From fec2db3bdadaaf4d2948505818a2c07a86664d88 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Sun, 20 Dec 2020 06:10:33 +0900 Subject: [PATCH] Auto Update 2020/12/20 06:10:33 --- 2003/CVE-2003-0264.json | 46 -- 2008/CVE-2008-0166.json | 8 +- 2016/CVE-2016-4655.json | 2 +- 2017/CVE-2017-0038.json | 25 - 2017/CVE-2017-0065.json | 25 - 2017/CVE-2017-0106.json | 25 - 2017/CVE-2017-0108.json | 25 - 2017/CVE-2017-0199.json | 230 ------ 2017/CVE-2017-0204.json | 25 - 2017/CVE-2017-0290.json | 25 - 2017/CVE-2017-0478.json | 23 - 2017/CVE-2017-0541.json | 23 - 2017/CVE-2017-2370.json | 69 -- 2017/CVE-2017-2636.json | 25 - 2017/CVE-2017-3599.json | 25 - 2017/CVE-2017-3730.json | 23 - 2017/CVE-2017-3881.json | 92 --- 2017/CVE-2017-5005.json | 25 - 2017/CVE-2017-5415.json | 25 - 2017/CVE-2017-5633.json | 25 - 2017/CVE-2017-5638.json | 552 ------------- 2017/CVE-2017-5689.json | 46 -- 2017/CVE-2017-6370.json | 25 - 2017/CVE-2017-6971.json | 23 - 2017/CVE-2017-7188.json | 25 - 2017/CVE-2017-7269.json | 253 ------ 2017/CVE-2017-7648.json | 25 - 2017/CVE-2017-8295.json | 46 -- 2017/CVE-2017-8779.json | 25 - 2018/CVE-2018-0101.json | 23 + 2018/CVE-2018-0296.json | 23 + 2018/CVE-2018-0802.json | 92 +++ 2018/CVE-2018-0824.json | 25 + 2018/CVE-2018-0952.json | 25 + 2018/CVE-2018-1000001.json | 25 + 2018/CVE-2018-1000006.json | 25 + 2018/CVE-2018-1000117.json | 25 + 2018/CVE-2018-1000134.json | 25 + 2018/CVE-2018-1000199.json | 25 + 2018/CVE-2018-1000529.json | 25 + 2018/CVE-2018-1000802.json | 25 + 2018/CVE-2018-1010.json | 25 + 2018/CVE-2018-1026.json | 25 + 2018/CVE-2018-10299.json | 25 + 2018/CVE-2018-10467.json | 25 + 2018/CVE-2018-10517.json | 25 + 2018/CVE-2018-10546.json | 25 + 2018/CVE-2018-1056.json | 25 + 2018/CVE-2018-10561.json | 25 + 2018/CVE-2018-10562.json | 117 +++ 2018/CVE-2018-10583.json | 25 + 2018/CVE-2018-10715.json | 25 + 2018/CVE-2018-10732.json | 25 + 2018/CVE-2018-10821.json | 25 + 2018/CVE-2018-10933.json | 460 +++++++++++ 2018/CVE-2018-10949.json | 25 + 2018/CVE-2018-1111.json | 46 ++ 2018/CVE-2018-11235.json | 115 +++ 2018/CVE-2018-11236.json | 23 + 2018/CVE-2018-11311.json | 25 + 2018/CVE-2018-11450.json | 25 + 2018/CVE-2018-11510.json | 25 + 2018/CVE-2018-11517.json | 25 + 2018/CVE-2018-11631.json | 25 + 2018/CVE-2018-11776.json | 253 ++++++ 2018/CVE-2018-12018.json | 25 + 2018/CVE-2018-12031.json | 25 + 2018/CVE-2018-12418.json | 25 + 2018/CVE-2018-12463.json | 25 + 2018/CVE-2018-12537.json | 25 + 2018/CVE-2018-12540.json | 25 + 2018/CVE-2018-1259.json | 25 + 2018/CVE-2018-12596.json | 25 + 2018/CVE-2018-12597.json | 25 + 2018/CVE-2018-12598.json | 25 + 2018/CVE-2018-12613.json | 23 + 2018/CVE-2018-1270.json | 69 ++ 2018/CVE-2018-1273.json | 69 ++ 2018/CVE-2018-12895.json | 25 + 2018/CVE-2018-1304.json | 48 ++ 2018/CVE-2018-1305.json | 25 + 2018/CVE-2018-1313.json | 25 + 2018/CVE-2018-1324.json | 25 + 2018/CVE-2018-13784.json | 25 + 2018/CVE-2018-13864.json | 25 + 2018/CVE-2018-14.json | 25 + 2018/CVE-2018-14083.json | 25 + 2018/CVE-2018-14634.json | 25 + 2018/CVE-2018-14665.json | 23 + 2018/CVE-2018-14667.json | 23 + 2018/CVE-2018-14772.json | 25 + 2018/CVE-2018-14847.json | 46 ++ 2018/CVE-2018-15131.json | 25 + 2018/CVE-2018-15133.json | 23 + 2018/CVE-2018-15365.json | 25 + 2018/CVE-2018-15473.json | 46 ++ 2018/CVE-2018-15499.json | 25 + 2018/CVE-2018-15727.json | 25 + 2018/CVE-2018-15832.json | 25 + 2018/CVE-2018-15912.json | 25 + 2018/CVE-2018-16370.json | 25 + 2018/CVE-2018-16373.json | 25 + 2018/CVE-2018-16509.json | 23 + 2018/CVE-2018-16711.json | 25 + 2018/CVE-2018-16713.json | 25 + 2018/CVE-2018-16987.json | 25 + 2018/CVE-2018-17144.json | 48 ++ 2018/CVE-2018-17182.json | 71 ++ 2018/CVE-2018-17418.json | 25 + 2018/CVE-2018-17456.json | 46 ++ 2018/CVE-2018-17961.json | 25 + 2018/CVE-2018-18026.json | 25 + 2018/CVE-2018-18387.json | 25 + 2018/CVE-2018-18714.json | 25 + 2018/CVE-2018-19127.json | 25 + 2018/CVE-2018-19131.json | 25 + 2018/CVE-2018-2380.json | 25 + 2018/CVE-2018-2628.json | 391 +++++++++ 2018/CVE-2018-2636.json | 48 ++ 2018/CVE-2018-2844.json | 25 + 2018/CVE-2018-2879.json | 23 + 2018/CVE-2018-2893.json | 138 ++++ 2018/CVE-2018-2894.json | 46 ++ 2018/CVE-2018-3191.json | 117 +++ 2018/CVE-2018-3245.json | 46 ++ 2018/CVE-2018-3252.json | 23 + 2018/CVE-2018-3608.json | 25 + 2018/CVE-2018-3639.json | 46 ++ 2018/CVE-2018-3810.json | 23 + 2018/CVE-2018-4087.json | 46 ++ 2018/CVE-2018-4110.json | 25 + 2018/CVE-2018-4121.json | 71 ++ 2018/CVE-2018-4150.json | 71 ++ 2018/CVE-2018-4185.json | 25 + 2018/CVE-2018-4233.json | 25 + 2018/CVE-2018-4241.json | 25 + 2018/CVE-2018-4243.json | 25 + 2018/CVE-2018-4248.json | 25 + 2018/CVE-2018-4280.json | 48 ++ 2018/CVE-2018-4327.json | 48 ++ 2018/CVE-2018-4330.json | 25 + 2018/CVE-2018-4331.json | 25 + 2018/CVE-2018-4343.json | 25 + 2018/CVE-2018-4407.json | 138 ++++ 2018/CVE-2018-4878.json | 207 +++++ 2018/CVE-2018-4901.json | 25 + 2018/CVE-2018-5234.json | 25 + 2018/CVE-2018-5711.json | 48 ++ 2018/CVE-2018-5740.json | 25 + 2018/CVE-2018-5951.json | 25 + 2018/CVE-2018-5955.json | 31 +- 2018/CVE-2018-6242.json | 46 ++ 2018/CVE-2018-6376.json | 25 + 2018/CVE-2018-6389.json | 349 +++++++- 2018/CVE-2018-6396.json | 25 + 2018/CVE-2018-6407.json | 25 + 2018/CVE-2018-6479.json | 25 + 2018/CVE-2018-6518.json | 25 + 2018/CVE-2018-6546.json | 48 ++ 2018/CVE-2018-6574.json | 161 ++++ 2018/CVE-2018-6643.json | 25 + 2018/CVE-2018-6789.json | 23 + 2018/CVE-2018-6791.json | 25 + 2018/CVE-2018-6890.json | 25 + 2018/CVE-2018-6892.json | 46 ++ 2018/CVE-2018-6905.json | 25 + 2018/CVE-2018-7171.json | 25 + 2018/CVE-2018-7197.json | 25 + 2018/CVE-2018-7211.json | 25 + 2018/CVE-2018-7249.json | 25 + 2018/CVE-2018-7250.json | 25 + 2018/CVE-2018-7422.json | 25 + 2018/CVE-2018-7600.json | 399 +++++++++- 2018/CVE-2018-7602.json | 46 ++ 2018/CVE-2018-7747.json | 25 + 2018/CVE-2018-7750.json | 25 + 2018/CVE-2018-8038.json | 25 + 2018/CVE-2018-8039.json | 25 + 2018/CVE-2018-8060.json | 25 + 2018/CVE-2018-8065.json | 25 + 2018/CVE-2018-8078.json | 25 + 2018/CVE-2018-8090.json | 25 + 2018/CVE-2018-8108.json | 25 + 2018/CVE-2018-8120.json | 161 ++++ 2018/CVE-2018-8172.json | 25 + 2018/CVE-2018-8174.json | 138 ++++ 2018/CVE-2018-8208.json | 25 + 2018/CVE-2018-8214.json | 25 + 2018/CVE-2018-8353.json | 25 + 2018/CVE-2018-8420.json | 25 + 2018/CVE-2018-8440.json | 25 + 2018/CVE-2018-8495.json | 25 + 2018/CVE-2018-8733.json | 25 + 2018/CVE-2018-8820.json | 25 + 2018/CVE-2018-8897.json | 94 +++ 2018/CVE-2018-8941.json | 25 + 2018/CVE-2018-8970.json | 25 + 2018/CVE-2018-9059.json | 25 + 2018/CVE-2018-9075.json | 25 + 2018/CVE-2018-9160.json | 25 + 2018/CVE-2018-9206.json | 46 ++ 2018/CVE-2018-9411.json | 25 + 2018/CVE-2018-9539.json | 25 + 2018/CVE-2018-9948.json | 48 ++ 2018/CVE-2018-9958.json | 25 + 2018/CVE-2018-9995.json | 115 +++ 2019/CVE-2019-17558.json | 8 +- 2019/CVE-2019-19781.json | 4 +- 2019/CVE-2019-2215.json | 4 +- 2019/CVE-2019-5475.json | 4 +- 2020/CVE-2020-0601.json | 483 ------------ 2020/CVE-2020-0609.json | 92 --- 2020/CVE-2020-0674.json | 23 - 2020/CVE-2020-0796.json | 8 +- 2020/CVE-2020-1350.json | 8 +- 2020/CVE-2020-1472.json | 8 +- 2020/CVE-2020-14882.json | 8 +- 2020/CVE-2020-1611.json | 25 - 2020/CVE-2020-17530.json | 4 +- 2020/CVE-2020-2551.json | 31 +- 2020/CVE-2020-2655.json | 25 - 2020/CVE-2020-3452.json | 4 +- 2020/CVE-2020-3833.json | 25 - 2020/CVE-2020-5236.json | 25 - 2020/CVE-2020-5398.json | 25 - 2020/CVE-2020-5509.json | 25 - 2020/CVE-2020-72381.json | 25 - 2020/CVE-2020-7661.json | 4 +- 2020/CVE-2020-7799.json | 23 - 2020/CVE-2020-7980.json | 25 - 2020/CVE-2020-8597.json | 8 +- README.md | 1530 +++++++++++++++++++++++++++++------- 232 files changed, 9385 insertions(+), 2969 deletions(-) delete mode 100644 2017/CVE-2017-0038.json delete mode 100644 2017/CVE-2017-0065.json delete mode 100644 2017/CVE-2017-0106.json delete mode 100644 2017/CVE-2017-0108.json delete mode 100644 2017/CVE-2017-0204.json delete mode 100644 2017/CVE-2017-0290.json delete mode 100644 2017/CVE-2017-2636.json delete mode 100644 2017/CVE-2017-3599.json delete mode 100644 2017/CVE-2017-5005.json delete mode 100644 2017/CVE-2017-5415.json delete mode 100644 2017/CVE-2017-5633.json delete mode 100644 2017/CVE-2017-6370.json delete mode 100644 2017/CVE-2017-7188.json delete mode 100644 2017/CVE-2017-7648.json delete mode 100644 2017/CVE-2017-8779.json create mode 100644 2018/CVE-2018-0824.json create mode 100644 2018/CVE-2018-0952.json create mode 100644 2018/CVE-2018-1000001.json create mode 100644 2018/CVE-2018-1000006.json create mode 100644 2018/CVE-2018-1000117.json create mode 100644 2018/CVE-2018-1000134.json create mode 100644 2018/CVE-2018-1000199.json create mode 100644 2018/CVE-2018-1000529.json create mode 100644 2018/CVE-2018-1000802.json create mode 100644 2018/CVE-2018-1010.json create mode 100644 2018/CVE-2018-1026.json create mode 100644 2018/CVE-2018-10299.json create mode 100644 2018/CVE-2018-10467.json create mode 100644 2018/CVE-2018-10517.json create mode 100644 2018/CVE-2018-10546.json create mode 100644 2018/CVE-2018-1056.json create mode 100644 2018/CVE-2018-10561.json create mode 100644 2018/CVE-2018-10562.json create mode 100644 2018/CVE-2018-10583.json create mode 100644 2018/CVE-2018-10715.json create mode 100644 2018/CVE-2018-10732.json create mode 100644 2018/CVE-2018-10821.json create mode 100644 2018/CVE-2018-10949.json create mode 100644 2018/CVE-2018-11311.json create mode 100644 2018/CVE-2018-11450.json create mode 100644 2018/CVE-2018-11510.json create mode 100644 2018/CVE-2018-11517.json create mode 100644 2018/CVE-2018-11631.json create mode 100644 2018/CVE-2018-12018.json create mode 100644 2018/CVE-2018-12031.json create mode 100644 2018/CVE-2018-12418.json create mode 100644 2018/CVE-2018-12463.json create mode 100644 2018/CVE-2018-12537.json create mode 100644 2018/CVE-2018-12540.json create mode 100644 2018/CVE-2018-1259.json create mode 100644 2018/CVE-2018-12596.json create mode 100644 2018/CVE-2018-12597.json create mode 100644 2018/CVE-2018-12598.json create mode 100644 2018/CVE-2018-12895.json create mode 100644 2018/CVE-2018-1304.json create mode 100644 2018/CVE-2018-1305.json create mode 100644 2018/CVE-2018-1313.json create mode 100644 2018/CVE-2018-1324.json create mode 100644 2018/CVE-2018-13784.json create mode 100644 2018/CVE-2018-13864.json create mode 100644 2018/CVE-2018-14.json create mode 100644 2018/CVE-2018-14083.json create mode 100644 2018/CVE-2018-14634.json create mode 100644 2018/CVE-2018-14772.json create mode 100644 2018/CVE-2018-15131.json create mode 100644 2018/CVE-2018-15365.json create mode 100644 2018/CVE-2018-15499.json create mode 100644 2018/CVE-2018-15727.json create mode 100644 2018/CVE-2018-15832.json create mode 100644 2018/CVE-2018-15912.json create mode 100644 2018/CVE-2018-16370.json create mode 100644 2018/CVE-2018-16373.json create mode 100644 2018/CVE-2018-16711.json create mode 100644 2018/CVE-2018-16713.json create mode 100644 2018/CVE-2018-16987.json create mode 100644 2018/CVE-2018-17144.json create mode 100644 2018/CVE-2018-17182.json create mode 100644 2018/CVE-2018-17418.json create mode 100644 2018/CVE-2018-17961.json create mode 100644 2018/CVE-2018-18026.json create mode 100644 2018/CVE-2018-18387.json create mode 100644 2018/CVE-2018-18714.json create mode 100644 2018/CVE-2018-19127.json create mode 100644 2018/CVE-2018-19131.json create mode 100644 2018/CVE-2018-2380.json create mode 100644 2018/CVE-2018-2636.json create mode 100644 2018/CVE-2018-2844.json create mode 100644 2018/CVE-2018-3191.json create mode 100644 2018/CVE-2018-3608.json create mode 100644 2018/CVE-2018-4110.json create mode 100644 2018/CVE-2018-4121.json create mode 100644 2018/CVE-2018-4150.json create mode 100644 2018/CVE-2018-4185.json create mode 100644 2018/CVE-2018-4233.json create mode 100644 2018/CVE-2018-4241.json create mode 100644 2018/CVE-2018-4243.json create mode 100644 2018/CVE-2018-4248.json create mode 100644 2018/CVE-2018-4280.json create mode 100644 2018/CVE-2018-4327.json create mode 100644 2018/CVE-2018-4330.json create mode 100644 2018/CVE-2018-4331.json create mode 100644 2018/CVE-2018-4343.json create mode 100644 2018/CVE-2018-4901.json create mode 100644 2018/CVE-2018-5234.json create mode 100644 2018/CVE-2018-5711.json create mode 100644 2018/CVE-2018-5740.json create mode 100644 2018/CVE-2018-5951.json create mode 100644 2018/CVE-2018-6376.json create mode 100644 2018/CVE-2018-6396.json create mode 100644 2018/CVE-2018-6407.json create mode 100644 2018/CVE-2018-6479.json create mode 100644 2018/CVE-2018-6518.json create mode 100644 2018/CVE-2018-6546.json create mode 100644 2018/CVE-2018-6643.json create mode 100644 2018/CVE-2018-6791.json create mode 100644 2018/CVE-2018-6890.json create mode 100644 2018/CVE-2018-6905.json create mode 100644 2018/CVE-2018-7171.json create mode 100644 2018/CVE-2018-7197.json create mode 100644 2018/CVE-2018-7211.json create mode 100644 2018/CVE-2018-7249.json create mode 100644 2018/CVE-2018-7250.json create mode 100644 2018/CVE-2018-7422.json create mode 100644 2018/CVE-2018-7747.json create mode 100644 2018/CVE-2018-7750.json create mode 100644 2018/CVE-2018-8038.json create mode 100644 2018/CVE-2018-8039.json create mode 100644 2018/CVE-2018-8060.json create mode 100644 2018/CVE-2018-8065.json create mode 100644 2018/CVE-2018-8078.json create mode 100644 2018/CVE-2018-8090.json create mode 100644 2018/CVE-2018-8108.json create mode 100644 2018/CVE-2018-8172.json create mode 100644 2018/CVE-2018-8208.json create mode 100644 2018/CVE-2018-8214.json create mode 100644 2018/CVE-2018-8353.json create mode 100644 2018/CVE-2018-8420.json create mode 100644 2018/CVE-2018-8440.json create mode 100644 2018/CVE-2018-8495.json create mode 100644 2018/CVE-2018-8733.json create mode 100644 2018/CVE-2018-8820.json create mode 100644 2018/CVE-2018-8897.json create mode 100644 2018/CVE-2018-8941.json create mode 100644 2018/CVE-2018-8970.json create mode 100644 2018/CVE-2018-9059.json create mode 100644 2018/CVE-2018-9075.json create mode 100644 2018/CVE-2018-9160.json create mode 100644 2018/CVE-2018-9411.json create mode 100644 2018/CVE-2018-9539.json create mode 100644 2018/CVE-2018-9948.json create mode 100644 2018/CVE-2018-9958.json delete mode 100644 2020/CVE-2020-1611.json delete mode 100644 2020/CVE-2020-2655.json delete mode 100644 2020/CVE-2020-3833.json delete mode 100644 2020/CVE-2020-5236.json delete mode 100644 2020/CVE-2020-5398.json delete mode 100644 2020/CVE-2020-5509.json delete mode 100644 2020/CVE-2020-72381.json delete mode 100644 2020/CVE-2020-7980.json diff --git a/2003/CVE-2003-0264.json b/2003/CVE-2003-0264.json index f23c214f97..30e269ccf3 100644 --- a/2003/CVE-2003-0264.json +++ b/2003/CVE-2003-0264.json @@ -44,51 +44,5 @@ "forks": 0, "watchers": 0, "score": 0 - }, - { - "id": 162499093, - "name": "CVE-2003-0264", - "full_name": "war4uthor\/CVE-2003-0264", - "owner": { - "login": "war4uthor", - "id": 45926018, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45926018?v=4", - "html_url": "https:\/\/github.com\/war4uthor" - }, - "html_url": "https:\/\/github.com\/war4uthor\/CVE-2003-0264", - "description": "CVE-2003-0264 - SLMail 5.5 POP3 'PASS' Remote Buffer Overflow Vulnerability. Tested on Windows XP Professional SP3.", - "fork": false, - "created_at": "2018-12-19T22:49:13Z", - "updated_at": "2018-12-19T22:50:49Z", - "pushed_at": "2018-12-19T22:50:48Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 247077498, - "name": "CVE-2003-0264-SLmail-5.5", - "full_name": "pwncone\/CVE-2003-0264-SLmail-5.5", - "owner": { - "login": "pwncone", - "id": 57570315, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/57570315?v=4", - "html_url": "https:\/\/github.com\/pwncone" - }, - "html_url": "https:\/\/github.com\/pwncone\/CVE-2003-0264-SLmail-5.5", - "description": "A POC remote buffer overflow for CVE-2003-0264 - SLMail 5.5", - "fork": false, - "created_at": "2020-03-13T13:27:56Z", - "updated_at": "2020-03-13T13:31:38Z", - "pushed_at": "2020-03-13T13:31:36Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 } ] \ No newline at end of file diff --git a/2008/CVE-2008-0166.json b/2008/CVE-2008-0166.json index 8c25bb603a..cf196c703b 100644 --- a/2008/CVE-2008-0166.json +++ b/2008/CVE-2008-0166.json @@ -13,13 +13,13 @@ "description": "Debian OpenSSL Predictable PRNG (CVE-2008-0166)", "fork": false, "created_at": "2013-09-22T21:20:31Z", - "updated_at": "2020-11-30T02:50:38Z", + "updated_at": "2020-12-19T19:36:20Z", "pushed_at": "2017-04-24T14:16:56Z", - "stargazers_count": 279, - "watchers_count": 279, + "stargazers_count": 280, + "watchers_count": 280, "forks_count": 88, "forks": 88, - "watchers": 279, + "watchers": 280, "score": 0 }, { diff --git a/2016/CVE-2016-4655.json b/2016/CVE-2016-4655.json index b7559b3ab4..c6974aa46a 100644 --- a/2016/CVE-2016-4655.json +++ b/2016/CVE-2016-4655.json @@ -36,7 +36,7 @@ "description": "8.4.1 Jailbreak using CVE-2016-4655 \/ CVE-2016-4656", "fork": false, "created_at": "2018-01-09T07:44:50Z", - "updated_at": "2019-11-05T13:38:24Z", + "updated_at": "2020-12-19T15:09:30Z", "pushed_at": "2019-02-17T07:42:03Z", "stargazers_count": 6, "watchers_count": 6, diff --git a/2017/CVE-2017-0038.json b/2017/CVE-2017-0038.json deleted file mode 100644 index aff487d412..0000000000 --- a/2017/CVE-2017-0038.