE-2019-3396)", + "fork": false, + "created_at": "2019-04-28T05:59:21Z", + "updated_at": "2019-04-28T06:40:38Z", + "pushed_at": "2019-04-28T06:40:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 194643451, + "name": "test1", + "full_name": "tanw923\/test1", + "owner": { + "login": "tanw923", + "id": 49778932, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/49778932?v=4", + "html_url": "https:\/\/github.com\/tanw923" + }, + "html_url": "https:\/\/github.com\/tanw923\/test1", + "description": "https:\/\/github.com\/Yt1g3r\/CVE-2019-3396_EXP.git", + "fork": false, + "created_at": "2019-07-01T09:35:17Z", + "updated_at": "2019-07-02T15:24:32Z", + "pushed_at": "2019-07-02T15:24:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 203499284, + "name": "CVE-2019-3396-confluence-poc", + "full_name": "skommando\/CVE-2019-3396-confluence-poc", + "owner": { + "login": "skommando", + "id": 22767889, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/22767889?v=4", + "html_url": "https:\/\/github.com\/skommando" + }, + "html_url": "https:\/\/github.com\/skommando\/CVE-2019-3396-confluence-poc", + "description": "CVE-2019-3396 漏洞验证txt与模板文件。", + "fork": false, + "created_at": "2019-08-21T03:30:53Z", + "updated_at": "2019-08-21T06:10:16Z", + "pushed_at": "2019-08-21T06:09:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 218002069, "name": "CVE-2019-3396TEST", @@ -22,6 +275,52 @@ "watchers": 0, "score": 0 }, + { + "id": 223076925, + "name": "CVE-2019-3396", + "full_name": "am6539\/CVE-2019-3396", + "owner": { + "login": "am6539", + "id": 19407692, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/19407692?v=4", + "html_url": "https:\/\/github.com\/am6539" + }, + "html_url": "https:\/\/github.com\/am6539\/CVE-2019-3396", + "description": null, + "fork": false, + "created_at": "2019-11-21T03:07:08Z", + "updated_at": "2019-11-21T03:18:13Z", + "pushed_at": "2019-11-21T03:18:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 227548353, + "name": "CVE-2019-3396", + "full_name": "W2Ning\/CVE-2019-3396", + "owner": { + "login": "W2Ning", + "id": 33406415, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/33406415?v=4", + "html_url": "https:\/\/github.com\/W2Ning" + }, + "html_url": "https:\/\/github.com\/W2Ning\/CVE-2019-3396", + "description": "For test", + "fork": false, + "created_at": "2019-12-12T07:40:22Z", + "updated_at": "2019-12-13T08:59:05Z", + "pushed_at": "2019-12-13T08:59:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 263799687, "name": "CVE-2019-3396", diff --git a/2019/CVE-2019-3398.json b/2019/CVE-2019-3398.json new file mode 100644 index 0000000000..fe9ac2e41f --- /dev/null +++ b/2019/CVE-2019-3398.json @@ -0,0 +1,25 @@ +[ + { + "id": 182378884, + "name": "cve-2019-3398", + "full_name": "superevr\/cve-2019-3398", + "owner": { + "login": "superevr", + "id": 2046483, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/2046483?v=4", + "html_url": "https:\/\/github.com\/superevr" + }, + "html_url": "https:\/\/github.com\/superevr\/cve-2019-3398", + "description": "Python script to exploit confluence path traversal vulnerability cve-2019-3398", + "fork": false, + "created_at": "2019-04-20T08:07:49Z", + "updated_at": "2020-02-29T17:02:55Z", + "pushed_at": "2019-06-06T21:17:09Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 3, + "forks": 3, + "watchers": 11, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3462.json b/2019/CVE-2019-3462.json new file mode 100644 index 0000000000..35d045791f --- /dev/null +++ b/2019/CVE-2019-3462.json @@ -0,0 +1,48 @@ +[ + { + "id": 167275161, + "name": "check_CVE-2019-3462", + "full_name": "tonejito\/check_CVE-2019-3462", + "owner": { + "login": "tonejito", + "id": 618588, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/618588?v=4", + "html_url": "https:\/\/github.com\/tonejito" + }, + "html_url": "https:\/\/github.com\/tonejito\/check_CVE-2019-3462", + "description": "Check @Debian and @Ubuntu #GNU \/ #Linux for CVE-2019-3462 in APT", + "fork": false, + "created_at": "2019-01-24T00:30:15Z", + "updated_at": "2019-01-26T01:21:38Z", + "pushed_at": "2019-01-26T01:21:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, + { + "id": 170573944, + "name": "update-apt-package", + "full_name": "atilacastro\/update-apt-package", + "owner": { + "login": "atilacastro", + "id": 5832809, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/5832809?v=4", + "html_url": "https:\/\/github.com\/atilacastro" + }, + "html_url": "https:\/\/github.com\/atilacastro\/update-apt-package", + "description": "Playbook update APT package because CVE-2019-3462", + "fork": false, + "created_at": "2019-02-13T20:22:33Z", + "updated_at": "2019-02-14T18:31:31Z", + "pushed_at": "2019-02-14T18:31:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3663.json b/2019/CVE-2019-3663.json new file mode 100644 index 0000000000..7d8f647ae0 --- /dev/null +++ b/2019/CVE-2019-3663.json @@ -0,0 +1,25 @@ +[ + { + "id": 233549505, + "name": "mcafee_atd_CVE-2019-3663", + "full_name": "funoverip\/mcafee_atd_CVE-2019-3663", + "owner": { + "login": "funoverip", + "id": 7892650, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7892650?v=4", + "html_url": "https:\/\/github.com\/funoverip" + }, + "html_url": "https:\/\/github.com\/funoverip\/mcafee_atd_CVE-2019-3663", + "description": " McAfee Advanced Threat Defense ATD 4.6.x and earlier - Hardcoded root password", + "fork": false, + "created_at": "2020-01-13T08:42:13Z", + "updated_at": "2020-02-28T19:55:53Z", + "pushed_at": "2020-01-13T08:57:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3719.json b/2019/CVE-2019-3719.json new file mode 100644 index 0000000000..da78df9b95 --- /dev/null +++ b/2019/CVE-2019-3719.json @@ -0,0 +1,25 @@ +[ + { + "id": 184369823, + "name": "CVE-2019-3719", + "full_name": "jiansiting\/CVE-2019-3719", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting" + }, + "html_url": "https:\/\/github.com\/jiansiting\/CVE-2019-3719", + "description": null, + "fork": false, + "created_at": "2019-05-01T04:43:55Z", + "updated_at": "2019-06-02T04:14:24Z", + "pushed_at": "2019-05-01T04:50:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 3, + "forks": 3, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3778.json b/2019/CVE-2019-3778.json new file mode 100644 index 0000000000..990c59d620 --- /dev/null +++ b/2019/CVE-2019-3778.json @@ -0,0 +1,25 @@ +[ + { + "id": 214928698, + "name": "CVE-2019-3778-Spring-Security-OAuth-2.3-Open-Redirection", + "full_name": "BBB-man\/CVE-2019-3778-Spring-Security-OAuth-2.3-Open-Redirection", + "owner": { + "login": "BBB-man", + "id": 21234393, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/21234393?v=4", + "html_url": "https:\/\/github.com\/BBB-man" + }, + "html_url": "https:\/\/github.com\/BBB-man\/CVE-2019-3778-Spring-Security-OAuth-2.3-Open-Redirection", + "description": "Spring Security OAuth 2.3 Open Redirection 分析复现篇", + "fork": false, + "created_at": "2019-10-14T02:15:39Z", + "updated_at": "2019-10-14T02:20:07Z", + "pushed_at": "2019-10-14T02:20:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3799.json b/2019/CVE-2019-3799.json new file mode 100644 index 0000000000..3d01278caa --- /dev/null +++ b/2019/CVE-2019-3799.json @@ -0,0 +1,25 @@ +[ + { + "id": 181969843, + "name": "CVE-2019-3799", + "full_name": "mpgn\/CVE-2019-3799", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-3799", + "description": "CVE-2019-3799 - Spring Cloud Config Server: Directory Traversal < 2.1.2, 2.0.4, 1.4.6", + "fork": false, + "created_at": "2019-04-17T21:19:32Z", + "updated_at": "2020-07-05T13:05:27Z", + "pushed_at": "2019-04-18T10:08:12Z", + "stargazers_count": 30, + "watchers_count": 30, + "forks_count": 5, + "forks": 5, + "watchers": 30, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3847.json b/2019/CVE-2019-3847.json new file mode 100644 index 0000000000..6636a17a7a --- /dev/null +++ b/2019/CVE-2019-3847.json @@ -0,0 +1,25 @@ +[ + { + "id": 179544105, + "name": "moodle-login-csrf", + "full_name": "danielthatcher\/moodle-login-csrf", + "owner": { + "login": "danielthatcher", + "id": 11726509, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/11726509?v=4", + "html_url": "https:\/\/github.com\/danielthatcher" + }, + "html_url": "https:\/\/github.com\/danielthatcher\/moodle-login-csrf", + "description": "Scripts for exploiting MSA-18-0020 (CVE-2018-16854) and MSA-19-0004 (CVE-2019-3847)", + "fork": false, + "created_at": "2019-04-04T17:24:47Z", + "updated_at": "2019-09-29T23:50:29Z", + "pushed_at": "2019-07-21T15:52:46Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 0, + "forks": 0, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3929.json b/2019/CVE-2019-3929.json new file mode 100644 index 0000000000..5a903e84ee --- /dev/null +++ b/2019/CVE-2019-3929.json @@ -0,0 +1,25 @@ +[ + { + "id": 209102630, + "name": "CVE-2019-3929", + "full_name": "xfox64x\/CVE-2019-3929", + "owner": { + "login": "xfox64x", + "id": 11416821, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/11416821?v=4", + "html_url": "https:\/\/github.com\/xfox64x" + }, + "html_url": "https:\/\/github.com\/xfox64x\/CVE-2019-3929", + "description": "Crestron\/Barco\/Extron\/InFocus\/TeqAV Remote Command Injection (CVE-2019-3929) Metasploit Module", + "fork": false, + "created_at": "2019-09-17T16:23:04Z", + "updated_at": "2019-11-25T21:43:58Z", + "pushed_at": "2019-11-25T21:17:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-48814.json b/2019/CVE-2019-48814.json new file mode 100644 index 0000000000..db63204378 --- /dev/null +++ b/2019/CVE-2019-48814.json @@ -0,0 +1,25 @@ +[ + { + "id": 183850213, + "name": "cve-2019-48814", + "full_name": "wucj001\/cve-2019-48814", + "owner": { + "login": "wucj001", + "id": 29703092, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/29703092?v=4", + "html_url": "https:\/\/github.com\/wucj001" + }, + "html_url": "https:\/\/github.com\/wucj001\/cve-2019-48814", + "description": "漏洞利用工具", + "fork": false, + "created_at": "2019-04-28T03:24:47Z", + "updated_at": "2019-06-19T18:43:16Z", + "pushed_at": "2019-06-19T18:43:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5010.json b/2019/CVE-2019-5010.json new file mode 100644 index 0000000000..40a635c07d --- /dev/null +++ b/2019/CVE-2019-5010.json @@ -0,0 +1,25 @@ +[ + { + "id": 219936583, + "name": "CVE-2019-5010", + "full_name": "JonathanWilbur\/CVE-2019-5010", + "owner": { + "login": "JonathanWilbur", + "id": 20342114, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20342114?v=4", + "html_url": "https:\/\/github.com\/JonathanWilbur" + }, + "html_url": "https:\/\/github.com\/JonathanWilbur\/CVE-2019-5010", + "description": "CVE-2019-5010 Exploit PoC - Python Denial of Service via Malformed X.509v3 Extension", + "fork": false, + "created_at": "2019-11-06T07:26:43Z", + "updated_at": "2019-11-06T07:27:36Z", + "pushed_at": "2020-07-18T17:29:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5418.json b/2019/CVE-2019-5418.json index b68ca8b9d2..5efabfd5ee 100644 --- a/2019/CVE-2019-5418.json +++ b/2019/CVE-2019-5418.json @@ -1,4 +1,73 @@ [ + { + "id": 175966226, + "name": "CVE-2019-5418", + "full_name": "mpgn\/CVE-2019-5418", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-5418", + "description": "CVE-2019-5418 - File Content Disclosure on Ruby on Rails", + "fork": false, + "created_at": "2019-03-16T11:58:18Z", + "updated_at": "2020-06-08T00:55:34Z", + "pushed_at": "2019-03-25T07:19:58Z", + "stargazers_count": 156, + "watchers_count": 156, + "forks_count": 17, + "forks": 17, + "watchers": 156, + "score": 0 + }, + { + "id": 176323109, + "name": "CVE-2019-5418", + "full_name": "omarkurt\/CVE-2019-5418", + "owner": { + "login": "omarkurt", + "id": 1712468, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/1712468?v=4", + "html_url": "https:\/\/github.com\/omarkurt" + }, + "html_url": "https:\/\/github.com\/omarkurt\/CVE-2019-5418", + "description": "File Content Disclosure on Rails Test Case - CVE-2019-5418", + "fork": false, + "created_at": "2019-03-18T16:09:13Z", + "updated_at": "2020-04-17T21:45:45Z", + "pushed_at": "2019-03-18T16:15:25Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 1, + "forks": 1, + "watchers": 7, + "score": 0 + }, + { + "id": 176545257, + "name": "CVE-2019-5418-Scanner", + "full_name": "brompwnie\/CVE-2019-5418-Scanner", + "owner": { + "login": "brompwnie", + "id": 8638589, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8638589?v=4", + "html_url": "https:\/\/github.com\/brompwnie" + }, + "html_url": "https:\/\/github.com\/brompwnie\/CVE-2019-5418-Scanner", + "description": "A multi-threaded Golang scanner to identify Ruby endpoints vulnerable to CVE-2019-5418", + "fork": false, + "created_at": "2019-03-19T15:38:01Z", + "updated_at": "2020-07-14T14:10:58Z", + "pushed_at": "2019-03-21T17:26:06Z", + "stargazers_count": 31, + "watchers_count": 31, + "forks_count": 16, + "forks": 16, + "watchers": 31, + "score": 0 + }, { "id": 177236589, "name": "Rails-doubletap-RCE", @@ -21,5 +90,97 @@ "forks": 19, "watchers": 101, "score": 0 + }, + { + "id": 178527770, + "name": "CVE-2019-5418", + "full_name": "takeokunn\/CVE-2019-5418", + "owner": { + "login": "takeokunn", + "id": 11222510, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/11222510?v=4", + "html_url": "https:\/\/github.com\/takeokunn" + }, + "html_url": "https:\/\/github.com\/takeokunn\/CVE-2019-5418", + "description": null, + "fork": false, + "created_at": "2019-03-30T07:40:11Z", + "updated_at": "2019-10-24T19:07:56Z", + "pushed_at": "2019-03-30T07:54:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + }, + { + "id": 178909066, + "name": "RailroadBandit", + "full_name": "Bad3r\/RailroadBandit", + "owner": { + "login": "Bad3r", + "id": 25513724, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25513724?v=4", + "html_url": "https:\/\/github.com\/Bad3r" + }, + "html_url": "https:\/\/github.com\/Bad3r\/RailroadBandit", + "description": "a demo for Ruby on Rails CVE-2019-5418", + "fork": false, + "created_at": "2019-04-01T17:02:57Z", + "updated_at": "2019-04-11T22:45:53Z", + "pushed_at": "2019-04-11T22:45:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 212888337, + "name": "CVE-2019-5418-Rails3", + "full_name": "ztgrace\/CVE-2019-5418-Rails3", + "owner": { + "login": "ztgrace", + "id": 2554037, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2554037?v=4", + "html_url": "https:\/\/github.com\/ztgrace" + }, + "html_url": "https:\/\/github.com\/ztgrace\/CVE-2019-5418-Rails3", + "description": "Rails 3 PoC of CVE-2019-5418", + "fork": false, + "created_at": "2019-10-04T19:28:10Z", + "updated_at": "2019-10-04T19:29:56Z", + "pushed_at": "2019-10-04T19:29:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 222660643, + "name": "CVE-2019-5418", + "full_name": "random-robbie\/CVE-2019-5418", + "owner": { + "login": "random-robbie", + "id": 4902869, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/4902869?v=4", + "html_url": "https:\/\/github.com\/random-robbie" + }, + "html_url": "https:\/\/github.com\/random-robbie\/CVE-2019-5418", + "description": null, + "fork": false, + "created_at": "2019-11-19T09:40:06Z", + "updated_at": "2019-12-11T18:52:58Z", + "pushed_at": "2019-11-19T09:41:18Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-5420.json b/2019/CVE-2019-5420.json new file mode 100644 index 0000000000..078820407f --- /dev/null +++ b/2019/CVE-2019-5420.json @@ -0,0 +1,48 @@ +[ + { + "id": 176976251, + "name": "CVE-2019-5420", + "full_name": "knqyf263\/CVE-2019-5420", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2019-5420", + "description": "CVE-2019-5420 (Ruby on Rails)", + "fork": false, + "created_at": "2019-03-21T15:42:54Z", + "updated_at": "2020-06-09T11:27:51Z", + "pushed_at": "2019-03-21T23:52:48Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 0, + "forks": 0, + "watchers": 5, + "score": 0 + }, + { + "id": 178050921, + "name": "cve-2019-5420", + "full_name": "cved-sources\/cve-2019-5420", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2019-5420", + "description": "cve-2019-5420", + "fork": false, + "created_at": "2019-03-27T18:16:46Z", + "updated_at": "2019-03-27T18:17:07Z", + "pushed_at": "2019-03-27T18:17:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5475.json b/2019/CVE-2019-5475.json index 0d95c00e4f..152bd6a3b5 100644 --- a/2019/CVE-2019-5475.json +++ b/2019/CVE-2019-5475.json @@ -1,4 +1,27 @@ [ + { + "id": 210890120, + "name": "CVE-2019-5475-Nexus-Repository-Manager-", + "full_name": "jaychouzzk\/CVE-2019-5475-Nexus-Repository-Manager-", + "owner": { + "login": "jaychouzzk", + "id": 45549315, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45549315?v=4", + "html_url": "https:\/\/github.com\/jaychouzzk" + }, + "html_url": "https:\/\/github.com\/jaychouzzk\/CVE-2019-5475-Nexus-Repository-Manager-", + "description": null, + "fork": false, + "created_at": "2019-09-25T16:22:56Z", + "updated_at": "2020-05-18T03:26:37Z", + "pushed_at": "2019-09-25T16:33:53Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 3, + "forks": 3, + "watchers": 5, + "score": 0 + }, { "id": 255116667, "name": "CVE-2019-5475-EXP", diff --git a/2019/CVE-2019-5489.json b/2019/CVE-2019-5489.json new file mode 100644 index 0000000000..b295a990ea --- /dev/null +++ b/2019/CVE-2019-5489.json @@ -0,0 +1,25 @@ +[ + { + "id": 226253609, + "name": "CVE-2019-5489", + "full_name": "mmxsrup\/CVE-2019-5489", + "owner": { + "login": "mmxsrup", + "id": 19609323, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/19609323?v=4", + "html_url": "https:\/\/github.com\/mmxsrup" + }, + "html_url": "https:\/\/github.com\/mmxsrup\/CVE-2019-5489", + "description": "Page Cache Side Channel Attacks (CVE-2019-5489) proof of concept for Linux", + "fork": false, + "created_at": "2019-12-06T05:37:08Z", + "updated_at": "2020-03-24T10:46:03Z", + "pushed_at": "2019-12-19T02:09:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5624.json b/2019/CVE-2019-5624.json new file mode 100644 index 0000000000..86c0943ee7 --- /dev/null +++ b/2019/CVE-2019-5624.json @@ -0,0 +1,25 @@ +[ + { + "id": 184600046, + "name": "CVE-2019-5624", + "full_name": "VoidSec\/CVE-2019-5624", + "owner": { + "login": "VoidSec", + "id": 5717603, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/5717603?v=4", + "html_url": "https:\/\/github.com\/VoidSec" + }, + "html_url": "https:\/\/github.com\/VoidSec\/CVE-2019-5624", + "description": "A proof of concept for Metasploit's CVE-2019-5624 vulnerability (Rubyzip insecure ZIP handling RCE) ", + "fork": false, + "created_at": "2019-05-02T14:54:08Z", + "updated_at": "2020-07-08T07:20:21Z", + "pushed_at": "2019-05-02T15:15:51Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 6, + "forks": 6, + "watchers": 11, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5630.json b/2019/CVE-2019-5630.json new file mode 100644 index 0000000000..5deb37290e --- /dev/null +++ b/2019/CVE-2019-5630.json @@ -0,0 +1,25 @@ +[ + { + "id": 232403416, + "name": "CVE-2019-5630", + "full_name": "rbeede\/CVE-2019-5630", + "owner": { + "login": "rbeede", + "id": 1429214, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/1429214?v=4", + "html_url": "https:\/\/github.com\/rbeede" + }, + "html_url": "https:\/\/github.com\/rbeede\/CVE-2019-5630", + "description": "https:\/\/www.rodneybeede.com\/curriculum%20vitae\/bio.html", + "fork": false, + "created_at": "2020-01-07T19:43:42Z", + "updated_at": "2020-01-07T19:44:19Z", + "pushed_at": "2020-01-07T19:44:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5700.json b/2019/CVE-2019-5700.json new file mode 100644 index 0000000000..870911362c --- /dev/null +++ b/2019/CVE-2019-5700.json @@ -0,0 +1,25 @@ +[ + { + "id": 226178220, + "name": "CVE-2019-5700", + "full_name": "oscardagrach\/CVE-2019-5700", + "owner": { + "login": "oscardagrach", + "id": 17905072, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/17905072?v=4", + "html_url": "https:\/\/github.com\/oscardagrach" + }, + "html_url": "https:\/\/github.com\/oscardagrach\/CVE-2019-5700", + "description": "CVE-2019-5700", + "fork": false, + "created_at": "2019-12-05T19:54:33Z", + "updated_at": "2020-07-16T05:38:36Z", + "pushed_at": "2019-12-05T21:36:42Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 0, + "forks": 0, + "watchers": 10, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5736.json b/2019/CVE-2019-5736.json index c171377de8..ca03cca4c8 100644 --- a/2019/CVE-2019-5736.json +++ b/2019/CVE-2019-5736.json @@ -1,4 +1,165 @@ [ + { + "id": 170398859, + "name": "cve-2019-5736-poc", + "full_name": "q3k\/cve-2019-5736-poc", + "owner": { + "login": "q3k", + "id": 315234, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/315234?v=4", + "html_url": "https:\/\/github.com\/q3k" + }, + "html_url": "https:\/\/github.com\/q3k\/cve-2019-5736-poc", + "description": "Unweaponized Proof of Concept for CVE-2019-5736 (Docker escape)", + "fork": false, + "created_at": "2019-02-12T22:07:47Z", + "updated_at": "2020-04-06T10:46:09Z", + "pushed_at": "2019-02-20T15:35:34Z", + "stargazers_count": 179, + "watchers_count": 179, + "forks_count": 61, + "forks": 61, + "watchers": 179, + "score": 0 + }, + { + "id": 170445833, + "name": "CVE-2019-5736-PoC", + "full_name": "Frichetten\/CVE-2019-5736-PoC", + "owner": { + "login": "Frichetten", + "id": 10386884, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/10386884?v=4", + "html_url": "https:\/\/github.com\/Frichetten" + }, + "html_url": "https:\/\/github.com\/Frichetten\/CVE-2019-5736-PoC", + "description": "PoC for CVE-2019-5736", + "fork": false, + "created_at": "2019-02-13T05:26:32Z", + "updated_at": "2020-07-15T10:18:05Z", + "pushed_at": "2019-02-19T11:45:13Z", + "stargazers_count": 393, + "watchers_count": 393, + "forks_count": 96, + "forks": 96, + "watchers": 393, + "score": 0 + }, + { + "id": 170613828, + "name": "CVE-2019-5736", + "full_name": "jas502n\/CVE-2019-5736", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-5736", + "description": "runc容器逃逸漏洞预警", + "fork": false, + "created_at": "2019-02-14T02:30:12Z", + "updated_at": "2020-02-03T01:45:33Z", + "pushed_at": "2019-02-14T02:40:55Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 4, + "forks": 4, + "watchers": 14, + "score": 0 + }, + { + "id": 170656576, + "name": "CVE-2019-5736", + "full_name": "denmilu\/CVE-2019-5736", + "owner": { + "login": "denmilu", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/denmilu" + }, + "html_url": "https:\/\/github.com\/denmilu\/CVE-2019-5736", + "description": null, + "fork": false, + "created_at": "2019-02-14T08:37:25Z", + "updated_at": "2019-02-14T08:37:36Z", + "pushed_at": "2019-02-14T08:37:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 170656601, + "name": "cve-2019-5736-poc", + "full_name": "denmilu\/cve-2019-5736-poc", + "owner": { + "login": "denmilu", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/denmilu" + }, + "html_url": "https:\/\/github.com\/denmilu\/cve-2019-5736-poc", + "description": null, + "fork": false, + "created_at": "2019-02-14T08:37:39Z", + "updated_at": "2019-02-14T08:37:49Z", + "pushed_at": "2019-02-14T08:37:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 170836971, + "name": "cve-2019-5736-poc", + "full_name": "agppp\/cve-2019-5736-poc", + "owner": { + "login": "agppp", + "id": 10527860, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/10527860?v=4", + "html_url": "https:\/\/github.com\/agppp" + }, + "html_url": "https:\/\/github.com\/agppp\/cve-2019-5736-poc", + "description": "getshell test", + "fork": false, + "created_at": "2019-02-15T09:22:27Z", + "updated_at": "2019-02-15T09:49:47Z", + "pushed_at": "2019-02-15T09:49:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 171499608, + "name": "poc-cve-2019-5736", + "full_name": "ebdecastro\/poc-cve-2019-5736", + "owner": { + "login": "ebdecastro", + "id": 46558799, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46558799?v=4", + "html_url": "https:\/\/github.com\/ebdecastro" + }, + "html_url": "https:\/\/github.com\/ebdecastro\/poc-cve-2019-5736", + "description": null, + "fork": false, + "created_at": "2019-02-19T15:34:18Z", + "updated_at": "2019-06-04T10:53:26Z", + "pushed_at": "2019-02-19T15:37:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, { "id": 171668415, "name": "RunC-CVE-2019-5736", @@ -22,6 +183,213 @@ "watchers": 49, "score": 0 }, + { + "id": 173057459, + "name": "CVE-2019-5736-PoC-2", + "full_name": "yyqs2008\/CVE-2019-5736-PoC-2", + "owner": { + "login": "yyqs2008", + "id": 1332668, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/1332668?v=4", + "html_url": "https:\/\/github.com\/yyqs2008" + }, + "html_url": "https:\/\/github.com\/yyqs2008\/CVE-2019-5736-PoC-2", + "description": null, + "fork": false, + "created_at": "2019-02-28T06:48:13Z", + "updated_at": "2020-06-11T14:27:08Z", + "pushed_at": "2019-02-23T13:20:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 174545720, + "name": "CVE-2019-5736-PoC", + "full_name": "zyriuse75\/CVE-2019-5736-PoC", + "owner": { + "login": "zyriuse75", + "id": 225690, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/225690?v=4", + "html_url": "https:\/\/github.com\/zyriuse75" + }, + "html_url": "https:\/\/github.com\/zyriuse75\/CVE-2019-5736-PoC", + "description": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-5736 poc of CVE-2019-5736 ", + "fork": false, + "created_at": "2019-03-08T13:50:57Z", + "updated_at": "2019-03-08T13:50:59Z", + "pushed_at": "2019-03-08T13:50:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 177891884, + "name": "CVE-2019-5736", + "full_name": "stillan00b\/CVE-2019-5736", + "owner": { + "login": "stillan00b", + "id": 48630837, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/48630837?v=4", + "html_url": "https:\/\/github.com\/stillan00b" + }, + "html_url": "https:\/\/github.com\/stillan00b\/CVE-2019-5736", + "description": null, + "fork": false, + "created_at": "2019-03-27T00:52:49Z", + "updated_at": "2019-03-27T01:05:08Z", + "pushed_at": "2019-03-27T01:05:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 181238407, + "name": "cve-2019-5736-exp", + "full_name": "milloni\/cve-2019-5736-exp", + "owner": { + "login": "milloni", + "id": 2845035, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/2845035?v=4", + "html_url": "https:\/\/github.com\/milloni" + }, + "html_url": "https:\/\/github.com\/milloni\/cve-2019-5736-exp", + "description": "Exploit for CVE-2019-5736 runc vulnerability", + "fork": false, + "created_at": "2019-04-13T23:18:54Z", + "updated_at": "2019-04-16T18:18:42Z", + "pushed_at": "2019-04-14T21:39:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + }, + { + "id": 185733954, + "name": "Docker-Runc-Exploit", + "full_name": "13paulmurith\/Docker-Runc-Exploit", + "owner": { + "login": "13paulmurith", + "id": 26403285, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/26403285?v=4", + "html_url": "https:\/\/github.com\/13paulmurith" + }, + "html_url": "https:\/\/github.com\/13paulmurith\/Docker-Runc-Exploit", + "description": "Docker runc CVE-2019-5736 exploit Dockerfile. Credits : https:\/\/github.com\/Frichetten\/CVE-2019-5736-PoC.git", + "fork": false, + "created_at": "2019-05-09T05:45:21Z", + "updated_at": "2019-05-09T05:47:46Z", + "pushed_at": "2019-05-09T05:47:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 194520468, + "name": "CVE-2019-5736-POC", + "full_name": "RyanNgWH\/CVE-2019-5736-POC", + "owner": { + "login": "RyanNgWH", + "id": 44436551, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/44436551?v=4", + "html_url": "https:\/\/github.com\/RyanNgWH" + }, + "html_url": "https:\/\/github.com\/RyanNgWH\/CVE-2019-5736-POC", + "description": "Proof of concept code