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 85834314, - "name": "CVE-2017-0038-EXP-C-JS", - "full_name": "k0keoyo\/CVE-2017-0038-EXP-C-JS", - "owner": { - "login": "k0keoyo", - "id": 13257929, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/13257929?v=4", - "html_url": "https:\/\/github.com\/k0keoyo" - }, - "html_url": "https:\/\/github.com\/k0keoyo\/CVE-2017-0038-EXP-C-JS", - "description": null, - "fork": false, - "created_at": "2017-03-22T13:59:48Z", - "updated_at": "2019-09-13T11:40:59Z", - "pushed_at": "2017-03-23T14:07:37Z", - "stargazers_count": 6, - "watchers_count": 6, - "forks_count": 8, - "forks": 8, - "watchers": 6, - "score": 0 - } -] \ No newline at end of file diff --git a/2017/CVE-2017-0065.json b/2017/CVE-2017-0065.json deleted file mode 100644 index 318519d2a2..0000000000 --- a/2017/CVE-2017-0065.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 85072866, - "name": "cve-2017-0065", - "full_name": "Dankirk\/cve-2017-0065", - "owner": { - "login": "Dankirk", - "id": 10588760, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/10588760?v=4", - "html_url": "https:\/\/github.com\/Dankirk" - }, - "html_url": "https:\/\/github.com\/Dankirk\/cve-2017-0065", - "description": "Exploiting Edge's read:\/\/ urlhandler", - "fork": false, - "created_at": "2017-03-15T13:01:29Z", - "updated_at": "2019-10-26T13:38:33Z", - "pushed_at": "2020-10-01T04:14:25Z", - "stargazers_count": 15, - "watchers_count": 15, - "forks_count": 15, - "forks": 15, - "watchers": 15, - "score": 0 - } -] \ No newline at end of file diff --git a/2017/CVE-2017-0106.json b/2017/CVE-2017-0106.json deleted file mode 100644 index 54ea8d497c..0000000000 --- a/2017/CVE-2017-0106.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 88117539, - "name": "CVE-2017-0106", - "full_name": "ryhanson\/CVE-2017-0106", - "owner": { - "login": "ryhanson", - "id": 3486433, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3486433?v=4", - "html_url": "https:\/\/github.com\/ryhanson" - }, - "html_url": "https:\/\/github.com\/ryhanson\/CVE-2017-0106", - "description": null, - "fork": false, - "created_at": "2017-04-13T02:42:08Z", - "updated_at": "2017-04-13T02:42:08Z", - "pushed_at": "2017-04-13T02:42:09Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - } -] \ No newline at end of file diff --git a/2017/CVE-2017-0108.json b/2017/CVE-2017-0108.json deleted file mode 100644 index 8c1c66ead4..0000000000 --- a/2017/CVE-2017-0108.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 88317204, - "name": "CVE-2017-0108", - "full_name": "homjxi0e\/CVE-2017-0108", - "owner": { - "login": "homjxi0e", - "id": 25440152, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", - "html_url": "https:\/\/github.com\/homjxi0e" - }, - "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-0108", - "description": null, - "fork": false, - "created_at": "2017-04-15T02:10:16Z", - "updated_at": "2017-12-04T20:08:18Z", - "pushed_at": "2017-04-15T02:16:09Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 2, - "forks": 2, - "watchers": 2, - "score": 0 - } -] \ No newline at end of file diff --git a/2017/CVE-2017-0199.json b/2017/CVE-2017-0199.json index d0c9d2e563..6ee4b4b3e6 100644 --- a/2017/CVE-2017-0199.json +++ b/2017/CVE-2017-0199.json @@ -1,50 +1,4 @@ [ - { - "id": 88117490, - "name": "CVE-2017-0199", - "full_name": "ryhanson\/CVE-2017-0199", - "owner": { - "login": "ryhanson", - "id": 3486433, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3486433?v=4", - "html_url": "https:\/\/github.com\/ryhanson" - }, - "html_url": "https:\/\/github.com\/ryhanson\/CVE-2017-0199", - "description": null, - "fork": false, - "created_at": "2017-04-13T02:41:36Z", - "updated_at": "2017-04-13T02:41:36Z", - "pushed_at": "2017-04-13T02:41:37Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 88185964, - "name": "cve-2017-0199", - "full_name": "SyFi\/cve-2017-0199", - "owner": { - "login": "SyFi", - "id": 26314806, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/26314806?v=4", - "html_url": "https:\/\/github.com\/SyFi" - }, - "html_url": "https:\/\/github.com\/SyFi\/cve-2017-0199", - "description": null, - "fork": false, - "created_at": "2017-04-13T16:40:27Z", - "updated_at": "2019-12-06T00:55:16Z", - "pushed_at": "2017-04-13T16:45:10Z", - "stargazers_count": 12, - "watchers_count": 12, - "forks_count": 7, - "forks": 7, - "watchers": 12, - "score": 0 - }, { "id": 88486475, "name": "CVE-2017-0199", @@ -68,190 +22,6 @@ "watchers": 636, "score": 0 }, - { - "id": 88590374, - "name": "CVE-2017-0199-Fix", - "full_name": "NotAwful\/CVE-2017-0199-Fix", - "owner": { - "login": "NotAwful", - "id": 25178947, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/25178947?v=4", - "html_url": "https:\/\/github.com\/NotAwful" - }, - "html_url": "https:\/\/github.com\/NotAwful\/CVE-2017-0199-Fix", - "description": "Quick and dirty fix to OLE2 executing code via .hta", - "fork": false, - "created_at": "2017-04-18T06:33:45Z", - "updated_at": "2018-03-18T10:23:47Z", - "pushed_at": "2017-04-24T20:48:36Z", - "stargazers_count": 14, - "watchers_count": 14, - "forks_count": 1, - "forks": 1, - "watchers": 14, - "score": 0 - }, - { - "id": 88700030, - "name": "CVE-2017-0199-master", - "full_name": "haibara3839\/CVE-2017-0199-master", - "owner": { - "login": "haibara3839", - "id": 17246565, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/17246565?v=4", - "html_url": "https:\/\/github.com\/haibara3839" - }, - "html_url": "https:\/\/github.com\/haibara3839\/CVE-2017-0199-master", - "description": "CVE-2017-0199", - "fork": false, - "created_at": "2017-04-19T04:15:54Z", - "updated_at": "2020-08-13T13:59:18Z", - "pushed_at": "2017-04-19T04:25:47Z", - "stargazers_count": 16, - "watchers_count": 16, - "forks_count": 11, - "forks": 11, - "watchers": 16, - "score": 0 - }, - { - "id": 89043209, - "name": "CVE-2017-0199", - "full_name": "Exploit-install\/CVE-2017-0199", - "owner": { - "login": "Exploit-install", - "id": 13824191, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/13824191?v=4", - "html_url": "https:\/\/github.com\/Exploit-install" - }, - "html_url": "https:\/\/github.com\/Exploit-install\/CVE-2017-0199", - "description": "Exploit toolkit CVE-2017-0199 - v2.0 is a handy python script which provides a quick and effective way to exploit Microsoft RTF RCE. It could generate a malicious RTF file and deliver metasploit \/ meterpreter \/ any other payload to victim without any complex configuration.", - "fork": false, - "created_at": "2017-04-22T04:01:38Z", - "updated_at": "2020-04-07T06:30:43Z", - "pushed_at": "2017-04-22T04:01:54Z", - "stargazers_count": 7, - "watchers_count": 7, - "forks_count": 11, - "forks": 11, - "watchers": 7, - "score": 0 - }, - { - "id": 89065031, - "name": "PoC-CVE-2017-0199", - "full_name": "zakybstrd21215\/PoC-CVE-2017-0199", - "owner": { - "login": "zakybstrd21215", - "id": 22362343, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22362343?v=4", - "html_url": "https:\/\/github.com\/zakybstrd21215" - }, - "html_url": "https:\/\/github.com\/zakybstrd21215\/PoC-CVE-2017-0199", - "description": "Exploit toolkit for vulnerability RCE Microsoft RTF", - "fork": false, - "created_at": "2017-04-22T11:32:39Z", - "updated_at": "2019-02-02T15:31:28Z", - "pushed_at": "2017-04-22T11:35:38Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - }, - { - "id": 89145802, - "name": "CVE-2017-0199", - "full_name": "n1shant-sinha\/CVE-2017-0199", - "owner": { - "login": "n1shant-sinha", - "id": 8848453, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/8848453?v=4", - "html_url": "https:\/\/github.com\/n1shant-sinha" - }, - "html_url": "https:\/\/github.com\/n1shant-sinha\/CVE-2017-0199", - "description": "Exploit toolkit CVE-2017-0199 - v2.0 is a handy python script which provides a quick and effective way to exploit Microsoft RTF RCE. It could generate a malicious RTF file and deliver metasploit \/ meterpreter payload to victim without any complex configuration.", - "fork": false, - "created_at": "2017-04-23T13:58:30Z", - "updated_at": "2018-10-18T14:32:17Z", - "pushed_at": "2017-04-23T14:05:24Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - }, - { - "id": 89296859, - "name": "htattack", - "full_name": "kn0wm4d\/htattack", - "owner": { - "login": "kn0wm4d", - "id": 15344287, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15344287?v=4", - "html_url": "https:\/\/github.com\/kn0wm4d" - }, - "html_url": "https:\/\/github.com\/kn0wm4d\/htattack", - "description": "An exploit implementation for RCE in RTF & DOCs (CVE-2017-0199)", - "fork": false, - "created_at": "2017-04-24T23:44:31Z", - "updated_at": "2020-08-29T04:54:33Z", - "pushed_at": "2017-04-24T23:45:18Z", - "stargazers_count": 4, - "watchers_count": 4, - "forks_count": 3, - "forks": 3, - "watchers": 4, - "score": 0 - }, - { - "id": 89314149, - "name": "Cve-2017-0199", - "full_name": "joke998\/Cve-2017-0199", - "owner": { - "login": "joke998", - "id": 25948923, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/25948923?v=4", - "html_url": "https:\/\/github.com\/joke998" - }, - "html_url": "https:\/\/github.com\/joke998\/Cve-2017-0199", - "description": null, - "fork": false, - "created_at": "2017-04-25T03:38:15Z", - "updated_at": "2017-04-25T03:38:15Z", - "pushed_at": "2017-04-25T03:38:15Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 89314954, - "name": "Cve-2017-0199-", - "full_name": "joke998\/Cve-2017-0199-", - "owner": { - "login": "joke998", - "id": 25948923, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/25948923?v=4", - "html_url": "https:\/\/github.com\/joke998" - }, - "html_url": "https:\/\/github.com\/joke998\/Cve-2017-0199-", - "description": "Cve-2017-0199", - "fork": false, - "created_at": "2017-04-25T03:48:53Z", - "updated_at": "2017-04-25T03:48:53Z", - "pushed_at": "2017-04-25T03:48:53Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, { "id": 95870771, "name": "Microsoft-Word-CVE-2017-0199-", diff --git a/2017/CVE-2017-0204.json b/2017/CVE-2017-0204.json deleted file mode 100644 index d6031649dd..0000000000 --- a/2017/CVE-2017-0204.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 88117558, - "name": "CVE-2017-0204", - "full_name": "ryhanson\/CVE-2017-0204", - "owner": { - "login": "ryhanson", - "id": 3486433, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3486433?v=4", - "html_url": "https:\/\/github.com\/ryhanson" - }, - "html_url": "https:\/\/github.com\/ryhanson\/CVE-2017-0204", - "description": null, - "fork": false, - "created_at": "2017-04-13T02:42:24Z", - "updated_at": "2017-04-13T03:12:29Z", - "pushed_at": "2017-04-13T02:42:24Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - } -] \ No newline at end of file diff --git a/2017/CVE-2017-0290.json b/2017/CVE-2017-0290.json deleted file mode 100644 index 7c61c69cf8..0000000000 --- a/2017/CVE-2017-0290.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 90935850, - "name": "CVE-2017-0290-", - "full_name": "homjxi0e\/CVE-2017-0290-", - "owner": { - "login": "homjxi0e", - "id": 25440152, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", - "html_url": "https:\/\/github.com\/homjxi0e" - }, - "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-0290-", - "description": null, - "fork": false, - "created_at": "2017-05-11T04:01:51Z", - "updated_at": "2017-05-11T04:01:51Z", - "pushed_at": "2017-05-11T05:24:58Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - } -] \ No newline at end of file diff --git a/2017/CVE-2017-0478.json b/2017/CVE-2017-0478.json index a420023ef6..01b1ed5429 100644 --- a/2017/CVE-2017-0478.json +++ b/2017/CVE-2017-0478.json @@ -1,27 +1,4 @@ [ - { - "id": 85445247, - "name": "CVE-2017-0478", - "full_name": "JiounDai\/CVE-2017-0478", - "owner": { - "login": "JiounDai", - "id": 4220640, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/4220640?v=4", - "html_url": "https:\/\/github.com\/JiounDai" - }, - "html_url": "https:\/\/github.com\/JiounDai\/CVE-2017-0478", - "description": "poc of CVE-2017-0478", - "fork": false, - "created_at": "2017-03-19T02:18:37Z", - "updated_at": "2020-08-11T04:38:14Z", - "pushed_at": "2017-03-19T02:43:19Z", - "stargazers_count": 7, - "watchers_count": 7, - "forks_count": 5, - "forks": 5, - "watchers": 7, - "score": 0 - }, { "id": 141312944, "name": "CVE-2017-0478", diff --git a/2017/CVE-2017-0541.json b/2017/CVE-2017-0541.json index 496585240f..85e70a6879 100644 --- a/2017/CVE-2017-0541.json +++ b/2017/CVE-2017-0541.json @@ -1,27 +1,4 @@ [ - { - "id": 87639690, - "name": "CVE-2017-0541", - "full_name": "JiounDai\/CVE-2017-0541", - "owner": { - "login": "JiounDai", - "id": 4220640, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/4220640?v=4", - "html_url": "https:\/\/github.com\/JiounDai" - }, - "html_url": "https:\/\/github.com\/JiounDai\/CVE-2017-0541", - "description": "poc and vulnerability analysis of CVE-2017-0541", - "fork": false, - "created_at": "2017-04-08T14:28:22Z", - "updated_at": "2018-11-26T08:18:04Z", - "pushed_at": "2017-04-08T14:45:44Z", - "stargazers_count": 19, - "watchers_count": 19, - "forks_count": 11, - "forks": 11, - "watchers": 19, - "score": 0 - }, { "id": 141312906, "name": "CVE-2017-0541", diff --git a/2017/CVE-2017-2370.json b/2017/CVE-2017-2370.json index 62ba0b77cb..2792fc01bd 100644 --- a/2017/CVE-2017-2370.json +++ b/2017/CVE-2017-2370.json @@ -1,73 +1,4 @@ [ - { - "id": 80148945, - "name": "extra_recipe", - "full_name": "maximehip\/extra_recipe", - "owner": { - "login": "maximehip", - "id": 6273425, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/6273425?v=4", - "html_url": "https:\/\/github.com\/maximehip" - }, - "html_url": "https:\/\/github.com\/maximehip\/extra_recipe", - "description": "Ian Beer's exploit for CVE-2017-2370 (kernel memory r\/w on iOS 10.2) https:\/\/bugs.chromium.org\/p\/project-zero\/issues\/detail?id=1004", - "fork": false, - "created_at": "2017-01-26T19:47:43Z", - "updated_at": "2017-01-26T19:48:19Z", - "pushed_at": "2017-01-26T19:48:18Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "forks": 1, - "watchers": 0, - "score": 0 - }, - { - "id": 80717942, - "name": "extra_recipe", - "full_name": "JackBro\/extra_recipe", - "owner": { - "login": "JackBro", - "id": 21210712, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/21210712?v=4", - "html_url": "https:\/\/github.com\/JackBro" - }, - "html_url": "https:\/\/github.com\/JackBro\/extra_recipe", - "description": "Ian Beer's exploit for CVE-2017-2370 (kernel memory r\/w on iOS 10.2)", - "fork": false, - "created_at": "2017-02-02T11:16:38Z", - "updated_at": "2017-10-14T08:34:32Z", - "pushed_at": "2017-01-27T17:44:09Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 81874110, - "name": "extra_recipe-iOS-10.2", - "full_name": "Rootkitsmm\/extra_recipe-iOS-10.2", - "owner": { - "login": "Rootkitsmm", - "id": 5567904, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/5567904?v=4", - "html_url": "https:\/\/github.com\/Rootkitsmm" - }, - "html_url": "https:\/\/github.com\/Rootkitsmm\/extra_recipe-iOS-10.2", - "description": "CVE-2017-2370", - "fork": false, - "created_at": "2017-02-13T21:32:40Z", - "updated_at": "2019-01-03T05:45:15Z", - "pushed_at": "2017-02-01T11:36:26Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 4, - "forks": 4, - "watchers": 1, - "score": 0 - }, { "id": 142854846, "name": "CVE-2017-2370", diff --git a/2017/CVE-2017-2636.json b/2017/CVE-2017-2636.json deleted file mode 100644 index 7e6d3e1bd5..0000000000 --- a/2017/CVE-2017-2636.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 84497885, - "name": "cve-2017-2636-el", - "full_name": "alexzorin\/cve-2017-2636-el", - "owner": { - "login": "alexzorin", - "id": 311534, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/311534?v=4", - "html_url": "https:\/\/github.com\/alexzorin" - }, - "html_url": "https:\/\/github.com\/alexzorin\/cve-2017-2636-el", - "description": "Ansible role for workaround for CVE-2017-2636 (Red Hat) - https:\/\/access.redhat.com\/security\/cve\/CVE-2017-2636", - "fork": false, - "created_at": "2017-03-09T23:20:42Z", - "updated_at": "2017-03-18T16:23:19Z", - "pushed_at": "2017-03-09T23:21:14Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - } -] \ No newline at end of file diff --git a/2017/CVE-2017-3599.json b/2017/CVE-2017-3599.json deleted file mode 100644 index cbb1878864..0000000000 --- a/2017/CVE-2017-3599.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 88650555, - "name": "CVE-2017-3599", - "full_name": "SECFORCE\/CVE-2017-3599", - "owner": { - "login": "SECFORCE", - "id": 8157384, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8157384?v=4", - "html_url": "https:\/\/github.com\/SECFORCE" - }, - "html_url": "https:\/\/github.com\/SECFORCE\/CVE-2017-3599", - "description": "Proof of concept exploit for CVE-2017-3599", - "fork": false, - "created_at": "2017-04-18T17:08:39Z", - "updated_at": "2020-08-03T19:51:16Z", - "pushed_at": "2017-04-18T17:10:18Z", - "stargazers_count": 17, - "watchers_count": 17, - "forks_count": 18, - "forks": 18, - "watchers": 17, - "score": 0 - } -] \ No newline at end of file diff --git a/2017/CVE-2017-3730.json b/2017/CVE-2017-3730.json index d160053a9d..23fa2045df 100644 --- a/2017/CVE-2017-3730.json +++ b/2017/CVE-2017-3730.json @@ -1,27 +1,4 @@ [ - { - "id": 79682713, - "name": "CVE-2017-3730", - "full_name": "guidovranken\/CVE-2017-3730", - "owner": { - "login": "guidovranken", - "id": 6846644, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/6846644?v=4", - "html_url": "https:\/\/github.com\/guidovranken" - }, - "html_url": "https:\/\/github.com\/guidovranken\/CVE-2017-3730", - "description": "OpenSSL CVE-2017-3730 proof-of-concept", - "fork": false, - "created_at": "2017-01-22T00:40:34Z", - "updated_at": "2018-12-04T20:01:55Z", - "pushed_at": "2017-01-26T01:30:54Z", - "stargazers_count": 11, - "watchers_count": 11, - "forks_count": 5, - "forks": 5, - "watchers": 11, - "score": 0 - }, { "id": 97466064, "name": "OpenSSL-CVE-2017-3730", diff --git a/2017/CVE-2017-3881.json b/2017/CVE-2017-3881.json index c992361928..3df52c1892 100644 --- a/2017/CVE-2017-3881.json +++ b/2017/CVE-2017-3881.json @@ -1,96 +1,4 @@ [ - { - "id": 87763747, - "name": "cisco-rce", - "full_name": "artkond\/cisco-rce", - "owner": { - "login": "artkond", - "id": 4436674, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4436674?v=4", - "html_url": "https:\/\/github.com\/artkond" - }, - "html_url": "https:\/\/github.com\/artkond\/cisco-rce", - "description": "CVE-2017-3881 Cisco Catalyst Remote Code Execution PoC", - "fork": false, - "created_at": "2017-04-10T03:44:04Z", - "updated_at": "2020-12-10T07:44:34Z", - "pushed_at": "2017-04-12T09:17:27Z", - "stargazers_count": 172, - "watchers_count": 172, - "forks_count": 81, - "forks": 81, - "watchers": 172, - "score": 0 - }, - { - "id": 88804675, - "name": "CVE-2017-3881-exploit-cisco-", - "full_name": "homjxi0e\/CVE-2017-3881-exploit-cisco-", - "owner": { - "login": "homjxi0e", - "id": 25440152, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", - "html_url": "https:\/\/github.com\/homjxi0e" - }, - "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-3881-exploit-cisco-", - "description": null, - "fork": false, - "created_at": "2017-04-20T00:52:10Z", - "updated_at": "2020-04-07T06:31:35Z", - "pushed_at": "2017-04-20T00:52:56Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 4, - "forks": 4, - "watchers": 2, - "score": 0 - }, - { - "id": 90087111, - "name": "CVE-2017-3881-Cisco", - "full_name": "homjxi0e\/CVE-2017-3881-Cisco", - "owner": { - "login": "homjxi0e", - "id": 25440152, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", - "html_url": "https:\/\/github.com\/homjxi0e" - }, - "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-3881-Cisco", - "description": null, - "fork": false, - "created_at": "2017-05-02T23:21:53Z", - "updated_at": "2017-05-02T23:28:05Z", - "pushed_at": "2017-05-02T23:28:04Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 90975256, - "name": "PoC-CVE-2017-3881", - "full_name": "zakybstrd21215\/PoC-CVE-2017-3881", - "owner": { - "login": "zakybstrd21215", - "id": 22362343, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22362343?v=4", - "html_url": "https:\/\/github.com\/zakybstrd21215" - }, - "html_url": "https:\/\/github.com\/zakybstrd21215\/PoC-CVE-2017-3881", - "description": "Cisco Catalyst Remote Code Execution PoC", - "fork": false, - "created_at": "2017-05-11T12:11:51Z", - "updated_at": "2017-05-11T12:16:43Z", - "pushed_at": "2017-05-11T13:52:12Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "forks": 1, - "watchers": 0, - "score": 0 - }, { "id": 115962692, "name": "CVE-2017-3881", diff --git a/2017/CVE-2017-5005.json b/2017/CVE-2017-5005.json deleted file mode 100644 index cb2c0a3e09..0000000000 --- a/2017/CVE-2017-5005.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 77828551, - "name": "QuickHeal", - "full_name": "payatu\/QuickHeal", - "owner": { - "login": "payatu", - "id": 16715624, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16715624?v=4", - "html_url": "https:\/\/github.com\/payatu" - }, - "html_url": "https:\/\/github.com\/payatu\/QuickHeal", - "description": "CVE-2017-5005 for Quick Heal Antivirus", - "fork": false, - "created_at": "2017-01-02T11:21:00Z", - "updated_at": "2020-03-27T02:45:54Z", - "pushed_at": "2017-03-31T14:49:28Z", - "stargazers_count": 16, - "watchers_count": 16, - "forks_count": 8, - "forks": 8, - "watchers": 16, - "score": 0 - } -] \ No newline at end of file diff --git a/2017/CVE-2017-5415.json b/2017/CVE-2017-5415.json deleted file mode 100644 index 3de681def6..0000000000 --- a/2017/CVE-2017-5415.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 88234209, - "name": "CVE-2017-5415", - "full_name": "649\/CVE-2017-5415", - "owner": { - "login": "649", - "id": 23534047, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/23534047?v=4", - "html_url": "https:\/\/github.com\/649" - }, - "html_url": "https:\/\/github.com\/649\/CVE-2017-5415", - "description": "Addressbar spoofing through blob URL (Firefox browser). An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by blob: as the protocol, leading to user confusion and further spoofing attacks.", - "fork": false, - "created_at": "2017-04-14T04:55:41Z", - "updated_at": "2020-07-12T20:54:15Z", - "pushed_at": "2017-04-14T04:55:51Z", - "stargazers_count": 5, - "watchers_count": 5, - "forks_count": 7, - "forks": 7, - "watchers": 5, - "score": 0 - } -] \ No newline at end of file diff --git a/2017/CVE-2017-5633.json b/2017/CVE-2017-5633.json deleted file mode 100644 index 4a6aec60c0..0000000000 --- a/2017/CVE-2017-5633.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 88568725, - "name": "Exploit-CVE-2017-5633", - "full_name": "cardangi\/Exploit-CVE-2017-5633", - "owner": { - "login": "cardangi", - "id": 22066466, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22066466?v=4", - "html_url": "https:\/\/github.com\/cardangi" - }, - "html_url": "https:\/\/github.com\/cardangi\/Exploit-CVE-2017-5633", - "description": "Exploit developed by me for CVE-2017-5633.", - "fork": false, - "created_at": "2017-04-18T01:44:33Z", - "updated_at": "2020-04-07T06:34:50Z", - "pushed_at": "2017-04-18T02:54:35Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 2, - "forks": 2, - "watchers": 1, - "score": 0 - } -] \ No newline at end of file diff --git a/2017/CVE-2017-5638.json b/2017/CVE-2017-5638.json index 441e38f10c..1269f0c1d2 100644 --- a/2017/CVE-2017-5638.json +++ b/2017/CVE-2017-5638.json @@ -1,280 +1,4 @@ [ - { - "id": 84158718, - "name": "S2-045", - "full_name": "PolarisLab\/S2-045", - "owner": { - "login": "PolarisLab", - "id": 25890110, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/25890110?v=4", - "html_url": "https:\/\/github.com\/PolarisLab" - }, - "html_url": "https:\/\/github.com\/PolarisLab\/S2-045", - "description": "Struts2 S2-045(CVE-2017-5638)Vulnerability environment - http:\/\/www.mottoin.com\/97954.html", - "fork": false, - "created_at": "2017-03-07T05:30:30Z", - "updated_at": "2020-09-22T06:33:06Z", - "pushed_at": "2017-03-07T05:37:55Z", - "stargazers_count": 23, - "watchers_count": 23, - "forks_count": 12, - "forks": 12, - "watchers": 23, - "score": 0 - }, - { - "id": 84186490, - "name": "Struts2-045-Exp", - "full_name": "Flyteas\/Struts2-045-Exp", - "owner": { - "login": "Flyteas", - "id": 15673913, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/15673913?v=4", - "html_url": "https:\/\/github.com\/Flyteas" - }, - "html_url": "https:\/\/github.com\/Flyteas\/Struts2-045-Exp", - "description": "Struts2 S2-045(CVE-2017-5638)Exp with GUI", - "fork": false, - "created_at": "2017-03-07T10:30:20Z", - "updated_at": "2020-09-11T23:13:21Z", - "pushed_at": "2017-03-13T06:30:41Z", - "stargazers_count": 60, - "watchers_count": 60, - "forks_count": 29, - "forks": 29, - "watchers": 60, - "score": 0 - }, - { - "id": 84277596, - "name": "cve-2017-5638", - "full_name": "bongbongco\/cve-2017-5638", - "owner": { - "login": "bongbongco", - "id": 3170006, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3170006?v=4", - "html_url": "https:\/\/github.com\/bongbongco" - }, - "html_url": "https:\/\/github.com\/bongbongco\/cve-2017-5638", - "description": null, - "fork": false, - "created_at": "2017-03-08T04:17:33Z", - "updated_at": "2017-03-08T04:31:28Z", - "pushed_at": "2017-03-08T04:31:26Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "forks": 1, - "watchers": 0, - "score": 0 - }, - { - "id": 84481525, - "name": "S2-045-EXP-POC-TOOLS", - "full_name": "jas502n\/S2-045-EXP-POC-TOOLS", - "owner": { - "login": "jas502n", - "id": 16593068, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", - "html_url": "https:\/\/github.com\/jas502n" - }, - "html_url": "https:\/\/github.com\/jas502n\/S2-045-EXP-POC-TOOLS", - "description": "S2-045 漏洞 POC-TOOLS CVE-2017-5638", - "fork": false, - "created_at": "2017-03-09T19:40:47Z", - "updated_at": "2020-10-24T13:59:45Z", - "pushed_at": "2017-03-09T19:50:50Z", - "stargazers_count": 21, - "watchers_count": 21, - "forks_count": 21, - "forks": 21, - "watchers": 21, - "score": 0 - }, - { - "id": 84518902, - "name": "strutszeiro", - "full_name": "mthbernardes\/strutszeiro", - "owner": { - "login": "mthbernardes", - "id": 12648924, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/12648924?v=4", - "html_url": "https:\/\/github.com\/mthbernardes" - }, - "html_url": "https:\/\/github.com\/mthbernardes\/strutszeiro", - "description": "Telegram Bot to manage botnets created with struts vulnerability(CVE-2017-5638)", - "fork": false, - "created_at": "2017-03-10T04:23:41Z", - "updated_at": "2020-05-11T01:31:47Z", - "pushed_at": "2020-12-15T17:20:02Z", - "stargazers_count": 38, - "watchers_count": 38, - "forks_count": 27, - "forks": 27, - "watchers": 38, - "score": 0 - }, - { - "id": 84581800, - "name": "cve-2017-5638", - "full_name": "xsscx\/cve-2017-5638", - "owner": { - "login": "xsscx", - "id": 10790582, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/10790582?v=4", - "html_url": "https:\/\/github.com\/xsscx" - }, - "html_url": "https:\/\/github.com\/xsscx\/cve-2017-5638", - "description": "Example PoC Code for CVE-2017-5638 | Apache Struts Exploit ", - "fork": false, - "created_at": "2017-03-10T16:56:14Z", - "updated_at": "2020-08-31T01:27:42Z", - "pushed_at": "2017-03-12T15:43:27Z", - "stargazers_count": 12, - "watchers_count": 12, - "forks_count": 21, - "forks": 21, - "watchers": 12, - "score": 0 - }, - { - "id": 84602394, - "name": "apache-struts2-CVE-2017-5638", - "full_name": "immunio\/apache-struts2-CVE-2017-5638", - "owner": { - "login": "immunio", - "id": 6700387, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/6700387?v=4", - "html_url": "https:\/\/github.com\/immunio" - }, - "html_url": "https:\/\/github.com\/immunio\/apache-struts2-CVE-2017-5638", - "description": "Demo Application and Exploit", - "fork": false, - "created_at": "2017-03-10T21:33:25Z", - "updated_at": "2020-11-24T15:40:19Z", - "pushed_at": "2017-03-13T15:03:32Z", - "stargazers_count": 36, - "watchers_count": 36, - "forks_count": 36, - "forks": 36, - "watchers": 36, - "score": 0 - }, - { - "id": 84620334, - "name": "OgnlContentTypeRejectorValve", - "full_name": "Masahiro-Yamada\/OgnlContentTypeRejectorValve", - "owner": { - "login": "Masahiro-Yamada", - "id": 479387, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/479387?v=4", - "html_url": "https:\/\/github.com\/Masahiro-Yamada" - }, - "html_url": "https:\/\/github.com\/Masahiro-Yamada\/OgnlContentTypeRejectorValve", - "description": "This is Valve for Tomcat7 to block Struts 2 Remote Code Execution vulnerability (CVE-2017-5638)", - "fork": false, - "created_at": "2017-03-11T03:18:12Z", - "updated_at": "2017-04-11T00:06:36Z", - "pushed_at": "2017-03-13T14:49:25Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - }, - { - "id": 84639178, - "name": "CVE-2017-5638-Apache-Struts2", - "full_name": "aljazceru\/CVE-2017-5638-Apache-Struts2", - "owner": { - "login": "aljazceru", - "id": 4439523, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/4439523?v=4", - "html_url": "https:\/\/github.com\/aljazceru" - }, - "html_url": "https:\/\/github.com\/aljazceru\/CVE-2017-5638-Apache-Struts2", - "description": "Tweaking original PoC (https:\/\/github.com\/rapid7\/metasploit-framework\/issues\/8064) to work on self-signed certificates ", - "fork": false, - "created_at": "2017-03-11T09:39:09Z", - "updated_at": "2019-07-15T22:02:37Z", - "pushed_at": "2017-03-11T09:41:27Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 0, - "forks": 0, - "watchers": 2, - "score": 0 - }, - { - "id": 84640546, - "name": "test_struts2_vulnerability_CVE-2017-5638", - "full_name": "sjitech\/test_struts2_vulnerability_CVE-2017-5638", - "owner": { - "login": "sjitech", - "id": 5180638, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5180638?v=4", - "html_url": "https:\/\/github.com\/sjitech" - }, - "html_url": "https:\/\/github.com\/sjitech\/test_struts2_vulnerability_CVE-2017-5638", - "description": "test struts2 vulnerability CVE-2017-5638 in Mac OS X", - "fork": false, - "created_at": "2017-03-11T10:03:54Z", - "updated_at": "2017-03-13T11:14:00Z", - "pushed_at": "2017-03-13T07:38:25Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 84642680, - "name": "CVE-2017-5638", - "full_name": "jrrombaldo\/CVE-2017-5638", - "owner": { - "login": "jrrombaldo", - "id": 121948, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/121948?v=4", - "html_url": "https:\/\/github.com\/jrrombaldo" - }, - "html_url": "https:\/\/github.com\/jrrombaldo\/CVE-2017-5638", - "description": null, - "fork": false, - "created_at": "2017-03-11T10:43:16Z", - "updated_at": "2017-03-11T13:07:57Z", - "pushed_at": "2017-03-24T19:12:10Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "forks": 1, - "watchers": 0, - "score": 0 - }, - { - "id": 84644857, - "name": "CVE-2017-5638", - "full_name": "random-robbie\/CVE-2017-5638", - "owner": { - "login": "random-robbie", - "id": 4902869, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/4902869?v=4", - "html_url": "https:\/\/github.com\/random-robbie" - }, - "html_url": "https:\/\/github.com\/random-robbie\/CVE-2017-5638", - "description": "CVE: 2017-5638 in different