for breaking out of docker via runC", + "fork": false, + "created_at": "2019-06-30T13:42:14Z", + "updated_at": "2019-06-30T16:33:39Z", + "pushed_at": "2019-06-30T16:33:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 200632359, + "name": "cve-2019-5736-study", + "full_name": "Lee-SungYoung\/cve-2019-5736-study", + "owner": { + "login": "Lee-SungYoung", + "id": 34130740, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/34130740?v=4", + "html_url": "https:\/\/github.com\/Lee-SungYoung" + }, + "html_url": "https:\/\/github.com\/Lee-SungYoung\/cve-2019-5736-study", + "description": null, + "fork": false, + "created_at": "2019-08-05T10:15:52Z", + "updated_at": "2019-08-05T10:16:32Z", + "pushed_at": "2019-08-05T10:16:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 214599324, + "name": "cve-2019-5736-poc", + "full_name": "chosam2\/cve-2019-5736-poc", + "owner": { + "login": "chosam2", + "id": 40632767, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/40632767?v=4", + "html_url": "https:\/\/github.com\/chosam2" + }, + "html_url": "https:\/\/github.com\/chosam2\/cve-2019-5736-poc", + "description": null, + "fork": false, + "created_at": "2019-10-12T07:22:57Z", + "updated_at": "2019-11-16T09:01:20Z", + "pushed_at": "2019-11-16T09:01:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 227655174, + "name": "Docker-Escape-Miner", + "full_name": "epsteina16\/Docker-Escape-Miner", + "owner": { + "login": "epsteina16", + "id": 14108788, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/14108788?v=4", + "html_url": "https:\/\/github.com\/epsteina16" + }, + "html_url": "https:\/\/github.com\/epsteina16\/Docker-Escape-Miner", + "description": "Code sample for using exploit CVE-2019-5736 to mine bitcoin with no association to original container or user.", + "fork": false, + "created_at": "2019-12-12T16:57:13Z", + "updated_at": "2019-12-12T16:58:20Z", + "pushed_at": "2019-12-12T16:58:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 238321546, "name": "CVE-2019-5736-Custom-Runtime", diff --git a/2019/CVE-2019-5737.json b/2019/CVE-2019-5737.json new file mode 100644 index 0000000000..5e2a08e2c0 --- /dev/null +++ b/2019/CVE-2019-5737.json @@ -0,0 +1,25 @@ +[ + { + "id": 172282648, + "name": "cve-2019-5737", + "full_name": "beelzebruh\/cve-2019-5737", + "owner": { + "login": "beelzebruh", + "id": 39379168, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/39379168?v=4", + "html_url": "https:\/\/github.com\/beelzebruh" + }, + "html_url": "https:\/\/github.com\/beelzebruh\/cve-2019-5737", + "description": null, + "fork": false, + "created_at": "2019-02-24T01:20:04Z", + "updated_at": "2020-05-12T03:29:52Z", + "pushed_at": "2019-02-24T03:43:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5786.json b/2019/CVE-2019-5786.json new file mode 100644 index 0000000000..a57c4043f9 --- /dev/null +++ b/2019/CVE-2019-5786.json @@ -0,0 +1,25 @@ +[ + { + "id": 176796740, + "name": "CVE-2019-5786", + "full_name": "exodusintel\/CVE-2019-5786", + "owner": { + "login": "exodusintel", + "id": 16653014, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16653014?v=4", + "html_url": "https:\/\/github.com\/exodusintel" + }, + "html_url": "https:\/\/github.com\/exodusintel\/CVE-2019-5786", + "description": "FileReader Exploit", + "fork": false, + "created_at": "2019-03-20T18:43:49Z", + "updated_at": "2020-07-13T01:58:10Z", + "pushed_at": "2019-03-20T18:47:25Z", + "stargazers_count": 247, + "watchers_count": 247, + "forks_count": 85, + "forks": 85, + "watchers": 247, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5825.json b/2019/CVE-2019-5825.json new file mode 100644 index 0000000000..ee058c1548 --- /dev/null +++ b/2019/CVE-2019-5825.json @@ -0,0 +1,25 @@ +[ + { + "id": 223578530, + "name": "CVE-2019-5825", + "full_name": "timwr\/CVE-2019-5825", + "owner": { + "login": "timwr", + "id": 684924, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/684924?v=4", + "html_url": "https:\/\/github.com\/timwr" + }, + "html_url": "https:\/\/github.com\/timwr\/CVE-2019-5825", + "description": null, + "fork": false, + "created_at": "2019-11-23T11:35:34Z", + "updated_at": "2020-03-15T10:32:47Z", + "pushed_at": "2019-11-25T06:09:35Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 4, + "forks": 4, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5893.json b/2019/CVE-2019-5893.json new file mode 100644 index 0000000000..0d20dd558f --- /dev/null +++ b/2019/CVE-2019-5893.json @@ -0,0 +1,25 @@ +[ + { + "id": 165075365, + "name": "OpenSource-ERP-SQL-Injection", + "full_name": "EmreOvunc\/OpenSource-ERP-SQL-Injection", + "owner": { + "login": "EmreOvunc", + "id": 15659223, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15659223?v=4", + "html_url": "https:\/\/github.com\/EmreOvunc" + }, + "html_url": "https:\/\/github.com\/EmreOvunc\/OpenSource-ERP-SQL-Injection", + "description": "CVE-2019-5893 | OpenSource ERP application has SQL Injection vulnerability.", + "fork": false, + "created_at": "2019-01-10T14:36:55Z", + "updated_at": "2020-05-16T12:47:44Z", + "pushed_at": "2019-01-11T07:45:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 3, + "forks": 3, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6203.json b/2019/CVE-2019-6203.json new file mode 100644 index 0000000000..08d7d795ba --- /dev/null +++ b/2019/CVE-2019-6203.json @@ -0,0 +1,25 @@ +[ + { + "id": 185970201, + "name": "CVE-2019-6203-PoC", + "full_name": "qingxp9\/CVE-2019-6203-PoC", + "owner": { + "login": "qingxp9", + "id": 2822242, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2822242?v=4", + "html_url": "https:\/\/github.com\/qingxp9" + }, + "html_url": "https:\/\/github.com\/qingxp9\/CVE-2019-6203-PoC", + "description": "PoC for CVE-2019-6203, works on < iOS 12.2, macOS < 10.14.4", + "fork": false, + "created_at": "2019-05-10T10:36:54Z", + "updated_at": "2020-06-09T02:08:22Z", + "pushed_at": "2019-05-17T03:10:30Z", + "stargazers_count": 28, + "watchers_count": 28, + "forks_count": 11, + "forks": 11, + "watchers": 28, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6207.json b/2019/CVE-2019-6207.json index df1fd59e13..d7703602d3 100644 --- a/2019/CVE-2019-6207.json +++ b/2019/CVE-2019-6207.json @@ -1,4 +1,50 @@ [ + { + "id": 187157796, + "name": "CVE-2019-6207", + "full_name": "dothanthitiendiettiende\/CVE-2019-6207", + "owner": { + "login": "dothanthitiendiettiende", + "id": 29480786, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/29480786?v=4", + "html_url": "https:\/\/github.com\/dothanthitiendiettiende" + }, + "html_url": "https:\/\/github.com\/dothanthitiendiettiende\/CVE-2019-6207", + "description": "getdirentriesattr kernel heap inofo leak", + "fork": false, + "created_at": "2019-05-17T06:17:51Z", + "updated_at": "2019-05-17T06:29:13Z", + "pushed_at": "2019-05-17T06:17:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 187160556, + "name": "CVE-2019-6207", + "full_name": "maldiohead\/CVE-2019-6207", + "owner": { + "login": "maldiohead", + "id": 23315692, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23315692?v=4", + "html_url": "https:\/\/github.com\/maldiohead" + }, + "html_url": "https:\/\/github.com\/maldiohead\/CVE-2019-6207", + "description": "xnu kernel heap info leak", + "fork": false, + "created_at": "2019-05-17T06:37:07Z", + "updated_at": "2020-06-22T01:50:00Z", + "pushed_at": "2019-11-21T05:57:38Z", + "stargazers_count": 64, + "watchers_count": 64, + "forks_count": 18, + "forks": 18, + "watchers": 64, + "score": 0 + }, { "id": 254655275, "name": "cve-2019-6207", diff --git a/2019/CVE-2019-6225.json b/2019/CVE-2019-6225.json new file mode 100644 index 0000000000..efa8600539 --- /dev/null +++ b/2019/CVE-2019-6225.json @@ -0,0 +1,71 @@ +[ + { + "id": 168440280, + "name": "OsirisJailbreak12", + "full_name": "fatgrass\/OsirisJailbreak12", + "owner": { + "login": "fatgrass", + "id": 19977419, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/19977419?v=4", + "html_url": "https:\/\/github.com\/fatgrass" + }, + "html_url": "https:\/\/github.com\/fatgrass\/OsirisJailbreak12", + "description": "iOS 12.0 -> 12.1.2 Incomplete Osiris Jailbreak with CVE-2019-6225 by GeoSn0w (FCE365)", + "fork": false, + "created_at": "2019-01-31T01:03:43Z", + "updated_at": "2020-04-08T17:22:51Z", + "pushed_at": "2019-01-31T00:53:03Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 73, + "forks": 73, + "watchers": 9, + "score": 0 + }, + { + "id": 194542840, + "name": "CVE-2019-6225-macOS", + "full_name": "TrungNguyen1909\/CVE-2019-6225-macOS", + "owner": { + "login": "TrungNguyen1909", + "id": 22745058, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22745058?v=4", + "html_url": "https:\/\/github.com\/TrungNguyen1909" + }, + "html_url": "https:\/\/github.com\/TrungNguyen1909\/CVE-2019-6225-macOS", + "description": null, + "fork": false, + "created_at": "2019-06-30T17:26:53Z", + "updated_at": "2020-04-01T13:37:24Z", + "pushed_at": "2019-06-30T17:28:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + }, + { + "id": 201224192, + "name": "jailbreak-iOS12", + "full_name": "raystyle\/jailbreak-iOS12", + "owner": { + "login": "raystyle", + "id": 3284570, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3284570?v=4", + "html_url": "https:\/\/github.com\/raystyle" + }, + "html_url": "https:\/\/github.com\/raystyle\/jailbreak-iOS12", + "description": "OS 12.0 & 12.1.2 - Jailbreak with CVE-2019-6225", + "fork": false, + "created_at": "2019-08-08T09:22:57Z", + "updated_at": "2019-09-28T04:38:14Z", + "pushed_at": "2019-02-27T12:57:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6249.json b/2019/CVE-2019-6249.json new file mode 100644 index 0000000000..c5a86d0fc2 --- /dev/null +++ b/2019/CVE-2019-6249.json @@ -0,0 +1,25 @@ +[ + { + "id": 171827364, + "name": "CVE-2019-6249_Hucart-cms", + "full_name": "NMTech0x90\/CVE-2019-6249_Hucart-cms", + "owner": { + "login": "NMTech0x90", + "id": 27001865, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/27001865?v=4", + "html_url": "https:\/\/github.com\/NMTech0x90" + }, + "html_url": "https:\/\/github.com\/NMTech0x90\/CVE-2019-6249_Hucart-cms", + "description": "CVE-2019-6249 Hucart cms 复现环境", + "fork": false, + "created_at": "2019-02-21T08:03:43Z", + "updated_at": "2020-03-25T03:29:55Z", + "pushed_at": "2019-02-21T08:22:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6263.json b/2019/CVE-2019-6263.json new file mode 100644 index 0000000000..fd9e93fea7 --- /dev/null +++ b/2019/CVE-2019-6263.json @@ -0,0 +1,25 @@ +[ + { + "id": 166368513, + "name": "CVE-2019-6263-Joomla-POC", + "full_name": "praveensutar\/CVE-2019-6263-Joomla-POC", + "owner": { + "login": "praveensutar", + "id": 12555214, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/12555214?v=4", + "html_url": "https:\/\/github.com\/praveensutar" + }, + "html_url": "https:\/\/github.com\/praveensutar\/CVE-2019-6263-Joomla-POC", + "description": null, + "fork": false, + "created_at": "2019-01-18T08:10:11Z", + "updated_at": "2019-09-12T15:02:55Z", + "pushed_at": "2019-01-19T04:29:22Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 0, + "forks": 0, + "watchers": 6, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6329.json b/2019/CVE-2019-6329.json new file mode 100644 index 0000000000..d1749ea73f --- /dev/null +++ b/2019/CVE-2019-6329.json @@ -0,0 +1,25 @@ +[ + { + "id": 214792106, + "name": "CVE-2019-6329", + "full_name": "ManhNDd\/CVE-2019-6329", + "owner": { + "login": "ManhNDd", + "id": 18594865, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/18594865?v=4", + "html_url": "https:\/\/github.com\/ManhNDd" + }, + "html_url": "https:\/\/github.com\/ManhNDd\/CVE-2019-6329", + "description": "Local Privilege Escalation in HP Support Assistant", + "fork": false, + "created_at": "2019-10-13T09:20:16Z", + "updated_at": "2019-12-03T08:44:30Z", + "pushed_at": "2019-11-20T10:28:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6340.json b/2019/CVE-2019-6340.json index 070189d9b8..99683a5791 100644 --- a/2019/CVE-2019-6340.json +++ b/2019/CVE-2019-6340.json @@ -1,4 +1,142 @@ [ + { + "id": 172094613, + "name": "Drupal-SA-CORE-2019-003", + "full_name": "g0rx\/Drupal-SA-CORE-2019-003", + "owner": { + "login": "g0rx", + "id": 10961397, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/10961397?v=4", + "html_url": "https:\/\/github.com\/g0rx" + }, + "html_url": "https:\/\/github.com\/g0rx\/Drupal-SA-CORE-2019-003", + "description": "CVE-2019-6340-Drupal SA-CORE-2019-003", + "fork": false, + "created_at": "2019-02-22T16:03:40Z", + "updated_at": "2020-07-12T16:24:18Z", + "pushed_at": "2019-02-24T18:43:05Z", + "stargazers_count": 31, + "watchers_count": 31, + "forks_count": 9, + "forks": 9, + "watchers": 31, + "score": 0 + }, + { + "id": 172217636, + "name": "CVE-2019-6340", + "full_name": "knqyf263\/CVE-2019-6340", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2019-6340", + "description": "Environment for CVE-2019-6340 (Drupal)", + "fork": false, + "created_at": "2019-02-23T13:28:58Z", + "updated_at": "2020-04-02T13:09:08Z", + "pushed_at": "2019-02-23T17:34:19Z", + "stargazers_count": 41, + "watchers_count": 41, + "forks_count": 10, + "forks": 10, + "watchers": 41, + "score": 0 + }, + { + "id": 172429144, + "name": "CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass", + "full_name": "DevDungeon\/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass", + "owner": { + "login": "DevDungeon", + "id": 16630634, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16630634?v=4", + "html_url": "https:\/\/github.com\/DevDungeon" + }, + "html_url": "https:\/\/github.com\/DevDungeon\/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass", + "description": "CVE-2019-6340 Drupal 8.6.9 REST Auth Bypass examples", + "fork": false, + "created_at": "2019-02-25T03:38:47Z", + "updated_at": "2020-05-30T04:32:25Z", + "pushed_at": "2019-02-25T03:47:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 6, + "forks": 6, + "watchers": 3, + "score": 0 + }, + { + "id": 172458734, + "name": "CVE-2019-6340", + "full_name": "oways\/CVE-2019-6340", + "owner": { + "login": "oways", + "id": 11142952, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/11142952?v=4", + "html_url": "https:\/\/github.com\/oways" + }, + "html_url": "https:\/\/github.com\/oways\/CVE-2019-6340", + "description": "CVE-2019-6340 POC Drupal rce", + "fork": false, + "created_at": "2019-02-25T07:47:16Z", + "updated_at": "2020-04-02T11:50:43Z", + "pushed_at": "2019-02-25T08:57:14Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 5, + "forks": 5, + "watchers": 12, + "score": 0 + }, + { + "id": 172766416, + "name": "cve-2019-6340", + "full_name": "cved-sources\/cve-2019-6340", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2019-6340", + "description": "cve-2019-6340", + "fork": false, + "created_at": "2019-02-26T18:26:50Z", + "updated_at": "2020-04-02T13:08:58Z", + "pushed_at": "2019-02-26T18:38:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 175109773, + "name": "cve-2019-6340-bits", + "full_name": "d1vious\/cve-2019-6340-bits", + "owner": { + "login": "d1vious", + "id": 1476868, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/1476868?v=4", + "html_url": "https:\/\/github.com\/d1vious" + }, + "html_url": "https:\/\/github.com\/d1vious\/cve-2019-6340-bits", + "description": "Bits generated while analyzing CVE-2019-6340 Drupal RESTful RCE", + "fork": false, + "created_at": "2019-03-12T01:13:56Z", + "updated_at": "2019-04-15T07:13:03Z", + "pushed_at": "2019-03-12T01:41:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 188896047, "name": "CVE-2019-6340", diff --git a/2019/CVE-2019-6440.json b/2019/CVE-2019-6440.json new file mode 100644 index 0000000000..db6f526fc8 --- /dev/null +++ b/2019/CVE-2019-6440.json @@ -0,0 +1,25 @@ +[ + { + "id": 170884262, + "name": "CVE-2019-6440", + "full_name": "hexnone\/CVE-2019-6440", + "owner": { + "login": "hexnone", + "id": 17256467, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/17256467?v=4", + "html_url": "https:\/\/github.com\/hexnone" + }, + "html_url": "https:\/\/github.com\/hexnone\/CVE-2019-6440", + "description": "CVE-2019-6440. Zemana RCE and privilege escalation.", + "fork": false, + "created_at": "2019-02-15T15:15:52Z", + "updated_at": "2019-03-22T18:53:26Z", + "pushed_at": "2019-03-22T18:53:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6446.json b/2019/CVE-2019-6446.json new file mode 100644 index 0000000000..0255d5f233 --- /dev/null +++ b/2019/CVE-2019-6446.json @@ -0,0 +1,25 @@ +[ + { + "id": 186728497, + "name": "CVE-2019-6446", + "full_name": "RayScri\/CVE-2019-6446", + "owner": { + "login": "RayScri", + "id": 49472130, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/49472130?v=4", + "html_url": "https:\/\/github.com\/RayScri" + }, + "html_url": "https:\/\/github.com\/RayScri\/CVE-2019-6446", + "description": "Numpy deserialization command execution", + "fork": false, + "created_at": "2019-05-15T01:39:53Z", + "updated_at": "2020-05-08T12:12:22Z", + "pushed_at": "2019-05-15T02:22:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 5, + "forks": 5, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6447.json b/2019/CVE-2019-6447.json index 84d7680872..6a0f71f188 100644 --- a/2019/CVE-2019-6447.json +++ b/2019/CVE-2019-6447.json @@ -1,4 +1,27 @@ [ + { + "id": 164948400, + "name": "ESFileExplorerOpenPortVuln", + "full_name": "fs0c131y\/ESFileExplorerOpenPortVuln", + "owner": { + "login": "fs0c131y", + "id": 36547191, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/36547191?v=4", + "html_url": "https:\/\/github.com\/fs0c131y" + }, + "html_url": "https:\/\/github.com\/fs0c131y\/ESFileExplorerOpenPortVuln", + "description": "ES File Explorer Open Port Vulnerability - CVE-2019-6447", + "fork": false, + "created_at": "2019-01-09T22:30:42Z", + "updated_at": "2020-07-15T16:58:02Z", + "pushed_at": "2019-01-22T21:00:36Z", + "stargazers_count": 582, + "watchers_count": 582, + "forks_count": 130, + "forks": 130, + "watchers": 582, + "score": 0 + }, { "id": 263921419, "name": "ES-File-Explorer-Open-Port-Vulnerability---CVE-2019-6447", diff --git a/2019/CVE-2019-6453.json b/2019/CVE-2019-6453.json new file mode 100644 index 0000000000..b6c3ac9d69 --- /dev/null +++ b/2019/CVE-2019-6453.json @@ -0,0 +1,48 @@ +[ + { + "id": 171244957, + "name": "cve-2019-6453-poc", + "full_name": "proofofcalc\/cve-2019-6453-poc", + "owner": { + "login": "proofofcalc", + "id": 47607270, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/47607270?v=4", + "html_url": "https:\/\/github.com\/proofofcalc" + }, + "html_url": "https:\/\/github.com\/proofofcalc\/cve-2019-6453-poc", + "description": "Proof of calc for CVE-2019-6453", + "fork": false, + "created_at": "2019-02-18T08:35:03Z", + "updated_at": "2020-05-29T08:59:39Z", + "pushed_at": "2019-02-18T13:10:38Z", + "stargazers_count": 49, + "watchers_count": 49, + "forks_count": 13, + "forks": 13, + "watchers": 49, + "score": 0 + }, + { + "id": 197653851, + "name": "mIRC-CVE-2019-6453", + "full_name": "andripwn\/mIRC-CVE-2019-6453", + "owner": { + "login": "andripwn", + "id": 52893492, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/52893492?v=4", + "html_url": "https:\/\/github.com\/andripwn" + }, + "html_url": "https:\/\/github.com\/andripwn\/mIRC-CVE-2019-6453", + "description": "Proof of calc for CVE-2019-6453", + "fork": false, + "created_at": "2019-07-18T20:40:09Z", + "updated_at": "2019-12-15T18:45:39Z", + "pushed_at": "2019-07-18T20:44:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6467.json b/2019/CVE-2019-6467.json new file mode 100644 index 0000000000..d3ea117c8d --- /dev/null +++ b/2019/CVE-2019-6467.json @@ -0,0 +1,25 @@ +[ + { + "id": 183349186, + "name": "CVE-2019-6467", + "full_name": "knqyf263\/CVE-2019-6467", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2019-6467", + "description": "CVE-2019-6467 (BIND nxdomain-redirect)", + "fork": false, + "created_at": "2019-04-25T03:26:42Z", + "updated_at": "2020-06-24T02:18:49Z", + "pushed_at": "2019-04-25T04:06:48Z", + "stargazers_count": 26, + "watchers_count": 26, + "forks_count": 5, + "forks": 5, + "watchers": 26, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6487.json b/2019/CVE-2019-6487.json new file mode 100644 index 0000000000..6c7b3545ef --- /dev/null +++ b/2019/CVE-2019-6487.json @@ -0,0 +1,25 @@ +[ + { + "id": 166241615, + "name": "TP-Link-WDR-Router-Command-injection_POC", + "full_name": "afang5472\/TP-Link-WDR-Router-Command-injection_POC", + "owner": { + "login": "afang5472", + "id": 18503100, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/18503100?v=4", + "html_url": "https:\/\/github.com\/afang5472" + }, + "html_url": "https:\/\/github.com\/afang5472\/TP-Link-WDR-Router-Command-injection_POC", + "description": "CVE-2019-6487. A command injection vulnerability in TP-Link WDR5620 Series up to verion 3.", + "fork": false, + "created_at": "2019-01-17T14:44:12Z", + "updated_at": "2020-07-10T12:22:52Z", + "pushed_at": "2019-01-19T10:49:21Z", + "stargazers_count": 24, + "watchers_count": 24, + "forks_count": 13, + "forks": 13, + "watchers": 24, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6690.json b/2019/CVE-2019-6690.json new file mode 100644 index 0000000000..43ea50ecf7 --- /dev/null +++ b/2019/CVE-2019-6690.json @@ -0,0 +1,48 @@ +[ + { + "id": 166676940, + "name": "CVE-2019-6690-python-gnupg-vulnerability", + "full_name": "stigtsp\/CVE-2019-6690-python-gnupg-vulnerability", + "owner": { + "login": "stigtsp", + "id": 75371, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/75371?v=4", + "html_url": "https:\/\/github.com\/stigtsp" + }, + "html_url": "https:\/\/github.com\/stigtsp\/CVE-2019-6690-python-gnupg-vulnerability", + "description": null, + "fork": false, + "created_at": "2019-01-20T15:29:46Z", + "updated_at": "2019-09-22T10:45:25Z", + "pushed_at": "2019-09-21T17:35:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 179225702, + "name": "CVE-2019-6690", + "full_name": "brianwrf\/CVE-2019-6690", + "owner": { + "login": "brianwrf", + "id": 8141813, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/8141813?v=4", + "html_url": "https:\/\/github.com\/brianwrf" + }, + "html_url": "https:\/\/github.com\/brianwrf\/CVE-2019-6690", + "description": "It is a simple PoC of Improper Input Validation in python-gnupg 0.4.3 (CVE-2019-6690).", + "fork": false, + "created_at": "2019-04-03T06:34:48Z", + "updated_at": "2019-04-08T14:49:17Z", + "pushed_at": "2019-04-03T07:57:14Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 1, + "forks": 1, + "watchers": 6, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6715.json b/2019/CVE-2019-6715.json new file mode 100644 index 0000000000..d8a12b3de1 --- /dev/null +++ b/2019/CVE-2019-6715.json @@ -0,0 +1,25 @@ +[ + { + "id": 221241280, + "name": "cve-2019-6715", + "full_name": "random-robbie\/cve-2019-6715", + "owner": { + "login": "random-robbie", + "id": 4902869, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/4902869?v=4", + "html_url": "https:\/\/github.com\/random-robbie" + }, + "html_url": "https:\/\/github.com\/random-robbie\/cve-2019-6715", + "description": null, + "fork": false, + "created_at": "2019-11-12T14:47:25Z", + "updated_at": "2020-01-11T10:10:24Z", + "pushed_at": "2019-11-12T14:54:10Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 2, + "forks": 2, + "watchers": 7, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7216.json b/2019/CVE-2019-7216.json new file mode 100644 index 0000000000..2506034ea5 --- /dev/null +++ b/2019/CVE-2019-7216.json @@ -0,0 +1,25 @@ +[ + { + "id": 168365175, + "name": "CVE-2019-7216", + "full_name": "Ekultek\/CVE-2019-7216", + "owner": { + "login": "Ekultek", + "id": 14183473, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/14183473?v=4", + "html_url": "https:\/\/github.com\/Ekultek" + }, + "html_url": "https:\/\/github.com\/Ekultek\/CVE-2019-7216", + "description": "Filechucker filter bypass Proof Of Concept", + "fork": false, + "created_at": "2019-01-30T15:23:40Z", + "updated_at": "2020-03-30T04:22:37Z", + "pushed_at": "2019-02-01T16:56:53Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 6, + "forks": 6, + "watchers": 10, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7219.json b/2019/CVE-2019-7219.json new file mode 100644 index 0000000000..dcbab25536 --- /dev/null +++ b/2019/CVE-2019-7219.json @@ -0,0 +1,25 @@ +[ + { + "id": 170672635, + "name": "CVE-2019-7219", + "full_name": "verifysecurity\/CVE-2019-7219", + "owner": { + "login": "verifysecurity", + "id": 17159314, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/17159314?v=4", + "html_url": "https:\/\/github.com\/verifysecurity" + }, + "html_url": "https:\/\/github.com\/verifysecurity\/CVE-2019-7219", + "description": "CVE-2019-7219", + "fork": false, + "created_at": "2019-02-14T10:24:48Z", + "updated_at": "2019-04-12T19:30:42Z", + "pushed_at": "2019-04-12T19:30:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7238.json b/2019/CVE-2019-7238.json new file mode 100644 index 0000000000..9a7aaf139f --- /dev/null +++ b/2019/CVE-2019-7238.json @@ -0,0 +1,94 @@ +[ + { + "id": 172401532, + "name": "CVE-2019-7238", + "full_name": "mpgn\/CVE-2019-7238", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-7238", + "description": "🐱‍💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱‍💻", + "fork": false, + "created_at": "2019-02-24T23:09:43Z", + "updated_at": "2020-06-27T16:17:46Z", + "pushed_at": "2019-02-25T07:37:07Z", + "stargazers_count": 128, + "watchers_count": 128, + "forks_count": 42, + "forks": 42, + "watchers": 128, + "score": 0 + }, + { + "id": 187840869, + "name": "CVE-2019-7238", + "full_name": "jas502n\/CVE-2019-7238", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-7238", + "description": "Nexus Repository Manager 3 Remote Code Execution without authentication < 3.15.0", + "fork": false, + "created_at": "2019-05-21T13:16:02Z", + "updated_at": "2020-07-16T10:38:25Z", + "pushed_at": "2019-08-19T17:33:56Z", + "stargazers_count": 54, + "watchers_count": 54, + "forks_count": 17, + "forks": 17, + "watchers": 54, + "score": 0 + }, + { + "id": 199046172, + "name": "nexus_rce_CVE-2019-7238", + "full_name": "verctor\/nexus_rce_CVE-2019-7238", + "owner": { + "login": "verctor", + "id": 24811125, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/24811125?v=4", + "html_url": "https:\/\/github.com\/verctor" + }, + "html_url": "https:\/\/github.com\/verctor\/nexus_rce_CVE-2019-7238", + "description": "Some debug notes and exploit(not blind)", + "fork": false, + "created_at": "2019-07-26T16:08:40Z", + "updated_at": "2020-06-16T06:46:15Z", + "pushed_at": "2019-07-28T02:32:07Z", + "stargazers_count": 34, + "watchers_count": 34, + "forks_count": 7, + "forks": 7, + "watchers": 34, + "score": 0 + }, + { + "id": 233010845, + "name": "CVE-2019-7238_Nexus_RCE_Tool", + "full_name": "magicming200\/CVE-2019-7238_Nexus_RCE_Tool", + "owner": { + "login": "magicming200", + "id": 23466759, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/23466759?v=4", + "html_url": "https:\/\/github.com\/magicming200" + }, + "html_url": "https:\/\/github.com\/magicming200\/CVE-2019-7238_Nexus_RCE_Tool", + "description": "CVE-2019-7238 Nexus RCE漏洞图形化一键检测工具。