formats", - "fork": false, - "created_at": "2017-03-11T11:22:44Z", - "updated_at": "2017-03-11T11:28:58Z", - "pushed_at": "2017-03-16T11:26:04Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "forks": 1, - "watchers": 0, - "score": 0 - }, { "id": 84655941, "name": "CVE-2017-5638_struts", @@ -321,167 +45,6 @@ "watchers": 380, "score": 0 }, - { - "id": 84705148, - "name": "Struts-Apache-ExploitPack", - "full_name": "ret2jazzy\/Struts-Apache-ExploitPack", - "owner": { - "login": "ret2jazzy", - "id": 20831187, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/20831187?v=4", - "html_url": "https:\/\/github.com\/ret2jazzy" - }, - "html_url": "https:\/\/github.com\/ret2jazzy\/Struts-Apache-ExploitPack", - "description": "These are just some script which you can use to detect and exploit the Apache Struts Vulnerability (CVE-2017-5638)", - "fork": false, - "created_at": "2017-03-12T06:28:51Z", - "updated_at": "2020-12-09T00:15:03Z", - "pushed_at": "2017-03-12T07:26:03Z", - "stargazers_count": 15, - "watchers_count": 15, - "forks_count": 13, - "forks": 13, - "watchers": 15, - "score": 0 - }, - { - "id": 84725982, - "name": "ExpStruts", - "full_name": "lolwaleet\/ExpStruts", - "owner": { - "login": "lolwaleet", - "id": 20018319, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20018319?v=4", - "html_url": "https:\/\/github.com\/lolwaleet" - }, - "html_url": "https:\/\/github.com\/lolwaleet\/ExpStruts", - "description": "A php based exploiter for CVE-2017-5638.", - "fork": false, - "created_at": "2017-03-12T13:03:52Z", - "updated_at": "2020-03-15T16:58:21Z", - "pushed_at": "2017-03-12T13:04:33Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 2, - "forks": 2, - "watchers": 2, - "score": 0 - }, - { - "id": 84819853, - "name": "CVE-2017-5638-Apache-Struts2", - "full_name": "oktavianto\/CVE-2017-5638-Apache-Struts2", - "owner": { - "login": "oktavianto", - "id": 8210275, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/8210275?v=4", - "html_url": "https:\/\/github.com\/oktavianto" - }, - "html_url": "https:\/\/github.com\/oktavianto\/CVE-2017-5638-Apache-Struts2", - "description": "Example PHP Exploiter for CVE-2017-5638", - "fork": false, - "created_at": "2017-03-13T11:39:55Z", - "updated_at": "2020-04-07T06:38:46Z", - "pushed_at": "2017-03-20T19:40:16Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 4, - "forks": 4, - "watchers": 2, - "score": 0 - }, - { - "id": 85010282, - "name": "cve-2017-5638", - "full_name": "jrrdev\/cve-2017-5638", - "owner": { - "login": "jrrdev", - "id": 17674081, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/17674081?v=4", - "html_url": "https:\/\/github.com\/jrrdev" - }, - "html_url": "https:\/\/github.com\/jrrdev\/cve-2017-5638", - "description": "cve-2017-5638 Vulnerable site sample", - "fork": false, - "created_at": "2017-03-15T00:19:33Z", - "updated_at": "2020-05-19T19:36:03Z", - "pushed_at": "2017-04-04T19:57:38Z", - "stargazers_count": 11, - "watchers_count": 11, - "forks_count": 9, - "forks": 9, - "watchers": 11, - "score": 0 - }, - { - "id": 85145901, - "name": "Strutshock", - "full_name": "opt9\/Strutshock", - "owner": { - "login": "opt9", - "id": 192655, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/192655?v=4", - "html_url": "https:\/\/github.com\/opt9" - }, - "html_url": "https:\/\/github.com\/opt9\/Strutshock", - "description": "Struts2 RCE CVE-2017-5638 non-intrusive check shell script", - "fork": false, - "created_at": "2017-03-16T02:59:22Z", - "updated_at": "2017-05-04T20:58:47Z", - "pushed_at": "2017-03-16T04:02:40Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 1, - "forks": 1, - "watchers": 3, - "score": 0 - }, - { - "id": 85341283, - "name": "StrutsShell", - "full_name": "falcon-lnhg\/StrutsShell", - "owner": { - "login": "falcon-lnhg", - "id": 5199658, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/5199658?v=4", - "html_url": "https:\/\/github.com\/falcon-lnhg" - }, - "html_url": "https:\/\/github.com\/falcon-lnhg\/StrutsShell", - "description": "Apache Struts (CVE-2017-5638) Shell", - "fork": false, - "created_at": "2017-03-17T18:05:55Z", - "updated_at": "2017-08-31T21:27:12Z", - "pushed_at": "2017-04-04T16:11:25Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 1, - "forks": 1, - "watchers": 3, - "score": 0 - }, - { - "id": 85390529, - "name": "CVE-2017-5638", - "full_name": "bhagdave\/CVE-2017-5638", - "owner": { - "login": "bhagdave", - "id": 3230037, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3230037?v=4", - "html_url": "https:\/\/github.com\/bhagdave" - }, - "html_url": "https:\/\/github.com\/bhagdave\/CVE-2017-5638", - "description": null, - "fork": false, - "created_at": "2017-03-18T09:39:59Z", - "updated_at": "2017-03-19T01:25:24Z", - "pushed_at": "2017-03-21T21:53:56Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, { "id": 85664016, "name": "st2-046-poc", @@ -505,98 +68,6 @@ "watchers": 21, "score": 0 }, - { - "id": 85733752, - "name": "S2-046_S2-045_POC", - "full_name": "KarzsGHR\/S2-046_S2-045_POC", - "owner": { - "login": "KarzsGHR", - "id": 12841587, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/12841587?v=4", - "html_url": "https:\/\/github.com\/KarzsGHR" - }, - "html_url": "https:\/\/github.com\/KarzsGHR\/S2-046_S2-045_POC", - "description": "S2-046|S2-045: Struts 2 Remote Code Execution vulnerability(CVE-2017-5638)", - "fork": false, - "created_at": "2017-03-21T17:36:40Z", - "updated_at": "2019-11-20T02:42:35Z", - "pushed_at": "2017-04-26T09:12:33Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - }, - { - "id": 85926594, - "name": "S2-Reaper", - "full_name": "gsfish\/S2-Reaper", - "owner": { - "login": "gsfish", - "id": 15968154, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/15968154?v=4", - "html_url": "https:\/\/github.com\/gsfish" - }, - "html_url": "https:\/\/github.com\/gsfish\/S2-Reaper", - "description": "CVE-2017-5638", - "fork": false, - "created_at": "2017-03-23T08:44:10Z", - "updated_at": "2017-03-30T09:51:23Z", - "pushed_at": "2017-03-30T10:06:38Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 2, - "forks": 2, - "watchers": 0, - "score": 0 - }, - { - "id": 86200933, - "name": "cve-2017-5638", - "full_name": "mcassano\/cve-2017-5638", - "owner": { - "login": "mcassano", - "id": 2073030, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2073030?v=4", - "html_url": "https:\/\/github.com\/mcassano" - }, - "html_url": "https:\/\/github.com\/mcassano\/cve-2017-5638", - "description": null, - "fork": false, - "created_at": "2017-03-26T01:58:52Z", - "updated_at": "2017-03-26T02:00:58Z", - "pushed_at": "2017-04-01T04:20:15Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 86415022, - "name": "Strutscli", - "full_name": "opt9\/Strutscli", - "owner": { - "login": "opt9", - "id": 192655, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/192655?v=4", - "html_url": "https:\/\/github.com\/opt9" - }, - "html_url": "https:\/\/github.com\/opt9\/Strutscli", - "description": "Struts2 RCE CVE-2017-5638 CLI shell", - "fork": false, - "created_at": "2017-03-28T04:31:44Z", - "updated_at": "2017-04-14T08:03:48Z", - "pushed_at": "2017-03-28T04:36:11Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 0, - "forks": 0, - "watchers": 2, - "score": 0 - }, { "id": 87695524, "name": "strutsy", @@ -620,29 +91,6 @@ "watchers": 11, "score": 0 }, - { - "id": 90377429, - "name": "CVE-2017-5638", - "full_name": "payatu\/CVE-2017-5638", - "owner": { - "login": "payatu", - "id": 16715624, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16715624?v=4", - "html_url": "https:\/\/github.com\/payatu" - }, - "html_url": "https:\/\/github.com\/payatu\/CVE-2017-5638", - "description": "Apache Struts 2.0 RCE vulnerability - Allows an attacker to inject OS commands into a web application through the content-type header ", - "fork": false, - "created_at": "2017-05-05T13:17:37Z", - "updated_at": "2020-03-27T02:45:32Z", - "pushed_at": "2017-05-05T13:55:53Z", - "stargazers_count": 7, - "watchers_count": 7, - "forks_count": 4, - "forks": 4, - "watchers": 7, - "score": 0 - }, { "id": 92562840, "name": "Struts2-045-Exp", diff --git a/2017/CVE-2017-5689.json b/2017/CVE-2017-5689.json index fc56e02fd9..664973c77e 100644 --- a/2017/CVE-2017-5689.json +++ b/2017/CVE-2017-5689.json @@ -1,27 +1,4 @@ [ - { - "id": 90210170, - "name": "CVE-2017-5689", - "full_name": "CerberusSecurity\/CVE-2017-5689", - "owner": { - "login": "CerberusSecurity", - "id": 21088337, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/21088337?v=4", - "html_url": "https:\/\/github.com\/CerberusSecurity" - }, - "html_url": "https:\/\/github.com\/CerberusSecurity\/CVE-2017-5689", - "description": null, - "fork": false, - "created_at": "2017-05-04T01:51:26Z", - "updated_at": "2020-01-01T00:38:18Z", - "pushed_at": "2017-05-04T03:06:32Z", - "stargazers_count": 39, - "watchers_count": 39, - "forks_count": 10, - "forks": 10, - "watchers": 39, - "score": 0 - }, { "id": 90472957, "name": "amthoneypot", @@ -45,29 +22,6 @@ "watchers": 13, "score": 0 }, - { - "id": 90724328, - "name": "intel_amt_bypass", - "full_name": "Bijaye\/intel_amt_bypass", - "owner": { - "login": "Bijaye", - "id": 4318412, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/4318412?v=4", - "html_url": "https:\/\/github.com\/Bijaye" - }, - "html_url": "https:\/\/github.com\/Bijaye\/intel_amt_bypass", - "description": "simple python poc for CVE-2017-5689", - "fork": false, - "created_at": "2017-05-09T08:55:39Z", - "updated_at": "2020-07-05T02:24:05Z", - "pushed_at": "2017-05-09T00:42:12Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 7, - "forks": 7, - "watchers": 3, - "score": 0 - }, { "id": 98579784, "name": "amt_auth_bypass_poc", diff --git a/2017/CVE-2017-6370.json b/2017/CVE-2017-6370.json deleted file mode 100644 index 0f21368824..0000000000 --- a/2017/CVE-2017-6370.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 85539985, - "name": "TYPO3-v7.6.15-Unencrypted-Login-Request", - "full_name": "faizzaidi\/TYPO3-v7.6.15-Unencrypted-Login-Request", - "owner": { - "login": "faizzaidi", - "id": 12153050, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/12153050?v=4", - "html_url": "https:\/\/github.com\/faizzaidi" - }, - "html_url": "https:\/\/github.com\/faizzaidi\/TYPO3-v7.6.15-Unencrypted-Login-Request", - "description": "TYPO3 v7.6.15 Unencrypted Login Request Assigned CVE Number: CVE-2017-6370", - "fork": false, - "created_at": "2017-03-20T05:51:07Z", - "updated_at": "2020-07-17T05:22:53Z", - "pushed_at": "2017-03-20T05:51:43Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 0, - "forks": 0, - "watchers": 2, - "score": 0 - } -] \ No newline at end of file diff --git a/2017/CVE-2017-6971.json b/2017/CVE-2017-6971.json index ff56645865..cb167b413c 100644 --- a/2017/CVE-2017-6971.json +++ b/2017/CVE-2017-6971.json @@ -1,27 +1,4 @@ [ - { - "id": 87749039, - "name": "nfsen-exploit", - "full_name": "patrickfreed\/nfsen-exploit", - "owner": { - "login": "patrickfreed", - "id": 936020, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/936020?v=4", - "html_url": "https:\/\/github.com\/patrickfreed" - }, - "html_url": "https:\/\/github.com\/patrickfreed\/nfsen-exploit", - "description": "Exploit for CVE-2017-6971 remote command execution in nfsen 1.3.7.", - "fork": false, - "created_at": "2017-04-10T00:13:24Z", - "updated_at": "2020-04-07T06:36:25Z", - "pushed_at": "2017-04-10T16:06:56Z", - "stargazers_count": 4, - "watchers_count": 4, - "forks_count": 8, - "forks": 8, - "watchers": 4, - "score": 0 - }, { "id": 183134145, "name": "nfsen_1.3.7_CVE-2017-6971", diff --git a/2017/CVE-2017-7188.json b/2017/CVE-2017-7188.json deleted file mode 100644 index 603aa6250f..0000000000 --- a/2017/CVE-2017-7188.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 87800336, - "name": "Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC", - "full_name": "faizzaidi\/Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC", - "owner": { - "login": "faizzaidi", - "id": 12153050, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/12153050?v=4", - "html_url": "https:\/\/github.com\/faizzaidi" - }, - "html_url": "https:\/\/github.com\/faizzaidi\/Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC", - "description": "Zurmo-Stable-3.1.1 Cross Site Scripting (XSS) Assigned CVE Number: CVE-2017-7188", - "fork": false, - "created_at": "2017-04-10T10:52:13Z", - "updated_at": "2020-07-17T05:22:49Z", - "pushed_at": "2017-04-10T10:52:52Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 0, - "forks": 0, - "watchers": 2, - "score": 0 - } -] \ No newline at end of file diff --git a/2017/CVE-2017-7269.json b/2017/CVE-2017-7269.json index 229e04b9fa..b9899daeca 100644 --- a/2017/CVE-2017-7269.json +++ b/2017/CVE-2017-7269.json @@ -1,27 +1,4 @@ [ - { - "id": 86543900, - "name": "webdav_exploit", - "full_name": "eliuha\/webdav_exploit", - "owner": { - "login": "eliuha", - "id": 2240516, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2240516?v=4", - "html_url": "https:\/\/github.com\/eliuha" - }, - "html_url": "https:\/\/github.com\/eliuha\/webdav_exploit", - "description": "An exploit for Microsoft IIS 6.0 CVE-2017-7269", - "fork": false, - "created_at": "2017-03-29T05:59:30Z", - "updated_at": "2020-07-12T14:05:27Z", - "pushed_at": "2017-03-29T07:26:41Z", - "stargazers_count": 16, - "watchers_count": 16, - "forks_count": 16, - "forks": 16, - "watchers": 16, - "score": 0 - }, { "id": 86573461, "name": "CVE-2017-7269-Echo-PoC", @@ -45,236 +22,6 @@ "watchers": 84, "score": 0 }, - { - "id": 86581754, - "name": "CVE-2017-7269-exploit", - "full_name": "caicai1355\/CVE-2017-7269-exploit", - "owner": { - "login": "caicai1355", - "id": 24385053, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/24385053?v=4", - "html_url": "https:\/\/github.com\/caicai1355" - }, - "html_url": "https:\/\/github.com\/caicai1355\/CVE-2017-7269-exploit", - "description": "exec 8 bytes command", - "fork": false, - "created_at": "2017-03-29T12:52:54Z", - "updated_at": "2020-04-07T06:37:12Z", - "pushed_at": "2017-03-29T13:08:44Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 7, - "forks": 7, - "watchers": 2, - "score": 0 - }, - { - "id": 86659284, - "name": "CVE-2017-7269", - "full_name": "M1a0rz\/CVE-2017-7269", - "owner": { - "login": "M1a0rz", - "id": 25101765, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/25101765?v=4", - "html_url": "https:\/\/github.com\/M1a0rz" - }, - "html_url": "https:\/\/github.com\/M1a0rz\/CVE-2017-7269", - "description": "Poc for iis6.0", - "fork": false, - "created_at": "2017-03-30T04:35:13Z", - "updated_at": "2017-03-30T04:35:13Z", - "pushed_at": "2017-03-30T04:35:13Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 86697845, - "name": "cve-2017-7269picture", - "full_name": "whiteHat001\/cve-2017-7269picture", - "owner": { - "login": "whiteHat001", - "id": 18191034, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/18191034?v=4", - "html_url": "https:\/\/github.com\/whiteHat001" - }, - "html_url": "https:\/\/github.com\/whiteHat001\/cve-2017-7269picture", - "description": null, - "fork": false, - "created_at": "2017-03-30T12:03:05Z", - "updated_at": "2017-03-30T12:03:05Z", - "pushed_at": "2017-03-30T12:11:42Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 86754251, - "name": "cve-2017-7269", - "full_name": "zcgonvh\/cve-2017-7269", - "owner": { - "login": "zcgonvh", - "id": 25787677, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/25787677?v=4", - "html_url": "https:\/\/github.com\/zcgonvh" - }, - "html_url": "https:\/\/github.com\/zcgonvh\/cve-2017-7269", - "description": "fixed msf module for cve-2017-7269", - "fork": false, - "created_at": "2017-03-30T22:20:36Z", - "updated_at": "2020-11-20T13:23:42Z", - "pushed_at": "2017-03-30T22:20:51Z", - "stargazers_count": 110, - "watchers_count": 110, - "forks_count": 61, - "forks": 61, - "watchers": 110, - "score": 0 - }, - { - "id": 87165305, - "name": "CVE-2017-7269", - "full_name": "jrrombaldo\/CVE-2017-7269", - "owner": { - "login": "jrrombaldo", - "id": 121948, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/121948?v=4", - "html_url": "https:\/\/github.com\/jrrombaldo" - }, - "html_url": "https:\/\/github.com\/jrrombaldo\/CVE-2017-7269", - "description": null, - "fork": false, - "created_at": "2017-04-04T08:47:22Z", - "updated_at": "2018-01-08T16:52:30Z", - "pushed_at": "2017-04-04T17:20:50Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 