CVE-2019-7238 Nexus RCE Vul POC Tool.", + "fork": false, + "created_at": "2020-01-10T09:19:10Z", + "updated_at": "2020-05-08T13:20:00Z", + "pushed_at": "2020-01-15T08:36:05Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 6, + "forks": 6, + "watchers": 13, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7304.json b/2019/CVE-2019-7304.json new file mode 100644 index 0000000000..78db76c9d6 --- /dev/null +++ b/2019/CVE-2019-7304.json @@ -0,0 +1,48 @@ +[ + { + "id": 170261590, + "name": "dirty_sock", + "full_name": "initstring\/dirty_sock", + "owner": { + "login": "initstring", + "id": 26131150, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/26131150?v=4", + "html_url": "https:\/\/github.com\/initstring" + }, + "html_url": "https:\/\/github.com\/initstring\/dirty_sock", + "description": "Linux privilege escalation exploit via snapd (CVE-2019-7304)", + "fork": false, + "created_at": "2019-02-12T06:02:06Z", + "updated_at": "2020-07-18T17:40:17Z", + "pushed_at": "2019-05-09T21:34:26Z", + "stargazers_count": 513, + "watchers_count": 513, + "forks_count": 107, + "forks": 107, + "watchers": 513, + "score": 0 + }, + { + "id": 170741210, + "name": "CVE-2019-7304_DirtySock", + "full_name": "SecuritySi\/CVE-2019-7304_DirtySock", + "owner": { + "login": "SecuritySi", + "id": 7517443, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7517443?v=4", + "html_url": "https:\/\/github.com\/SecuritySi" + }, + "html_url": "https:\/\/github.com\/SecuritySi\/CVE-2019-7304_DirtySock", + "description": "Payload Generator", + "fork": false, + "created_at": "2019-02-14T18:48:56Z", + "updated_at": "2019-03-05T06:03:09Z", + "pushed_at": "2019-02-14T18:49:32Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 2, + "forks": 2, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7609.json b/2019/CVE-2019-7609.json index 27c4fa4ebb..28cb4f0e86 100644 --- a/2019/CVE-2019-7609.json +++ b/2019/CVE-2019-7609.json @@ -1,4 +1,96 @@ [ + { + "id": 215933649, + "name": "kibana-RCE", + "full_name": "jas502n\/kibana-RCE", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/kibana-RCE", + "description": "kibana < 6.6.0 未授权远程代码命令执行 (Need Timelion And Canvas),CVE-2019-7609", + "fork": false, + "created_at": "2019-10-18T03:25:22Z", + "updated_at": "2020-06-27T15:50:54Z", + "pushed_at": "2019-10-22T06:44:20Z", + "stargazers_count": 77, + "watchers_count": 77, + "forks_count": 17, + "forks": 17, + "watchers": 77, + "score": 0 + }, + { + "id": 216505019, + "name": "CVE-2019-7609", + "full_name": "mpgn\/CVE-2019-7609", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-7609", + "description": "RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer", + "fork": false, + "created_at": "2019-10-21T07:32:31Z", + "updated_at": "2020-07-18T11:23:17Z", + "pushed_at": "2019-12-20T14:28:44Z", + "stargazers_count": 22, + "watchers_count": 22, + "forks_count": 8, + "forks": 8, + "watchers": 22, + "score": 0 + }, + { + "id": 216602890, + "name": "CVE-2019-7609", + "full_name": "LandGrey\/CVE-2019-7609", + "owner": { + "login": "LandGrey", + "id": 16769779, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16769779?v=4", + "html_url": "https:\/\/github.com\/LandGrey" + }, + "html_url": "https:\/\/github.com\/LandGrey\/CVE-2019-7609", + "description": "exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts", + "fork": false, + "created_at": "2019-10-21T15:31:13Z", + "updated_at": "2020-07-12T16:30:27Z", + "pushed_at": "2019-10-23T07:10:35Z", + "stargazers_count": 91, + "watchers_count": 91, + "forks_count": 32, + "forks": 32, + "watchers": 91, + "score": 0 + }, + { + "id": 225175128, + "name": "CVE-2019-7609", + "full_name": "hekadan\/CVE-2019-7609", + "owner": { + "login": "hekadan", + "id": 57190788, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/57190788?v=4", + "html_url": "https:\/\/github.com\/hekadan" + }, + "html_url": "https:\/\/github.com\/hekadan\/CVE-2019-7609", + "description": null, + "fork": false, + "created_at": "2019-12-01T14:29:22Z", + "updated_at": "2020-04-28T02:57:04Z", + "pushed_at": "2019-12-01T14:34:37Z", + "stargazers_count": 19, + "watchers_count": 19, + "forks_count": 2, + "forks": 2, + "watchers": 19, + "score": 0 + }, { "id": 252699702, "name": "CVE-2019-7609", diff --git a/2019/CVE-2019-7610.json b/2019/CVE-2019-7610.json new file mode 100644 index 0000000000..6ba8d42e6d --- /dev/null +++ b/2019/CVE-2019-7610.json @@ -0,0 +1,25 @@ +[ + { + "id": 219403020, + "name": "CVE-2019-7610", + "full_name": "whoami0622\/CVE-2019-7610", + "owner": { + "login": "whoami0622", + "id": 18344039, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/18344039?v=4", + "html_url": "https:\/\/github.com\/whoami0622" + }, + "html_url": "https:\/\/github.com\/whoami0622\/CVE-2019-7610", + "description": null, + "fork": false, + "created_at": "2019-11-04T02:42:40Z", + "updated_at": "2020-06-19T09:31:43Z", + "pushed_at": "2019-10-30T18:00:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7642.json b/2019/CVE-2019-7642.json new file mode 100644 index 0000000000..f588be6302 --- /dev/null +++ b/2019/CVE-2019-7642.json @@ -0,0 +1,25 @@ +[ + { + "id": 173723117, + "name": "CVE-2019-7642", + "full_name": "xw77cve\/CVE-2019-7642", + "owner": { + "login": "xw77cve", + "id": 48202281, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/48202281?v=4", + "html_url": "https:\/\/github.com\/xw77cve" + }, + "html_url": "https:\/\/github.com\/xw77cve\/CVE-2019-7642", + "description": null, + "fork": false, + "created_at": "2019-03-04T10:24:04Z", + "updated_at": "2019-10-04T12:40:46Z", + "pushed_at": "2019-03-04T11:04:30Z", + "stargazers_count": 15, + "watchers_count": 15, + "forks_count": 1, + "forks": 1, + "watchers": 15, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7839.json b/2019/CVE-2019-7839.json new file mode 100644 index 0000000000..f995e6aa13 --- /dev/null +++ b/2019/CVE-2019-7839.json @@ -0,0 +1,25 @@ +[ + { + "id": 200336681, + "name": "CVE-2019-7839", + "full_name": "securifera\/CVE-2019-7839", + "owner": { + "login": "securifera", + "id": 12126525, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/12126525?v=4", + "html_url": "https:\/\/github.com\/securifera" + }, + "html_url": "https:\/\/github.com\/securifera\/CVE-2019-7839", + "description": "CVE-2019-7839", + "fork": false, + "created_at": "2019-08-03T05:39:22Z", + "updated_at": "2020-03-30T03:50:21Z", + "pushed_at": "2019-08-03T05:47:59Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 4, + "forks": 4, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8389.json b/2019/CVE-2019-8389.json new file mode 100644 index 0000000000..d02f070da8 --- /dev/null +++ b/2019/CVE-2019-8389.json @@ -0,0 +1,25 @@ +[ + { + "id": 171097356, + "name": "CVE-2019-8389", + "full_name": "shawarkhanethicalhacker\/CVE-2019-8389", + "owner": { + "login": "shawarkhanethicalhacker", + "id": 41706151, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/41706151?v=4", + "html_url": "https:\/\/github.com\/shawarkhanethicalhacker" + }, + "html_url": "https:\/\/github.com\/shawarkhanethicalhacker\/CVE-2019-8389", + "description": " [CVE-2019-8389] An exploit code for exploiting a local file read vulnerability in Musicloud v1.6 iOS Application ", + "fork": false, + "created_at": "2019-02-17T08:10:50Z", + "updated_at": "2019-12-06T13:47:51Z", + "pushed_at": "2019-02-17T08:40:06Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 5, + "forks": 5, + "watchers": 7, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8451.json b/2019/CVE-2019-8451.json new file mode 100644 index 0000000000..563dbfafa4 --- /dev/null +++ b/2019/CVE-2019-8451.json @@ -0,0 +1,94 @@ +[ + { + "id": 208774563, + "name": "CVE-2019-8451", + "full_name": "0xbug\/CVE-2019-8451", + "owner": { + "login": "0xbug", + "id": 12611275, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/12611275?v=4", + "html_url": "https:\/\/github.com\/0xbug" + }, + "html_url": "https:\/\/github.com\/0xbug\/CVE-2019-8451", + "description": "https:\/\/jira.atlassian.com\/browse\/JRASERVER-69793", + "fork": false, + "created_at": "2019-09-16T10:39:40Z", + "updated_at": "2019-11-06T12:26:45Z", + "pushed_at": "2019-09-16T10:47:45Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 2, + "forks": 2, + "watchers": 10, + "score": 0 + }, + { + "id": 210587808, + "name": "CVE-2019-8451", + "full_name": "ianxtianxt\/CVE-2019-8451", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2019-8451", + "description": null, + "fork": false, + "created_at": "2019-09-24T11:38:20Z", + "updated_at": "2019-09-24T11:40:02Z", + "pushed_at": "2019-09-24T11:40:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 3, + "forks": 3, + "watchers": 0, + "score": 0 + }, + { + "id": 211003999, + "name": "CVE-2019-8451", + "full_name": "jas502n\/CVE-2019-8451", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-8451", + "description": "Jira未授权SSRF漏洞", + "fork": false, + "created_at": "2019-09-26T05:06:11Z", + "updated_at": "2020-01-09T02:46:08Z", + "pushed_at": "2019-09-30T01:45:50Z", + "stargazers_count": 24, + "watchers_count": 24, + "forks_count": 10, + "forks": 10, + "watchers": 24, + "score": 0 + }, + { + "id": 211424148, + "name": "Jira-CVE-2019-8451", + "full_name": "h0ffayyy\/Jira-CVE-2019-8451", + "owner": { + "login": "h0ffayyy", + "id": 6510183, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/6510183?v=4", + "html_url": "https:\/\/github.com\/h0ffayyy" + }, + "html_url": "https:\/\/github.com\/h0ffayyy\/Jira-CVE-2019-8451", + "description": "POC to check for Jira instances vulnerable to CVE-2019-8451", + "fork": false, + "created_at": "2019-09-28T01:01:26Z", + "updated_at": "2019-09-28T03:45:49Z", + "pushed_at": "2019-09-28T03:13:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8513.json b/2019/CVE-2019-8513.json new file mode 100644 index 0000000000..812daadeed --- /dev/null +++ b/2019/CVE-2019-8513.json @@ -0,0 +1,25 @@ +[ + { + "id": 184210054, + "name": "cve-2019-8513", + "full_name": "genknife\/cve-2019-8513", + "owner": { + "login": "genknife", + "id": 47594735, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/47594735?v=4", + "html_url": "https:\/\/github.com\/genknife" + }, + "html_url": "https:\/\/github.com\/genknife\/cve-2019-8513", + "description": null, + "fork": false, + "created_at": "2019-04-30T07:06:23Z", + "updated_at": "2019-07-10T02:57:11Z", + "pushed_at": "2019-07-10T02:57:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8540.json b/2019/CVE-2019-8540.json new file mode 100644 index 0000000000..a97ad71456 --- /dev/null +++ b/2019/CVE-2019-8540.json @@ -0,0 +1,25 @@ +[ + { + "id": 187144564, + "name": "CVE-2019-8540", + "full_name": "maldiohead\/CVE-2019-8540", + "owner": { + "login": "maldiohead", + "id": 23315692, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23315692?v=4", + "html_url": "https:\/\/github.com\/maldiohead" + }, + "html_url": "https:\/\/github.com\/maldiohead\/CVE-2019-8540", + "description": "Kernel Stack info leak at exportObjectToClient function", + "fork": false, + "created_at": "2019-05-17T04:07:14Z", + "updated_at": "2019-09-14T06:35:22Z", + "pushed_at": "2019-05-21T08:32:39Z", + "stargazers_count": 33, + "watchers_count": 33, + "forks_count": 15, + "forks": 15, + "watchers": 33, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8565.json b/2019/CVE-2019-8565.json new file mode 100644 index 0000000000..bac7d628a1 --- /dev/null +++ b/2019/CVE-2019-8565.json @@ -0,0 +1,25 @@ +[ + { + "id": 184996067, + "name": "cve-2019-8565", + "full_name": "genknife\/cve-2019-8565", + "owner": { + "login": "genknife", + "id": 47594735, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/47594735?v=4", + "html_url": "https:\/\/github.com\/genknife" + }, + "html_url": "https:\/\/github.com\/genknife\/cve-2019-8565", + "description": null, + "fork": false, + "created_at": "2019-05-05T07:34:05Z", + "updated_at": "2019-07-10T02:58:35Z", + "pushed_at": "2019-07-10T02:58:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8601.json b/2019/CVE-2019-8601.json new file mode 100644 index 0000000000..3b9037ddd0 --- /dev/null +++ b/2019/CVE-2019-8601.json @@ -0,0 +1,25 @@ +[ + { + "id": 231278850, + "name": "CVE-2019-8601", + "full_name": "BadAccess11\/CVE-2019-8601", + "owner": { + "login": "BadAccess11", + "id": 59069469, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/59069469?v=4", + "html_url": "https:\/\/github.com\/BadAccess11" + }, + "html_url": "https:\/\/github.com\/BadAccess11\/CVE-2019-8601", + "description": "Exploiting a patched vulnerability in JavaScriptCore", + "fork": false, + "created_at": "2020-01-02T00:12:22Z", + "updated_at": "2020-05-27T09:32:18Z", + "pushed_at": "2020-01-02T00:13:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8627.json b/2019/CVE-2019-8627.json new file mode 100644 index 0000000000..843351e01f --- /dev/null +++ b/2019/CVE-2019-8627.json @@ -0,0 +1,25 @@ +[ + { + "id": 187134540, + "name": "CVE-2019-8627", + "full_name": "maldiohead\/CVE-2019-8627", + "owner": { + "login": "maldiohead", + "id": 23315692, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23315692?v=4", + "html_url": "https:\/\/github.com\/maldiohead" + }, + "html_url": "https:\/\/github.com\/maldiohead\/CVE-2019-8627", + "description": "a kernel information leak on macOS<= 10.14.4", + "fork": false, + "created_at": "2019-05-17T02:40:39Z", + "updated_at": "2019-10-30T05:52:25Z", + "pushed_at": "2019-05-24T08:44:05Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 5, + "forks": 5, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8781.json b/2019/CVE-2019-8781.json new file mode 100644 index 0000000000..8de0f7d6c9 --- /dev/null +++ b/2019/CVE-2019-8781.json @@ -0,0 +1,48 @@ +[ + { + "id": 209122833, + "name": "macOS-Kernel-Exploit", + "full_name": "A2nkF\/macOS-Kernel-Exploit", + "owner": { + "login": "A2nkF", + "id": 30269068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/30269068?v=4", + "html_url": "https:\/\/github.com\/A2nkF" + }, + "html_url": "https:\/\/github.com\/A2nkF\/macOS-Kernel-Exploit", + "description": "macOS Kernel Exploit for CVE-2019-8781. Credit for the bug goes to @LinusHenze :).", + "fork": false, + "created_at": "2019-09-17T17:59:26Z", + "updated_at": "2020-07-18T18:14:46Z", + "pushed_at": "2019-10-15T17:05:38Z", + "stargazers_count": 272, + "watchers_count": 272, + "forks_count": 47, + "forks": 47, + "watchers": 272, + "score": 0 + }, + { + "id": 217838487, + "name": "CVE-2019-8781-macOS", + "full_name": "TrungNguyen1909\/CVE-2019-8781-macOS", + "owner": { + "login": "TrungNguyen1909", + "id": 22745058, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22745058?v=4", + "html_url": "https:\/\/github.com\/TrungNguyen1909" + }, + "html_url": "https:\/\/github.com\/TrungNguyen1909\/CVE-2019-8781-macOS", + "description": "Exploit POC for the bug CVE-2019-8781, found by @LinusHenze", + "fork": false, + "created_at": "2019-10-27T10:28:35Z", + "updated_at": "2020-04-01T13:38:19Z", + "pushed_at": "2019-10-27T10:30:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8942.json b/2019/CVE-2019-8942.json new file mode 100644 index 0000000000..3d0d8cbb15 --- /dev/null +++ b/2019/CVE-2019-8942.json @@ -0,0 +1,48 @@ +[ + { + "id": 172448763, + "name": "WordPress_4.9.8_RCE_POC", + "full_name": "brianwrf\/WordPress_4.9.8_RCE_POC", + "owner": { + "login": "brianwrf", + "id": 8141813, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/8141813?v=4", + "html_url": "https:\/\/github.com\/brianwrf" + }, + "html_url": "https:\/\/github.com\/brianwrf\/WordPress_4.9.8_RCE_POC", + "description": "A simple PoC for WordPress RCE (author priviledge), refer to CVE-2019-8942 and CVE-2019-8943.", + "fork": false, + "created_at": "2019-02-25T06:38:15Z", + "updated_at": "2020-07-17T00:43:12Z", + "pushed_at": "2019-03-18T01:20:52Z", + "stargazers_count": 57, + "watchers_count": 57, + "forks_count": 19, + "forks": 19, + "watchers": 57, + "score": 0 + }, + { + "id": 184548123, + "name": "CVE-2019-8942", + "full_name": "synacktiv\/CVE-2019-8942", + "owner": { + "login": "synacktiv", + "id": 50145679, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/50145679?v=4", + "html_url": "https:\/\/github.com\/synacktiv" + }, + "html_url": "https:\/\/github.com\/synacktiv\/CVE-2019-8942", + "description": "WordPress crop-image exploitation", + "fork": false, + "created_at": "2019-05-02T08:41:11Z", + "updated_at": "2019-08-28T08:04:32Z", + "pushed_at": "2019-05-02T08:42:50Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8956.json b/2019/CVE-2019-8956.json new file mode 100644 index 0000000000..26cdf0a047 --- /dev/null +++ b/2019/CVE-2019-8956.json @@ -0,0 +1,25 @@ +[ + { + "id": 188973928, + "name": "CVE-2019-8956", + "full_name": "butterflyhack\/CVE-2019-8956", + "owner": { + "login": "butterflyhack", + "id": 11525772, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/11525772?v=4", + "html_url": "https:\/\/github.com\/butterflyhack" + }, + "html_url": "https:\/\/github.com\/butterflyhack\/CVE-2019-8956", + "description": "sctp-PoC", + "fork": false, + "created_at": "2019-05-28T07:09:17Z", + "updated_at": "2020-04-13T01:07:35Z", + "pushed_at": "2019-05-28T07:15:56Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 0, + "forks": 0, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8978.json b/2019/CVE-2019-8978.json new file mode 100644 index 0000000000..59915d03f0 --- /dev/null +++ b/2019/CVE-2019-8978.json @@ -0,0 +1,25 @@ +[ + { + "id": 186045784, + "name": "CVE-2019-8978", + "full_name": "JoshuaMulliken\/CVE-2019-8978", + "owner": { + "login": "JoshuaMulliken", + "id": 36283247, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/36283247?v=4", + "html_url": "https:\/\/github.com\/JoshuaMulliken" + }, + "html_url": "https:\/\/github.com\/JoshuaMulliken\/CVE-2019-8978", + "description": "Banner Web Tailor and Banner Enterprise Identity Services Vulnerability Disclosure", + "fork": false, + "created_at": "2019-05-10T19:46:58Z", + "updated_at": "2019-12-16T20:26:11Z", + "pushed_at": "2019-12-16T20:26:09Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 2, + "forks": 2, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9153.json b/2019/CVE-2019-9153.json new file mode 100644 index 0000000000..5fe6163d67 --- /dev/null +++ b/2019/CVE-2019-9153.json @@ -0,0 +1,25 @@ +[ + { + "id": 207866616, + "name": "opgp-service-cve-2019-9153", + "full_name": "ZenyWay\/opgp-service-cve-2019-9153", + "owner": { + "login": "ZenyWay", + "id": 18708458, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/18708458?v=4", + "html_url": "https:\/\/github.com\/ZenyWay" + }, + "html_url": "https:\/\/github.com\/ZenyWay\/opgp-service-cve-2019-9153", + "description": "investigate vulnerability of opgp-service to message signature bypass (CVE-2019-9153) of openpgp", + "fork": false, + "created_at": "2019-09-11T17:17:03Z", + "updated_at": "2019-09-11T17:38:24Z", + "pushed_at": "2020-07-18T06:16:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9184.json b/2019/CVE-2019-9184.json new file mode 100644 index 0000000000..c289b57b8d --- /dev/null +++ b/2019/CVE-2019-9184.json @@ -0,0 +1,25 @@ +[ + { + "id": 175870177, + "name": "cve-2019-9184", + "full_name": "cved-sources\/cve-2019-9184", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2019-9184", + "description": "cve-2019-9184", + "fork": false, + "created_at": "2019-03-15T18:12:49Z", + "updated_at": "2019-03-15T18:15:09Z", + "pushed_at": "2019-03-15T18:15:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9194.json b/2019/CVE-2019-9194.json new file mode 100644 index 0000000000..adbf15afcf --- /dev/null +++ b/2019/CVE-2019-9194.json @@ -0,0 +1,25 @@ +[ + { + "id": 175870594, + "name": "cve-2019-9194", + "full_name": "cved-sources\/cve-2019-9194", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2019-9194", + "description": "cve-2019-9194", + "fork": false, + "created_at": "2019-03-15T18:16:27Z", + "updated_at": "2019-03-15T18:17:32Z", + "pushed_at": "2019-03-15T18:17:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9202.json b/2019/CVE-2019-9202.json new file mode 100644 index 0000000000..2b9769ed8d --- /dev/null +++ b/2019/CVE-2019-9202.json @@ -0,0 +1,25 @@ +[ + { + "id": 182127433, + "name": "CVE-2019-9202", + "full_name": "polict\/CVE-2019-9202", + "owner": { + "login": "polict", + "id": 18173936, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/18173936?v=4", + "html_url": "https:\/\/github.com\/polict" + }, + "html_url": "https:\/\/github.com\/polict\/CVE-2019-9202", + "description": "Nagios IM 2.6 remote code execution exploit: CSRF + SQLi + RCE + LPE --> remote root", + "fork": false, + "created_at": "2019-04-18T17:09:26Z", + "updated_at": "2020-02-05T08:41:23Z", + "pushed_at": "2019-04-18T17:18:40Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9580.json b/2019/CVE-2019-9580.json new file mode 100644 index 0000000000..d511dd9ec8 --- /dev/null +++ b/2019/CVE-2019-9580.json @@ -0,0 +1,25 @@ +[ + { + "id": 175478558, + "name": "CVE-2019-9580", + "full_name": "mpgn\/CVE-2019-9580", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-9580", + "description": "CVE-2019-9580 - StackStorm: exploiting CORS misconfiguration (null origin) to gain RCE", + "fork": false, + "created_at": "2019-03-13T18:37:18Z", + "updated_at": "2020-04-05T17:19:04Z", + "pushed_at": "2019-03-13T19:26:27Z", + "stargazers_count": 28, + "watchers_count": 28, + "forks_count": 5, + "forks": 5, + "watchers": 28, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9596.json b/2019/CVE-2019-9596.json new file mode 100644 index 0000000000..4db5ec5e28 --- /dev/null +++ b/2019/CVE-2019-9596.json @@ -0,0 +1,25 @@ +[ + { + "id": 187840640, + "name": "CVE-2019-9596-and-CVE-2019-9597", + "full_name": "gerwout\/CVE-2019-9596-and-CVE-2019-9597", + "owner": { + "login": "gerwout", + "id": 975427, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/975427?v=4", + "html_url": "https:\/\/github.com\/gerwout" + }, + "html_url": "https:\/\/github.com\/gerwout\/CVE-2019-9596-and-CVE-2019-9597", + "description": "Darktrace CSRF exploit ", + "fork": false, + "created_at": "2019-05-21T13:14:43Z", + "updated_at": "2019-05-27T13:32:46Z", + "pushed_at": "2019-05-24T11:49:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9599.json b/2019/CVE-2019-9599.json new file mode 100644 index 0000000000..7d239bc7ad --- /dev/null +++ b/2019/CVE-2019-9599.json @@ -0,0 +1,25 @@ +[ + { + "id": 169823560, + "name": "AirDroidPwner", + "full_name": "s4vitar\/AirDroidPwner", + "owner": { + "login": "s4vitar", + "id": 40530440, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/40530440?v=4", + "html_url": "https:\/\/github.com\/s4vitar" + }, + "html_url": "https:\/\/github.com\/s4vitar\/AirDroidPwner", + "description": "Programa ideal para robar toda la información de un dispositivo remotamente a través de la aplicación AirDroid. [CVE-2019-9599] (https:\/\/www.exploit-db.com\/exploits\/46337)", + "fork": false, + "created_at": "2019-02-09T02:18:37Z", + "updated_at": "2020-04-25T14:00:57Z", + "pushed_at": "2019-11-03T17:29:56Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 0, + "forks": 0, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9621.json b/2019/CVE-2019-9621.json new file mode 100644 index 0000000000..a6011c9bc9 --- /dev/null +++ b/2019/CVE-2019-9621.json @@ -0,0 +1,25 @@ +[ + { + "id": 185226722, + "name": "ZimbraExploit", + "full_name": "k8gege\/ZimbraExploit", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege" + }, + "html_url": "https:\/\/github.com\/k8gege\/ZimbraExploit", + "description": "Zimbra邮件系统漏洞 XXE\/RCE\/SSRF\/Upload GetShell Exploit 1. (CVE-2019-9621 Zimbra<8.8.11 XXE GetShell Exploit)", + "fork": false, + "created_at": "2019-05-06T15:47:20Z", + "updated_at": "2020-07-12T16:07:14Z", + "pushed_at": "2019-05-08T16:22:58Z", + "stargazers_count": 47, + "watchers_count": 47, + "forks_count": 25, + "forks": 25, + "watchers": 47, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9653.json b/2019/CVE-2019-9653.json new file mode 100644 index 0000000000..4fcbaee059 --- /dev/null +++ b/2019/CVE-2019-9653.json @@ -0,0 +1,25 @@ +[ + { + "id": 175789235, + "name": "CVE-2019-9653", + "full_name": "grayoneday\/CVE-2019-9653", + "owner": { + "login": "grayoneday", + "id": 28929076, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/28929076?v=4", + "html_url": "https:\/\/github.com\/grayoneday" + }, + "html_url": "https:\/\/github.com\/grayoneday\/CVE-2019-9653", + "description": null, + "fork": false, + "created_at": "2019-03-15T09:27:15Z", + "updated_at": "2019-03-15T09:32:42Z", + "pushed_at": "2019-03-15T09:32:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9670.json b/2019/CVE-2019-9670.json new file mode 100644 index 0000000000..b28fc4666e --- /dev/null +++ b/2019/CVE-2019-9670.json @@ -0,0 +1,48 @@ +[ + { + "id": 202659145, + "name": "Zimbra-RCE", + "full_name": "rek7\/Zimbra-RCE", + "owner": { + "login": "rek7", + "id": 25335191, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/25335191?v=4", + "html_url": "https:\/\/github.com\/rek7" + }, + "html_url": "https:\/\/github.com\/rek7\/Zimbra-RCE", + "description": "Zimbra RCE PoC - CVE-2019-9670 XXE\/SSRF", + "fork": false, + "created_at": "2019-08-16T04:37:11Z", + "updated_at": "2020-07-13T12:00:50Z", + "pushed_at": "2019-08-16T05:54:16Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 5, + "forks": 5, + "watchers": 10, + "score": 0 + }, + { + "id": 202751712, + "name": "Zimbra-RCE", + "full_name": "attackgithub\/Zimbra-RCE", + "owner": { + "login": "attackgithub", + "id": 45205753, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/45205753?v=4", + "html_url": "https:\/\/github.com\/attackgithub" + }, + "html_url": "https:\/\/github.com\/attackgithub\/Zimbra-RCE", + "description": "Zimbra RCE CVE-2019-9670", + "fork": false, + "created_at": "2019-08-16T15:22:27Z", + "updated_at": "2019-08-17T01:04:11Z", + "pushed_at": "2019-08-16T05:54:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 3, + "forks": 3, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9673.json b/2019/CVE-2019-9673.json new file mode 100644 index 0000000000..a380fffb64 --- /dev/null +++ b/2019/CVE-2019-9673.json @@ -0,0 +1,25 @@ +[ + { + "id": 175058439, + "name": "CVE-2019-9673", + "full_name": "mgrube\/CVE-2019-9673", + "owner": { + "login": "mgrube", + "id": 90159, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/90159?v=4", + "html_url": "https:\/\/github.com\/mgrube" + }, + "html_url": "https:\/\/github.com\/mgrube\/CVE-2019-9673", + "description": "Writeup", + "fork": false, + "created_at": "2019-03-11T18:16:15Z", + "updated_at": "2019-08-08T16:04:30Z", + "pushed_at": "2019-03-24T08:21:37Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9729.json b/2019/CVE-2019-9729.json new file mode 100644 index 0000000000..7ce46a98b2 --- /dev/null +++ b/2019/CVE-2019-9729.json @@ -0,0 +1,25 @@ +[ + { + "id": 175226868, + "name": "SdoKeyCrypt-sys-local-privilege-elevation", + "full_name": "HyperSine\/SdoKeyCrypt-sys-local-privilege-elevation", + "owner": { + "login": "HyperSine", + "id": 58699351, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/58699351?v=4", + "html_url": "https:\/\/github.com\/HyperSine" + }, + "html_url": "https:\/\/github.com\/HyperSine\/SdoKeyCrypt-sys-local-privilege-elevation", + "description": "CVE-2019-9729. Transferred from https:\/\/github.com\/DoubleLabyrinth\/SdoKeyCrypt-sys-local-privilege-elevation", + "fork": false, + "created_at": "2019-03-12T14:18:20Z", + "updated_at": "2020-05-31T02:35:38Z", + "pushed_at": "2019-03-13T01:24:21Z", + "stargazers_count": 81, + "watchers_count": 81, + "forks_count": 26, + "forks": 26, + "watchers": 81, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9730.json b/2019/CVE-2019-9730.json new file mode 100644 index 0000000000..b9914db372 --- /dev/null +++ b/2019/CVE-2019-9730.json @@ -0,0 +1,25 @@ +[ + { + "id": 181268125, + "name": "CVE-2019-9730", + "full_name": "jthuraisamy\/CVE-2019-9730", + "owner": { + "login": "jthuraisamy", + "id": 5413071, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/5413071?v=4", + "html_url": "https:\/\/github.com\/jthuraisamy" + }, + "html_url": "https:\/\/github.com\/jthuraisamy\/CVE-2019-9730", + "description": "Synaptics Audio Driver LPE", + "fork": false, + "created_at": "2019-04-14T06:16:34Z", + "updated_at": "2020-05-19T07:47:25Z", + "pushed_at": "2019-04-15T11:17:39Z", + "stargazers_count": 29, + "watchers_count": 29, + "forks_count": 10, + "forks": 10, + "watchers": 29, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9745.json b/2019/CVE-2019-9745.json new file mode 100644 index 0000000000..8067c0b094 --- /dev/null +++ b/2019/CVE-2019-9745.json @@ -0,0 +1,25 @@ +[ + { + "id": 215005621, + "name": "CVE-2019-9745", + "full_name": "KPN-CISO\/CVE-2019-9745", + "owner": { + "login": "KPN-CISO", + "id": 6069290, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/6069290?v=4", + "html_url": "https:\/\/github.com\/KPN-CISO" + }, + "html_url": "https:\/\/github.com\/KPN-CISO\/CVE-2019-9745", + "description": "Write-up on the CVE-2019-9745 vulnerability.", + "fork": false, + "created_at": "2019-10-14T09:44:44Z", + "updated_at": "2019-11-07T14:36:56Z", + "pushed_at": "2019-11-07T14:36:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9787.json b/2019/CVE-2019-9787.json index 09b375450d..cf7e7b4972 100644 --- a/2019/CVE-2019-9787.json +++ b/2019/CVE-2019-9787.json @@ -1,4 +1,50 @@ [ + { + "id": 181409411, + "name": "cve-2019-9787_csrf_poc", + "full_name": "rkatogit\/cve-2019-9787_csrf_poc", + "owner": { + "login": "rkatogit", + "id": 40052696, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/40052696?v=4", + "html_url": "https:\/\/github.com\/rkatogit" + }, + "html_url": "https:\/\/github.com\/rkatogit\/cve-2019-9787_csrf_poc", + "description": null, + "fork": false, + "created_at": "2019-04-15T03:59:44Z", + "updated_at": "2020-05-17T21:18:04Z", + "pushed_at": "2019-04-15T04:13:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 202961104, + "name": "CodePath_Week_7-8", + "full_name": "PalmTreeForest\/CodePath_Week_7-8", + "owner": { + "login": "PalmTreeForest", + "id": 30913112, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/30913112?v=4", + "html_url": "https:\/\/github.com\/PalmTreeForest" + }, + "html_url": "https:\/\/github.com\/PalmTreeForest\/CodePath_Week_7-8", + "description": "CodePath Assignment for Weeks 7 & 8: CVE-2017-14719, CVE-2019-9787 & Unauthenticated Page\/Post Content Modification via REST API", + "fork": false, + "created_at": "2019-08-18T04:50:37Z", + "updated_at": "2019-08-18T05:22:44Z", + "pushed_at": "2019-08-18T05:18:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 260468975, "name": "Wordpress_cve-2019-9787_defense", diff --git a/2019/CVE-2019-9810.json b/2019/CVE-2019-9810.json new file mode 100644 index 0000000000..2c340767bc --- /dev/null +++ b/2019/CVE-2019-9810.json @@ -0,0 +1,48 @@ +[ + { + "id": 177500802, + "name": "CVE-2019-9810-PoC", + "full_name": "xuechiyaobai\/CVE-2019-9810-PoC", + "owner": { + "login": "xuechiyaobai", + "id": 8443947, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8443947?v=4", + "html_url": "https:\/\/github.com\/xuechiyaobai" + }, + "html_url": "https:\/\/github.com\/xuechiyaobai\/CVE-2019-9810-PoC", + "description": "Array.prototype.slice wrong alias information.", + "fork": false, + "created_at": "2019-03-25T02:33:18Z", + "updated_at": "2020-05-17T11:45:11Z", + "pushed_at": "2019-03-25T02:41:43Z", + "stargazers_count": 69, + "watchers_count": 69, + "forks_count": 15, + "forks": 15, + "watchers": 69, + "score": 0 + }, + { + "id": 185060837, + "name": "CVE-2019-9810", + "full_name": "0vercl0k\/CVE-2019-9810", + "owner": { + "login": "0vercl0k", + "id": 1476421, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/1476421?v=4", + "html_url": "https:\/\/github.com\/0vercl0k" + }, + "html_url": "https:\/\/github.com\/0vercl0k\/CVE-2019-9810", + "description": "Exploit for CVE-2019-9810 Firefox on Windows 64-bit.", + "fork": false, + "created_at": "2019-05-05T17:19:02Z", + "updated_at": "2020-07-12T16:06:09Z", + "pushed_at": "2019-12-28T18:25:10Z", + "stargazers_count": 196, + "watchers_count": 196, + "forks_count": 53, + "forks": 53, + "watchers": 196, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9896.json b/2019/CVE-2019-9896.json new file mode 100644 index 0000000000..c4d103191c --- /dev/null +++ b/2019/CVE-2019-9896.json @@ -0,0 +1,25 @@ +[ + { + "id": 186455638, + "name": "vuln-chm-hijack", + "full_name": "yasinyilmaz\/vuln-chm-hijack", + "owner": { + "login": "yasinyilmaz", + "id": 37842751, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/37842751?v=4", + "html_url": "https:\/\/github.com\/yasinyilmaz" + }, + "html_url": "https:\/\/github.com\/yasinyilmaz\/vuln-chm-hijack", + "description": "Potential malicious code execution via CHM hijacking (CVE-2019-9896)", + "fork": false, + "created_at": "2019-05-13T16:17:06Z", + "updated_at": "2020-03-30T02:07:41Z", + "pushed_at": "2019-05-13T16:30:59Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 8, + "forks": 8, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9978.json b/2019/CVE-2019-9978.json new file mode 100644 index 0000000000..4674fb240b --- /dev/null +++ b/2019/CVE-2019-9978.json @@ -0,0 +1,94 @@ +[ + { + "id": 177681155, + "name": "CVE-2019-9978", + "full_name": "mpgn\/CVE-2019-9978", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-9978", + "description": "CVE-2019-9978 - RCE on a Wordpress plugin: Social Warfare < 3.5.3", + "fork": false, + "created_at": "2019-03-25T23:38:58Z", + "updated_at": "2020-04-05T17:18:01Z", + "pushed_at": "2019-05-09T13:36:42Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 2, + "forks": 2, + "watchers": 8, + "score": 0 + }, + { + "id": 184705705, + "name": "CVE-2019-9978", + "full_name": "hash3liZer\/CVE-2019-9978", + "owner": { + "login": "hash3liZer", + "id": 29171692, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29171692?v=4", + "html_url": "https:\/\/github.com\/hash3liZer" + }, + "html_url": "https:\/\/github.com\/hash3liZer\/CVE-2019-9978", + "description": "CVE-2019-9978 - (PoC) RCE in Social WarFare Plugin (<=3.5.2)", + "fork": false, + "created_at": "2019-05-03T05:57:44Z", + "updated_at": "2020-03-13T16:14:48Z", + "pushed_at": "2019-05-03T06:18:03Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 4, + "forks": 4, + "watchers": 9, + "score": 0 + }, + { + "id": 185125359, + "name": "CVE-2019-9978", + "full_name": "KTN1990\/CVE-2019-9978", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2019-9978", + "description": "Wordpress Social Warfare Remote Code Execution (AUTO UPLOAD SHELL)", + "fork": false, + "created_at": "2019-05-06T04:48:43Z", + "updated_at": "2019-08-27T00:27:37Z", + "pushed_at": "2019-05-07T04:46:20Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + }, + { + "id": 185264593, + "name": "cve-2019-9978", + "full_name": "cved-sources\/cve-2019-9978", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2019-9978", + "description": "cve-2019-9978", + "fork": false, + "created_at": "2019-05-06T20:11:20Z", + "updated_at": "2019-05-06T20:11:46Z", + "pushed_at": "2019-05-06T20:11:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0683.json b/2020/CVE-2020-0683.json index 6742fa57d7..dea122306c 100644 --- a/2020/CVE-2020-0683.json +++ b/2020/CVE-2020-0683.json @@ -13,13 +13,13 @@ "description": "CVE-2020-0683 - Windows MSI “Installer service” Elevation of Privilege", "fork": false, "created_at": "2020-02-11T16:42:34Z", - "updated_at": "2020-07-17T06:00:16Z", + "updated_at": "2020-07-19T08:22:54Z", "pushed_at": "2020-02-11T21:34:28Z", - "stargazers_count": 219, - "watchers_count": 219, + "stargazers_count": 221, + "watchers_count": 221, "forks_count": 46, "forks": 46, - "watchers": 219, + "watchers": 221, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1054.json b/2020/CVE-2020-1054.json index 719ce8de89..dd86a302c6 100644 --- a/2020/CVE-2020-1054.json +++ b/2020/CVE-2020-1054.json @@ -21,5 +21,28 @@ "forks": 23, "watchers": 66, "score": 0 + }, + { + "id": 280822745, + "name": "CVE-2020-1054", + "full_name": "Iamgublin\/CVE-2020-1054", + "owner": { + "login": "Iamgublin", + "id": 16526066, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16526066?v=4", + "html_url": "https:\/\/github.com\/Iamgublin" + }, + "html_url": "https:\/\/github.com\/Iamgublin\/CVE-2020-1054", + "description": null, + "fork": false, + "created_at": "2020-07-19T08:20:57Z", + "updated_at": "2020-07-19T08:24:13Z", + "pushed_at": "2020-07-19T08:24:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1350.json b/2020/CVE-2020-1350.json index c6154459b1..0dbcbe8b3f 100644 --- a/2020/CVE-2020-1350.json +++ b/2020/CVE-2020-1350.json @@ -13,13 +13,13 @@ "description": "NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST", "fork": false, "created_at": "2020-03-11T17:51:29Z", - "updated_at": "2020-07-18T14:36:36Z", + "updated_at": "2020-07-19T05:18:25Z", "pushed_at": "2020-07-17T20:58:16Z", - "stargazers_count": 22, - "watchers_count": 22, + "stargazers_count": 23, + "watchers_count": 23, "forks_count": 7, "forks": 7, - "watchers": 22, + "watchers": 23, "score": 0 }, { @@ -40,8 +40,8 @@ "pushed_at": "2020-07-18T10:32:27Z", "stargazers_count": 186, "watchers_count": 186, - "forks_count": 58, - "forks": 58, + "forks_count": 59, + "forks": 59, "watchers": 186, "score": 0 }, @@ -266,13 +266,13 @@ "description": "Scanner and Mitigator for CVE 2020-1350", "fork": false, "created_at": "2020-07-18T13:49:54Z", - "updated_at": "2020-07-18T14:05:57Z", + "updated_at": "2020-07-19T07:30:18Z", "pushed_at": "2020-07-18T14:05:55Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "forks_count": 0, "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1362.json b/2020/CVE-2020-1362.json index 3d0c6978d4..3c6d9e8075 100644 --- a/2020/CVE-2020-1362.json +++ b/2020/CVE-2020-1362.json @@ -13,13 +13,13 @@ "description": "writeup of CVE-2020-1362", "fork": false, "created_at": "2020-07-17T07:35:05Z", - "updated_at": "2020-07-19T03:08:29Z", + "updated_at": "2020-07-19T09:05:50Z", "pushed_at": "2020-07-17T07:54:26Z", - "stargazers_count": 91, - "watchers_count": 91, + "stargazers_count": 102, + "watchers_count": 102, "forks_count": 19, "forks": 19, - "watchers": 91, + "watchers": 102, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1938.json b/2020/CVE-2020-1938.json index 2585202a11..751da8b589 100644 --- a/2020/CVE-2020-1938.json +++ b/2020/CVE-2020-1938.json @@ -82,13 +82,13 @@ "description": "Cnvd-2020-10487 \/ cve-2020-1938, scanner tool", "fork": false, "created_at": "2020-02-20T21:00:15Z", - "updated_at": "2020-07-14T09:25:48Z", + "updated_at": "2020-07-19T07:42:08Z", "pushed_at": "2020-02-24T12:06:08Z", - "stargazers_count": 178, - "watchers_count": 178, + "stargazers_count": 179, + "watchers_count": 179, "forks_count": 79, "forks": 79, - "watchers": 178, + "watchers": 179, "score": 0 }, { diff --git a/2020/CVE-2020-2551.json b/2020/CVE-2020-2551.json index 3ec518710f..e5fd9de834 100644 --- a/2020/CVE-2020-2551.json +++ b/2020/CVE-2020-2551.json @@ -13,13 +13,13 @@ "description": "weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2020-07-18T02:31:28Z", + "updated_at": "2020-07-19T08:03:38Z", "pushed_at": "2020-07-05T12:59:42Z", - "stargazers_count": 508, - "watchers_count": 508, + "stargazers_count": 511, + "watchers_count": 511, "forks_count": 123, "forks": 123, - "watchers": 508, + "watchers": 511, "score": 0 }, { diff --git a/2020/CVE-2020-2883.json b/2020/CVE-2020-2883.json index 37a800f3b0..93173bd52b 100644 --- a/2020/CVE-2020-2883.json +++ b/2020/CVE-2020-2883.json @@ -13,13 +13,13 @@ "description": "Weblogic coherence.jar RCE", "fork": false, "created_at": "2020-05-10T09:04:43Z", - "updated_at": "2020-07-17T08:10:24Z", + "updated_at": "2020-07-19T06:43:48Z", "pushed_at": "2020-05-10T09:29:36Z", - "stargazers_count": 135, - "watchers_count": 135, + "stargazers_count": 136, + "watchers_count": 136, "forks_count": 27, "forks": 27, - "watchers": 135, + "watchers": 136, "score": 0 }, { diff --git a/2020/CVE-2020-5902.json b/2020/CVE-2020-5902.json index 7797403f31..d87bfada7f 100644 --- a/2020/CVE-2020-5902.json +++ b/2020/CVE-2020-5902.json @@ -13,13 +13,13 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-5902、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2020-07-18T15:07:07Z", + "updated_at": "2020-07-19T08:45:17Z", "pushed_at": "2020-07-14T10:20:14Z", - "stargazers_count": 1299, - "watchers_count": 1299, + "stargazers_count": 1300, + "watchers_count": 1300, "forks_count": 325, "forks": 325, - "watchers": 1299, + "watchers": 1300, "score": 0 }, { diff --git a/2020/CVE-2020-6287.json b/2020/CVE-2020-6287.json index 1ef7c0ad11..5480e51184 100644 --- a/2020/CVE-2020-6287.json +++ b/2020/CVE-2020-6287.json @@ -13,13 +13,13 @@ "description": "PoC for CVE-2020-6287, CVE-2020-6286 (SAP RECON vulnerability)", "fork": false, "created_at": "2020-07-15T15:20:09Z", - "updated_at": "2020-07-18T19:31:43Z", + "updated_at": "2020-07-19T07:12:46Z", "pushed_at": "2020-07-17T14:18:44Z", - "stargazers_count": 84, - "watchers_count": 84, + "stargazers_count": 85, + "watchers_count": 85, "forks_count": 23, "forks": 23, - "watchers": 84, + "watchers": 85, "score": 0 } ] \ No newline at end of file diff --git a/README.md b/README.md index a9808e3d2d..057f9da521 100644 --- a/README.md +++ b/README.md @@ -340,6 +340,7 @@ An elevation of privilege vulnerability exists in Windows when the Windows kerne - [0xeb-bp/cve-2020-1054](https://github.com/0xeb-bp/cve-2020-1054) +- [Iamgublin/CVE-2020-1054](https://github.com/Iamgublin/CVE-2020-1054) ### CVE-2020-1066 @@ -1678,13 +1679,72 @@ Insufficient validation of environment variables in the telnet client supplied i - [dreamsmasher/inetutils-CVE-2019-0053-Patched-PKGBUILD](https://github.com/dreamsmasher/inetutils-CVE-2019-0053-Patched-PKGBUILD) +### CVE-2019-0192 + + +In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side. + + +- [mpgn/CVE-2019-0192](https://github.com/mpgn/CVE-2019-0192) +- [Rapidsafeguard/Solr-RCE-CVE-2019-0192](https://github.com/Rapidsafeguard/Solr-RCE-CVE-2019-0192) + ### CVE-2019-0193 In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging / development of a DIH config. Since a DIH config can contain scripts, this parameter is a security risk. Starting with version 8.2.0 of Solr, use of this parameter requires setting the Java System property "enable.dih.dataConfigParam" to true. +- [xConsoIe/CVE-2019-0193](https://github.com/xConsoIe/CVE-2019-0193) +- [jas502n/CVE-2019-0193](https://github.com/jas502n/CVE-2019-0193) - [1135/solr_exploit](https://github.com/1135/solr_exploit) +- [jaychouzzk/CVE-2019-0193-exp](https://github.com/jaychouzzk/CVE-2019-0193-exp) + +### CVE-2019-0211 + + +In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected. + + +- [ozkanbilge/Apache-Exploit-2019](https://github.com/ozkanbilge/Apache-Exploit-2019) + +### CVE-2019-0227 + + +A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue. + + +- [ianxtianxt/cve-2019-0227](https://github.com/ianxtianxt/cve-2019-0227) + +### CVE-2019-0232 + + +When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet is disabled by default. The CGI option enableCmdLineArguments is disable by default in Tomcat 9.0.x (and will be disabled by default in all versions in response to this vulnerability). For a detailed explanation of the JRE behaviour, see Markus Wulftange's blog (https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html) and this archived MSDN blog (https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/). + + +- [pyn3rd/CVE-2019-0232](https://github.com/pyn3rd/CVE-2019-0232) +- [jas502n/CVE-2019-0232](https://github.com/jas502n/CVE-2019-0232) +- [CherishHair/CVE-2019-0232-EXP](https://github.com/CherishHair/CVE-2019-0232-EXP) +- [setrus/CVE-2019-0232](https://github.com/setrus/CVE-2019-0232) + +### CVE-2019-0539 + + +A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0567, CVE-2019-0568. + + +- [0x43434343/CVE-2019-0539](https://github.com/0x43434343/CVE-2019-0539) + +### CVE-2019-0604 + + +A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594. + + +- [linhlhq/CVE-2019-0604](https://github.com/linhlhq/CVE-2019-0604) +- [denmilu/CVE-2019-0604_sharepoint_CVE](https://github.com/denmilu/CVE-2019-0604_sharepoint_CVE) +- [k8gege/CVE-2019-0604](https://github.com/k8gege/CVE-2019-0604) +- [m5050/CVE-2019-0604](https://github.com/m5050/CVE-2019-0604) +- [boxhg/CVE-2019-0604](https://github.com/boxhg/CVE-2019-0604) ### CVE-2019-0623 @@ -1694,29 +1754,189 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - [DreamoneOnly/CVE-2019-0623-32-exp](https://github.com/DreamoneOnly/CVE-2019-0623-32-exp) +### CVE-2019-0678 + + +An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'. + + +- [c0d3G33k/CVE-2019-0678](https://github.com/c0d3G33k/CVE-2019-0678) + ### CVE-2019-0708 A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. +- [hook-s3c/CVE-2019-0708-poc](https://github.com/hook-s3c/CVE-2019-0708-poc) +- [SherlockSec/CVE-2019-0708](https://github.com/SherlockSec/CVE-2019-0708) +- [yetiddbb/CVE-2019-0708-PoC](https://github.com/yetiddbb/CVE-2019-0708-PoC) +- [p0p0p0/CVE-2019-0708-exploit](https://github.com/p0p0p0/CVE-2019-0708-exploit) +- [rockmelodies/CVE-2019-0708-Exploit](https://github.com/rockmelodies/CVE-2019-0708-Exploit) +- [matengfei000/CVE-2019-0708](https://github.com/matengfei000/CVE-2019-0708) +- [xiyangzuishuai/Dark-Network-CVE-2019-0708](https://github.com/xiyangzuishuai/Dark-Network-CVE-2019-0708) +- [temp-user-2014/CVE-2019-0708](https://github.com/temp-user-2014/CVE-2019-0708) +- [areusecure/CVE-2019-0708](https://github.com/areusecure/CVE-2019-0708) +- [pry0cc/cve-2019-0708-2](https://github.com/pry0cc/cve-2019-0708-2) +- [sbkcbig/CVE-2019-0708-EXPloit](https://github.com/sbkcbig/CVE-2019-0708-EXPloit) +- [sbkcbig/CVE-2019-0708-EXPloit-3389](https://github.com/sbkcbig/CVE-2019-0708-EXPloit-3389) +- [YSheldon/MS_T120](https://github.com/YSheldon/MS_T120) +- [k8gege/CVE-2019-0708](https://github.com/k8gege/CVE-2019-0708) +- [hotdog777714/RDS_CVE-2019-0708](https://github.com/hotdog777714/RDS_CVE-2019-0708) +- [jiansiting/CVE-2019-0708](https://github.com/jiansiting/CVE-2019-0708) +- [NullByteSuiteDevs/CVE-2019-0708](https://github.com/NullByteSuiteDevs/CVE-2019-0708) +- [thugcrowd/CVE-2019-0708](https://github.com/thugcrowd/CVE-2019-0708) +- [omaidf/CVE-2019-0708-PoC](https://github.com/omaidf/CVE-2019-0708-PoC) +- [blacksunwen/CVE-2019-0708](https://github.com/blacksunwen/CVE-2019-0708) +- [infenet/CVE-2019-0708](https://github.com/infenet/CVE-2019-0708) +- [n0auth/CVE-2019-0708](https://github.com/n0auth/CVE-2019-0708) +- [gildaaa/CVE-2019-0708](https://github.com/gildaaa/CVE-2019-0708) +- [sbkcbig/CVE-2019-0708-Poc-exploit](https://github.com/sbkcbig/CVE-2019-0708-Poc-exploit) +- [HackerJ0e/CVE-2019-0708](https://github.com/HackerJ0e/CVE-2019-0708) +- [syriusbughunt/CVE-2019-0708](https://github.com/syriusbughunt/CVE-2019-0708) +- [Barry-McCockiner/CVE-2019-0708](https://github.com/Barry-McCockiner/CVE-2019-0708) +- [ShadowBrokers-ExploitLeak/CVE-2019-0708](https://github.com/ShadowBrokers-ExploitLeak/CVE-2019-0708) +- [shumtheone/CVE-2019-0708](https://github.com/shumtheone/CVE-2019-0708) +- [safly/CVE-2019-0708](https://github.com/safly/CVE-2019-0708) +- [Jaky5155/cve-2019-0708-exp](https://github.com/Jaky5155/cve-2019-0708-exp) +- [fourtwizzy/CVE-2019-0708-Check-Device-Patch-Status](https://github.com/fourtwizzy/CVE-2019-0708-Check-Device-Patch-Status) +- [303sec/CVE-2019-0708](https://github.com/303sec/CVE-2019-0708) +- [f8al/CVE-2019-0708-POC](https://github.com/f8al/CVE-2019-0708-POC) +- [blockchainguard/CVE-2019-0708](https://github.com/blockchainguard/CVE-2019-0708) +- [haoge8090/CVE-2019-0708](https://github.com/haoge8090/CVE-2019-0708) +- [branbot1000/CVE-2019-0708](https://github.com/branbot1000/CVE-2019-0708) +- [yushiro/CVE-2019-0708](https://github.com/yushiro/CVE-2019-0708) +- [bilawalzardaer/CVE-2019-0708](https://github.com/bilawalzardaer/CVE-2019-0708) +- [skyshell20082008/CVE-2019-0708-PoC-Hitting-Path](https://github.com/skyshell20082008/CVE-2019-0708-PoC-Hitting-Path) +- [ttsite/CVE-2019-0708-](https://github.com/ttsite/CVE-2019-0708-) +- [ttsite/CVE-2019-0708](https://github.com/ttsite/CVE-2019-0708) +- [biggerwing/CVE-2019-0708-poc](https://github.com/biggerwing/CVE-2019-0708-poc) +- [n1xbyte/CVE-2019-0708](https://github.com/n1xbyte/CVE-2019-0708) +- [freeide/CVE-2019-0708](https://github.com/freeide/CVE-2019-0708) +- [edvacco/CVE-2019-0708-POC](https://github.com/edvacco/CVE-2019-0708-POC) +- [pry0cc/BlueKeepTracker](https://github.com/pry0cc/BlueKeepTracker) +- [zjw88282740/CVE-2019-0708-win7](https://github.com/zjw88282740/CVE-2019-0708-win7) +- [zerosum0x0/CVE-2019-0708](https://github.com/zerosum0x0/CVE-2019-0708) +- [herhe/CVE-2019-0708poc](https://github.com/herhe/CVE-2019-0708poc) +- [l9c/rdp0708scanner](https://github.com/l9c/rdp0708scanner) +- [major203/cve-2019-0708-scan](https://github.com/major203/cve-2019-0708-scan) +- [SugiB3o/Check-vuln-CVE-2019-0708](https://github.com/SugiB3o/Check-vuln-CVE-2019-0708) +- [gobysec/CVE-2019-0708](https://github.com/gobysec/CVE-2019-0708) +- [adalenv/CVE-2019-0708-Tool](https://github.com/adalenv/CVE-2019-0708-Tool) +- [smallFunction/CVE-2019-0708-POC](https://github.com/smallFunction/CVE-2019-0708-POC) +- [freeide/CVE-2019-0708-PoC-Exploit](https://github.com/freeide/CVE-2019-0708-PoC-Exploit) +- [robertdavidgraham/rdpscan](https://github.com/robertdavidgraham/rdpscan) +- [closethe/CVE-2019-0708-POC](https://github.com/closethe/CVE-2019-0708-POC) +- [krivegasa/Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit](https://github.com/krivegasa/Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit) +- [Rostelecom-CERT/bluekeepscan](https://github.com/Rostelecom-CERT/bluekeepscan) +- [Leoid/CVE-2019-0708](https://github.com/Leoid/CVE-2019-0708) +- [ht0Ruial/CVE-2019-0708Poc-BatchScanning](https://github.com/ht0Ruial/CVE-2019-0708Poc-BatchScanning) +- [oneoy/BlueKeep](https://github.com/oneoy/BlueKeep) +- [infiniti-team/CVE-2019-0708](https://github.com/infiniti-team/CVE-2019-0708) +- [haishanzheng/CVE-2019-0708-generate-hosts](https://github.com/haishanzheng/CVE-2019-0708-generate-hosts) +- [Ekultek/BlueKeep](https://github.com/Ekultek/BlueKeep) +- [UraSecTeam/CVE-2019-0708](https://github.com/UraSecTeam/CVE-2019-0708) +- [Gh0st0ne/rdpscan-BlueKeep](https://github.com/Gh0st0ne/rdpscan-BlueKeep) - [algo7/bluekeep_CVE-2019-0708_poc_to_exploit](https://github.com/algo7/bluekeep_CVE-2019-0708_poc_to_exploit) +- [JasonLOU/CVE-2019-0708](https://github.com/JasonLOU/CVE-2019-0708) +- [shun-gg/CVE-2019-0708](https://github.com/shun-gg/CVE-2019-0708) +- [AdministratorGithub/CVE-2019-0708](https://github.com/AdministratorGithub/CVE-2019-0708) +- [umarfarook882/CVE-2019-0708](https://github.com/umarfarook882/CVE-2019-0708) +- [HynekPetrak/detect_bluekeep.py](https://github.com/HynekPetrak/detect_bluekeep.py) +- [Wileysec/CVE-2019-0708-Batch-Blue-Screen](https://github.com/Wileysec/CVE-2019-0708-Batch-Blue-Screen) +- [Pa55w0rd/CVE-2019-0708](https://github.com/Pa55w0rd/CVE-2019-0708) - [at0mik/CVE-2019-0708-PoC](https://github.com/at0mik/CVE-2019-0708-PoC) +- [cream492/CVE-2019-0708-Msf--](https://github.com/cream492/CVE-2019-0708-Msf--) +- [wdfcc/CVE-2019-0708](https://github.com/wdfcc/CVE-2019-0708) +- [cvencoder/cve-2019-0708](https://github.com/cvencoder/cve-2019-0708) +- [ze0r/CVE-2019-0708-exp](https://github.com/ze0r/CVE-2019-0708-exp) +- [mekhalleh/cve-2019-0708](https://github.com/mekhalleh/cve-2019-0708) +- [cve-2019-0708-poc/cve-2019-0708](https://github.com/cve-2019-0708-poc/cve-2019-0708) +- [andripwn/CVE-2019-0708](https://github.com/andripwn/CVE-2019-0708) +- [0xeb-bp/bluekeep](https://github.com/0xeb-bp/bluekeep) +- [ntkernel0/CVE-2019-0708](https://github.com/ntkernel0/CVE-2019-0708) +- [dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-](https://github.com/dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-) +- [turingcompl33t/bluekeep](https://github.com/turingcompl33t/bluekeep) +- [fade-vivida/CVE-2019-0708-test](https://github.com/fade-vivida/CVE-2019-0708-test) +- [skommando/CVE-2019-0708](https://github.com/skommando/CVE-2019-0708) +- [RickGeex/msf-module-CVE-2019-0708](https://github.com/RickGeex/msf-module-CVE-2019-0708) +- [wqsemc/CVE-2019-0708](https://github.com/wqsemc/CVE-2019-0708) +- [mai-lang-chai/CVE-2019-0708-RCE](https://github.com/mai-lang-chai/CVE-2019-0708-RCE) +- [Micr067/CVE-2019-0708RDP-MSF](https://github.com/Micr067/CVE-2019-0708RDP-MSF) +- [adkinguzi/CVE-2019-0708-BlueKeep](https://github.com/adkinguzi/CVE-2019-0708-BlueKeep) +- [FrostsaberX/CVE-2019-0708](https://github.com/FrostsaberX/CVE-2019-0708) +- [qinggegeya/CVE-2019-0708-EXP-MSF-](https://github.com/qinggegeya/CVE-2019-0708-EXP-MSF-) +- [distance-vector/CVE-2019-0708](https://github.com/distance-vector/CVE-2019-0708) +- [0xFlag/CVE-2019-0708-test](https://github.com/0xFlag/CVE-2019-0708-test) +- [1aa87148377/CVE-2019-0708](https://github.com/1aa87148377/CVE-2019-0708) +- [coolboy4me/cve-2019-0708_bluekeep_rce](https://github.com/coolboy4me/cve-2019-0708_bluekeep_rce) +- [Cyb0r9/ispy](https://github.com/Cyb0r9/ispy) +- [shishibabyq/CVE-2019-0708](https://github.com/shishibabyq/CVE-2019-0708) +- [pwnhacker0x18/Wincrash](https://github.com/pwnhacker0x18/Wincrash) +- [R4v3nG/CVE-2019-0708-DOS](https://github.com/R4v3nG/CVE-2019-0708-DOS) - [lwtz/sudoku.py](https://github.com/lwtz/sudoku.py) +- [ulisesrc/-2-CVE-2019-0708](https://github.com/ulisesrc/-2-CVE-2019-0708) - [worawit/CVE-2019-0708](https://github.com/worawit/CVE-2019-0708) +- [cbwang505/CVE-2019-0708-EXP-Windows](https://github.com/cbwang505/CVE-2019-0708-EXP-Windows) - [eastmountyxz/CVE-2019-0708-Windows](https://github.com/eastmountyxz/CVE-2019-0708-Windows) - [JSec1337/Scanner-CVE-2019-0708](https://github.com/JSec1337/Scanner-CVE-2019-0708) - [wanghuohuobutailao/cve-2019-0708](https://github.com/wanghuohuobutailao/cve-2019-0708) - [nochemax/bLuEkEeP-GUI](https://github.com/nochemax/bLuEkEeP-GUI) +### CVE-2019-0709 + + +A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0620, CVE-2019-0722. + + +- [YHZX2013/CVE-2019-0709](https://github.com/YHZX2013/CVE-2019-0709) +- [qq431169079/CVE-2019-0709](https://github.com/qq431169079/CVE-2019-0709) + +### CVE-2019-0768 + + +A security feature bypass vulnerability exists when Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, and to allow requests that should otherwise be ignored, aka 'Internet Explorer Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0761. + + +- [ruthlezs/ie11_vbscript_exploit](https://github.com/ruthlezs/ie11_vbscript_exploit) + +### CVE-2019-0785 + + +A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'. + + +- [Jaky5155/CVE-2019-0785](https://github.com/Jaky5155/CVE-2019-0785) + +### CVE-2019-0803 + + +An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859. + + +- [ExpLife0011/CVE-2019-0803](https://github.com/ExpLife0011/CVE-2019-0803) + ### CVE-2019-0808 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797. +- [ze0r/cve-2019-0808-poc](https://github.com/ze0r/cve-2019-0808-poc) +- [rakesh143/CVE-2019-0808](https://github.com/rakesh143/CVE-2019-0808) +- [exodusintel/CVE-2019-0808](https://github.com/exodusintel/CVE-2019-0808) - [DreamoneOnly/CVE-2019-0808-32-64-exp](https://github.com/DreamoneOnly/CVE-2019-0808-32-64-exp) +### CVE-2019-0841 + + +An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836. + + +- [rogue-kdc/CVE-2019-0841](https://github.com/rogue-kdc/CVE-2019-0841) +- [denmilu/CVE-2019-0841](https://github.com/denmilu/CVE-2019-0841) +- [0x00-0x00/CVE-2019-0841-BYPASS](https://github.com/0x00-0x00/CVE-2019-0841-BYPASS) + ### CVE-2019-0859 @@ -1725,6 +1945,22 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - [Sheisback/CVE-2019-0859-1day-Exploit](https://github.com/Sheisback/CVE-2019-0859-1day-Exploit) +### CVE-2019-0888 + + +A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory, aka 'ActiveX Data Objects (ADO) Remote Code Execution Vulnerability'. + + +- [sophoslabs/CVE-2019-0888](https://github.com/sophoslabs/CVE-2019-0888) + +### CVE-2019-0986 + + +An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. + + +- [padovah4ck/CVE-2019-0986](https://github.com/padovah4ck/CVE-2019-0986) + ### CVE-2019-1040 @@ -1732,7 +1968,27 @@ A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle a - [Ridter/CVE-2019-1040](https://github.com/Ridter/CVE-2019-1040) +- [lazaars/UltraRealy_with_CVE-2019-1040](https://github.com/lazaars/UltraRealy_with_CVE-2019-1040) - [fox-it/cve-2019-1040-scanner](https://github.com/fox-it/cve-2019-1040-scanner) +- [wzxmt/CVE-2019-1040](https://github.com/wzxmt/CVE-2019-1040) + +### CVE-2019-1064 + + +An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. + + +- [RythmStick/CVE-2019-1064](https://github.com/RythmStick/CVE-2019-1064) +- [0x00-0x00/CVE-2019-1064](https://github.com/0x00-0x00/CVE-2019-1064) +- [attackgithub/CVE-2019-1064](https://github.com/attackgithub/CVE-2019-1064) + +### CVE-2019-1069 + + +An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations, aka 'Task Scheduler Elevation of Privilege Vulnerability'. + + +- [S3cur3Th1sSh1t/SharpPolarBear](https://github.com/S3cur3Th1sSh1t/SharpPolarBear) ### CVE-2019-1083 @@ -1742,6 +1998,22 @@ A denial of service vulnerability exists when Microsoft Common Object Runtime Li - [stevenseeley/HowCVE-2019-1083Works](https://github.com/stevenseeley/HowCVE-2019-1083Works) +### CVE-2019-1096 + + +An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. + + +- [ze0r/cve-2019-1096-poc](https://github.com/ze0r/cve-2019-1096-poc) + +### CVE-2019-1108 + + +An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory, aka 'Remote Desktop Protocol Client Information Disclosure Vulnerability'. + + +- [Lanph3re/cve-2019-1108](https://github.com/Lanph3re/cve-2019-1108) + ### CVE-2019-1125 @@ -1750,6 +2022,31 @@ An information disclosure vulnerability exists when certain central processing u - [bitdefender/swapgs-attack-poc](https://github.com/bitdefender/swapgs-attack-poc) +### CVE-2019-1132 + + +An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. + + +- [Vlad-tri/CVE-2019-1132](https://github.com/Vlad-tri/CVE-2019-1132) +- [petercc/CVE-2019-1132](https://github.com/petercc/CVE-2019-1132) + +### CVE-2019-1181 + + +A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1182, CVE-2019-1222, CVE-2019-1226. + + +- [major203/cve-2019-1181](https://github.com/major203/cve-2019-1181) + +### CVE-2019-1215 + + +An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1253, CVE-2019-1278, CVE-2019-1303. + + +- [bluefrostsecurity/CVE-2019-1215](https://github.com/bluefrostsecurity/CVE-2019-1215) + ### CVE-2019-1218 @@ -1758,6 +2055,25 @@ A spoofing vulnerability exists in the way Microsoft Outlook iOS software parses - [d0gukank/CVE-2019-1218](https://github.com/d0gukank/CVE-2019-1218) +### CVE-2019-1253 + + +An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1215, CVE-2019-1278, CVE-2019-1303. + + +- [rogue-kdc/CVE-2019-1253](https://github.com/rogue-kdc/CVE-2019-1253) +- [denmilu/CVE-2019-1253](https://github.com/denmilu/CVE-2019-1253) +- [padovah4ck/CVE-2019-1253](https://github.com/padovah4ck/CVE-2019-1253) +- [sgabe/CVE-2019-1253](https://github.com/sgabe/CVE-2019-1253) + +### CVE-2019-1315 + + +An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1339, CVE-2019-1342. + + +- [Mayter/CVE-2019-1315](https://github.com/Mayter/CVE-2019-1315) + ### CVE-2019-1351 @@ -1766,14 +2082,56 @@ A tampering vulnerability exists when Git for Visual Studio improperly handles v - [JonasDL/PruebaCVE20191351](https://github.com/JonasDL/PruebaCVE20191351) +### CVE-2019-1367 + + +A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1221. + + +- [mandarenmanman/CVE-2019-1367](https://github.com/mandarenmanman/CVE-2019-1367) + +### CVE-2019-1385 + + +An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'. + + +- [0x413x4/CVE-2019-1385](https://github.com/0x413x4/CVE-2019-1385) + ### CVE-2019-1388 An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'. +- [jas502n/CVE-2019-1388](https://github.com/jas502n/CVE-2019-1388) +- [jaychouzzk/CVE-2019-1388](https://github.com/jaychouzzk/CVE-2019-1388) - [sv3nbeast/CVE-2019-1388](https://github.com/sv3nbeast/CVE-2019-1388) +### CVE-2019-1402 + + +An information disclosure vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Information Disclosure Vulnerability'. + + +- [lauxjpn/CorruptQueryAccessWorkaround](https://github.com/lauxjpn/CorruptQueryAccessWorkaround) + +### CVE-2019-1405 + + +An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. + + +- [apt69/COMahawk](https://github.com/apt69/COMahawk) + +### CVE-2019-1422 + + +An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1420, CVE-2019-1423. + + +- [ze0r/cve-2019-1422](https://github.com/ze0r/cve-2019-1422) + ### CVE-2019-1458 @@ -1784,6 +2142,39 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - [unamer/CVE-2019-1458](https://github.com/unamer/CVE-2019-1458) - [DreamoneOnly/CVE-2019-1458-malware](https://github.com/DreamoneOnly/CVE-2019-1458-malware) +### CVE-2019-1476 + + +An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1483. + + +- [sgabe/CVE-2019-1476](https://github.com/sgabe/CVE-2019-1476) + +### CVE-2019-1579 + + +Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code. + + +- [securifera/CVE-2019-1579](https://github.com/securifera/CVE-2019-1579) + +### CVE-2019-1652 + + +A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands. The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious HTTP POST requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux shell as root. Cisco has released firmware updates that address this vulnerability. + + +- [0x27/CiscoRV320Dump](https://github.com/0x27/CiscoRV320Dump) + +### CVE-2019-1653 + + +A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability. + + +- [dubfr33/CVE-2019-1653](https://github.com/dubfr33/CVE-2019-1653) +- [shaheemirza/CiscoSpill](https://github.com/shaheemirza/CiscoSpill) + ### CVE-2019-1759 @@ -1792,35 +2183,148 @@ A vulnerability in access control list (ACL) functionality of the Gigabit Ethern - [r3m0t3nu11/CVE-2019-1759-csrf-js-rce](https://github.com/r3m0t3nu11/CVE-2019-1759-csrf-js-rce) +### CVE-2019-1821 + + +A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist because the software improperly validates user-supplied input. An attacker could exploit this vulnerability by uploading a malicious file to the administrative web interface. A successful exploit could allow the attacker to execute code with root-level privileges on the underlying operating system. + + +- [k8gege/CiscoExploit](https://github.com/k8gege/CiscoExploit) + +### CVE-2019-1987 + + +In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-118143775. + + +- [marcinguy/android-7-9-png-bug](https://github.com/marcinguy/android-7-9-png-bug) + +### CVE-2019-2107 + + +In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-130024844. + + +- [marcinguy/CVE-2019-2107](https://github.com/marcinguy/CVE-2019-2107) +- [infiniteLoopers/CVE-2019-2107](https://github.com/infiniteLoopers/CVE-2019-2107) + +### CVE-2019-2196 + + +In Download Provider, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-135269143 + + +- [IOActive/AOSP-DownloadProviderDbDumperSQLiLimit](https://github.com/IOActive/AOSP-DownloadProviderDbDumperSQLiLimit) + +### CVE-2019-2198 + + +In Download Provider, there is a possible SQL injection vulnerability. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-135270103 + + +- [IOActive/AOSP-DownloadProviderDbDumperSQLiWhere](https://github.com/IOActive/AOSP-DownloadProviderDbDumperSQLiWhere) + ### CVE-2019-2215 A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095 +- [timwr/CVE-2019-2215](https://github.com/timwr/CVE-2019-2215) +- [addhaloka/CVE-2019-2215](https://github.com/addhaloka/CVE-2019-2215) +- [kangtastic/cve-2019-2215](https://github.com/kangtastic/cve-2019-2215) - [marcinguy/CVE-2019-2215](https://github.com/marcinguy/CVE-2019-2215) - [LIznzn/CVE-2019-2215](https://github.com/LIznzn/CVE-2019-2215) - [DimitriFourny/cve-2019-2215](https://github.com/DimitriFourny/cve-2019-2215) - [c0n71nu3/android-kernel-exploitation-ashfaq-CVE-2019-2215](https://github.com/c0n71nu3/android-kernel-exploitation-ashfaq-CVE-2019-2215) - [sharif-dev/AndroidKernelVulnerability](https://github.com/sharif-dev/AndroidKernelVulnerability) +### CVE-2019-2525 + + +Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 5.6 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N). + + +- [Phantomn/VirtualBox_CVE-2019-2525-CVE-2019-2548](https://github.com/Phantomn/VirtualBox_CVE-2019-2525-CVE-2019-2548) +- [wotmd/VirtualBox-6.0.0-Exploit-1-day](https://github.com/wotmd/VirtualBox-6.0.0-Exploit-1-day) + +### CVE-2019-2615 + + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N). + + +- [chiaifan/CVE-2019-2615](https://github.com/chiaifan/CVE-2019-2615) + ### CVE-2019-2618 Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data as well as unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 5.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N). +- [pyn3rd/CVE-2019-2618](https://github.com/pyn3rd/CVE-2019-2618) +- [jas502n/cve-2019-2618](https://github.com/jas502n/cve-2019-2618) +- [wsfengfan/CVE-2019-2618-](https://github.com/wsfengfan/CVE-2019-2618-) - [dr0op/WeblogicScan](https://github.com/dr0op/WeblogicScan) +- [he1dan/cve-2019-2618](https://github.com/he1dan/cve-2019-2618) +- [ianxtianxt/cve-2019-2618](https://github.com/ianxtianxt/cve-2019-2618) - [0xn0ne/weblogicScanner](https://github.com/0xn0ne/weblogicScanner) +### CVE-2019-2725 + + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [shack2/javaserializetools](https://github.com/shack2/javaserializetools) +- [SkyBlueEternal/CNVD-C-2019-48814-CNNVD-201904-961](https://github.com/SkyBlueEternal/CNVD-C-2019-48814-CNNVD-201904-961) +- [iceMatcha/CNTA-2019-0014xCVE-2019-2725](https://github.com/iceMatcha/CNTA-2019-0014xCVE-2019-2725) +- [lasensio/cve-2019-2725](https://github.com/lasensio/cve-2019-2725) +- [davidmthomsen/CVE-2019-2725](https://github.com/davidmthomsen/CVE-2019-2725) +- [leerina/CVE-2019-2725](https://github.com/leerina/CVE-2019-2725) +- [zhusx110/cve-2019-2725](https://github.com/zhusx110/cve-2019-2725) +- [lufeirider/CVE-2019-2725](https://github.com/lufeirider/CVE-2019-2725) +- [CVCLabs/cve-2019-2725](https://github.com/CVCLabs/cve-2019-2725) +- [TopScrew/CVE-2019-2725](https://github.com/TopScrew/CVE-2019-2725) +- [welove88888/CVE-2019-2725](https://github.com/welove88888/CVE-2019-2725) +- [jiansiting/CVE-2019-2725](https://github.com/jiansiting/CVE-2019-2725) +- [kerlingcode/CVE-2019-2725](https://github.com/kerlingcode/CVE-2019-2725) +- [black-mirror/Weblogic](https://github.com/black-mirror/Weblogic) +- [pimps/CVE-2019-2725](https://github.com/pimps/CVE-2019-2725) +- [ianxtianxt/CVE-2019-2725](https://github.com/ianxtianxt/CVE-2019-2725) +- [GEIGEI123/CVE-2019-2725-POC](https://github.com/GEIGEI123/CVE-2019-2725-POC) +- [GGyao/weblogic_2019_2725_wls_batch](https://github.com/GGyao/weblogic_2019_2725_wls_batch) + ### CVE-2019-2729 Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). +- [waffl3ss/CVE-2019-2729](https://github.com/waffl3ss/CVE-2019-2729) - [ruthlezs/CVE-2019-2729-Exploit](https://github.com/ruthlezs/CVE-2019-2729-Exploit) +### CVE-2019-2888 + + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: EJB Container). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). + + +- [21superman/weblogic_cve-2019-2888](https://github.com/21superman/weblogic_cve-2019-2888) +- [jas502n/CVE-2019-2888](https://github.com/jas502n/CVE-2019-2888) + +### CVE-2019-2890 + + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). + + +- [ZO1RO/CVE-2019-2890](https://github.com/ZO1RO/CVE-2019-2890) +- [Ky0-HVA/CVE-2019-2890](https://github.com/Ky0-HVA/CVE-2019-2890) +- [SukaraLin/CVE-2019-2890](https://github.com/SukaraLin/CVE-2019-2890) +- [jas502n/CVE-2019-2890](https://github.com/jas502n/CVE-2019-2890) +- [ianxtianxt/CVE-2019-2890](https://github.com/ianxtianxt/CVE-2019-2890) + ### CVE-2019-3010 @@ -1829,15 +2333,109 @@ Vulnerability in the Oracle Solaris product of Oracle Systems (component: XScree - [chaizeg/privilege-escalation-breach](https://github.com/chaizeg/privilege-escalation-breach) +### CVE-2019-3394 + + +There was a local file disclosure vulnerability in Confluence Server and Confluence Data Center via page exporting. An attacker with permission to editing a page is able to exploit this issue to read arbitrary file on the server under <install-directory>/confluence/WEB-INF directory, which may contain configuration files used for integrating with other services, which could potentially leak credentials or other sensitive information such as LDAP credentials. The LDAP credential will be potentially leaked only if the Confluence server is configured to use LDAP as user repository. All versions of Confluence Server from 6.1.0 before 6.6.16 (the fixed version for 6.6.x), from 6.7.0 before 6.13.7 (the fixed version for 6.13.x), and from 6.14.0 before 6.15.8 (the fixed version for 6.15.x) are affected by this vulnerability. + + +- [jas502n/CVE-2019-3394](https://github.com/jas502n/CVE-2019-3394) + ### CVE-2019-3396 The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection. +- [dothanthitiendiettiende/CVE-2019-3396](https://github.com/dothanthitiendiettiende/CVE-2019-3396) +- [x-f1v3/CVE-2019-3396](https://github.com/x-f1v3/CVE-2019-3396) +- [xiaoshuier/CVE-2019-3396](https://github.com/xiaoshuier/CVE-2019-3396) +- [Yt1g3r/CVE-2019-3396_EXP](https://github.com/Yt1g3r/CVE-2019-3396_EXP) +- [jas502n/CVE-2019-3396](https://github.com/jas502n/CVE-2019-3396) +- [pyn3rd/CVE-2019-3396](https://github.com/pyn3rd/CVE-2019-3396) +- [s1xg0d/CVE-2019-3396](https://github.com/s1xg0d/CVE-2019-3396) +- [quanpt103/CVE-2019-3396](https://github.com/quanpt103/CVE-2019-3396) +- [vntest11/confluence_CVE-2019-3396](https://github.com/vntest11/confluence_CVE-2019-3396) +- [tanw923/test1](https://github.com/tanw923/test1) +- [skommando/CVE-2019-3396-confluence-poc](https://github.com/skommando/CVE-2019-3396-confluence-poc) - [JonathanZhou348/CVE-2019-3396TEST](https://github.com/JonathanZhou348/CVE-2019-3396TEST) +- [am6539/CVE-2019-3396](https://github.com/am6539/CVE-2019-3396) +- [W2Ning/CVE-2019-3396](https://github.com/W2Ning/CVE-2019-3396) - [Flash1201/CVE-2019-3396](https://github.com/Flash1201/CVE-2019-3396) +### CVE-2019-3398 + + +Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has 'Admin' permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability. + + +- [superevr/cve-2019-3398](https://github.com/superevr/cve-2019-3398) + +### CVE-2019-3462 + + +Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine. + + +- [tonejito/check_CVE-2019-3462](https://github.com/tonejito/check_CVE-2019-3462) +- [atilacastro/update-apt-package](https://github.com/atilacastro/update-apt-package) + +### CVE-2019-3663 + + +Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the system. This was originally published with a CVSS rating of High, further investigation has resulted in this being updated to Critical. The root password is common across all instances of ATD prior to 4.8. See the Security bulletin for further details + + +- [funoverip/mcafee_atd_CVE-2019-3663](https://github.com/funoverip/mcafee_atd_CVE-2019-3663) + +### CVE-2019-3719 + + +Dell SupportAssist Client versions prior to 3.2.0.90 contain a remote code execution vulnerability. An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and executing arbitrary executables via SupportAssist client from attacker hosted sites. + + +- [jiansiting/CVE-2019-3719](https://github.com/jiansiting/CVE-2019-3719) + +### CVE-2019-3778 + + +Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, and 2.0 prior to 2.0.17, and older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a request to the authorization endpoint using the authorization code grant type, and specify a manipulated redirection URI via the "redirect_uri" parameter. This can cause the authorization server to redirect the resource owner user-agent to a URI under the control of the attacker with the leaked authorization code. This vulnerability exposes applications that meet all of the following requirements: Act in the role of an Authorization Server (e.g. @EnableAuthorizationServer) and uses the DefaultRedirectResolver in the AuthorizationEndpoint. This vulnerability does not expose applications that: Act in the role of an Authorization Server and uses a different RedirectResolver implementation other than DefaultRedirectResolver, act in the role of a Resource Server only (e.g. @EnableResourceServer), act in the role of a Client only (e.g. @EnableOAuthClient). + + +- [BBB-man/CVE-2019-3778-Spring-Security-OAuth-2.3-Open-Redirection](https://github.com/BBB-man/CVE-2019-3778-Spring-Security-OAuth-2.3-Open-Redirection) + +### CVE-2019-3799 + + +Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack. + + +- [mpgn/CVE-2019-3799](https://github.com/mpgn/CVE-2019-3799) + +### CVE-2019-3847 + + +A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. Users with the "login as other users" capability (such as administrators/managers) can access other users' Dashboards, but the JavaScript those other users may have added to their Dashboard was not being escaped when being viewed by the user logging in on their behalf. + + +- [danielthatcher/moodle-login-csrf](https://github.com/danielthatcher/moodle-login-csrf) + +### CVE-2019-3929 + + +The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root. + + +- [xfox64x/CVE-2019-3929](https://github.com/xfox64x/CVE-2019-3929) + +### CVE-2019-5010 + + +An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability. + + +- [JonathanWilbur/CVE-2019-5010](https://github.com/JonathanWilbur/CVE-2019-5010) + ### CVE-2019-5096 @@ -1852,7 +2450,23 @@ An exploitable code execution vulnerability exists in the processing of multi-pa There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed. +- [mpgn/CVE-2019-5418](https://github.com/mpgn/CVE-2019-5418) +- [omarkurt/CVE-2019-5418](https://github.com/omarkurt/CVE-2019-5418) +- [brompwnie/CVE-2019-5418-Scanner](https://github.com/brompwnie/CVE-2019-5418-Scanner) - [mpgn/Rails-doubletap-RCE](https://github.com/mpgn/Rails-doubletap-RCE) +- [takeokunn/CVE-2019-5418](https://github.com/takeokunn/CVE-2019-5418) +- [Bad3r/RailroadBandit](https://github.com/Bad3r/RailroadBandit) +- [ztgrace/CVE-2019-5418-Rails3](https://github.com/ztgrace/CVE-2019-5418-Rails3) +- [random-robbie/CVE-2019-5418](https://github.com/random-robbie/CVE-2019-5418) + +### CVE-2019-5420 + + +A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit. + + +- [knqyf263/CVE-2019-5420](https://github.com/knqyf263/CVE-2019-5420) +- [cved-sources/cve-2019-5420](https://github.com/cved-sources/cve-2019-5420) ### CVE-2019-5475 @@ -1860,20 +2474,85 @@ There is a File Content Disclosure vulnerability in Action View <5.2.2.1, < The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability. +- [jaychouzzk/CVE-2019-5475-Nexus-Repository-Manager-](https://github.com/jaychouzzk/CVE-2019-5475-Nexus-Repository-Manager-) - [rabbitmask/CVE-2019-5475-EXP](https://github.com/rabbitmask/CVE-2019-5475-EXP) +### CVE-2019-5489 + + +The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. + + +- [mmxsrup/CVE-2019-5489](https://github.com/mmxsrup/CVE-2019-5489) + +### CVE-2019-5624 + + +Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level of the user running Metasploit. This issue affects: Rapid7 Metasploit Framework version 4.14.0 and prior versions. + + +- [VoidSec/CVE-2019-5624](https://github.com/VoidSec/CVE-2019-5624) + +### CVE-2019-5630 + + +A Cross-Site Request Forgery (CSRF) vulnerability was found in Rapid7 Nexpose InsightVM Security Console versions 6.5.0 through 6.5.68. This issue allows attackers to exploit CSRF vulnerabilities on API endpoints using Flash to circumvent a cross-domain pre-flight OPTIONS request. + + +- [rbeede/CVE-2019-5630](https://github.com/rbeede/CVE-2019-5630) + +### CVE-2019-5700 + + +NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra software contains a vulnerability in the bootloader, where it does not validate the fields of the boot image, which may lead to code execution, denial of service, escalation of privileges, and information disclosure. + + +- [oscardagrach/CVE-2019-5700](https://github.com/oscardagrach/CVE-2019-5700) + ### CVE-2019-5736 runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe. +- [q3k/cve-2019-5736-poc](https://github.com/q3k/cve-2019-5736-poc) +- [Frichetten/CVE-2019-5736-PoC](https://github.com/Frichetten/CVE-2019-5736-PoC) +- [jas502n/CVE-2019-5736](https://github.com/jas502n/CVE-2019-5736) +- [denmilu/CVE-2019-5736](https://github.com/denmilu/CVE-2019-5736) +- [denmilu/cve-2019-5736-poc](https://github.com/denmilu/cve-2019-5736-poc) +- [agppp/cve-2019-5736-poc](https://github.com/agppp/cve-2019-5736-poc) +- [ebdecastro/poc-cve-2019-5736](https://github.com/ebdecastro/poc-cve-2019-5736) - [twistlock/RunC-CVE-2019-5736](https://github.com/twistlock/RunC-CVE-2019-5736) +- [yyqs2008/CVE-2019-5736-PoC-2](https://github.com/yyqs2008/CVE-2019-5736-PoC-2) +- [zyriuse75/CVE-2019-5736-PoC](https://github.com/zyriuse75/CVE-2019-5736-PoC) +- [stillan00b/CVE-2019-5736](https://github.com/stillan00b/CVE-2019-5736) +- [milloni/cve-2019-5736-exp](https://github.com/milloni/cve-2019-5736-exp) +- [13paulmurith/Docker-Runc-Exploit](https://github.com/13paulmurith/Docker-Runc-Exploit) +- [RyanNgWH/CVE-2019-5736-POC](https://github.com/RyanNgWH/CVE-2019-5736-POC) +- [Lee-SungYoung/cve-2019-5736-study](https://github.com/Lee-SungYoung/cve-2019-5736-study) +- [chosam2/cve-2019-5736-poc](https://github.com/chosam2/cve-2019-5736-poc) +- [epsteina16/Docker-Escape-Miner](https://github.com/epsteina16/Docker-Escape-Miner) - [GiverOfGifts/CVE-2019-5736-Custom-Runtime](https://github.com/GiverOfGifts/CVE-2019-5736-Custom-Runtime) - [Billith/CVE-2019-5736-PoC](https://github.com/Billith/CVE-2019-5736-PoC) - [BBRathnayaka/POC-CVE-2019-5736](https://github.com/BBRathnayaka/POC-CVE-2019-5736) - [shen54/IT19172088](https://github.com/shen54/IT19172088) +### CVE-2019-5737 + + +In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service (DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the connection and associated resources alive for a long period of time. Potential attacks are mitigated by the use of a load balancer or other proxy layer. This vulnerability is an extension of CVE-2018-12121, addressed in November and impacts all active Node.js release lines including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1. + + +- [beelzebruh/cve-2019-5737](https://github.com/beelzebruh/cve-2019-5737) + +### CVE-2019-5786 + + +Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. + + +- [exodusintel/CVE-2019-5786](https://github.com/exodusintel/CVE-2019-5786) + ### CVE-2019-5822 @@ -1882,6 +2561,22 @@ Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 al - [Silence-Rain/14-828_Exploitation_of_CVE-2019-5822](https://github.com/Silence-Rain/14-828_Exploitation_of_CVE-2019-5822) +### CVE-2019-5825 + + +Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [timwr/CVE-2019-5825](https://github.com/timwr/CVE-2019-5825) + +### CVE-2019-5893 + + +Nelson Open Source ERP v6.3.1 allows SQL Injection via the db/utils/query/data.xml query parameter. + + +- [EmreOvunc/OpenSource-ERP-SQL-Injection](https://github.com/EmreOvunc/OpenSource-ERP-SQL-Injection) + ### CVE-2019-6111 @@ -1890,14 +2585,42 @@ An issue was discovered in OpenSSH 7.9. Due to the scp implementation being deri - [senthuHac/SNP](https://github.com/senthuHac/SNP) +### CVE-2019-6203 + + +A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. An attacker in a privileged network position may be able to intercept network traffic. + + +- [qingxp9/CVE-2019-6203-PoC](https://github.com/qingxp9/CVE-2019-6203-PoC) + ### CVE-2019-6207 An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout. +- [dothanthitiendiettiende/CVE-2019-6207](https://github.com/dothanthitiendiettiende/CVE-2019-6207) +- [maldiohead/CVE-2019-6207](https://github.com/maldiohead/CVE-2019-6207) - [DimitriFourny/cve-2019-6207](https://github.com/DimitriFourny/cve-2019-6207) +### CVE-2019-6225 + + +A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to elevate privileges. + + +- [fatgrass/OsirisJailbreak12](https://github.com/fatgrass/OsirisJailbreak12) +- [TrungNguyen1909/CVE-2019-6225-macOS](https://github.com/TrungNguyen1909/CVE-2019-6225-macOS) +- [raystyle/jailbreak-iOS12](https://github.com/raystyle/jailbreak-iOS12) + +### CVE-2019-6249 + + +An issue was discovered in HuCart v5.7.4. There is a CSRF vulnerability that can add an admin account via /adminsys/index.php?load=admins&act=edit_info&act_type=add. + + +- [NMTech0x90/CVE-2019-6249_Hucart-cms](https://github.com/NMTech0x90/CVE-2019-6249_Hucart-cms) + ### CVE-2019-6260 @@ -1906,22 +2629,103 @@ The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware and - [amboar/cve-2019-6260](https://github.com/amboar/cve-2019-6260) +### CVE-2019-6263 + + +An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration Text Filter settings allowed stored XSS. + + +- [praveensutar/CVE-2019-6263-Joomla-POC](https://github.com/praveensutar/CVE-2019-6263-Joomla-POC) + +### CVE-2019-6329 + + +HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6328. + + +- [ManhNDd/CVE-2019-6329](https://github.com/ManhNDd/CVE-2019-6329) + ### CVE-2019-6340 Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.) +- [g0rx/Drupal-SA-CORE-2019-003](https://github.com/g0rx/Drupal-SA-CORE-2019-003) +- [knqyf263/CVE-2019-6340](https://github.com/knqyf263/CVE-2019-6340) +- [DevDungeon/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass](https://github.com/DevDungeon/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass) +- [oways/CVE-2019-6340](https://github.com/oways/CVE-2019-6340) +- [cved-sources/cve-2019-6340](https://github.com/cved-sources/cve-2019-6340) +- [d1vious/cve-2019-6340-bits](https://github.com/d1vious/cve-2019-6340-bits) - [jas502n/CVE-2019-6340](https://github.com/jas502n/CVE-2019-6340) +### CVE-2019-6440 + + +Zemana AntiMalware before 3.0.658 Beta mishandles update logic. + + +- [hexnone/CVE-2019-6440](https://github.com/hexnone/CVE-2019-6440) + +### CVE-2019-6446 + + +** DISPUTED ** An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior that might have legitimate applications in (for example) loading serialized Python object arrays from trusted and authenticated sources. + + +- [RayScri/CVE-2019-6446](https://github.com/RayScri/CVE-2019-6446) + ### CVE-2019-6447 The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP. +- [fs0c131y/ESFileExplorerOpenPortVuln](https://github.com/fs0c131y/ESFileExplorerOpenPortVuln) - [SandaRuFdo/ES-File-Explorer-Open-Port-Vulnerability---CVE-2019-6447](https://github.com/SandaRuFdo/ES-File-Explorer-Open-Port-Vulnerability---CVE-2019-6447) +### CVE-2019-6453 + + +mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling (Chrome is not exploitable). + + +- [proofofcalc/cve-2019-6453-poc](https://github.com/proofofcalc/cve-2019-6453-poc) +- [andripwn/mIRC-CVE-2019-6453](https://github.com/andripwn/mIRC-CVE-2019-6453) + +### CVE-2019-6467 + + +A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAIN redirection for recursive clients, is also serving a local copy of the root zone or using mirroring to provide the root zone, although other configurations are also possible. Versions affected: BIND 9.12.0-> 9.12.4, 9.14.0. Also affects all releases in the 9.13 development branch. + + +- [knqyf263/CVE-2019-6467](https://github.com/knqyf263/CVE-2019-6467) + +### CVE-2019-6487 + + +TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 V3.0) are affected by command injection (after login) leading to remote code execution, because shell metacharacters can be included in the weather get_weather_observe citycode field. + + +- [afang5472/TP-Link-WDR-Router-Command-injection_POC](https://github.com/afang5472/TP-Link-WDR-Router-Command-injection_POC) + +### CVE-2019-6690 + + +python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting the affect functionality component. + + +- [stigtsp/CVE-2019-6690-python-gnupg-vulnerability](https://github.com/stigtsp/CVE-2019-6690-python-gnupg-vulnerability) +- [brianwrf/CVE-2019-6690](https://github.com/brianwrf/CVE-2019-6690) + +### CVE-2019-6715 + + +pub/sns.php in the W3 Total Cache plugin before 0.9.4 for WordPress allows remote attackers to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data. + + +- [random-robbie/cve-2019-6715](https://github.com/random-robbie/cve-2019-6715) + ### CVE-2019-7192 @@ -1931,6 +2735,42 @@ This improper access control vulnerability allows remote attackers to gain unaut - [cycraft-corp/cve-2019-7192-check](https://github.com/cycraft-corp/cve-2019-7192-check) - [th3gundy/CVE-2019-7192_QNAP_Exploit](https://github.com/th3gundy/CVE-2019-7192_QNAP_Exploit) +### CVE-2019-7216 + + +An issue was discovered in FileChucker 4.99e-free-e02. filechucker.cgi has a filter bypass that allows a malicious user to upload any type of file by using % characters within the extension, e.g., file.