1, - "forks": 1, - "watchers": 1, - "score": 0 - }, - { - "id": 87365181, - "name": "iis6-exploit-2017-CVE-2017-7269", - "full_name": "g0rx\/iis6-exploit-2017-CVE-2017-7269", - "owner": { - "login": "g0rx", - "id": 10961397, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/10961397?v=4", - "html_url": "https:\/\/github.com\/g0rx" - }, - "html_url": "https:\/\/github.com\/g0rx\/iis6-exploit-2017-CVE-2017-7269", - "description": "iis6 exploit 2017 CVE-2017-7269", - "fork": false, - "created_at": "2017-04-05T23:21:12Z", - "updated_at": "2020-11-11T11:19:06Z", - "pushed_at": "2017-04-05T23:29:03Z", - "stargazers_count": 30, - "watchers_count": 30, - "forks_count": 28, - "forks": 28, - "watchers": 30, - "score": 0 - }, - { - "id": 87432387, - "name": "IIS_6.0_WebDAV_Ruby", - "full_name": "slimpagey\/IIS_6.0_WebDAV_Ruby", - "owner": { - "login": "slimpagey", - "id": 10183644, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/10183644?v=4", - "html_url": "https:\/\/github.com\/slimpagey" - }, - "html_url": "https:\/\/github.com\/slimpagey\/IIS_6.0_WebDAV_Ruby", - "description": "Ruby Exploit for IIS 6.0 Buffer Overflow (CVE-2017-7269)", - "fork": false, - "created_at": "2017-04-06T13:27:20Z", - "updated_at": "2019-02-27T06:05:06Z", - "pushed_at": "2017-04-06T13:47:49Z", - "stargazers_count": 6, - "watchers_count": 6, - "forks_count": 2, - "forks": 2, - "watchers": 6, - "score": 0 - }, - { - "id": 88148249, - "name": "cve-2017-7269", - "full_name": "homjxi0e\/cve-2017-7269", - "owner": { - "login": "homjxi0e", - "id": 25440152, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", - "html_url": "https:\/\/github.com\/homjxi0e" - }, - "html_url": "https:\/\/github.com\/homjxi0e\/cve-2017-7269", - "description": null, - "fork": false, - "created_at": "2017-04-13T09:27:01Z", - "updated_at": "2017-04-13T09:27:01Z", - "pushed_at": "2017-04-13T12:33:43Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 89217126, - "name": "CVE-2017-7269", - "full_name": "xiaovpn\/CVE-2017-7269", - "owner": { - "login": "xiaovpn", - "id": 22736797, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/22736797?v=4", - "html_url": "https:\/\/github.com\/xiaovpn" - }, - "html_url": "https:\/\/github.com\/xiaovpn\/CVE-2017-7269", - "description": "CVE-2017-7269", - "fork": false, - "created_at": "2017-04-24T08:42:59Z", - "updated_at": "2017-04-24T08:42:59Z", - "pushed_at": "2017-04-24T08:43:00Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 91493002, - "name": "cve-2017-7269-tool", - "full_name": "zcgonvh\/cve-2017-7269-tool", - "owner": { - "login": "zcgonvh", - "id": 25787677, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/25787677?v=4", - "html_url": "https:\/\/github.com\/zcgonvh" - }, - "html_url": "https:\/\/github.com\/zcgonvh\/cve-2017-7269-tool", - "description": "CVE-2017-7269 to webshell or shellcode loader", - "fork": false, - "created_at": "2017-05-16T18:47:45Z", - "updated_at": "2020-09-14T21:00:11Z", - "pushed_at": "2017-05-16T18:48:15Z", - "stargazers_count": 84, - "watchers_count": 84, - "forks_count": 32, - "forks": 32, - "watchers": 84, - "score": 0 - }, { "id": 118708741, "name": "CVE-2017-7269", diff --git a/2017/CVE-2017-7648.json b/2017/CVE-2017-7648.json deleted file mode 100644 index 71083acee3..0000000000 --- a/2017/CVE-2017-7648.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 87845394, - "name": "CVE-2017-7648.", - "full_name": "notmot\/CVE-2017-7648.", - "owner": { - "login": "notmot", - "id": 4649277, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/4649277?v=4", - "html_url": "https:\/\/github.com\/notmot" - }, - "html_url": "https:\/\/github.com\/notmot\/CVE-2017-7648.", - "description": "A writeup of CVE-2017-7648", - "fork": false, - "created_at": "2017-04-10T18:41:59Z", - "updated_at": "2017-04-10T18:47:31Z", - "pushed_at": "2017-04-10T18:42:00Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - } -] \ No newline at end of file diff --git a/2017/CVE-2017-8295.json b/2017/CVE-2017-8295.json index 108735b47c..f3f688e548 100644 --- a/2017/CVE-2017-8295.json +++ b/2017/CVE-2017-8295.json @@ -1,50 +1,4 @@ [ - { - "id": 90299927, - "name": "CVE-2017-8295-WordPress-4.7.4---Unauthorized-Password-Reset", - "full_name": "homjxi0e\/CVE-2017-8295-WordPress-4.7.4---Unauthorized-Password-Reset", - "owner": { - "login": "homjxi0e", - "id": 25440152, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", - "html_url": "https:\/\/github.com\/homjxi0e" - }, - "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-8295-WordPress-4.7.4---Unauthorized-Password-Reset", - "description": null, - "fork": false, - "created_at": "2017-05-04T19:05:12Z", - "updated_at": "2017-05-04T19:05:12Z", - "pushed_at": "2017-05-04T19:13:41Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 90396412, - "name": "wp-allowed-hosts", - "full_name": "alash3al\/wp-allowed-hosts", - "owner": { - "login": "alash3al", - "id": 3078292, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/3078292?v=4", - "html_url": "https:\/\/github.com\/alash3al" - }, - "html_url": "https:\/\/github.com\/alash3al\/wp-allowed-hosts", - "description": "a plugin that protects your wp site from the CVE-2017-8295 vulnerability", - "fork": false, - "created_at": "2017-05-05T16:34:17Z", - "updated_at": "2017-05-06T06:41:07Z", - "pushed_at": "2017-05-05T17:05:15Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 1, - "forks": 1, - "watchers": 2, - "score": 0 - }, { "id": 90453472, "name": "CVE-2017-8295", diff --git a/2017/CVE-2017-8779.json b/2017/CVE-2017-8779.json deleted file mode 100644 index c809294299..0000000000 --- a/2017/CVE-2017-8779.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 90798298, - "name": "GO-RPCBOMB", - "full_name": "drbothen\/GO-RPCBOMB", - "owner": { - "login": "drbothen", - "id": 6192325, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/6192325?v=4", - "html_url": "https:\/\/github.com\/drbothen" - }, - "html_url": "https:\/\/github.com\/drbothen\/GO-RPCBOMB", - "description": "CVE-2017-8779 aka RPCBomb", - "fork": false, - "created_at": "2017-05-09T22:43:10Z", - "updated_at": "2020-09-28T00:42:01Z", - "pushed_at": "2017-05-10T16:48:34Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - } -] \ No newline at end of file diff --git a/2018/CVE-2018-0101.json b/2018/CVE-2018-0101.json index 5e4af25204..5ef03111cf 100644 --- a/2018/CVE-2018-0101.json +++ b/2018/CVE-2018-0101.json @@ -1,4 +1,27 @@ [ + { + "id": 120640426, + "name": "CVE-2018-0101-DOS-POC", + "full_name": "1337g\/CVE-2018-0101-DOS-POC", + "owner": { + "login": "1337g", + "id": 32504404, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/32504404?v=4", + "html_url": "https:\/\/github.com\/1337g" + }, + "html_url": "https:\/\/github.com\/1337g\/CVE-2018-0101-DOS-POC", + "description": null, + "fork": false, + "created_at": "2018-02-07T16:25:59Z", + "updated_at": "2020-04-06T12:17:46Z", + "pushed_at": "2018-02-07T16:43:08Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 6, + "forks": 6, + "watchers": 14, + "score": 0 + }, { "id": 120782386, "name": "ciscoasa_honeypot", diff --git a/2018/CVE-2018-0296.json b/2018/CVE-2018-0296.json index 59c543ebe8..7dcc1b9c63 100644 --- a/2018/CVE-2018-0296.json +++ b/2018/CVE-2018-0296.json @@ -45,6 +45,29 @@ "watchers": 178, "score": 0 }, + { + "id": 138348696, + "name": "CVE-2018-0296", + "full_name": "bhenner1\/CVE-2018-0296", + "owner": { + "login": "bhenner1", + "id": 24857952, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/24857952?v=4", + "html_url": "https:\/\/github.com\/bhenner1" + }, + "html_url": "https:\/\/github.com\/bhenner1\/CVE-2018-0296", + "description": "Cisco ASA - CVE-2018-0296 | Exploit", + "fork": false, + "created_at": "2018-06-22T21:12:58Z", + "updated_at": "2019-01-03T02:33:10Z", + "pushed_at": "2018-06-26T13:44:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, { "id": 162431036, "name": "CVE-2018-0296", diff --git a/2018/CVE-2018-0802.json b/2018/CVE-2018-0802.json index a48224837b..981c33da2b 100644 --- a/2018/CVE-2018-0802.json +++ b/2018/CVE-2018-0802.json @@ -1,4 +1,96 @@ [ + { + "id": 117077311, + "name": "CVE-2018-0802_POC", + "full_name": "zldww2011\/CVE-2018-0802_POC", + "owner": { + "login": "zldww2011", + "id": 17902585, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/17902585?v=4", + "html_url": "https:\/\/github.com\/zldww2011" + }, + "html_url": "https:\/\/github.com\/zldww2011\/CVE-2018-0802_POC", + "description": "Exploit the vulnerability to execute the calculator", + "fork": false, + "created_at": "2018-01-11T09:16:32Z", + "updated_at": "2020-12-16T10:25:11Z", + "pushed_at": "2018-01-11T09:23:05Z", + "stargazers_count": 70, + "watchers_count": 70, + "forks_count": 35, + "forks": 35, + "watchers": 70, + "score": 0 + }, + { + "id": 117080574, + "name": "CVE-2018-0802", + "full_name": "rxwx\/CVE-2018-0802", + "owner": { + "login": "rxwx", + "id": 2202542, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/2202542?v=4", + "html_url": "https:\/\/github.com\/rxwx" + }, + "html_url": "https:\/\/github.com\/rxwx\/CVE-2018-0802", + "description": "PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882)", + "fork": false, + "created_at": "2018-01-11T09:43:46Z", + "updated_at": "2020-11-24T18:47:48Z", + "pushed_at": "2018-02-28T12:32:54Z", + "stargazers_count": 264, + "watchers_count": 264, + "forks_count": 134, + "forks": 134, + "watchers": 264, + "score": 0 + }, + { + "id": 117234193, + "name": "RTF_11882_0802", + "full_name": "Ridter\/RTF_11882_0802", + "owner": { + "login": "Ridter", + "id": 6007471, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/6007471?v=4", + "html_url": "https:\/\/github.com\/Ridter" + }, + "html_url": "https:\/\/github.com\/Ridter\/RTF_11882_0802", + "description": "PoC for CVE-2018-0802 And CVE-2017-11882", + "fork": false, + "created_at": "2018-01-12T11:38:33Z", + "updated_at": "2020-12-16T09:38:06Z", + "pushed_at": "2018-01-12T11:42:29Z", + "stargazers_count": 155, + "watchers_count": 155, + "forks_count": 64, + "forks": 64, + "watchers": 155, + "score": 0 + }, + { + "id": 117637270, + "name": "CVE-2018-0802_CVE-2017-11882", + "full_name": "likescam\/CVE-2018-0802_CVE-2017-11882", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2018-0802_CVE-2017-11882", + "description": null, + "fork": false, + "created_at": "2018-01-16T05:49:01Z", + "updated_at": "2020-11-26T04:09:34Z", + "pushed_at": "2018-01-16T05:49:10Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 4, + "forks": 4, + "watchers": 10, + "score": 0 + }, { "id": 313441734, "name": "rtfkit", diff --git a/2018/CVE-2018-0824.json b/2018/CVE-2018-0824.json new file mode 100644 index 0000000000..c301a79f77 --- /dev/null +++ b/2018/CVE-2018-0824.json @@ -0,0 +1,25 @@ +[ + { + "id": 137465316, + "name": "UnmarshalPwn", + "full_name": "codewhitesec\/UnmarshalPwn", + "owner": { + "login": "codewhitesec", + "id": 8680262, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/8680262?v=4", + "html_url": "https:\/\/github.com\/codewhitesec" + }, + "html_url": "https:\/\/github.com\/codewhitesec\/UnmarshalPwn", + "description": "POC for CVE-2018-0824", + "fork": false, + "created_at": "2018-06-15T08:59:37Z", + "updated_at": "2020-12-11T07:20:35Z", + "pushed_at": "2018-06-25T07:13:36Z", + "stargazers_count": 73, + "watchers_count": 73, + "forks_count": 34, + "forks": 34, + "watchers": 73, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-0952.json b/2018/CVE-2018-0952.json new file mode 100644 index 0000000000..8d33c07c37 --- /dev/null +++ b/2018/CVE-2018-0952.json @@ -0,0 +1,25 @@ +[ + { + "id": 145615979, + "name": "CVE-2018-0952-SystemCollector", + "full_name": "atredispartners\/CVE-2018-0952-SystemCollector", + "owner": { + "login": "atredispartners", + "id": 7254370, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/7254370?v=4", + "html_url": "https:\/\/github.com\/atredispartners" + }, + "html_url": "https:\/\/github.com\/atredispartners\/CVE-2018-0952-SystemCollector", + "description": "PoC for Privilege Escalation in Windows 10 Diagnostics Hub Standard Collector Service", + "fork": false, + "created_at": "2018-08-21T20:29:10Z", + "updated_at": "2020-05-06T20:06:14Z", + "pushed_at": "2018-08-21T20:30:24Z", + "stargazers_count": 105, + "watchers_count": 105, + "forks_count": 36, + "forks": 36, + "watchers": 105, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1000001.json b/2018/CVE-2018-1000001.json new file mode 100644 index 0000000000..f81f5765a9 --- /dev/null +++ b/2018/CVE-2018-1000001.json @@ -0,0 +1,25 @@ +[ + { + "id": 120648393, + "name": "CVE-2018-1000001", + "full_name": "0x00-0x00\/CVE-2018-1000001", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2018-1000001", + "description": "glibc getcwd() local privilege escalation compiled binaries", + "fork": false, + "created_at": "2018-02-07T17:34:24Z", + "updated_at": "2020-12-02T07:21:01Z", + "pushed_at": "2018-02-09T22:35:06Z", + "stargazers_count": 31, + "watchers_count": 31, + "forks_count": 6, + "forks": 6, + "watchers": 31, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1000006.json b/2018/CVE-2018-1000006.json new file mode 100644 index 0000000000..f35922545a --- /dev/null +++ b/2018/CVE-2018-1000006.json @@ -0,0 +1,25 @@ +[ + { + "id": 118851943, + "name": "CVE-2018-1000006-DEMO", + "full_name": "CHYbeta\/CVE-2018-1000006-DEMO", + "owner": { + "login": "CHYbeta", + "id": 18642224, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/18642224?v=4", + "html_url": "https:\/\/github.com\/CHYbeta" + }, + "html_url": "https:\/\/github.com\/CHYbeta\/CVE-2018-1000006-DEMO", + "description": "The Demo for CVE-2018-1000006", + "fork": false, + "created_at": "2018-01-25T02:38:44Z", + "updated_at": "2020-07-13T15:22:09Z", + "pushed_at": "2018-01-25T03:29:30Z", + "stargazers_count": 40, + "watchers_count": 40, + "forks_count": 8, + "forks": 8, + "watchers": 40, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1000117.json b/2018/CVE-2018-1000117.json new file mode 100644 index 0000000000..d8c9279153 --- /dev/null +++ b/2018/CVE-2018-1000117.json @@ -0,0 +1,25 @@ +[ + { + "id": 136231159, + "name": "CVE-2018-1000117-Exploit", + "full_name": "u0pattern\/CVE-2018-1000117-Exploit", + "owner": { + "login": "u0pattern", + "id": 21009276, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/21009276?v=4", + "html_url": "https:\/\/github.com\/u0pattern" + }, + "html_url": "https:\/\/github.com\/u0pattern\/CVE-2018-1000117-Exploit", + "description": "Buffer Overflow Vulnerability that can result ACE", + "fork": false, + "created_at": "2018-06-05T20:28:29Z", + "updated_at": "2020-06-30T04:18:59Z", + "pushed_at": "2018-06-05T20:45:13Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1000134.json b/2018/CVE-2018-1000134.json new file mode 100644 index 0000000000..cce60b989c --- /dev/null +++ b/2018/CVE-2018-1000134.json @@ -0,0 +1,25 @@ +[ + { + "id": 156499957, + "name": "cve-2018-1000134", + "full_name": "dragotime\/cve-2018-1000134", + "owner": { + "login": "dragotime", + "id": 43851975, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/43851975?v=4", + "html_url": "https:\/\/github.com\/dragotime" + }, + "html_url": "https:\/\/github.com\/dragotime\/cve-2018-1000134", + "description": null, + "fork": false, + "created_at": "2018-11-07T06:22:47Z", + "updated_at": "2018-11-07T06:22:47Z", + "pushed_at": "2018-11-07T06:22:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1000199.json b/2018/CVE-2018-1000199.json new file mode 100644 index 0000000000..19b719ada0 --- /dev/null +++ b/2018/CVE-2018-1000199.json @@ -0,0 +1,25 @@ +[ + { + "id": 131973710, + "name": "CVE-2018-1000199", + "full_name": "dsfau\/CVE-2018-1000199", + "owner": { + "login": "dsfau", + "id": 26786936, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26786936?v=4", + "html_url": "https:\/\/github.com\/dsfau" + }, + "html_url": "https:\/\/github.com\/dsfau\/CVE-2018-1000199", + "description": null, + "fork": false, + "created_at": "2018-05-03T09:37:56Z", + "updated_at": "2018-05-03T09:41:20Z", + "pushed_at": "2018-05-03T09:41:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1000529.json