%ph%p becomes file.php. + + +- [Ekultek/CVE-2019-7216](https://github.com/Ekultek/CVE-2019-7216) + +### CVE-2019-7219 + + +Unauthenticated reflected cross-site scripting (XSS) exists in Zarafa Webapp 2.0.1.47791 and earlier. NOTE: this is a discontinued product. The issue was fixed in later Zarafa Webapp versions; however, some former Zarafa Webapp customers use the related Kopano product instead. + + +- [verifysecurity/CVE-2019-7219](https://github.com/verifysecurity/CVE-2019-7219) + +### CVE-2019-7238 + + +Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control. + + +- [mpgn/CVE-2019-7238](https://github.com/mpgn/CVE-2019-7238) +- [jas502n/CVE-2019-7238](https://github.com/jas502n/CVE-2019-7238) +- [verctor/nexus_rce_CVE-2019-7238](https://github.com/verctor/nexus_rce_CVE-2019-7238) +- [magicming200/CVE-2019-7238_Nexus_RCE_Tool](https://github.com/magicming200/CVE-2019-7238_Nexus_RCE_Tool) + +### CVE-2019-7304 + + +Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1. + + +- [initstring/dirty_sock](https://github.com/initstring/dirty_sock) +- [SecuritySi/CVE-2019-7304_DirtySock](https://github.com/SecuritySi/CVE-2019-7304_DirtySock) + ### CVE-2019-7482 @@ -1946,8 +2786,20 @@ Stack-based buffer overflow in SonicWall SMA100 allows an unauthenticated user t Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system. +- [jas502n/kibana-RCE](https://github.com/jas502n/kibana-RCE) +- [mpgn/CVE-2019-7609](https://github.com/mpgn/CVE-2019-7609) +- [LandGrey/CVE-2019-7609](https://github.com/LandGrey/CVE-2019-7609) +- [hekadan/CVE-2019-7609](https://github.com/hekadan/CVE-2019-7609) - [rhbb/CVE-2019-7609](https://github.com/rhbb/CVE-2019-7609) +### CVE-2019-7610 + + +Kibana versions before 6.6.1 contain an arbitrary code execution flaw in the security audit logger. If a Kibana instance has the setting xpack.security.audit.enabled set to true, an attacker could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system. + + +- [whoami0622/CVE-2019-7610](https://github.com/whoami0622/CVE-2019-7610) + ### CVE-2019-7616 @@ -1956,6 +2808,30 @@ Kibana versions before 6.8.2 and 7.2.1 contain a server side request forgery (SS - [random-robbie/CVE-2019-7616](https://github.com/random-robbie/CVE-2019-7616) +### CVE-2019-7642 + + +D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), DIR-816L (B1-2.06), DIR-816 (B1-2.06?), DIR-850L (A1-1.09), and DIR-868L (A1-1.10). + + +- [xw77cve/CVE-2019-7642](https://github.com/xw77cve/CVE-2019-7642) + +### CVE-2019-7839 + + +ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution. + + +- [securifera/CVE-2019-7839](https://github.com/securifera/CVE-2019-7839) + +### CVE-2019-8389 + + +A file-read vulnerability was identified in the Wi-Fi transfer feature of Musicloud 1.6. By default, the application runs a transfer service on port 8080, accessible by everyone on the same Wi-Fi network. An attacker can send the POST parameters downfiles and cur-folder (with a crafted ../ payload) to the download.script endpoint. This will create a MusicPlayerArchive.zip archive that is publicly accessible and includes the content of any requested file (such as the /etc/passwd file). + + +- [shawarkhanethicalhacker/CVE-2019-8389](https://github.com/shawarkhanethicalhacker/CVE-2019-8389) + ### CVE-2019-8446 @@ -1973,6 +2849,41 @@ The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allow - [mufeedvh/CVE-2019-8449](https://github.com/mufeedvh/CVE-2019-8449) - [r0lh/CVE-2019-8449](https://github.com/r0lh/CVE-2019-8449) +### CVE-2019-8451 + + +The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class. + + +- [0xbug/CVE-2019-8451](https://github.com/0xbug/CVE-2019-8451) +- [ianxtianxt/CVE-2019-8451](https://github.com/ianxtianxt/CVE-2019-8451) +- [jas502n/CVE-2019-8451](https://github.com/jas502n/CVE-2019-8451) +- [h0ffayyy/Jira-CVE-2019-8451](https://github.com/h0ffayyy/Jira-CVE-2019-8451) + +### CVE-2019-8513 + + +This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands. + + +- [genknife/cve-2019-8513](https://github.com/genknife/cve-2019-8513) + +### CVE-2019-8540 + + +A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout. + + +- [maldiohead/CVE-2019-8540](https://github.com/maldiohead/CVE-2019-8540) + +### CVE-2019-8565 + + +A race condition was addressed with additional validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to gain root privileges. + + +- [genknife/cve-2019-8565](https://github.com/genknife/cve-2019-8565) + ### CVE-2019-8591 @@ -1981,6 +2892,17 @@ A type confusion issue was addressed with improved memory handling. This issue i - [jsherman212/used_sock](https://github.com/jsherman212/used_sock) +### CVE-2019-8601 + + +Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. + + +- [BadAccess11/CVE-2019-8601](https://github.com/BadAccess11/CVE-2019-8601) + +### CVE-2019-8627 +- [maldiohead/CVE-2019-8627](https://github.com/maldiohead/CVE-2019-8627) + ### CVE-2019-8641 @@ -1989,6 +2911,15 @@ An out-of-bounds read was addressed with improved input validation. - [ire33164/CVE-2019-8641-reproduction](https://github.com/ire33164/CVE-2019-8641-reproduction) +### CVE-2019-8781 + + +A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with kernel privileges. + + +- [A2nkF/macOS-Kernel-Exploit](https://github.com/A2nkF/macOS-Kernel-Exploit) +- [TrungNguyen1909/CVE-2019-8781-macOS](https://github.com/TrungNguyen1909/CVE-2019-8781-macOS) + ### CVE-2019-8936 @@ -1997,6 +2928,31 @@ NTP through 4.2.8p12 has a NULL Pointer Dereference. - [snappyJack/CVE-2019-8936](https://github.com/snappyJack/CVE-2019-8936) +### CVE-2019-8942 + + +WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943. + + +- [brianwrf/WordPress_4.9.8_RCE_POC](https://github.com/brianwrf/WordPress_4.9.8_RCE_POC) +- [synacktiv/CVE-2019-8942](https://github.com/synacktiv/CVE-2019-8942) + +### CVE-2019-8956 + + +In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory. + + +- [butterflyhack/CVE-2019-8956](https://github.com/butterflyhack/CVE-2019-8956) + +### CVE-2019-8978 + + +An improper authentication vulnerability can be exploited through a race condition that occurs in Ellucian Banner Web Tailor 8.8.3, 8.8.4, and 8.9 and Banner Enterprise Identity Services 8.3, 8.3.1, 8.3.2, and 8.4, in conjunction with SSO Manager. This vulnerability allows remote attackers to steal a victim's session (and cause a denial of service) by repeatedly requesting the initial Banner Web Tailor main page with the IDMSESSID cookie set to the victim's UDCID, which in the case tested is the institutional ID. During a login attempt by a victim, the attacker can leverage the race condition and will be issued the SESSID that was meant for this victim. + + +- [JoshuaMulliken/CVE-2019-8978](https://github.com/JoshuaMulliken/CVE-2019-8978) + ### CVE-2019-8997 @@ -2005,6 +2961,22 @@ An XML External Entity Injection (XXE) vulnerability in the Management System (c - [nxkennedy/CVE-2019-8997](https://github.com/nxkennedy/CVE-2019-8997) +### CVE-2019-9153 + + +Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows an attacker to forge signed messages by replacing its signatures with a "standalone" or "timestamp" signature. + + +- [ZenyWay/opgp-service-cve-2019-9153](https://github.com/ZenyWay/opgp-service-cve-2019-9153) + +### CVE-2019-9184 + + +SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the product_option[] parameter. + + +- [cved-sources/cve-2019-9184](https://github.com/cved-sources/cve-2019-9184) + ### CVE-2019-9193 @@ -2013,6 +2985,22 @@ An XML External Entity Injection (XXE) vulnerability in the Management System (c - [skyship36/CVE-2019-9193](https://github.com/skyship36/CVE-2019-9193) +### CVE-2019-9194 + + +elFinder before 2.1.48 has a command injection vulnerability in the PHP connector. + + +- [cved-sources/cve-2019-9194](https://github.com/cved-sources/cve-2019-9194) + +### CVE-2019-9202 + + +Nagios IM (component of Nagios XI) before 2.2.7 allows authenticated users to execute arbitrary code via API key issues. + + +- [polict/CVE-2019-9202](https://github.com/polict/CVE-2019-9202) + ### CVE-2019-9465 @@ -2029,6 +3017,87 @@ The Bluetooth BR/EDR specification up to and including version 5.1 permits suffi - [francozappa/knob](https://github.com/francozappa/knob) +### CVE-2019-9580 + + +In st2web in StackStorm Web UI before 2.9.3 and 2.10.x before 2.10.3, it is possible to bypass the CORS protection mechanism via a "null" origin value, potentially leading to XSS. + + +- [mpgn/CVE-2019-9580](https://github.com/mpgn/CVE-2019-9580) + +### CVE-2019-9596 + + +Darktrace Enterprise Immune System before 3.1 allows CSRF via the /whitelisteddomains endpoint. + + +- [gerwout/CVE-2019-9596-and-CVE-2019-9597](https://github.com/gerwout/CVE-2019-9596-and-CVE-2019-9597) + +### CVE-2019-9599 + + +The AirDroid application through 4.2.1.6 for Android allows remote attackers to cause a denial of service (service crash) via many simultaneous sdctl/comm/lite_auth/ requests. + + +- [s4vitar/AirDroidPwner](https://github.com/s4vitar/AirDroidPwner) + +### CVE-2019-9621 + + +Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component. + + +- [k8gege/ZimbraExploit](https://github.com/k8gege/ZimbraExploit) + +### CVE-2019-9653 + + +NUUO Network Video Recorder Firmware 1.7.x through 3.3.x allows unauthenticated attackers to execute arbitrary commands via shell metacharacters to handle_load_config.php. + + +- [grayoneday/CVE-2019-9653](https://github.com/grayoneday/CVE-2019-9653) + +### CVE-2019-9670 + + +mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability. + + +- [rek7/Zimbra-RCE](https://github.com/rek7/Zimbra-RCE) +- [attackgithub/Zimbra-RCE](https://github.com/attackgithub/Zimbra-RCE) + +### CVE-2019-9673 + + +Freenet 1483 has a MIME type bypass that allows arbitrary JavaScript execution via a crafted Freenet URI. + + +- [mgrube/CVE-2019-9673](https://github.com/mgrube/CVE-2019-9673) + +### CVE-2019-9729 + + +In Shanda MapleStory Online V160, the SdoKeyCrypt.sys driver allows privilege escalation to NT AUTHORITY\SYSTEM because of not validating the IOCtl 0x8000c01c input value, leading to an integer signedness error and a heap-based buffer underflow. + + +- [HyperSine/SdoKeyCrypt-sys-local-privilege-elevation](https://github.com/HyperSine/SdoKeyCrypt-sys-local-privilege-elevation) + +### CVE-2019-9730 + + +Incorrect access control in the CxUtilSvc component of the Synaptics Sound Device drivers prior to version 2.29 allows a local attacker to increase access privileges to the Windows Registry via an unpublished API. + + +- [jthuraisamy/CVE-2019-9730](https://github.com/jthuraisamy/CVE-2019-9730) + +### CVE-2019-9745 + + +CloudCTI HIP Integrator Recognition Configuration Tool allows privilege escalation via its EXQUISE integration. This tool communicates with a service (Recognition Update Client Service) via an insecure communication channel (Named Pipe). The data (JSON) sent via this channel is used to import data from CRM software using plugins (.dll files). The plugin to import data from the EXQUISE software (DatasourceExquiseExporter.dll) can be persuaded to start arbitrary programs (including batch files) that are executed using the same privileges as Recognition Update Client Service (NT AUTHORITY\SYSTEM), thus elevating privileges. This occurs because a higher-privileged process executes scripts from a directory writable by a lower-privileged user. + + +- [KPN-CISO/CVE-2019-9745](https://github.com/KPN-CISO/CVE-2019-9745) + ### CVE-2019-9766 @@ -2043,18 +3112,155 @@ Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting a file, a WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS. The XSS results in administrative access, which allows arbitrary changes to .php files. This is related to wp-admin/includes/ajax-actions.php and wp-includes/comment.php. +- [rkatogit/cve-2019-9787_csrf_poc](https://github.com/rkatogit/cve-2019-9787_csrf_poc) +- [PalmTreeForest/CodePath_Week_7-8](https://github.com/PalmTreeForest/CodePath_Week_7-8) - [sijiahi/Wordpress_cve-2019-9787_defense](https://github.com/sijiahi/Wordpress_cve-2019-9787_defense) - [matinciel/Wordpress_CVE-2019-9787](https://github.com/matinciel/Wordpress_CVE-2019-9787) +### CVE-2019-9810 + + +Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1. + + +- [xuechiyaobai/CVE-2019-9810-PoC](https://github.com/xuechiyaobai/CVE-2019-9810-PoC) +- [0vercl0k/CVE-2019-9810](https://github.com/0vercl0k/CVE-2019-9810) + +### CVE-2019-9896 + + +In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable. + + +- [yasinyilmaz/vuln-chm-hijack](https://github.com/yasinyilmaz/vuln-chm-hijack) + +### CVE-2019-9978 + + +The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro. + + +- [mpgn/CVE-2019-9978](https://github.com/mpgn/CVE-2019-9978) +- [hash3liZer/CVE-2019-9978](https://github.com/hash3liZer/CVE-2019-9978) +- [KTN1990/CVE-2019-9978](https://github.com/KTN1990/CVE-2019-9978) +- [cved-sources/cve-2019-9978](https://github.com/cved-sources/cve-2019-9978) + +### CVE-2019-10008 + + +Zoho ManageEngine ServiceDesk 9.3 allows session hijacking and privilege escalation because an established guest session is automatically converted into an established administrator session when the guest user enters the administrator username, with an arbitrary incorrect password, in an mc/ login attempt within a different browser tab. + + +- [FlameOfIgnis/CVE-2019-10008](https://github.com/FlameOfIgnis/CVE-2019-10008) + +### CVE-2019-10086 + + +In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean. + + +- [evilangelplus/CVE-2019-10086](https://github.com/evilangelplus/CVE-2019-10086) + +### CVE-2019-10092 + + +In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed. + + +- [motikan2010/CVE-2019-10092_Docker](https://github.com/motikan2010/CVE-2019-10092_Docker) + ### CVE-2019-10149 A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution. +- [bananaphones/exim-rce-quickfix](https://github.com/bananaphones/exim-rce-quickfix) +- [cowbe0x004/eximrce-CVE-2019-10149](https://github.com/cowbe0x004/eximrce-CVE-2019-10149) +- [MNEMO-CERT/PoC--CVE-2019-10149_Exim](https://github.com/MNEMO-CERT/PoC--CVE-2019-10149_Exim) +- [aishee/CVE-2019-10149-quick](https://github.com/aishee/CVE-2019-10149-quick) +- [AzizMea/CVE-2019-10149-privilege-escalation](https://github.com/AzizMea/CVE-2019-10149-privilege-escalation) +- [Brets0150/StickyExim](https://github.com/Brets0150/StickyExim) +- [ChrissHack/exim.exp](https://github.com/ChrissHack/exim.exp) +- [darsigovrustam/CVE-2019-10149](https://github.com/darsigovrustam/CVE-2019-10149) +- [Diefunction/CVE-2019-10149](https://github.com/Diefunction/CVE-2019-10149) - [Dilshan-Eranda/CVE-2019-10149](https://github.com/Dilshan-Eranda/CVE-2019-10149) - [area1/exim-cve-2019-10149-data](https://github.com/area1/exim-cve-2019-10149-data) +### CVE-2019-10207 + + +A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash. + + +- [butterflyhack/CVE-2019-10207](https://github.com/butterflyhack/CVE-2019-10207) + +### CVE-2019-10392 + + +Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection. + + +- [jas502n/CVE-2019-10392](https://github.com/jas502n/CVE-2019-10392) +- [ftk-sostupid/CVE-2019-10392_EXP](https://github.com/ftk-sostupid/CVE-2019-10392_EXP) + +### CVE-2019-10475 + + +A reflected cross-site scripting vulnerability in Jenkins build-metrics Plugin allows attackers to inject arbitrary HTML and JavaScript into web pages provided by this plugin. + + +- [vesche/CVE-2019-10475](https://github.com/vesche/CVE-2019-10475) + +### CVE-2019-10678 + + +Domoticz before 4.10579 neglects to categorize \n and \r as insecure argument options. + + +- [cved-sources/cve-2019-10678](https://github.com/cved-sources/cve-2019-10678) + +### CVE-2019-10685 + + +A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Heidelberg Prinect Archiver v2013 release 1.0. + + +- [alt3kx/CVE-2019-10685](https://github.com/alt3kx/CVE-2019-10685) + +### CVE-2019-10708 + + +S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter. + + +- [stavhaygn/CVE-2019-10708](https://github.com/stavhaygn/CVE-2019-10708) + +### CVE-2019-10758 + + +mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. A misuse of the `vm` dependency to perform `exec` commands in a non-safe environment. + + +- [masahiro331/CVE-2019-10758](https://github.com/masahiro331/CVE-2019-10758) +- [lp008/CVE-2019-10758](https://github.com/lp008/CVE-2019-10758) + +### CVE-2019-10869 + + +Path Traversal and Unrestricted File Upload exists in the Ninja Forms plugin before 3.0.23 for WordPress (when the Uploads add-on is activated). This allows an attacker to traverse the file system to access files and execute code via the includes/fields/upload.php (aka upload/submit page) name and tmp_name parameters. + + +- [KTN1990/CVE-2019-10869](https://github.com/KTN1990/CVE-2019-10869) + +### CVE-2019-10915 + + +A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. + + +- [jiansiting/CVE-2019-10915](https://github.com/jiansiting/CVE-2019-10915) + ### CVE-2019-10999 @@ -2069,10 +3275,57 @@ The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution. +- [neex/phuip-fpizdam](https://github.com/neex/phuip-fpizdam) +- [B1gd0g/CVE-2019-11043](https://github.com/B1gd0g/CVE-2019-11043) +- [tinker-li/CVE-2019-11043](https://github.com/tinker-li/CVE-2019-11043) +- [jas502n/CVE-2019-11043](https://github.com/jas502n/CVE-2019-11043) - [AleWong/PHP-FPM-Remote-Code-Execution-Vulnerability-CVE-2019-11043-](https://github.com/AleWong/PHP-FPM-Remote-Code-Execution-Vulnerability-CVE-2019-11043-) +- [ianxtianxt/CVE-2019-11043](https://github.com/ianxtianxt/CVE-2019-11043) +- [fairyming/CVE-2019-11043](https://github.com/fairyming/CVE-2019-11043) +- [akamajoris/CVE-2019-11043-Docker](https://github.com/akamajoris/CVE-2019-11043-Docker) +- [theMiddleBlue/CVE-2019-11043](https://github.com/theMiddleBlue/CVE-2019-11043) +- [shadow-horse/cve-2019-11043](https://github.com/shadow-horse/cve-2019-11043) +- [huowen/CVE-2019-11043](https://github.com/huowen/CVE-2019-11043) +- [ypereirareis/docker-CVE-2019-11043](https://github.com/ypereirareis/docker-CVE-2019-11043) +- [MRdoulestar/CVE-2019-11043](https://github.com/MRdoulestar/CVE-2019-11043) +- [0th3rs-Security-Team/CVE-2019-11043](https://github.com/0th3rs-Security-Team/CVE-2019-11043) +- [k8gege/CVE-2019-11043](https://github.com/k8gege/CVE-2019-11043) +- [moniik/CVE-2019-11043_env](https://github.com/moniik/CVE-2019-11043_env) - [alokaranasinghe/cve-2019-11043](https://github.com/alokaranasinghe/cve-2019-11043) - [corifeo/CVE-2019-11043](https://github.com/corifeo/CVE-2019-11043) +### CVE-2019-11061 + + +A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker in the same local area network to control IoT devices that connect with itself via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 (Confidentiality, Integrity and Availability impacts). CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). + + +- [tim124058/ASUS-SmartHome-Exploit](https://github.com/tim124058/ASUS-SmartHome-Exploit) + +### CVE-2019-11076 + + +Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthenticated web request. + + +- [livehybrid/poc-cribl-rce](https://github.com/livehybrid/poc-cribl-rce) + +### CVE-2019-11157 + + +Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access. + + +- [zkenjar/v0ltpwn](https://github.com/zkenjar/v0ltpwn) + +### CVE-2019-11223 + + +An Unrestricted File Upload Vulnerability in the SupportCandy plugin through 2.0.0 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension. + + +- [AngelCtulhu/CVE-2019-11223](https://github.com/AngelCtulhu/CVE-2019-11223) + ### CVE-2019-11358 @@ -2080,26 +3333,68 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - [DanielRuf/snyk-js-jquery-174006](https://github.com/DanielRuf/snyk-js-jquery-174006) +- [bitnesswise/jquery-prototype-pollution-fix](https://github.com/bitnesswise/jquery-prototype-pollution-fix) - [DanielRuf/snyk-js-jquery-565129](https://github.com/DanielRuf/snyk-js-jquery-565129) +### CVE-2019-11477 + + +Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff. + + +- [sasqwatch/cve-2019-11477-poc](https://github.com/sasqwatch/cve-2019-11477-poc) + ### CVE-2019-11510 In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability . +- [projectzeroindia/CVE-2019-11510](https://github.com/projectzeroindia/CVE-2019-11510) - [ladyleet1337/Pulse](https://github.com/ladyleet1337/Pulse) +- [imjdl/CVE-2019-11510-poc](https://github.com/imjdl/CVE-2019-11510-poc) +- [es0/CVE-2019-11510_poc](https://github.com/es0/CVE-2019-11510_poc) +- [r00tpgp/http-pulse_ssl_vpn.nse](https://github.com/r00tpgp/http-pulse_ssl_vpn.nse) +- [jas502n/CVE-2019-11510-1](https://github.com/jas502n/CVE-2019-11510-1) +- [jason3e7/CVE-2019-11510](https://github.com/jason3e7/CVE-2019-11510) +- [BishopFox/pwn-pulse](https://github.com/BishopFox/pwn-pulse) - [aqhmal/pulsexploit](https://github.com/aqhmal/pulsexploit) - [cisagov/check-your-pulse](https://github.com/cisagov/check-your-pulse) +### CVE-2019-11523 + + +Anviz Global M3 Outdoor RFID Access Control executes any command received from any source. No authentication/encryption is done. Attackers can fully interact with the device: for example, send the "open door" command, download the users list (which includes RFID codes and passcodes in cleartext), or update/create users. The same attack can be executed on a local network and over the internet (if the device is exposed on a public IP address). + + +- [wizlab-it/anviz-m3-rfid-cve-2019-11523-poc](https://github.com/wizlab-it/anviz-m3-rfid-cve-2019-11523-poc) + +### CVE-2019-11539 + + +In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, the admin web interface allows an authenticated attacker to inject and execute commands. + + +- [0xDezzy/CVE-2019-11539](https://github.com/0xDezzy/CVE-2019-11539) + ### CVE-2019-11580 Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code execution on systems running a vulnerable version of Crowd or Crowd Data Center. All versions of Crowd from version 2.1.0 before 3.0.5 (the fixed version for 3.0.x), from version 3.1.0 before 3.1.6 (the fixed version for 3.1.x), from version 3.2.0 before 3.2.8 (the fixed version for 3.2.x), from version 3.3.0 before 3.3.5 (the fixed version for 3.3.x), and from version 3.4.0 before 3.4.4 (the fixed version for 3.4.x) are affected by this vulnerability. +- [jas502n/CVE-2019-11580](https://github.com/jas502n/CVE-2019-11580) - [shelld3v/CVE-2019-11580](https://github.com/shelld3v/CVE-2019-11580) +### CVE-2019-11581 + + +There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions of Jira Server and Data Center from 4.4.0 before 7.6.14, from 7.7.0 before 7.13.5, from 8.0.0 before 8.0.3, from 8.1.0 before 8.1.2, and from 8.2.0 before 8.2.3 are affected by this vulnerability. + + +- [jas502n/CVE-2019-11581](https://github.com/jas502n/CVE-2019-11581) +- [kobs0N/CVE-2019-11581](https://github.com/kobs0N/CVE-2019-11581) + ### CVE-2019-11687 @@ -2114,6 +3409,7 @@ An issue was discovered in the DICOM Part 10 File Format in the NEMA DICOM Stand A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2. +- [vigneshsrao/CVE-2019-11707](https://github.com/vigneshsrao/CVE-2019-11707) - [tunnelshade/cve-2019-11707](https://github.com/tunnelshade/cve-2019-11707) ### CVE-2019-11708 @@ -2124,12 +3420,47 @@ Insufficient vetting of parameters passed with the Prompt:Open IPC message betwe - [0vercl0k/CVE-2019-11708](https://github.com/0vercl0k/CVE-2019-11708) +### CVE-2019-11730 + + +A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and they may uploaded to a server. It was demonstrated that in combination with a popular Android messaging app, if a malicious HTML attachment is sent to a user and they opened that attachment in Firefox, due to that app's predictable pattern for locally-saved file names, it is possible to read attachments the victim received from other correspondents. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. + + +- [alidnf/CVE-2019-11730](https://github.com/alidnf/CVE-2019-11730) + +### CVE-2019-11881 + + +A vulnerability exists in Rancher 2.1.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to visit phishing sites with scare tactics, e.g., displaying a "This version of Rancher is outdated, please visit https://malicious.rancher.site/upgrading" message. + + +- [MauroEldritch/VanCleef](https://github.com/MauroEldritch/VanCleef) + +### CVE-2019-11931 + + +A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE. This affects Android versions prior to 2.19.274, iOS versions prior to 2.19.100, Enterprise Client versions prior to 2.25.3, Business for Android versions prior to 2.19.104 and Business for iOS versions prior to 2.19.100. + + +- [kasif-dekel/whatsapp-rce-patched](https://github.com/kasif-dekel/whatsapp-rce-patched) +- [nop-team/CVE-2019-11931](https://github.com/nop-team/CVE-2019-11931) + ### CVE-2019-11932 A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote attackers to execute arbitrary code or cause a denial of service when the library is used to parse a specially crafted GIF image. +- [dorkerdevil/CVE-2019-11932](https://github.com/dorkerdevil/CVE-2019-11932) +- [KeepWannabe/WhatsRCE](https://github.com/KeepWannabe/WhatsRCE) +- [awakened1712/CVE-2019-11932](https://github.com/awakened1712/CVE-2019-11932) +- [TulungagungCyberLink/CVE-2019-11932](https://github.com/TulungagungCyberLink/CVE-2019-11932) +- [infiniteLoopers/CVE-2019-11932](https://github.com/infiniteLoopers/CVE-2019-11932) +- [alexanderstonec/CVE-2019-11932](https://github.com/alexanderstonec/CVE-2019-11932) +- [valbrux/CVE-2019-11932-SupportApp](https://github.com/valbrux/CVE-2019-11932-SupportApp) +- [fastmo/CVE-2019-11932](https://github.com/fastmo/CVE-2019-11932) +- [mRanonyMousTZ/CVE-2019-11932-whatsApp-exploit](https://github.com/mRanonyMousTZ/CVE-2019-11932-whatsApp-exploit) +- [SmoZy92/CVE-2019-11932](https://github.com/SmoZy92/CVE-2019-11932) - [dashtic172/https-github.com-awakened171](https://github.com/dashtic172/https-github.com-awakened171) - [Err0r-ICA/WhatsPayloadRCE](https://github.com/Err0r-ICA/WhatsPayloadRCE) @@ -2147,8 +3478,25 @@ A heap buffer overflow bug in libpl_droidsonroids_gif before 1.2.19, as used in A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation. +- [codeplutos/CVE-2019-12086-jackson-databind-file-read](https://github.com/codeplutos/CVE-2019-12086-jackson-databind-file-read) - [Al1ex/CVE-2019-12086](https://github.com/Al1ex/CVE-2019-12086) +### CVE-2019-12169 + + +ATutor 2.2.4 allows Arbitrary File Upload and Directory Traversal, resulting in remote code execution via a ".." pathname in a ZIP archive to the mods/_core/languages/language_import.php (aka Import New Language) or mods/_standard/patcher/index_admin.php (aka Patcher) component. + + +- [fuzzlove/ATutor-2.2.4-Language-Exploit](https://github.com/fuzzlove/ATutor-2.2.4-Language-Exploit) + +### CVE-2019-12170 + + +ATutor through 2.2.4 is vulnerable to arbitrary file uploads via the mods/_core/backups/upload.php (aka backup) component. This may result in remote command execution. An attacker can use the instructor account to fully compromise the system using a crafted backup ZIP archive. This will allow for PHP files to be written to the web root, and for code to execute on the remote server. + + +- [fuzzlove/ATutor-Instructor-Backup-Arbitrary-File](https://github.com/fuzzlove/ATutor-Instructor-Backup-Arbitrary-File) + ### CVE-2019-12180 @@ -2157,14 +3505,113 @@ An issue was discovered in SmartBear ReadyAPI through 2.8.2 and 3.0.0 and SoapUI - [0x-nope/CVE-2019-12180](https://github.com/0x-nope/CVE-2019-12180) +### CVE-2019-12181 + + +A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux. + + +- [guywhataguy/CVE-2019-12181](https://github.com/guywhataguy/CVE-2019-12181) + +### CVE-2019-12185 + + +eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the web root, and for code to execute on the remote server. + + +- [fuzzlove/eLabFTW-1.8.5-EntityController-Arbitrary-File-Upload-RCE](https://github.com/fuzzlove/eLabFTW-1.8.5-EntityController-Arbitrary-File-Upload-RCE) + +### CVE-2019-12189 + + +An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SearchN.do search field. + + +- [falconz/CVE-2019-12189](https://github.com/falconz/CVE-2019-12189) +- [tuyenhva/CVE-2019-12189](https://github.com/tuyenhva/CVE-2019-12189) + +### CVE-2019-12190 + + +XSS was discovered in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.747 via the testacc/fileManager2.php fm_current_dir or filename parameter. + + +- [tuyenhva/CVE-2019-12190](https://github.com/tuyenhva/CVE-2019-12190) + +### CVE-2019-12252 + + +In Zoho ManageEngine ServiceDesk Plus through 10.5, users with the lowest privileges (guest) can view an arbitrary post by appending its number to the SDNotify.do?notifyModule=Solution&mode=E-Mail&notifyTo=SOLFORWARD&id= substring. + + +- [tuyenhva/CVE-2019-12252](https://github.com/tuyenhva/CVE-2019-12252) + +### CVE-2019-12255 + + +Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow. + + +- [sud0woodo/Urgent11-Suricata-LUA-scripts](https://github.com/sud0woodo/Urgent11-Suricata-LUA-scripts) + +### CVE-2019-12272 + + +In OpenWrt LuCI through 0.10, the endpoints admin/status/realtime/bandwidth_status and admin/status/realtime/wireless_status of the web application are affected by a command injection vulnerability. + + +- [HACHp1/LuCI_RCE_exp](https://github.com/HACHp1/LuCI_RCE_exp) +- [roguedream/lede-17.01.3](https://github.com/roguedream/lede-17.01.3) + +### CVE-2019-12314 + + +Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as demonstrated by a cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS/etc/passwd URI. + + +- [ras313/CVE-2019-12314](https://github.com/ras313/CVE-2019-12314) + ### CVE-2019-12384 FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be possible. +- [jas502n/CVE-2019-12384](https://github.com/jas502n/CVE-2019-12384) - [MagicZer0/Jackson_RCE-CVE-2019-12384](https://github.com/MagicZer0/Jackson_RCE-CVE-2019-12384) +### CVE-2019-12409 + + +The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server. + + +- [jas502n/CVE-2019-12409](https://github.com/jas502n/CVE-2019-12409) + +### CVE-2019-12453 + + +In MicroStrategy Web before 10.1 patch 10, stored XSS is possible in the FLTB parameter due to missing input validation. + + +- [undefinedmode/CVE-2019-12453](https://github.com/undefinedmode/CVE-2019-12453) + +### CVE-2019-12460 + + +Web Port 1.19.1 allows XSS via the /access/setup type parameter. + + +- [EmreOvunc/WebPort-v1.19.1-Reflected-XSS](https://github.com/EmreOvunc/WebPort-v1.19.1-Reflected-XSS) + +### CVE-2019-12475 + + +In MicroStrategy Web before 10.4.6, there is stored XSS in metric due to insufficient input validation. + + +- [undefinedmode/CVE-2019-12475](https://github.com/undefinedmode/CVE-2019-12475) + ### CVE-2019-12476 @@ -2173,6 +3620,82 @@ An authentication bypass vulnerability in the password reset functionality in Zo - [0katz/CVE-2019-12476](https://github.com/0katz/CVE-2019-12476) +### CVE-2019-12538 + + +An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SiteLookup.do search field. + + +- [tarantula-team/CVE-2019-12538](https://github.com/tarantula-team/CVE-2019-12538) + +### CVE-2019-12541 + + +An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SolutionSearch.do searchText parameter. + + +- [tarantula-team/CVE-2019-12541](https://github.com/tarantula-team/CVE-2019-12541) + +### CVE-2019-12542 + + +An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SearchN.do userConfigID parameter. + + +- [tarantula-team/CVE-2019-12542](https://github.com/tarantula-team/CVE-2019-12542) + +### CVE-2019-12543 + + +An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the PurchaseRequest.do serviceRequestId parameter. + + +- [tarantula-team/CVE-2019-12543](https://github.com/tarantula-team/CVE-2019-12543) + +### CVE-2019-12562 + + +Stored Cross-Site Scripting in DotNetNuke (DNN) Version before 9.4.0 allows remote attackers to store and embed the malicious script into the admin notification page. The exploit could be used to perfom any action with admin privileges such as managing content, adding users, uploading backdoors to the server, etc. Successful exploitation occurs when an admin user visits a notification page with stored cross-site scripting. + + +- [MAYASEVEN/CVE-2019-12562](https://github.com/MAYASEVEN/CVE-2019-12562) + +### CVE-2019-12586 + + +The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 processes EAP Success messages before any EAP method completion or failure, which allows attackers in radio range to cause a denial of service (crash) via a crafted message. + + +- [Matheus-Garbelini/esp32_esp8266_attacks](https://github.com/Matheus-Garbelini/esp32_esp8266_attacks) + +### CVE-2019-12594 + + +DOSBox 0.74-2 has Incorrect Access Control. + + +- [Alexandre-Bartel/CVE-2019-12594](https://github.com/Alexandre-Bartel/CVE-2019-12594) + +### CVE-2019-12735 + + +getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim. + + +- [pcy190/ace-vim-neovim](https://github.com/pcy190/ace-vim-neovim) +- [oldthree3/CVE-2019-12735-VIM-NEOVIM](https://github.com/oldthree3/CVE-2019-12735-VIM-NEOVIM) + +### CVE-2019-12750 + + +Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. + + +- [v-p-b/cve-2019-12750](https://github.com/v-p-b/cve-2019-12750) + +### CVE-2019-12796 +- [PeterUpfold/CVE-2019-12796](https://github.com/PeterUpfold/CVE-2019-12796) + ### CVE-2019-12814 @@ -2181,6 +3704,14 @@ A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x thro - [Al1ex/CVE-2019-12814](https://github.com/Al1ex/CVE-2019-12814) +### CVE-2019-12815 + + +An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306. + + +- [KTN1990/CVE-2019-12815](https://github.com/KTN1990/CVE-2019-12815) + ### CVE-2019-12836 @@ -2189,6 +3720,96 @@ The Bobronix JEditor editor before 3.0.6 for Jira allows an attacker to add a UR - [9lyph/CVE-2019-12836](https://github.com/9lyph/CVE-2019-12836) +### CVE-2019-12840 + + +In Webmin through 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi. + + +- [bkaraceylan/CVE-2019-12840_POC](https://github.com/bkaraceylan/CVE-2019-12840_POC) +- [KrE80r/webmin_cve-2019-12840_poc](https://github.com/KrE80r/webmin_cve-2019-12840_poc) + +### CVE-2019-12889 + + +An unauthenticated privilege escalation exists in SailPoint Desktop Password Reset 7.2. A user with local access to only the Windows logon screen can escalate their privileges to NT AUTHORITY\System. An attacker would need local access to the machine for a successful exploit. The attacker must disconnect the computer from the local network / WAN and connect it to an internet facing access point / network. At that point, the attacker can execute the password-reset functionality, which will expose a web browser. Browsing to a site that calls local Windows system functions (e.g., file upload) will expose the local file system. From there an attacker can launch a privileged command shell. + + +- [nulsect0r/CVE-2019-12889](https://github.com/nulsect0r/CVE-2019-12889) + +### CVE-2019-12890 + + +RedwoodHQ 2.5.5 does not require any authentication for database operations, which allows remote attackers to create admin users via a con.automationframework users insert_one call. + + +- [EthicalHackingCOP/CVE-2019-12890](https://github.com/EthicalHackingCOP/CVE-2019-12890) + +### CVE-2019-12949 + + +In pfSense 2.4.4-p2 and 2.4.4-p3, if it is possible to trick an authenticated administrator into clicking on a button on a phishing page, an attacker can leverage XSS to upload arbitrary executable code, via diag_command.php and rrd_fetch_json.php (timePeriod parameter), to a server. Then, the remote attacker can run any command with root privileges on that server. + + +- [tarantula-team/CVE-2019-12949](https://github.com/tarantula-team/CVE-2019-12949) + +### CVE-2019-12999 + + +Lightning Network Daemon (lnd) before 0.7 allows attackers to trigger loss of funds because of Incorrect Access Control. + + +- [lightninglabs/chanleakcheck](https://github.com/lightninglabs/chanleakcheck) + +### CVE-2019-13000 + + +Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "it is beta-quality software and don't put too much money in it." + + +- [ACINQ/detection-tool-cve-2019-13000](https://github.com/ACINQ/detection-tool-cve-2019-13000) + +### CVE-2019-13024 + + +Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web before 2.8.29 allows the attacker to execute arbitrary system commands by using the value "init_script"-"Monitoring Engine Binary" in main.get.php to insert a arbitrary command into the database, and execute it by calling the vulnerable page www/include/configuration/configGenerate/xml/generateFiles.php (which passes the inserted value to the database to shell_exec without sanitizing it, allowing one to execute system arbitrary commands). + + +- [mhaskar/CVE-2019-13024](https://github.com/mhaskar/CVE-2019-13024) +- [get-get-get-get/Centreon-RCE](https://github.com/get-get-get-get/Centreon-RCE) + +### CVE-2019-13025 + + +Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST (HTTP) request containing shell commands, which will be executed on the device, to an backend API endpoint of the cable modem. + + +- [x1tan/CVE-2019-13025](https://github.com/x1tan/CVE-2019-13025) + +### CVE-2019-13027 + + +Realization Concerto Critical Chain Planner (aka CCPM) 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter. + + +- [IckoGZ/CVE-2019-13027](https://github.com/IckoGZ/CVE-2019-13027) + +### CVE-2019-13051 + + +Pi-Hole 4.3 allows Command Injection. + + +- [pr0tean/CVE-2019-13051](https://github.com/pr0tean/CVE-2019-13051) + +### CVE-2019-13063 + + +Within Sahi Pro 8.0.0, an attacker can send a specially crafted URL to include any victim files on the system via the script parameter on the Script_view page. This will result in file disclosure (i.e., being able to pull any file from the remote victim application). This can be used to steal and obtain sensitive config and other files. This can result in complete compromise of the application. The script parameter is vulnerable to directory traversal and both local and remote file inclusion. + + +- [0x6b7966/CVE-2019-13063-POC](https://github.com/0x6b7966/CVE-2019-13063-POC) + ### CVE-2019-13086 @@ -2197,12 +3818,41 @@ core/MY_Security.php in CSZ CMS 1.2.2 before 2019-06-20 has member/login/check S - [lingchuL/CVE_POC_test](https://github.com/lingchuL/CVE_POC_test) +### CVE-2019-13101 + + +An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page. + + +- [halencarjunior/dlkploit600](https://github.com/halencarjunior/dlkploit600) + +### CVE-2019-13115 + + +In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855. + + +- [CSSProject/libssh2-Exploit](https://github.com/CSSProject/libssh2-Exploit) + +### CVE-2019-13143 + + +An HTTP parameter pollution issue was discovered on Shenzhen Dragon Brothers Fingerprint Bluetooth Round Padlock FB50 2.3. With the user ID, user name, and the lock's MAC address, anyone can unbind the existing owner of the lock, and bind themselves instead. This leads to complete takeover of the lock. The user ID, name, and MAC address are trivially obtained from APIs found within the Android or iOS application. With only the MAC address of the lock, any attacker can transfer ownership of the lock from the current user, over to the attacker's account. Thus rendering the lock completely inaccessible to the current user. + + +- [securelayer7/pwnfb50](https://github.com/securelayer7/pwnfb50) + ### CVE-2019-13272 In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments. +- [jas502n/CVE-2019-13272](https://github.com/jas502n/CVE-2019-13272) +- [Cyc1eC/CVE-2019-13272](https://github.com/Cyc1eC/CVE-2019-13272) +- [bigbigliang-malwarebenchmark/cve-2019-13272](https://github.com/bigbigliang-malwarebenchmark/cve-2019-13272) +- [oneoy/CVE-2019-13272](https://github.com/oneoy/CVE-2019-13272) +- [Huandtx/CVE-2019-13272](https://github.com/Huandtx/CVE-2019-13272) - [polosec/CVE-2019-13272](https://github.com/polosec/CVE-2019-13272) - [sumedhaDharmasena/-Kernel-ptrace-c-mishandles-vulnerability-CVE-2019-13272](https://github.com/sumedhaDharmasena/-Kernel-ptrace-c-mishandles-vulnerability-CVE-2019-13272) - [Tharana/Exploiting-a-Linux-kernel-vulnerability](https://github.com/Tharana/Exploiting-a-Linux-kernel-vulnerability) @@ -2210,12 +3860,77 @@ In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the - [Tharana/vulnerability-exploitation](https://github.com/Tharana/vulnerability-exploitation) - [teddy47/CVE-2019-13272---Documentation](https://github.com/teddy47/CVE-2019-13272---Documentation) +### CVE-2019-13361 + + +Smanos W100 1.0.0 devices have Insecure Permissions, exploitable by an attacker on the same Wi-Fi network. + + +- [lodi-g/CVE-2019-13361](https://github.com/lodi-g/CVE-2019-13361) + +### CVE-2019-13403 + + +Temenos CWX version 8.9 has an Broken Access Control vulnerability in the module /CWX/Employee/EmployeeEdit2.aspx, leading to the viewing of user information. + + +- [B3Bo1d/CVE-2019-13403](https://github.com/B3Bo1d/CVE-2019-13403) + +### CVE-2019-13404 + + +** DISPUTED ** The MSI installer for Python through 2.7.16 on Windows defaults to the C:\Python27 directory, which makes it easier for local users to deploy Trojan horse code. (This also affects old 3.x releases before 3.5.) NOTE: the vendor's position is that it is the user's responsibility to ensure C:\Python27 access control or choose a different directory, because backwards compatibility requires that C:\Python27 remain the default for 2.7.x. + + +- [alidnf/CVE-2019-13404](https://github.com/alidnf/CVE-2019-13404) + +### CVE-2019-13496 + + +One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a man in the middle, the One Identity Defender product, and replacing a failed SAML response with a successful SAML response. + + +- [FurqanKhan1/CVE-2019-13496](https://github.com/FurqanKhan1/CVE-2019-13496) + +### CVE-2019-13497 + + +One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows CSRF for logout requests. + + +- [FurqanKhan1/CVE-2019-13497](https://github.com/FurqanKhan1/CVE-2019-13497) + +### CVE-2019-13498 + + +One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), which may allow man-in-the-middle (MITM) attacks. This issue is fixed in version 8.1.4. + + +- [FurqanKhan1/CVE-2019-13498](https://github.com/FurqanKhan1/CVE-2019-13498) + +### CVE-2019-13504 + + +There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2. + + +- [hazedic/fuzzenv-exiv2](https://github.com/hazedic/fuzzenv-exiv2) + +### CVE-2019-13574 + + +In lib/mini_magick/image.rb in MiniMagick before 4.9.4, a fetched remote image filename could cause remote command execution because Image.open input is directly passed to Kernel#open, which accepts a '|' character followed by a command. + + +- [masahiro331/CVE-2019-13574](https://github.com/masahiro331/CVE-2019-13574) + ### CVE-2019-13720 Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. +- [cve-2019-13720/cve-2019-13720](https://github.com/cve-2019-13720/cve-2019-13720) - [ChoKyuWon/CVE-2019-13720](https://github.com/ChoKyuWon/CVE-2019-13720) ### CVE-2019-13956 @@ -2250,6 +3965,22 @@ Access to the uninitialized variable when the driver tries to unmap the dma buff - [parallelbeings/CVE-2019-14079](https://github.com/parallelbeings/CVE-2019-14079) +### CVE-2019-14205 + + +A Local File Inclusion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote attackers to retrieve arbitrary files via the $REQUEST['adaptive-images-settings']['source_file'] parameter in adaptive-images-script.php. + + +- [security-kma/EXPLOITING-CVE-2019-14205](https://github.com/security-kma/EXPLOITING-CVE-2019-14205) + +### CVE-2019-14220 + + +An issue was discovered in BlueStacks 4.110 and below on macOS and on 4.120 and below on Windows. BlueStacks employs Android running in a virtual machine (VM) to enable Android apps to run on Windows or MacOS. Bug is in a local arbitrary file read through a system service call. The impacted method runs with System admin privilege and if given the file name as parameter returns you the content of file. A malicious app using the affected method can then read the content of any system file which it is not authorized to read + + +- [seqred-s-a/cve-2019-14220](https://github.com/seqred-s-a/cve-2019-14220) + ### CVE-2019-14267 @@ -2264,6 +3995,17 @@ PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data asso In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command. +- [FauxFaux/sudo-cve-2019-14287](https://github.com/FauxFaux/sudo-cve-2019-14287) +- [CashWilliams/CVE-2019-14287-demo](https://github.com/CashWilliams/CVE-2019-14287-demo) +- [n0w4n/CVE-2019-14287](https://github.com/n0w4n/CVE-2019-14287) +- [gurneesh/CVE-2019-14287-write-up](https://github.com/gurneesh/CVE-2019-14287-write-up) +- [shellvhack/Sudo-Security-Bypass-CVE-2019-14287](https://github.com/shellvhack/Sudo-Security-Bypass-CVE-2019-14287) +- [Janette88/cve-2019-14287sudoexp](https://github.com/Janette88/cve-2019-14287sudoexp) +- [huang919/cve-2019-14287-PPT](https://github.com/huang919/cve-2019-14287-PPT) +- [wenyu1999/sudo-](https://github.com/wenyu1999/sudo-) +- [Sindadziy/cve-2019-14287](https://github.com/Sindadziy/cve-2019-14287) +- [Sindayifu/CVE-2019-14287-CVE-2014-6271](https://github.com/Sindayifu/CVE-2019-14287-CVE-2014-6271) +- [Unam3dd/sudo-vulnerability-CVE-2019-14287](https://github.com/Unam3dd/sudo-vulnerability-CVE-2019-14287) - [CMNatic/Dockerized-CVE-2019-14287](https://github.com/CMNatic/Dockerized-CVE-2019-14287) - [SachinthaDeSilva-cmd/Exploit-CVE-2019-14287](https://github.com/SachinthaDeSilva-cmd/Exploit-CVE-2019-14287) - [HussyCool/CVE-2019-14287-IT18030372-](https://github.com/HussyCool/CVE-2019-14287-IT18030372-) @@ -2281,6 +4023,14 @@ A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin befor - [imthoe/CVE-2019-14314](https://github.com/imthoe/CVE-2019-14314) +### CVE-2019-14319 + + +The TikTok (formerly Musical.ly) application 12.2.0 for Android and iOS performs unencrypted transmission of images, videos, and likes. This allows an attacker to extract private sensitive information by sniffing network traffic. + + +- [MelroyB/CVE-2019-14319](https://github.com/MelroyB/CVE-2019-14319) + ### CVE-2019-14326 @@ -2289,6 +4039,22 @@ An issue was discovered in AndyOS Andy versions up to 46.11.113. By default, it - [seqred-s-a/cve-2019-14326](https://github.com/seqred-s-a/cve-2019-14326) +### CVE-2019-14339 + + +The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2.5.5 application for Android does not properly restrict canon.ij.printer.capability.data data access. This allows an attacker's malicious application to obtain sensitive information including factory passwords for the administrator web interface and WPA2-PSK key. + + +- [0x48piraj/CVE-2019-14339](https://github.com/0x48piraj/CVE-2019-14339) + +### CVE-2019-14439 + + +A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath. + + +- [jas502n/CVE-2019-14439](https://github.com/jas502n/CVE-2019-14439) + ### CVE-2019-14514 @@ -2297,6 +4063,38 @@ An issue was discovered in Microvirt MEmu all versions prior to 7.0.2. A guest A - [seqred-s-a/cve-2019-14514](https://github.com/seqred-s-a/cve-2019-14514) +### CVE-2019-14529 + + +OpenEMR before 5.0.2 allows SQL Injection in interface/forms/eye_mag/save.php. + + +- [Wezery/CVE-2019-14529](https://github.com/Wezery/CVE-2019-14529) + +### CVE-2019-14530 + + +An issue was discovered in custom/ajax_download.php in OpenEMR before 5.0.2 via the fileName parameter. An attacker can download any file (that is readable by the user www-data) from server storage. If the requested file is writable for the www-data user and the directory /var/www/openemr/sites/default/documents/cqm_qrda/ exists, it will be deleted from server. + + +- [Wezery/CVE-2019-14530](https://github.com/Wezery/CVE-2019-14530) + +### CVE-2019-14537 + + +YOURLS through 1.7.3 is affected by a type juggling vulnerability in the api component that can result in login bypass. + + +- [Wocanilo/CVE-2019-14537](https://github.com/Wocanilo/CVE-2019-14537) + +### CVE-2019-14540 + + +A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig. + + +- [LeadroyaL/cve-2019-14540-exploit](https://github.com/LeadroyaL/cve-2019-14540-exploit) + ### CVE-2019-14615 @@ -2305,14 +4103,75 @@ Insufficient control flow in certain data structures for some Intel(R) Processor - [HE-Wenjian/iGPU-Leak](https://github.com/HE-Wenjian/iGPU-Leak) +### CVE-2019-14745 + + +In radare2 before 3.7.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is due to improper handling of symbol names embedded in executables. + + +- [xooxo/CVE-2019-14745](https://github.com/xooxo/CVE-2019-14745) + +### CVE-2019-14751 + + +NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during extraction. + + +- [mssalvatore/CVE-2019-14751_PoC](https://github.com/mssalvatore/CVE-2019-14751_PoC) + +### CVE-2019-14830 +- [Fr3d-/moodle-token-stealer](https://github.com/Fr3d-/moodle-token-stealer) + +### CVE-2019-14912 + + +An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does not properly check the goto parameter, leading to an open redirect that leaks the session cookie. + + +- [Wocanilo/adaPwn](https://github.com/Wocanilo/adaPwn) + +### CVE-2019-15029 + + +FusionPBX 4.4.8 allows an attacker to execute arbitrary system commands by submitting a malicious command to the service_edit.php file (which will insert the malicious command into the database). To trigger the command, one needs to call the services.php file via a GET request with the service id followed by the parameter a=start to execute the stored command. + + +- [mhaskar/CVE-2019-15029](https://github.com/mhaskar/CVE-2019-15029) + +### CVE-2019-15053 + + +The "HTML Include and replace macro" plugin before 1.5.0 for Confluence Server allows a bypass of the includeScripts=false XSS protection mechanism via vectors involving an IFRAME element. + + +- [l0nax/CVE-2019-15053](https://github.com/l0nax/CVE-2019-15053) + ### CVE-2019-15107 An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability. +- [jas502n/CVE-2019-15107](https://github.com/jas502n/CVE-2019-15107) +- [HACHp1/webmin_docker_and_exp](https://github.com/HACHp1/webmin_docker_and_exp) +- [ketlerd/CVE-2019-15107](https://github.com/ketlerd/CVE-2019-15107) +- [AdministratorGithub/CVE-2019-15107](https://github.com/AdministratorGithub/CVE-2019-15107) +- [Pichuuuuu/CVE-2019-15107](https://github.com/Pichuuuuu/CVE-2019-15107) +- [Rayferrufino/Make-and-Break](https://github.com/Rayferrufino/Make-and-Break) +- [AleWong/WebminRCE-EXP-CVE-2019-15107-](https://github.com/AleWong/WebminRCE-EXP-CVE-2019-15107-) +- [ianxtianxt/CVE-2019-15107](https://github.com/ianxtianxt/CVE-2019-15107) +- [hannob/webminex](https://github.com/hannob/webminex) +- [ChakoMoonFish/webmin_CVE-2019-15107](https://github.com/ChakoMoonFish/webmin_CVE-2019-15107) - [cdedmondson/CVE-2019-15107](https://github.com/cdedmondson/CVE-2019-15107) +### CVE-2019-15120 + + +The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode. + + +- [h3llraiser/CVE-2019-15120](https://github.com/h3llraiser/CVE-2019-15120) + ### CVE-2019-15126 @@ -2324,6 +4183,30 @@ An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and - [akabe1/kr00ker](https://github.com/akabe1/kr00ker) - [mustafasevim/kr00k-vulnerability](https://github.com/mustafasevim/kr00k-vulnerability) +### CVE-2019-15224 + + +The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions <=1.6.9 and >=1.6.14 are unaffected. + + +- [chef-cft/inspec_cve_2019_15224](https://github.com/chef-cft/inspec_cve_2019_15224) + +### CVE-2019-15233 + + +The Live:Text Box macro in the Old Street Live Input Macros app before 2.11 for Confluence has XSS, leading to theft of the Administrator Session Cookie. + + +- [l0nax/CVE-2019-15233](https://github.com/l0nax/CVE-2019-15233) + +### CVE-2019-15511 + + +An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy. Due to Improper Access Control, an attacker can send unauthenticated local TCP packets to the service to gain SYSTEM privileges in Windows system where GOG Galaxy software is installed. All GOG Galaxy versions before 1.2.60 and all corresponding versions of GOG Galaxy 2.0 Beta are affected. + + +- [adenkiewicz/CVE-2019-15511](https://github.com/adenkiewicz/CVE-2019-15511) + ### CVE-2019-15605 @@ -2332,6 +4215,22 @@ HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delive - [jlcarruda/node-poc-http-smuggling](https://github.com/jlcarruda/node-poc-http-smuggling) +### CVE-2019-15642 + + +rpc.cgi in Webmin through 1.920 allows authenticated Remote Code Execution via a crafted object name because unserialise_variable makes an eval call. NOTE: the Webmin_Servers_Index documentation states "RPC can be used to run any command or modify any file on a server, which is why access to it must not be granted to un-trusted Webmin users." + + +- [jas502n/CVE-2019-15642](https://github.com/jas502n/CVE-2019-15642) + +### CVE-2019-15802 + + +An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware hashes and encrypts passwords using a hardcoded cryptographic key in sal_util_str_encrypt() in libsal.so.0.0. The parameters (salt, IV, and key data) are used to encrypt and decrypt