b/2018/CVE-2018-1000529.json new file mode 100644 index 0000000000..cbd334cf44 --- /dev/null +++ b/2018/CVE-2018-1000529.json @@ -0,0 +1,25 @@ +[ + { + "id": 134336529, + "name": "CVE-2018-1000529", + "full_name": "martinfrancois\/CVE-2018-1000529", + "owner": { + "login": "martinfrancois", + "id": 14319020, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/14319020?v=4", + "html_url": "https:\/\/github.com\/martinfrancois" + }, + "html_url": "https:\/\/github.com\/martinfrancois\/CVE-2018-1000529", + "description": null, + "fork": false, + "created_at": "2018-05-21T23:43:18Z", + "updated_at": "2018-06-28T20:43:19Z", + "pushed_at": "2018-06-28T20:43:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1000802.json b/2018/CVE-2018-1000802.json new file mode 100644 index 0000000000..d37af0ea95 --- /dev/null +++ b/2018/CVE-2018-1000802.json @@ -0,0 +1,25 @@ +[ + { + "id": 148814288, + "name": "CVE-2018-1000802-PoC", + "full_name": "tna0y\/CVE-2018-1000802-PoC", + "owner": { + "login": "tna0y", + "id": 22504374, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22504374?v=4", + "html_url": "https:\/\/github.com\/tna0y" + }, + "html_url": "https:\/\/github.com\/tna0y\/CVE-2018-1000802-PoC", + "description": "Python CVE-2018-1000802 Proof-of-Concept", + "fork": false, + "created_at": "2018-09-14T16:22:12Z", + "updated_at": "2020-05-29T07:36:51Z", + "pushed_at": "2018-09-14T16:38:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 0, + "forks": 0, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1010.json b/2018/CVE-2018-1010.json new file mode 100644 index 0000000000..c5b0998f1c --- /dev/null +++ b/2018/CVE-2018-1010.json @@ -0,0 +1,25 @@ +[ + { + "id": 130343381, + "name": "Detecting-the-patch-of-CVE-2018-1010", + "full_name": "ymgh96\/Detecting-the-patch-of-CVE-2018-1010", + "owner": { + "login": "ymgh96", + "id": 29282323, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/29282323?v=4", + "html_url": "https:\/\/github.com\/ymgh96" + }, + "html_url": "https:\/\/github.com\/ymgh96\/Detecting-the-patch-of-CVE-2018-1010", + "description": null, + "fork": false, + "created_at": "2018-04-20T09:50:40Z", + "updated_at": "2018-04-20T11:01:36Z", + "pushed_at": "2018-04-20T11:01:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1026.json b/2018/CVE-2018-1026.json new file mode 100644 index 0000000000..18d425e074 --- /dev/null +++ b/2018/CVE-2018-1026.json @@ -0,0 +1,25 @@ +[ + { + "id": 131403764, + "name": "Detecting-the-CVE-2018-1026-and-its-patch", + "full_name": "ymgh96\/Detecting-the-CVE-2018-1026-and-its-patch", + "owner": { + "login": "ymgh96", + "id": 29282323, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/29282323?v=4", + "html_url": "https:\/\/github.com\/ymgh96" + }, + "html_url": "https:\/\/github.com\/ymgh96\/Detecting-the-CVE-2018-1026-and-its-patch", + "description": null, + "fork": false, + "created_at": "2018-04-28T11:28:11Z", + "updated_at": "2018-04-28T11:32:03Z", + "pushed_at": "2018-04-28T11:32:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10299.json b/2018/CVE-2018-10299.json new file mode 100644 index 0000000000..e4c4d49e11 --- /dev/null +++ b/2018/CVE-2018-10299.json @@ -0,0 +1,25 @@ +[ + { + "id": 133036448, + "name": "batchOverflow", + "full_name": "phzietsman\/batchOverflow", + "owner": { + "login": "phzietsman", + "id": 11902058, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/11902058?v=4", + "html_url": "https:\/\/github.com\/phzietsman" + }, + "html_url": "https:\/\/github.com\/phzietsman\/batchOverflow", + "description": "A fix for the batchOverflow bug https:\/\/medium.com\/@peckshield\/alert-new-batchoverflow-bug-in-multiple-erc20-smart-contracts-cve-2018-10299-511067db6536", + "fork": false, + "created_at": "2018-05-11T12:23:08Z", + "updated_at": "2018-07-03T19:26:14Z", + "pushed_at": "2018-07-03T19:26:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10467.json b/2018/CVE-2018-10467.json new file mode 100644 index 0000000000..8c1cf2f319 --- /dev/null +++ b/2018/CVE-2018-10467.json @@ -0,0 +1,25 @@ +[ + { + "id": 131241395, + "name": "CVE-2018-10467", + "full_name": "alt3kx\/CVE-2018-10467", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2018-10467", + "description": "CVE-2018-10467", + "fork": false, + "created_at": "2018-04-27T03:35:47Z", + "updated_at": "2018-05-04T02:07:18Z", + "pushed_at": "2018-05-04T02:01:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10517.json b/2018/CVE-2018-10517.json new file mode 100644 index 0000000000..a0d6a22581 --- /dev/null +++ b/2018/CVE-2018-10517.json @@ -0,0 +1,25 @@ +[ + { + "id": 156886365, + "name": "CVE-2018-10517", + "full_name": "0x00-0x00\/CVE-2018-10517", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2018-10517", + "description": "CMS Made Simple 2.2.7 RCE exploit", + "fork": false, + "created_at": "2018-11-09T16:09:39Z", + "updated_at": "2020-06-07T11:21:05Z", + "pushed_at": "2018-11-09T16:09:46Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 4, + "forks": 4, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10546.json b/2018/CVE-2018-10546.json new file mode 100644 index 0000000000..8cc139a528 --- /dev/null +++ b/2018/CVE-2018-10546.json @@ -0,0 +1,25 @@ +[ + { + "id": 131973382, + "name": "CVE-2018-10546", + "full_name": "dsfau\/CVE-2018-10546", + "owner": { + "login": "dsfau", + "id": 26786936, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26786936?v=4", + "html_url": "https:\/\/github.com\/dsfau" + }, + "html_url": "https:\/\/github.com\/dsfau\/CVE-2018-10546", + "description": null, + "fork": false, + "created_at": "2018-05-03T09:35:27Z", + "updated_at": "2018-05-03T09:36:53Z", + "pushed_at": "2018-05-03T09:36:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1056.json b/2018/CVE-2018-1056.json new file mode 100644 index 0000000000..29b60c60b0 --- /dev/null +++ b/2018/CVE-2018-1056.json @@ -0,0 +1,25 @@ +[ + { + "id": 132433462, + "name": "Gpon-Routers", + "full_name": "rotemkama\/Gpon-Routers", + "owner": { + "login": "rotemkama", + "id": 7814256, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7814256?v=4", + "html_url": "https:\/\/github.com\/rotemkama" + }, + "html_url": "https:\/\/github.com\/rotemkama\/Gpon-Routers", + "description": "Authentication Bypass \/ Command Injection Exploit CVE-2018-1056", + "fork": false, + "created_at": "2018-05-07T08:52:45Z", + "updated_at": "2020-05-28T11:06:32Z", + "pushed_at": "2018-05-04T06:52:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10561.json b/2018/CVE-2018-10561.json new file mode 100644 index 0000000000..02e1ac0c41 --- /dev/null +++ b/2018/CVE-2018-10561.json @@ -0,0 +1,25 @@ +[ + { + "id": 142351408, + "name": "GPON-home-routers-Exploit", + "full_name": "vhackor\/GPON-home-routers-Exploit", + "owner": { + "login": "vhackor", + "id": 33405796, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/33405796?v=4", + "html_url": "https:\/\/github.com\/vhackor" + }, + "html_url": "https:\/\/github.com\/vhackor\/GPON-home-routers-Exploit", + "description": "RCE on GPON home routers (CVE-2018-10561)", + "fork": false, + "created_at": "2018-07-25T20:37:13Z", + "updated_at": "2020-10-16T07:25:48Z", + "pushed_at": "2018-07-25T23:44:39Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 4, + "forks": 4, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10562.json b/2018/CVE-2018-10562.json new file mode 100644 index 0000000000..edb49c79d3 --- /dev/null +++ b/2018/CVE-2018-10562.json @@ -0,0 +1,117 @@ +[ + { + "id": 132445475, + "name": "GPON", + "full_name": "f3d0x0\/GPON", + "owner": { + "login": "f3d0x0", + "id": 6794063, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/6794063?v=4", + "html_url": "https:\/\/github.com\/f3d0x0" + }, + "html_url": "https:\/\/github.com\/f3d0x0\/GPON", + "description": "Exploit for Remote Code Execution on GPON home routers (CVE-2018-10562) written in Python. Initially disclosed by VPNMentor (https:\/\/www.vpnmentor.com\/blog\/critical-vulnerability-gpon-router\/), kudos for their work.", + "fork": false, + "created_at": "2018-05-07T10:34:10Z", + "updated_at": "2020-12-07T17:57:50Z", + "pushed_at": "2018-05-10T15:08:43Z", + "stargazers_count": 206, + "watchers_count": 206, + "forks_count": 68, + "forks": 68, + "watchers": 206, + "score": 0 + }, + { + "id": 133550928, + "name": "Pingpon-Exploit", + "full_name": "649\/Pingpon-Exploit", + "owner": { + "login": "649", + "id": 23534047, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/23534047?v=4", + "html_url": "https:\/\/github.com\/649" + }, + "html_url": "https:\/\/github.com\/649\/Pingpon-Exploit", + "description": "Exploit for Mass Remote Code Execution on GPON home routers (CVE-2018-10562) obtained from Shodan.", + "fork": false, + "created_at": "2018-05-15T17:31:21Z", + "updated_at": "2020-01-05T18:02:50Z", + "pushed_at": "2018-05-26T06:44:44Z", + "stargazers_count": 17, + "watchers_count": 17, + "forks_count": 9, + "forks": 9, + "watchers": 17, + "score": 0 + }, + { + "id": 133872939, + "name": "GPON-LOADER", + "full_name": "Choudai\/GPON-LOADER", + "owner": { + "login": "Choudai", + "id": 28324694, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/28324694?v=4", + "html_url": "https:\/\/github.com\/Choudai" + }, + "html_url": "https:\/\/github.com\/Choudai\/GPON-LOADER", + "description": "Exploit loader for Remote Code Execution w\/ Payload on GPON Home Gateway devices (CVE-2018-10562) written in Python.", + "fork": false, + "created_at": "2018-05-17T22:03:47Z", + "updated_at": "2020-06-27T20:05:00Z", + "pushed_at": "2018-05-17T22:15:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 134941877, + "name": "GPON_RCE", + "full_name": "c0ld1\/GPON_RCE", + "owner": { + "login": "c0ld1", + "id": 39249476, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/39249476?v=4", + "html_url": "https:\/\/github.com\/c0ld1" + }, + "html_url": "https:\/\/github.com\/c0ld1\/GPON_RCE", + "description": "Exploit for Remote Code Execution on GPON home routers (CVE-2018-10562) written in Python.", + "fork": false, + "created_at": "2018-05-26T08:05:22Z", + "updated_at": "2019-07-30T02:41:47Z", + "pushed_at": "2018-05-26T08:07:37Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 0, + "forks": 0, + "watchers": 4, + "score": 0 + }, + { + "id": 136307543, + "name": "CVE-2018-10562", + "full_name": "ATpiu\/CVE-2018-10562", + "owner": { + "login": "ATpiu", + "id": 26686336, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26686336?v=4", + "html_url": "https:\/\/github.com\/ATpiu" + }, + "html_url": "https:\/\/github.com\/ATpiu\/CVE-2018-10562", + "description": "Exploit for CVE-2018-10562", + "fork": false, + "created_at": "2018-06-06T09:43:40Z", + "updated_at": "2018-11-16T22:46:24Z", + "pushed_at": "2018-06-07T02:55:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 5, + "forks": 5, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10583.json b/2018/CVE-2018-10583.json new file mode 100644 index 0000000000..93b83a7e5a --- /dev/null +++ b/2018/CVE-2018-10583.json @@ -0,0 +1,25 @@ +[ + { + "id": 131920571, + "name": "CVE-2018-10583", + "full_name": "TaharAmine\/CVE-2018-10583", + "owner": { + "login": "TaharAmine", + "id": 35707349, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/35707349?v=4", + "html_url": "https:\/\/github.com\/TaharAmine" + }, + "html_url": "https:\/\/github.com\/TaharAmine\/CVE-2018-10583", + "description": "An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by \"xlink:href=file:\/\/192.168.0.2\/test.jpg\" within an \"office:document-content\" element in a \".odt XML document\".", + "fork": false, + "created_at": "2018-05-03T00:34:08Z", + "updated_at": "2020-10-05T18:07:13Z", + "pushed_at": "2018-05-03T00:38:56Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 3, + "forks": 3, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10715.json b/2018/CVE-2018-10715.json new file mode 100644 index 0000000000..7a87343e67 --- /dev/null +++ b/2018/CVE-2018-10715.json @@ -0,0 +1,25 @@ +[ + { + "id": 132069525, + "name": "CVE-2018-10715", + "full_name": "alt3kx\/CVE-2018-10715", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2018-10715", + "description": "CVE-2018-10715", + "fork": false, + "created_at": "2018-05-04T01:33:22Z", + "updated_at": "2018-05-04T02:17:30Z", + "pushed_at": "2018-05-04T02:17:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10732.json b/2018/CVE-2018-10732.json new file mode 100644 index 0000000000..e76164b292 --- /dev/null +++ b/2018/CVE-2018-10732.json @@ -0,0 +1,25 @@ +[ + { + "id": 132435515, + "name": "CVE-2018-10732", + "full_name": "alt3kx\/CVE-2018-10732", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2018-10732", + "description": "Dataiku REST-API by default the software, allows anonymous access to functionality that allows an attacker to know valid users.", + "fork": false, + "created_at": "2018-05-07T09:07:58Z", + "updated_at": "2018-06-05T11:51:00Z", + "pushed_at": "2018-06-02T09:15:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10821.json b/2018/CVE-2018-10821.json new file mode 100644 index 0000000000..9c6dd76174 --- /dev/null +++ b/2018/CVE-2018-10821.json @@ -0,0 +1,25 @@ +[ + { + "id": 137230310, + "name": "Cross-Site-Scripting-Reflected-XSS-Vulnerability-in-blackcatcms_v1.3", + "full_name": "BalvinderSingh23\/Cross-Site-Scripting-Reflected-XSS-Vulnerability-in-blackcatcms_v1.3", + "owner": { + "login": "BalvinderSingh23", + "id": 38315927, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/38315927?v=4", + "html_url": "https:\/\/github.com\/BalvinderSingh23" + }, + "html_url": "https:\/\/github.com\/BalvinderSingh23\/Cross-Site-Scripting-Reflected-XSS-Vulnerability-in-blackcatcms_v1.3", + "description": "BlackCat-CMS-Bundle-v1.3 Cross Site Scripting(XSS) Assigned CVE Number: CVE-2018-10821", + "fork": false, + "created_at": "2018-06-13T14:52:34Z", + "updated_at": "2018-06-13T15:06:31Z", + "pushed_at": "2018-06-13T15:06:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10933.json b/2018/CVE-2018-10933.json index 5463a7ac57..92e11a1e87 100644 --- a/2018/CVE-2018-10933.json +++ b/2018/CVE-2018-10933.json @@ -1,4 +1,27 @@ [ + { + "id": 153427159, + "name": "CVE-2018-10933", + "full_name": "SoledaD208\/CVE-2018-10933", + "owner": { + "login": "SoledaD208", + "id": 8731578, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8731578?v=4", + "html_url": "https:\/\/github.com\/SoledaD208" + }, + "html_url": "https:\/\/github.com\/SoledaD208\/CVE-2018-10933", + "description": "CVE-2018-10933 very simple POC", + "fork": false, + "created_at": "2018-10-17T09:01:44Z", + "updated_at": "2020-12-18T03:51:25Z", + "pushed_at": "2018-10-23T13:51:06Z", + "stargazers_count": 131, + "watchers_count": 131, + "forks_count": 40, + "forks": 40, + "watchers": 131, + "score": 0 + }, { "id": 153468806, "name": "CVE-2018-10933", @@ -22,6 +45,328 @@ "watchers": 469, "score": 0 }, + { + "id": 153477523, + "name": "CVE-2018-10933", + "full_name": "hook-s3c\/CVE-2018-10933", + "owner": { + "login": "hook-s3c", + "id": 31825993, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/31825993?v=4", + "html_url": "https:\/\/github.com\/hook-s3c" + }, + "html_url": "https:\/\/github.com\/hook-s3c\/CVE-2018-10933", + "description": "CVE-2018-10933 sshlib user authentication attack - docker lab, test and exploit", + "fork": false, + "created_at": "2018-10-17T15:09:41Z", + "updated_at": "2018-10-17T15:09:44Z", + "pushed_at": "2018-10-17T15:09:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 153506738, + "name": "CVE-2018-10933", + "full_name": "kn6869610\/CVE-2018-10933", + "owner": { + "login": "kn6869610", + "id": 6917744, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/6917744?v=4", + "html_url": "https:\/\/github.com\/kn6869610" + }, + "html_url": "https:\/\/github.com\/kn6869610\/CVE-2018-10933", + "description": "Leveraging it is a simple matter of presenting the server with the SSH2_MSG_USERAUTH_SUCCESS message, which shows that the login already occurred without a problem. The server expects the message SSH2_MSG_USERAUTH_REQUEST to start the authentication procedure, but by skipping it an attacker can log in without showing any