all passwords using AES256 in CBC mode. With the parameters known, all previously encrypted passwords can be decrypted. This includes the passwords that are part of configuration backups or otherwise embedded as part of the firmware. + + +- [jasperla/CVE-2019-15802](https://github.com/jasperla/CVE-2019-15802) + ### CVE-2019-15813 @@ -2340,6 +4239,51 @@ Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could - [iamhrishikeshpadhye/CVE-2019-15813-Exploitation](https://github.com/iamhrishikeshpadhye/CVE-2019-15813-Exploitation) +### CVE-2019-15846 + + +Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash. + + +- [synacktiv/Exim-CVE-2019-15846](https://github.com/synacktiv/Exim-CVE-2019-15846) + +### CVE-2019-15858 + + +admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution. + + +- [GeneralEG/CVE-2019-15858](https://github.com/GeneralEG/CVE-2019-15858) + +### CVE-2019-15972 + + +A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to modify values on or return values from the underlying database. + + +- [FSecureLABS/Cisco-UCM-SQLi-Scripts](https://github.com/FSecureLABS/Cisco-UCM-SQLi-Scripts) + +### CVE-2019-16097 + + +core/api/user.go in Harbor 1.7.0 through 1.8.2 allows non-admin users to create admin accounts via the POST /api/users API, when Harbor is setup with DB as authentication backend and allow user to do self-registration. Fixed version: v1.7.6 v1.8.3. v.1.9.0. Workaround without applying the fix: configure Harbor to use non-DB authentication backend such as LDAP. + + +- [evilAdan0s/CVE-2019-16097](https://github.com/evilAdan0s/CVE-2019-16097) +- [rockmelodies/CVE-2019-16097-batch](https://github.com/rockmelodies/CVE-2019-16097-batch) +- [ianxtianxt/CVE-2019-16097](https://github.com/ianxtianxt/CVE-2019-16097) +- [dacade/cve-2019-16097](https://github.com/dacade/cve-2019-16097) +- [theLSA/harbor-give-me-admin](https://github.com/theLSA/harbor-give-me-admin) +- [luckybool1020/CVE-2019-16097](https://github.com/luckybool1020/CVE-2019-16097) + +### CVE-2019-16098 + + +The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code. + + +- [Barakat/CVE-2019-16098](https://github.com/Barakat/CVE-2019-16098) + ### CVE-2019-16113 @@ -2358,9 +4302,25 @@ Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php b Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request. +- [jas502n/CVE-2019-16278](https://github.com/jas502n/CVE-2019-16278) +- [imjdl/CVE-2019-16278-PoC](https://github.com/imjdl/CVE-2019-16278-PoC) +- [ianxtianxt/CVE-2019-16278](https://github.com/ianxtianxt/CVE-2019-16278) +- [darkerego/Nostromo_Python3](https://github.com/darkerego/Nostromo_Python3) +- [AnubisSec/CVE-2019-16278](https://github.com/AnubisSec/CVE-2019-16278) +- [theRealFr13nd/CVE-2019-16278-Nostromo_1.9.6-RCE](https://github.com/theRealFr13nd/CVE-2019-16278-Nostromo_1.9.6-RCE) +- [Kr0ff/cve-2019-16278](https://github.com/Kr0ff/cve-2019-16278) +- [NHPT/CVE-2019-16278](https://github.com/NHPT/CVE-2019-16278) - [Unam3dd/nostromo_1_9_6_rce](https://github.com/Unam3dd/nostromo_1_9_6_rce) - [keshiba/cve-2019-16278](https://github.com/keshiba/cve-2019-16278) +### CVE-2019-16279 + + +A memory error in the function SSL_accept in nostromo nhttpd through 1.9.6 allows an attacker to trigger a denial of service via a crafted HTTP request. + + +- [ianxtianxt/CVE-2019-16279](https://github.com/ianxtianxt/CVE-2019-16279) + ### CVE-2019-16394 @@ -2369,12 +4329,49 @@ SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from t - [SilentVoid13/Silent_CVE_2019_16394](https://github.com/SilentVoid13/Silent_CVE_2019_16394) +### CVE-2019-16405 + + +Centreon Web before 2.8.30, 18.10.x before 18.10.8, 19.04.x before 19.04.5 and 19.10.x before 19.10.2 allows Remote Code Execution by an administrator who can modify Macro Expression location settings. CVE-2019-16405 and CVE-2019-17501 are similar to one another and may be the same. + + +- [TheCyberGeek/CVE-2019-16405.rb](https://github.com/TheCyberGeek/CVE-2019-16405.rb) + +### CVE-2019-16662 + + +An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to ajaxServerSettingsChk.php because the rootUname parameter is passed to the exec function without filtering, which can lead to command execution. + + +- [mhaskar/CVE-2019-16662](https://github.com/mhaskar/CVE-2019-16662) + +### CVE-2019-16663 + + +An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to search.crud.php because the catCommand parameter is passed to the exec function without filtering, which can lead to command execution. + + +- [mhaskar/CVE-2019-16663](https://github.com/mhaskar/CVE-2019-16663) + +### CVE-2019-16692 + + +phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used. + + +- [kkirsche/CVE-2019-16692](https://github.com/kkirsche/CVE-2019-16692) + ### CVE-2019-16759 vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request. +- [M0sterHxck/CVE-2019-16759-Vbulletin-rce-exploit](https://github.com/M0sterHxck/CVE-2019-16759-Vbulletin-rce-exploit) +- [r00tpgp/http-vuln-CVE-2019-16759](https://github.com/r00tpgp/http-vuln-CVE-2019-16759) +- [jas502n/CVE-2019-16759](https://github.com/jas502n/CVE-2019-16759) +- [FarjaalAhmad/CVE-2019-16759](https://github.com/FarjaalAhmad/CVE-2019-16759) +- [andripwn/pwn-vbulletin](https://github.com/andripwn/pwn-vbulletin) - [psychoxploit/vbull](https://github.com/psychoxploit/vbull) ### CVE-2019-16784 @@ -2385,6 +4382,62 @@ In PyInstaller before version 3.6, only on Windows, a local privilege escalation - [AlterSolutions/PyInstallerPrivEsc](https://github.com/AlterSolutions/PyInstallerPrivEsc) +### CVE-2019-16889 + + +Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The attacker can use a long series of unique session IDs. + + +- [grampae/meep](https://github.com/grampae/meep) + +### CVE-2019-16920 + + +Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. Later, it was independently found that these are also affected: DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825. + + +- [pwnhacker0x18/CVE-2019-16920-MassPwn3r](https://github.com/pwnhacker0x18/CVE-2019-16920-MassPwn3r) + +### CVE-2019-16941 + + +NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files feature of Bit Patterns Explorer is used with a modified XML document. This occurs in Features/BytePatterns/src/main/java/ghidra/bitpatterns/info/FileBitPatternInfoReader.java. An attack could start with an XML document that was originally created by DumpFunctionPatternInfoScript but then directly modified by an attacker (for example, to make a java.lang.Runtime.exec call). + + +- [purpleracc00n/CVE-2019-16941](https://github.com/purpleracc00n/CVE-2019-16941) + +### CVE-2019-17080 + + +mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code execution if a REVIEWS_CACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports. + + +- [Andhrimnirr/Mintinstall-object-injection](https://github.com/Andhrimnirr/Mintinstall-object-injection) + +### CVE-2019-17124 + + +Kramer VIAware 2.5.0719.1034 has Incorrect Access Control. + + +- [hessandrew/CVE-2019-17124](https://github.com/hessandrew/CVE-2019-17124) + +### CVE-2019-17221 + + +PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a file:// URI. The vulnerability exists in the page.open() function of the webpage module, which loads a specified URL and calls a given callback. An attacker can supply a specially crafted HTML file, as user input, that allows reading arbitrary files on the filesystem. For example, if page.render() is the function callback, this generates a PDF or an image of the targeted file. NOTE: this product is no longer developed. + + +- [h4ckologic/CVE-2019-17221](https://github.com/h4ckologic/CVE-2019-17221) + +### CVE-2019-17234 + + +includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows unauthenticated arbitrary file deletion. + + +- [administra1tor/CVE-2019-17234-Wordpress-DirStroyer](https://github.com/administra1tor/CVE-2019-17234-Wordpress-DirStroyer) + ### CVE-2019-17240 @@ -2394,6 +4447,30 @@ bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute- - [pingport80/CVE-2019-17240](https://github.com/pingport80/CVE-2019-17240) - [LucaReggiannini/Bludit-3-9-2-bb](https://github.com/LucaReggiannini/Bludit-3-9-2-bb) +### CVE-2019-17424 + + +A stack-based buffer overflow in the processPrivilage() function in IOS/process-general.c in nipper-ng 0.11.10 allows remote attackers (serving firewall configuration files) to achieve Remote Code Execution or Denial Of Service via a crafted file. + + +- [guywhataguy/CVE-2019-17424](https://github.com/guywhataguy/CVE-2019-17424) + +### CVE-2019-17427 + + +In Redmine before 3.4.11 and 4.0.x before 4.0.4, persistent XSS exists due to textile formatting errors. + + +- [RealLinkers/CVE-2019-17427](https://github.com/RealLinkers/CVE-2019-17427) + +### CVE-2019-17495 + + +A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite (RPO) technique to perform CSS-based input field value exfiltration, such as exfiltration of a CSRF token value. In other words, this product intentionally allows the embedding of untrusted JSON data from remote servers, but it was not previously known that <style>@import within the JSON data was a functional attack method. + + +- [SecT0uch/CVE-2019-17495-test](https://github.com/SecT0uch/CVE-2019-17495-test) + ### CVE-2019-17525 @@ -2408,6 +4485,7 @@ The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to byp Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/` directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting `params.resource.loader.enabled` by defining a response writer with that setting set to `true`. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is `trusted` (has been uploaded by an authenticated user). +- [SDNDTeam/CVE-2019-17558_Solr_Vul_Tool](https://github.com/SDNDTeam/CVE-2019-17558_Solr_Vul_Tool) - [zhzyker/exphub](https://github.com/zhzyker/exphub) ### CVE-2019-17564 @@ -2429,8 +4507,25 @@ Unsafe deserialization occurs within a Dubbo application which has HTTP remoting An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issue will not be fixed. +- [r00t4dm/CVE-2019-17570](https://github.com/r00t4dm/CVE-2019-17570) - [orangecertcc/xmlrpc-common-deserialization](https://github.com/orangecertcc/xmlrpc-common-deserialization) +### CVE-2019-17571 + + +Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17. + + +- [shadow-horse/CVE-2019-17571](https://github.com/shadow-horse/CVE-2019-17571) + +### CVE-2019-17596 + + +Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates. + + +- [pquerna/poc-dsa-verify-CVE-2019-17596](https://github.com/pquerna/poc-dsa-verify-CVE-2019-17596) + ### CVE-2019-17625 @@ -2439,6 +4534,14 @@ There is a stored XSS in Rambox 0.6.9 that can lead to code execution. The XSS i - [Ekultek/CVE-2019-17625](https://github.com/Ekultek/CVE-2019-17625) +### CVE-2019-17633 + + +For Eclipse Che versions 6.16 to 7.3.0, with both authentication and TLS disabled, visiting a malicious web site could trigger the start of an arbitrary Che workspace. Che with no authentication and no TLS is not usually deployed on a public network but is often used for local installations (e.g. on personal laptops). In that case, even if the Che API is not exposed externally, some javascript running in the local browser is able to send requests to it. + + +- [mgrube/CVE-2019-17633](https://github.com/mgrube/CVE-2019-17633) + ### CVE-2019-17658 @@ -2455,6 +4558,22 @@ In WordPress before 5.2.4, unauthenticated viewing of certain content is possibl - [rhbb/CVE-2019-17671](https://github.com/rhbb/CVE-2019-17671) +### CVE-2019-18371 + + +An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. There is a directory traversal vulnerability to read arbitrary files via a misconfigured NGINX alias, as demonstrated by api-third-party/download/extdisks../etc/config/account. With this vulnerability, the attacker can bypass authentication. + + +- [UltramanGaia/Xiaomi_Mi_WiFi_R3G_Vulnerability_POC](https://github.com/UltramanGaia/Xiaomi_Mi_WiFi_R3G_Vulnerability_POC) + +### CVE-2019-18418 + + +clonos.php in ClonOS WEB control panel 19.09 allows remote attackers to gain full access via change password requests because there is no session management. + + +- [Andhrimnirr/ClonOS-WEB-control-panel-multi-vulnerability](https://github.com/Andhrimnirr/ClonOS-WEB-control-panel-multi-vulnerability) + ### CVE-2019-18426 @@ -2483,6 +4602,30 @@ An issue was discovered in drivers/media/platform/vivid in the Linux kernel thro - [sanjana123-cloud/CVE-2019-18683](https://github.com/sanjana123-cloud/CVE-2019-18683) +### CVE-2019-18873 + + +FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. This may result in remote code execution. An attacker can use a user account to fully compromise the system via a GET request. When the admin visits user information under "User Manager" in the control panel, the payload will execute. This will allow for PHP files to be written to the web root, and for code to execute on the remote server. The problem is in admsession.php and admuser.php. + + +- [fuzzlove/FUDforum-XSS-RCE](https://github.com/fuzzlove/FUDforum-XSS-RCE) + +### CVE-2019-18885 + + +fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image because fs_devices->devices is mishandled within find_device, aka CID-09ba3bc9dd15. + + +- [bobfuzzer/CVE-2019-18885](https://github.com/bobfuzzer/CVE-2019-18885) + +### CVE-2019-18890 + + +A SQL injection vulnerability in Redmine through 3.2.9 and 3.3.x before 3.3.10 allows Redmine users to access protected information via a crafted object query. + + +- [RealLinkers/CVE-2019-18890](https://github.com/RealLinkers/CVE-2019-18890) + ### CVE-2019-18935 @@ -2504,6 +4647,60 @@ TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access cont - [ReverseBrain/CVE-2019-18988](https://github.com/ReverseBrain/CVE-2019-18988) - [mr-r3b00t/CVE-2019-18988](https://github.com/mr-r3b00t/CVE-2019-18988) +### CVE-2019-19012 + + +An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression. + + +- [ManhNDd/CVE-2019-19012](https://github.com/ManhNDd/CVE-2019-19012) +- [tarantula-team/CVE-2019-19012](https://github.com/tarantula-team/CVE-2019-19012) + +### CVE-2019-19033 + + +Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password. + + +- [ricardojoserf/CVE-2019-19033](https://github.com/ricardojoserf/CVE-2019-19033) + +### CVE-2019-19203 + + +An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read. + + +- [ManhNDd/CVE-2019-19203](https://github.com/ManhNDd/CVE-2019-19203) +- [tarantula-team/CVE-2019-19203](https://github.com/tarantula-team/CVE-2019-19203) + +### CVE-2019-19204 + + +An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read. + + +- [ManhNDd/CVE-2019-19204](https://github.com/ManhNDd/CVE-2019-19204) +- [tarantula-team/CVE-2019-19204](https://github.com/tarantula-team/CVE-2019-19204) + +### CVE-2019-19231 + + +An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges. + + +- [hessandrew/CVE-2019-19231](https://github.com/hessandrew/CVE-2019-19231) + +### CVE-2019-19268 +- [TheCyberGeek/CVE-2019-19268](https://github.com/TheCyberGeek/CVE-2019-19268) + +### CVE-2019-19315 + + +NLSSRV32.EXE in Nalpeiron Licensing Service 7.3.4.0, as used with Nitro PDF and other products, allows Elevation of Privilege via the \\.\mailslot\nlsX86ccMailslot mailslot. + + +- [monoxgas/mailorder](https://github.com/monoxgas/mailorder) + ### CVE-2019-19356 @@ -2524,6 +4721,9 @@ freeFTPd 1.0.8 has a Post-Authentication Buffer Overflow via a crafted SIZE comm - [cwinfosec/CVE-2019-19383](https://github.com/cwinfosec/CVE-2019-19383) +### CVE-2019-19511 +- [jra89/CVE-2019-19511](https://github.com/jra89/CVE-2019-19511) + ### CVE-2019-19550 @@ -2532,6 +4732,40 @@ Remote Authentication Bypass in Senior Rubiweb 6.2.34.28 and 6.2.34.37 allows ad - [underprotection/CVE-2019-19550](https://github.com/underprotection/CVE-2019-19550) +### CVE-2019-19576 + + +class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions. + + +- [jra89/CVE-2019-19576](https://github.com/jra89/CVE-2019-19576) + +### CVE-2019-19633 +- [jra89/CVE-2019-19633](https://github.com/jra89/CVE-2019-19633) + +### CVE-2019-19634 + + +class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576. + + +- [jra89/CVE-2019-19634](https://github.com/jra89/CVE-2019-19634) + +### CVE-2019-19651 +- [jra89/CVE-2019-19651](https://github.com/jra89/CVE-2019-19651) + +### CVE-2019-19652 +- [jra89/CVE-2019-19652](https://github.com/jra89/CVE-2019-19652) + +### CVE-2019-19653 +- [jra89/CVE-2019-19653](https://github.com/jra89/CVE-2019-19653) + +### CVE-2019-19654 +- [jra89/CVE-2019-19654](https://github.com/jra89/CVE-2019-19654) + +### CVE-2019-19658 +- [jra89/CVE-2019-19658](https://github.com/jra89/CVE-2019-19658) + ### CVE-2019-19699 @@ -2540,19 +4774,83 @@ There is Authenticated remote code execution in Centreon Infrastructure Monitori - [SpengeSec/CVE-2019-19699](https://github.com/SpengeSec/CVE-2019-19699) +### CVE-2019-19732 + + +translation_manage_text.ajax.php and various *_manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.3 directly insert values from the aSortDir_0 and/or sSortDir_0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL Injection. + + +- [jra89/CVE-2019-19732](https://github.com/jra89/CVE-2019-19732) + +### CVE-2019-19733 + + +_get_all_file_server_paths.ajax.php (aka get_all_file_server_paths.ajax.php) in MFScripts YetiShare 3.5.2 through 4.5.3 does not sanitize or encode the output from the fileIds parameter on the page, which would allow an attacker to input HTML or execute scripts on the site, aka XSS. + + +- [jra89/CVE-2019-19733](https://github.com/jra89/CVE-2019-19733) + +### CVE-2019-19734 + + +_account_move_file_in_folder.ajax.php in MFScripts YetiShare 3.5.2 directly inserts values from the fileIds parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL Injection. + + +- [jra89/CVE-2019-19734](https://github.com/jra89/CVE-2019-19734) + +### CVE-2019-19735 + + +class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating password reset hashes (based only on microtime), which allows an attacker to guess the hash and set the password within a few hours by bruteforcing. + + +- [jra89/CVE-2019-19735](https://github.com/jra89/CVE-2019-19735) + +### CVE-2019-19738 + + +log_file_viewer.php in MFScripts YetiShare 3.5.2 through 4.5.3 does not sanitize or encode the output from the lFile parameter on the page, which would allow an attacker to input HTML or execute scripts on the site, aka XSS. + + +- [jra89/CVE-2019-19738](https://github.com/jra89/CVE-2019-19738) + ### CVE-2019-19781 An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal. +- [mekoko/CVE-2019-19781](https://github.com/mekoko/CVE-2019-19781) +- [projectzeroindia/CVE-2019-19781](https://github.com/projectzeroindia/CVE-2019-19781) - [trustedsec/cve-2019-19781](https://github.com/trustedsec/cve-2019-19781) - [cisagov/check-cve-2019-19781](https://github.com/cisagov/check-cve-2019-19781) +- [jas502n/CVE-2019-19781](https://github.com/jas502n/CVE-2019-19781) +- [ianxtianxt/CVE-2019-19781](https://github.com/ianxtianxt/CVE-2019-19781) - [mpgn/CVE-2019-19781](https://github.com/mpgn/CVE-2019-19781) +- [oways/CVE-2019-19781](https://github.com/oways/CVE-2019-19781) +- [becrevex/Citrix_CVE-2019-19781](https://github.com/becrevex/Citrix_CVE-2019-19781) +- [unknowndevice64/Exploits_CVE-2019-19781](https://github.com/unknowndevice64/Exploits_CVE-2019-19781) +- [bufsnake/CVE-2019-19781](https://github.com/bufsnake/CVE-2019-19781) +- [x1sec/citrixmash_scanner](https://github.com/x1sec/citrixmash_scanner) +- [Jabo-SCO/Shitrix-CVE-2019-19781](https://github.com/Jabo-SCO/Shitrix-CVE-2019-19781) - [x1sec/CVE-2019-19781](https://github.com/x1sec/CVE-2019-19781) +- [hollerith/CVE-2019-19781](https://github.com/hollerith/CVE-2019-19781) +- [aqhmal/CVE-2019-19781](https://github.com/aqhmal/CVE-2019-19781) +- [MalwareTech/CitrixHoneypot](https://github.com/MalwareTech/CitrixHoneypot) +- [mekhalleh/citrix_dir_traversal_rce](https://github.com/mekhalleh/citrix_dir_traversal_rce) - [zenturacp/cve-2019-19781-web](https://github.com/zenturacp/cve-2019-19781-web) +- [zgelici/CVE-2019-19781-Checker](https://github.com/zgelici/CVE-2019-19781-Checker) +- [digitalshadows/CVE-2019-19781_IOCs](https://github.com/digitalshadows/CVE-2019-19781_IOCs) - [onSec-fr/CVE-2019-19781-Forensic](https://github.com/onSec-fr/CVE-2019-19781-Forensic) +- [DanielWep/CVE-NetScalerFileSystemCheck](https://github.com/DanielWep/CVE-NetScalerFileSystemCheck) +- [Castaldio86/Detect-CVE-2019-19781](https://github.com/Castaldio86/Detect-CVE-2019-19781) - [j81blog/ADC-19781](https://github.com/j81blog/ADC-19781) +- [clm123321/Citrix_CVE-2019-19781](https://github.com/clm123321/Citrix_CVE-2019-19781) +- [b510/CVE-2019-19781](https://github.com/b510/CVE-2019-19781) +- [redscan/CVE-2019-19781](https://github.com/redscan/CVE-2019-19781) +- [DIVD-NL/Citrix-CVE-2019-19781](https://github.com/DIVD-NL/Citrix-CVE-2019-19781) +- [ynsmroztas/citrix.sh](https://github.com/ynsmroztas/citrix.sh) +- [digitalgangst/massCitrix](https://github.com/digitalgangst/massCitrix) - [fireeye/ioc-scanner-CVE-2019-19781](https://github.com/fireeye/ioc-scanner-CVE-2019-19781) - [citrix/ioc-scanner-CVE-2019-19781](https://github.com/citrix/ioc-scanner-CVE-2019-19781) - [x1sec/citrix-honeypot](https://github.com/x1sec/citrix-honeypot) @@ -2575,6 +4873,7 @@ An issue was discovered in Citrix Application Delivery Controller (ADC) and Gate Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.) +- [ryu22e/django_cve_2019_19844_poc](https://github.com/ryu22e/django_cve_2019_19844_poc) - [andripwn/django_cve201919844](https://github.com/andripwn/django_cve201919844) - [0xsha/CVE_2019_19844](https://github.com/0xsha/CVE_2019_19844) @@ -2613,6 +4912,23 @@ TVT NVMS-1000 devices allow GET /.. Directory Traversal - [AleDiBen/NVMS1000-Exploit](https://github.com/AleDiBen/NVMS1000-Exploit) +### CVE-2019-20197 + + +In Nagios XI 5.6.9, an authenticated user is able to execute arbitrary OS commands via shell metacharacters in the id parameter to schedulereport.php, in the context of the web-server user account. + + +- [lp008/CVE-2019-20197](https://github.com/lp008/CVE-2019-20197) +- [jas502n/CVE-2019-20197](https://github.com/jas502n/CVE-2019-20197) + +### CVE-2019-20224 + + +netflow_get_stats in functions_netflow.php in Pandora FMS 7.0NG allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ip_src parameter in an index.php?operation/netflow/nf_live_view request. This issue has been fixed in Pandora FMS 7.0 NG 742. + + +- [mhaskar/CVE-2019-20224](https://github.com/mhaskar/CVE-2019-20224) + ### CVE-2019-20326 @@ -2621,6 +4937,17 @@ A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in exten - [Fysac/CVE-2019-20326](https://github.com/Fysac/CVE-2019-20326) +### CVE-2019-48814 +- [wucj001/cve-2019-48814](https://github.com/wucj001/cve-2019-48814) + +### CVE-2019-1002101 + + +The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. The untar function can both create and follow symbolic links. The issue is resolved in kubectl v1.11.9, v1.12.7, v1.13.5, and v1.14.0. + + +- [brompwnie/CVE-2019-1002101-Helpers](https://github.com/brompwnie/CVE-2019-1002101-Helpers) + ### CVE-2019-1003000 @@ -2628,6 +4955,9 @@ A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier - [wetw0rk/Exploit-Development](https://github.com/wetw0rk/Exploit-Development) +- [adamyordan/cve-2019-1003000-jenkins-rce-poc](https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc) +- [0xtavian/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins](https://github.com/0xtavian/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins) +- [1NTheKut/CVE-2019-1003000_RCE-DETECTION](https://github.com/1NTheKut/CVE-2019-1003000_RCE-DETECTION) ### CVE-2019-1010054 @@ -2637,6 +4967,14 @@ Dolibarr 7.0.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: - [chaizeg/CSRF-breach](https://github.com/chaizeg/CSRF-breach) +### CVE-2019-1010298 + + +Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in the context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later. + + +- [RKX1209/CVE-2019-1010298](https://github.com/RKX1209/CVE-2019-1010298) + ## 2018 ### CVE-2018-0101 @@ -6472,7 +8810,7 @@ Systems with microprocessors utilizing speculative execution and indirect branch A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found. -- [RealBearcat/HPE-iMC-7.3-RMI-Java-Deserialization](https://github.com/RealBearcat/HPE-iMC-7.3-RMI-Java-Deserialization) +- [scanfsec/HPE-iMC-7.3-RMI-Java-Deserialization](https://github.com/scanfsec/HPE-iMC-7.3-RMI-Java-Deserialization) ### CVE-2017-5941 @@ -11360,14 +13698,40 @@ mpack 1.6 has information disclosure via eavesdropping on mails sent by other us ## 2010 +### CVE-2010-0426 + + +sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user's home directory. + + +- [t0kx/privesc-CVE-2010-0426](https://github.com/t0kx/privesc-CVE-2010-0426) +- [cved-sources/cve-2010-0426](https://github.com/cved-sources/cve-2010-0426) + ### CVE-2010-0738 The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method. +- [ChristianPapathanasiou/jboss-autopwn](https://github.com/ChristianPapathanasiou/jboss-autopwn) - [gitcollect/jboss-autopwn](https://github.com/gitcollect/jboss-autopwn) +### CVE-2010-1205 + + +Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. + + +- [mk219533/CVE-2010-1205](https://github.com/mk219533/CVE-2010-1205) + +### CVE-2010-1411 + + +Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow. + + +- [MAVProxyUser/httpfuzz-robomiller](https://github.com/MAVProxyUser/httpfuzz-robomiller) + ### CVE-2010-2075 @@ -11376,6 +13740,14 @@ UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 th - [M4LV0/UnrealIRCd-3.2.8.1-RCE](https://github.com/M4LV0/UnrealIRCd-3.2.8.1-RCE) +### CVE-2010-3332 + + +Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption attempts, which allows remote attackers to decrypt and modify encrypted View State (aka __VIEWSTATE) form data, and possibly forge cookies or read application files, via a padding oracle attack, aka "ASP.NET Padding Oracle Vulnerability." + + +- [bongbongco/MS10-070](https://github.com/bongbongco/MS10-070) + ### CVE-2010-3333 @@ -11384,6 +13756,22 @@ Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office - [whiteHat001/cve-2010-3333](https://github.com/whiteHat001/cve-2010-3333) +### CVE-2010-3437 + + +Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call. + + +- [huang-emily/CVE-2010-3437](https://github.com/huang-emily/CVE-2010-3437) + +### CVE-2010-3490 + + +Directory traversal vulnerability in page.recordings.php in the System Recordings component in the configuration interface in FreePBX 2.8.0 and earlier allows remote authenticated administrators to create arbitrary files via a .. (dot dot) in the usersnum parameter to admin/config.php, as demonstrated by creating a .php file under the web root. + + +- [moayadalmalat/CVE-2010-3490](https://github.com/moayadalmalat/CVE-2010-3490) + ### CVE-2010-3600 @@ -11416,6 +13804,22 @@ Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Ca - [nektra/CVE-2010-3971-hotpatch](https://github.com/nektra/CVE-2010-3971-hotpatch) +### CVE-2010-4221 + + +Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a (1) FTP or (2) FTPS server. + + +- [M31MOTH/cve-2010-4221](https://github.com/M31MOTH/cve-2010-4221) + +### CVE-2010-4258 + + +The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a (1) BUG, (2) NULL pointer dereference, or (3) page fault, as demonstrated by vectors involving the clear_child_tid feature and the splice system call. + + +- [johnreginald/CVE-2010-4258](https://github.com/johnreginald/CVE-2010-4258) + ### CVE-2010-4476