credentials.", + "fork": false, + "created_at": "2018-10-17T18:44:05Z", + "updated_at": "2018-10-22T03:02:27Z", + "pushed_at": "2018-10-17T18:45:30Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 3, + "forks": 3, + "watchers": 13, + "score": 0 + }, + { + "id": 153534574, + "name": "libssh-scanner", + "full_name": "leapsecurity\/libssh-scanner", + "owner": { + "login": "leapsecurity", + "id": 40601062, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/40601062?v=4", + "html_url": "https:\/\/github.com\/leapsecurity" + }, + "html_url": "https:\/\/github.com\/leapsecurity\/libssh-scanner", + "description": "Script to identify hosts vulnerable to CVE-2018-10933", + "fork": false, + "created_at": "2018-10-17T23:05:10Z", + "updated_at": "2020-10-30T13:49:34Z", + "pushed_at": "2018-11-04T17:29:33Z", + "stargazers_count": 231, + "watchers_count": 231, + "forks_count": 54, + "forks": 54, + "watchers": 231, + "score": 0 + }, + { + "id": 153562229, + "name": "CVE-2018-10933_ssh", + "full_name": "likescam\/CVE-2018-10933_ssh", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2018-10933_ssh", + "description": null, + "fork": false, + "created_at": "2018-10-18T04:10:25Z", + "updated_at": "2018-10-18T04:10:39Z", + "pushed_at": "2018-10-18T04:10:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 153562319, + "name": "bpnd-libssh", + "full_name": "trbpnd\/bpnd-libssh", + "owner": { + "login": "trbpnd", + "id": 39193403, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/39193403?v=4", + "html_url": "https:\/\/github.com\/trbpnd" + }, + "html_url": "https:\/\/github.com\/trbpnd\/bpnd-libssh", + "description": "Multi-threaded, reliable scanner for CVE-2018-10933.", + "fork": false, + "created_at": "2018-10-18T04:11:33Z", + "updated_at": "2018-10-23T03:13:35Z", + "pushed_at": "2018-10-22T16:44:13Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 2, + "forks": 2, + "watchers": 5, + "score": 0 + }, + { + "id": 153598283, + "name": "CVE-2018-10933-libSSH-Authentication-Bypass", + "full_name": "likescam\/CVE-2018-10933-libSSH-Authentication-Bypass", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2018-10933-libSSH-Authentication-Bypass", + "description": null, + "fork": false, + "created_at": "2018-10-18T09:27:08Z", + "updated_at": "2018-10-18T16:47:53Z", + "pushed_at": "2018-10-18T09:27:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 153643745, + "name": "hunt-for-cve-2018-10933", + "full_name": "marco-lancini\/hunt-for-cve-2018-10933", + "owner": { + "login": "marco-lancini", + "id": 1472968, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/1472968?v=4", + "html_url": "https:\/\/github.com\/marco-lancini" + }, + "html_url": "https:\/\/github.com\/marco-lancini\/hunt-for-cve-2018-10933", + "description": "Hunt for and Exploit the libSSH Authentication Bypass (CVE-2018-10933)", + "fork": false, + "created_at": "2018-10-18T15:08:25Z", + "updated_at": "2020-10-25T16:36:25Z", + "pushed_at": "2018-10-18T15:11:35Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 4, + "forks": 4, + "watchers": 10, + "score": 0 + }, + { + "id": 153675108, + "name": "cve-2018-10933", + "full_name": "hackerhouse-opensource\/cve-2018-10933", + "owner": { + "login": "hackerhouse-opensource", + "id": 43967630, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/43967630?v=4", + "html_url": "https:\/\/github.com\/hackerhouse-opensource" + }, + "html_url": "https:\/\/github.com\/hackerhouse-opensource\/cve-2018-10933", + "description": "cve-2018-10933 libssh authentication bypass", + "fork": false, + "created_at": "2018-10-18T19:13:45Z", + "updated_at": "2020-10-12T07:31:53Z", + "pushed_at": "2018-10-21T21:24:29Z", + "stargazers_count": 95, + "watchers_count": 95, + "forks_count": 30, + "forks": 30, + "watchers": 95, + "score": 0 + }, + { + "id": 153681539, + "name": "cve-2018-10933", + "full_name": "cve-2018\/cve-2018-10933", + "owner": { + "login": "cve-2018", + "id": 44275695, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/44275695?v=4", + "html_url": "https:\/\/github.com\/cve-2018" + }, + "html_url": "https:\/\/github.com\/cve-2018\/cve-2018-10933", + "description": null, + "fork": false, + "created_at": "2018-10-18T20:11:22Z", + "updated_at": "2018-10-23T03:22:26Z", + "pushed_at": "2018-10-23T03:22:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 153855090, + "name": "CVE-2018-10933", + "full_name": "jas502n\/CVE-2018-10933", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-10933", + "description": "libssh CVE-2018-10933", + "fork": false, + "created_at": "2018-10-20T00:24:04Z", + "updated_at": "2019-07-31T09:33:04Z", + "pushed_at": "2018-10-20T00:29:04Z", + "stargazers_count": 19, + "watchers_count": 19, + "forks_count": 5, + "forks": 5, + "watchers": 19, + "score": 0 + }, + { + "id": 153856713, + "name": "cve-2018-10933_poc", + "full_name": "ninp0\/cve-2018-10933_poc", + "owner": { + "login": "ninp0", + "id": 1008583, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/1008583?v=4", + "html_url": "https:\/\/github.com\/ninp0" + }, + "html_url": "https:\/\/github.com\/ninp0\/cve-2018-10933_poc", + "description": "Variant of hackerhouse-opensource\/cve-2018-10933", + "fork": false, + "created_at": "2018-10-20T00:53:24Z", + "updated_at": "2018-10-22T15:05:53Z", + "pushed_at": "2018-10-20T01:53:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 153878160, + "name": "CVE-2018-10933_Scanner", + "full_name": "pghook\/CVE-2018-10933_Scanner", + "owner": { + "login": "pghook", + "id": 14160529, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/14160529?v=4", + "html_url": "https:\/\/github.com\/pghook" + }, + "html_url": "https:\/\/github.com\/pghook\/CVE-2018-10933_Scanner", + "description": null, + "fork": false, + "created_at": "2018-10-20T06:53:59Z", + "updated_at": "2020-05-15T17:20:56Z", + "pushed_at": "2018-10-20T04:54:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 153920395, + "name": "POC-CVE-2018-10933", + "full_name": "Virgula0\/POC-CVE-2018-10933", + "owner": { + "login": "Virgula0", + "id": 16546435, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16546435?v=4", + "html_url": "https:\/\/github.com\/Virgula0" + }, + "html_url": "https:\/\/github.com\/Virgula0\/POC-CVE-2018-10933", + "description": "LibSSH Authentication Bypass Exploit using RCE", + "fork": false, + "created_at": "2018-10-20T15:34:26Z", + "updated_at": "2020-03-29T05:04:55Z", + "pushed_at": "2018-10-25T18:23:52Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 7, + "forks": 7, + "watchers": 12, + "score": 0 + }, + { + "id": 153975086, + "name": "pythonprojects-CVE-2018-10933", + "full_name": "shifa123\/pythonprojects-CVE-2018-10933", + "owner": { + "login": "shifa123", + "id": 18241082, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/18241082?v=4", + "html_url": "https:\/\/github.com\/shifa123" + }, + "html_url": "https:\/\/github.com\/shifa123\/pythonprojects-CVE-2018-10933", + "description": "CVE-2018-10933", + "fork": false, + "created_at": "2018-10-21T05:01:12Z", + "updated_at": "2018-10-22T07:03:21Z", + "pushed_at": "2018-10-21T05:13:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 3, + "forks": 3, + "watchers": 1, + "score": 0 + }, { "id": 154050332, "name": "CVE-2018-10933", @@ -45,6 +390,98 @@ "watchers": 4, "score": 0 }, + { + "id": 154390432, + "name": "CVE-2018-10933", + "full_name": "Bifrozt\/CVE-2018-10933", + "owner": { + "login": "Bifrozt", + "id": 8437560, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8437560?v=4", + "html_url": "https:\/\/github.com\/Bifrozt" + }, + "html_url": "https:\/\/github.com\/Bifrozt\/CVE-2018-10933", + "description": "CVE-2018-10933", + "fork": false, + "created_at": "2018-10-23T20:11:35Z", + "updated_at": "2018-10-23T20:14:53Z", + "pushed_at": "2018-10-23T20:14:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 154398082, + "name": "CVE-2018-10933", + "full_name": "r3dxpl0it\/CVE-2018-10933", + "owner": { + "login": "r3dxpl0it", + "id": 43002597, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/43002597?v=4", + "html_url": "https:\/\/github.com\/r3dxpl0it" + }, + "html_url": "https:\/\/github.com\/r3dxpl0it\/CVE-2018-10933", + "description": "CVE-2018-10933 POC (LIBSSH)", + "fork": false, + "created_at": "2018-10-23T21:17:52Z", + "updated_at": "2020-04-06T19:25:11Z", + "pushed_at": "2018-10-24T07:58:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 3, + "forks": 3, + "watchers": 3, + "score": 0 + }, + { + "id": 154500673, + "name": "libssh-scanner", + "full_name": "ivanacostarubio\/libssh-scanner", + "owner": { + "login": "ivanacostarubio", + "id": 16559, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16559?v=4", + "html_url": "https:\/\/github.com\/ivanacostarubio" + }, + "html_url": "https:\/\/github.com\/ivanacostarubio\/libssh-scanner", + "description": "A libssh CVE-2018-10933 scanner written in rust", + "fork": false, + "created_at": "2018-10-24T12:52:09Z", + "updated_at": "2019-02-24T23:51:07Z", + "pushed_at": "2018-10-24T12:52:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 154520949, + "name": "precompiled-CVE-2018-10933", + "full_name": "throwawayaccount12312312\/precompiled-CVE-2018-10933", + "owner": { + "login": "throwawayaccount12312312", + "id": 44440605, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/44440605?v=4", + "html_url": "https:\/\/github.com\/throwawayaccount12312312" + }, + "html_url": "https:\/\/github.com\/throwawayaccount12312312\/precompiled-CVE-2018-10933", + "description": null, + "fork": false, + "created_at": "2018-10-24T15:02:51Z", + "updated_at": "2018-10-24T15:04:19Z", + "pushed_at": "2018-10-24T15:04:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 154621353, "name": "CVE-2018-10933", @@ -68,6 +505,29 @@ "watchers": 0, "score": 0 }, + { + "id": 157908147, + "name": "libSSH-bypass", + "full_name": "Ad1bDaw\/libSSH-bypass", + "owner": { + "login": "Ad1bDaw", + "id": 35436703, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/35436703?v=4", + "html_url": "https:\/\/github.com\/Ad1bDaw" + }, + "html_url": "https:\/\/github.com\/Ad1bDaw\/libSSH-bypass", + "description": "Implementation of CVE-2018-10933 with CIDR block scanner ", + "fork": false, + "created_at": "2018-11-16T18:46:28Z", + "updated_at": "2018-11-16T19:00:29Z", + "pushed_at": "2018-11-16T19:00:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 158524069, "name": "CVE-2018-10933-POC", diff --git a/2018/CVE-2018-10949.json b/2018/CVE-2018-10949.json new file mode 100644 index 0000000000..408d50fb53 --- /dev/null +++ b/2018/CVE-2018-10949.json @@ -0,0 +1,25 @@ +[ + { + "id": 147528239, + "name": "CVE-2018-10949", + "full_name": "0x00-0x00\/CVE-2018-10949", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2018-10949", + "description": "Zimbra Collaboration Suite Username Enumeration ", + "fork": false, + "created_at": "2018-09-05T14:09:13Z", + "updated_at": "2020-10-20T18:45:33Z", + "pushed_at": "2018-09-05T14:10:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 3, + "forks": 3, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1111.json b/2018/CVE-2018-1111.json index c3bf2d7901..a2c9723183 100644 --- a/2018/CVE-2018-1111.json +++ b/2018/CVE-2018-1111.json @@ -1,4 +1,50 @@ [ + { + "id": 133791805, + "name": "CVE-2018-1111", + "full_name": "knqyf263\/CVE-2018-1111", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-1111", + "description": "Environment for DynoRoot (CVE-2018-1111)", + "fork": false, + "created_at": "2018-05-17T09:37:19Z", + "updated_at": "2020-11-27T01:55:02Z", + "pushed_at": "2018-05-17T10:03:18Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 10, + "forks": 10, + "watchers": 13, + "score": 0 + }, + { + "id": 133957885, + "name": "CVE-2018-1111", + "full_name": "kkirsche\/CVE-2018-1111", + "owner": { + "login": "kkirsche", + "id": 947110, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/947110?v=4", + "html_url": "https:\/\/github.com\/kkirsche" + }, + "html_url": "https:\/\/github.com\/kkirsche\/CVE-2018-1111", + "description": "CVE-2018-1111 DynoRoot", + "fork": false, + "created_at": "2018-05-18T13:27:43Z", + "updated_at": "2020-08-10T00:31:56Z", + "pushed_at": "2018-05-21T13:10:48Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 7, + "forks": 7, + "watchers": 13, + "score": 0 + }, { "id": 313717464, "name": "FEP3370-advanced-ethical-hacking", diff --git a/2018/CVE-2018-11235.json b/2018/CVE-2018-11235.json index 9fd2d2453f..b7cd8245d5 100644 --- a/2018/CVE-2018-11235.json +++ b/2018/CVE-2018-11235.json @@ -22,6 +22,121 @@ "watchers": 45, "score": 0 }, + { + "id": 135556339, + "name": "CVE-2018-11235", + "full_name": "vmotos\/CVE-2018-11235", + "owner": { + "login": "vmotos", + "id": 22636953, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/22636953?v=4", + "html_url": "https:\/\/github.com\/vmotos" + }, + "html_url": "https:\/\/github.com\/vmotos\/CVE-2018-11235", + "description": "RCE vulnerability to exec \"git clone --recurse-submodule\" (CVE-2018-11235)", + "fork": false, + "created_at": "2018-05-31T08:38:17Z", + "updated_at": "2018-05-31T09:11:10Z", + "pushed_at": "2018-05-31T09:11:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 135587582, + "name": "cve-2018-11235", + "full_name": "Choihosu\/cve-2018-11235", + "owner": { + "login": "Choihosu", + "id": 18625744, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/18625744?v=4", + "html_url": "https:\/\/github.com\/Choihosu" + }, + "html_url": "https:\/\/github.com\/Choihosu\/cve-2018-11235", + "description": null, + "fork": false, + "created_at": "2018-05-31T13:29:06Z", + "updated_at": "2018-05-31T13:29:06Z", + "pushed_at": "2018-05-31T13:29:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 135652327, + "name": "CVE-2018-11235-DEMO", + "full_name": "CHYbeta\/CVE-2018-11235-DEMO", + "owner": { + "login": "CHYbeta", + "id": 18642224, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/18642224?v=4", + "html_url": "https:\/\/github.com\/CHYbeta" + }, + "html_url": "https:\/\/github.com\/CHYbeta\/CVE-2018-11235-DEMO", + "description": null, + "fork": false, + "created_at": "2018-06-01T01:26:19Z", + "updated_at": "2020-07-05T15:28:14Z", + "pushed_at": "2018-06-07T03:34:35Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 3, + "forks": 3, + "watchers": 13, + "score": 0 + }, + { + "id": 136300278, + "name": "CVE-2018-11235-poc", + "full_name": "Kiss-sh0t\/CVE-2018-11235-poc", + "owner": { + "login": "Kiss-sh0t", + "id": 16567682, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16567682?v=4", + "html_url": "https:\/\/github.com\/Kiss-sh0t" + }, + "html_url": "https:\/\/github.com\/Kiss-sh0t\/CVE-2018-11235-poc", + "description": "for git v2.7.4", + "fork": false, + "created_at": "2018-06-06T08:48:57Z", + "updated_at": "2018-06-06T08:56:02Z", + "pushed_at": "2018-06-06T08:54:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 136924699, + "name": "clone_and_pwn", + "full_name": "H0K5\/clone_and_pwn", + "owner": { + "login": "H0K5", + "id": 8493152, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/8493152?v=4", + "html_url": "https:\/\/github.com\/H0K5" + }, + "html_url": "https:\/\/github.com\/H0K5\/clone_and_pwn", + "description": "Exploits CVE-2018-11235", + "fork": false, + "created_at": "2018-06-11T12:41:34Z", + "updated_at": "2020-05-25T14:25:16Z", + "pushed_at": "2018-06-06T17:24:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, { "id": 143149359, "name": "CVE-2018-11235", diff --git a/2018/CVE-2018-11236.json b/2018/CVE-2018-11236.json index 91e425b650..194826fbac 100644 --- a/2018/CVE-2018-11236.json +++ b/2018/CVE-2018-11236.json @@ -1,4 +1,27 @@ [ + { + "id": 135661128, + "name": "CVE-2018-11236", + "full_name": "evilmiracle\/CVE-2018-11236", + "owner": { + "login": "evilmiracle", + "id": 17810331, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/17810331?v=4", + "html_url": "https:\/\/github.com\/evilmiracle" + }, + "html_url": "https:\/\/github.com\/evilmiracle\/CVE-2018-11236", + "description": "Proof of Concept", + "fork": false, + "created_at": "2018-06-01T03:05:42Z", + "updated_at": "2018-06-04T19:47:31Z", + "pushed_at": "2018-05-31T07:32:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 308481035, "name": "CVE-2018-11236", diff --git a/2018/CVE-2018-11311.json b/2018/CVE-2018-11311.json new file mode 100644 index 0000000000..98f95e88c8 --- /dev/null +++ b/2018/CVE-2018-11311.json @@ -0,0 +1,25 @@ +[ + { + "id": 134082464, + "name": "mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password", + "full_name": "EmreOvunc\/mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password", + "owner": { + "login": "EmreOvunc", + "id": 15659223, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15659223?v=4", + "html_url": "https:\/\/github.com\/EmreOvunc" + }, + "html_url": "https:\/\/github.com\/EmreOvunc\/mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password", + "description": "CVE-2018-11311 | mySCADA myPRO 7 Hardcoded FTP Username and Password Vulnerability", + "fork": false, + "created_at": "2018-05-19T17:14:49Z", + "updated_at": "2020-05-16T12:46:32Z", + "pushed_at": "2018-07-02T14:26:13Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 3, + "forks": 3, + "watchers": 9, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-11450.json b/2018/CVE-2018-11450.json new file mode 100644 index 0000000000..42c623693c --- /dev/null +++ b/2018/CVE-2018-11450.json @@ -0,0 +1,25 @@ +[ + { + "id": 138933947, + "name": "Siemens-Siemens-PLM-Software-TEAMCENTER-Reflected-Cross-Site-Scripting-XSS-vulnerability", + "full_name": "LucvanDonk\/Siemens-Siemens-PLM-Software-TEAMCENTER-Reflected-Cross-Site-Scripting-XSS-vulnerability", + "owner": { + "login": "LucvanDonk", + "id": 33685332, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/33685332?v=4", + "html_url": "https:\/\/github.com\/LucvanDonk" + }, + "html_url": "https:\/\/github.com\/LucvanDonk\/Siemens-Siemens-PLM-Software-TEAMCENTER-Reflected-Cross-Site-Scripting-XSS-vulnerability", + "description": "CVE-ID: CVE-2018-11450", + "fork": false, + "created_at": "2018-06-27T21:16:57Z", + "updated_at": "2019-02-10T04:58:12Z", + "pushed_at": "2018-06-27T21:16:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-11510.json b/2018/CVE-2018-11510.json new file mode 100644 index 0000000000..ed97ef064b --- /dev/null +++ b/2018/CVE-2018-11510.json @@ -0,0 +1,25 @@ +[ + { + "id": 137818504, + "name": "CVE-2018-11510", + "full_name": "mefulton\/CVE-2018-11510", + "owner": { + "login": "mefulton", + "id": 27797094, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/27797094?v=4", + "html_url": "https:\/\/github.com\/mefulton" + }, + "html_url": "https:\/\/github.com\/mefulton\/CVE-2018-11510", + "description": "Just a couple exploits for CVE-2018-11510", + "fork": false, + "created_at": "2018-06-18T23:49:41Z", + "updated_at": "2018-06-19T10:57:30Z", + "pushed_at": "2018-06-19T10:57:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-11517.json b/2018/CVE-2018-11517.json new file mode 100644 index 0000000000..edf8a1a033 --- /dev/null +++ b/2018/CVE-2018-11517.json @@ -0,0 +1,25 @@ +[ + { + "id": 134974554, + "name": "mySCADA-myPRO-7-projectID-Disclosure", + "full_name": "EmreOvunc\/mySCADA-myPRO-7-projectID-Disclosure", + "owner": { + "login": "EmreOvunc", + "id": 15659223, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15659223?v=4", + "html_url": "https:\/\/github.com\/EmreOvunc" + }, + "html_url": "https:\/\/github.com\/EmreOvunc\/mySCADA-myPRO-7-projectID-Disclosure", + "description": "CVE-2018-11517 | mySCADA myPRO v7.0.46 has another vulnerability to discover all projects in the system.", + "fork": false, + "created_at": "2018-05-26T15:49:07Z", + "updated_at": "2020-05-16T12:46:21Z", + "pushed_at": "2018-05-28T21:51:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-11631.json b/2018/CVE-2018-11631.json new file mode 100644 index 0000000000..255632e20b --- /dev/null +++ b/2018/CVE-2018-11631.json @@ -0,0 +1,25 @@ +[ + { + "id": 135617105, + "name": "bandexploit", + "full_name": "xMagass\/bandexploit", + "owner": { + "login": "xMagass", + "id": 17924254, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/17924254?v=4", + "html_url": "https:\/\/github.com\/xMagass" + }, + "html_url": "https:\/\/github.com\/xMagass\/bandexploit", + "description": "M1 Band Smart Watch Bluetooth Low Energy Exploit python script (CVE-2018-11631)", + "fork": false, + "created_at": "2018-05-31T17:46:59Z", + "updated_at": "2020-08-13T15:01:07Z", + "pushed_at": "2018-07-27T10:28:43Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 3, + "forks": 3, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-11776.json b/2018/CVE-2018-11776.json index 1c928c5bc3..9bbe4a9c6b 100644 --- a/2018/CVE-2018-11776.json +++ b/2018/CVE-2018-11776.json @@ -1,4 +1,27 @@ [ + { + "id": 145897861, + "name": "CVE-2018-11776", + "full_name": "trbpnd\/CVE-2018-11776", + "owner": { + "login": "trbpnd", + "id": 39193403, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/39193403?v=4", + "html_url": "https:\/\/github.com\/trbpnd" + }, + "html_url": "https:\/\/github.com\/trbpnd\/CVE-2018-11776", + "description": "Docker image for a vulnerable struts app", + "fork": false, + "created_at": "2018-08-23T19:25:26Z", + "updated_at": "2018-08-23T19:28:53Z", + "pushed_at": "2018-08-23T19:28:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 145901668, "name": "CVE-2018-11776", @@ -22,6 +45,236 @@ "watchers": 14, "score": 0 }, + { + "id": 145935231, + "name": "CVE-2018-11776", + "full_name": "jiguangin\/CVE-2018-11776", + "owner": { + "login": "jiguangin", + "id": 22545712, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22545712?v=4", + "html_url": "https:\/\/github.com\/jiguangin" + }, + "html_url": "https:\/\/github.com\/jiguangin\/CVE-2018-11776", + "description": "CVE-2018-11776(S2-057) EXPLOIT CODE", + "fork": false, + "created_at": "2018-08-24T03:01:29Z", + "updated_at": "2019-06-18T01:56:08Z", + "pushed_at": "2018-08-24T03:27:02Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 5, + "forks": 5, + "watchers": 9, + "score": 0 + }, + { + "id": 145985371, + "name": "CVE-2018-11776-Python-PoC", + "full_name": "hook-s3c\/CVE-2018-11776-Python-PoC", + "owner": { + "login": "hook-s3c", + "id": 31825993, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/31825993?v=4", + "html_url": "https:\/\/github.com\/hook-s3c" + }, + "html_url": "https:\/\/github.com\/hook-s3c\/CVE-2018-11776-Python-PoC", + "description": "Working Python test and PoC for CVE-2018-11776, includes Docker lab", + "fork": false, + "created_at": "2018-08-24T11:53:02Z", + "updated_at": "2020-05-14T19:08:54Z", + "pushed_at": "2018-08-25T02:14:49Z", + "stargazers_count": 117, + "watchers_count": 117, + "forks_count": 47, + "forks": 47, + "watchers": 117, + "score": 0 + }, + { + "id": 146056002, + "name": "struts-pwn_CVE-2018-11776", + "full_name": "mazen160\/struts-pwn_CVE-2018-11776", + "owner": { + "login": "mazen160", + "id": 8996052, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/8996052?v=4", + "html_url": "https:\/\/github.com\/mazen160" + }, + "html_url": "https:\/\/github.com\/mazen160\/struts-pwn_CVE-2018-11776", + "description": " An exploit for Apache Struts CVE-2018-11776", + "fork": false, + "created_at": "2018-08-25T01:53:30Z", + "updated_at": "2020-12-13T00:37:14Z", + "pushed_at": "2018-08-26T02:31:39Z", + "stargazers_count": 298, + "watchers_count": 298, + "forks_count": 102, + "forks": 102, + "watchers": 298, + "score": 0 + }, + { + "id": 146060181, + "name": "CVE-2018-11776", + "full_name": "bhdresh\/CVE-2018-11776", + "owner": { + "login": "bhdresh", + "id": 8931885, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/8931885?v=4", + "html_url": "https:\/\/github.com\/bhdresh" + }, + "html_url": "https:\/\/github.com\/bhdresh\/CVE-2018-11776", + "description": "Vulnerable docker container for CVE-2018-11776", + "fork": false, + "created_at": "2018-08-25T03:06:30Z", + "updated_at": "2020-01-06T22:41:00Z", + "pushed_at": "2018-08-25T04:53:35Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 5, + "forks": 5, + "watchers": 8, + "score": 0 + }, + { + "id": 146094544, + "name": "CVE-2018-11776", + "full_name": "knqyf263\/CVE-2018-11776", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-11776", + "description": "Environment for CVE-2018-11776 \/ S2-057 (Apache Struts 2)", + "fork": false, + "created_at": "2018-08-25T12:45:15Z", + "updated_at": "2020-04-06T19:13:36Z", + "pushed_at": "2018-08-25T14:20:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + }, + { + "id": 146330536, + "name": "Strutter", + "full_name": "Ekultek\/Strutter", + "owner": { + "login": "Ekultek", + "id": 14183473, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/14183473?v=4", + "html_url": "https:\/\/github.com\/Ekultek" + }, + "html_url": "https:\/\/github.com\/Ekultek\/Strutter", + "description": "Proof of Concept for CVE-2018-11776", + "fork": false, + "created_at": "2018-08-27T17:22:16Z", + "updated_at": "2020-12-12T20:05:33Z", + "pushed_at": "2018-09-12T14:28:35Z", + "stargazers_count": 20, + "watchers_count": 20, + "forks_count": 3, + "forks": 3, + "watchers": 20, + "score": 0 + }, + { + "id": 146373342, + "name": "cve-2018-11776-docker", + "full_name": "tuxotron\/cve-2018-11776-docker", + "owner": { + "login": "tuxotron", + "id": 937637, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/937637?v=4", + "html_url": "https:\/\/github.com\/tuxotron" + }, + "html_url": "https:\/\/github.com\/tuxotron\/cve-2018-11776-docker", + "description": null, + "fork": false, + "created_at": "2018-08-28T01:14:52Z", + "updated_at": "2019-09-24T14:38:18Z", + "pushed_at": "2018-08-29T17:58:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + }, + { + "id": 146519519, + "name": "S2-057-CVE-2018-11776", + "full_name": "brianwrf\/S2-057-CVE-2018-11776", + "owner": { + "login": "brianwrf", + "id": 8141813, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/8141813?v=4", + "html_url": "https:\/\/github.com\/brianwrf" + }, + "html_url": "https:\/\/github.com\/brianwrf\/S2-057-CVE-2018-11776", + "description": "A simple exploit for Apache Struts RCE S2-057 (CVE-2018-11776)", + "fork": false, + "created_at": "2018-08-28T23:48:14Z", + "updated_at": "2018-12-23T03:47:07Z", + "pushed_at": "2018-08-29T00:03:56Z", + "stargazers_count": 15, + "watchers_count": 15, + "forks_count": 5, + "forks": 5, + "watchers": 15, + "score": 0 + }, + { + "id": 146650579, + "name": "Apache-Struts-Shodan-Exploit", + "full_name": "649\/Apache-Struts-Shodan-Exploit", + "owner": { + "login": "649", + "id": 23534047, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/23534047?v=4", + "html_url": "https:\/\/github.com\/649" + }, + "html_url": "https:\/\/github.com\/649\/Apache-Struts-Shodan-Exploit", + "description": "This tool takes advantage of CVE-2018-11776 and Shodan to perform mass exploitation of verified and vulnerable Apache Struts servers.", + "fork": false, + "created_at": "2018-08-29T19:50:26Z", + "updated_at": "2020-10-30T15:35:06Z", + "pushed_at": "2018-08-30T00:16:01Z", + "stargazers_count": 49, + "watchers_count": 49, + "forks_count": 17, + "forks": 17, + "watchers": 49, + "score": 0 + }, + { + "id": 147746262, + "name": "CVE-2018-11776-Python-PoC", + "full_name": "jezzus\/CVE-2018-11776-Python-PoC", + "owner": { + "login": "jezzus", + "id": 9899999, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/9899999?v=4", + "html_url": "https:\/\/github.com\/jezzus" + }, + "html_url": "https:\/\/github.com\/jezzus\/CVE-2018-11776-Python-PoC", + "description": null, + "fork": false, + "created_at": "2018-09-06T23:49:20Z", + "updated_at": "2018-09-06T23:49:20Z", + "pushed_at": "2018-09-06T23:49:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 164352202, "name": "cve-2018-11776", diff --git a/2018/CVE-2018-12018.json b/2018/CVE-2018-12018.json new file mode 100644 index 0000000000..9747d4d68e --- /dev/null +++ b/2018/CVE-2018-12018.json @@ -0,0 +1,25 @@ +[ + { + "id": 153770795, + "name": "CVE-2018-12018", + "full_name": "k3v142\/CVE-2018-12018", + "owner": { + "login": "k3v142", + "id": 12337759, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/12337759?v=4", + "html_url": "https:\/\/github.com\/k3v142" + }, + "html_url": "https:\/\/github.com\/k3v142\/CVE-2018-12018", + "description": "EPoD (Ethereum Packet of Death)", + "fork": false, + "created_at": "2018-10-19T11:11:01Z", + "updated_at": "2019-12-14T15:32:33Z", + "pushed_at": "2018-10-20T21:07:42Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 0, + "forks": 0, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12031.json b/2018/CVE-2018-12031.json new file mode 100644 index 0000000000..4afd2cda32 --- /dev/null +++ b/2018/CVE-2018-12031.json @@ -0,0 +1,25 @@ +[ + { + "id": 136349330, + "name": "Eaton-Intelligent-Power-Manager-Local-File-Inclusion", + "full_name": "EmreOvunc\/Eaton-Intelligent-Power-Manager-Local-File-Inclusion", + "owner": { + "login": "EmreOvunc", + "id": 15659223, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15659223?v=4", + "html_url": "https:\/\/github.com\/EmreOvunc" + }, + "html_url": "https:\/\/github.com\/EmreOvunc\/Eaton-Intelligent-Power-Manager-Local-File-Inclusion", + "description": "CVE-2018-12031 | LFI in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file, it can lead to sensitive information disclosure, denial of service and code execution.", + "fork": false, + "created_at": "2018-06-06T15:31:29Z", + "updated_at": "2020-05-16T12:46:43Z", + "pushed_at": "2018-08-29T10:50:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12418.json b/2018/CVE-2018-12418.json new file mode 100644 index 0000000000..15f1dc1a02 --- /dev/null +++ b/2018/CVE-2018-12418.json @@ -0,0 +1,25 @@ +[ + { + "id": 158208279, + "name": "CVE-2018-12418", + "full_name": "tafamace\/CVE-2018-12418", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-12418", + "description": null, + "fork": false, + "created_at": "2018-11-19T11:12:00Z", + "updated_at": "2018-11-19T11:15:44Z", + "pushed_at": "2018-11-19T11:15:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12463.json b/2018/CVE-2018-12463.json new file mode 100644 index 0000000000..1daa1c929c --- /dev/null +++ b/2018/CVE-2018-12463.json @@ -0,0 +1,25 @@ +[ + { + "id": 140411928, + "name": "CVE-2018-12463", + "full_name": "alt3kx\/CVE-2018-12463", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2018-12463", + "description": "XML external entity (XXE) vulnerability in \/ssc\/fm-ws\/services in Fortify Software Security Center (SSC) 17.10, 17.20 & 18.10 (0day CVE-2018-12463)", + "fork": false, + "created_at": "2018-07-10T09:51:40Z", + "updated_at": "2018-07-17T08:13:36Z", + "pushed_at": "2018-07-17T08:13:34Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12537.json b/2018/CVE-2018-12537.json new file mode 100644 index 0000000000..404b25de22 --- /dev/null +++ b/2018/CVE-2018-12537.json @@ -0,0 +1,25 @@ +[ + { + "id": 158209208, + "name": "CVE-2018-12537", + "full_name": "tafamace\/CVE-2018-12537", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-12537", + "description": null, + "fork": false, + "created_at": "2018-11-19T11:18:35Z", + "updated_at": "2018-11-19T11:32:44Z", + "pushed_at": "2018-11-19T11:32:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12540.json b/2018/CVE-2018-12540.json new file mode 100644 index 0000000000..f9c6b74628 --- /dev/null +++ b/2018/CVE-2018-12540.json @@ -0,0 +1,25 @@ +[ + { + "id": 158212154, + "name": "CVE-2018-12540", + "full_name": "tafamace\/CVE-2018-12540", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-12540", + "description": null, + "fork": false, + "created_at": "2018-11-19T11:41:16Z", + "updated_at": "2018-11-19T11:46:57Z", + "pushed_at": "2018-11-19T11:46:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1259.json b/2018/CVE-2018-1259.json new file mode 100644 index 0000000000..8ef9dd12b8 --- /dev/null +++ b/2018/CVE-2018-1259.json @@ -0,0 +1,25 @@ +[ + { + "id": 158194793, + "name": "CVE-2018-1259", + "full_name": "tafamace\/CVE-2018-1259", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-1259", + "description": null, + "fork": false, + "created_at": "2018-11-19T09:25:32Z", + "updated_at": "2018-11-19T09:32:46Z", + "pushed_at": "2018-11-19T09:32:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12596.json b/2018/CVE-2018-12596.json new file mode 100644 index 0000000000..69e0c0cf7a --- /dev/null +++ b/2018/CVE-2018-12596.json @@ -0,0 +1,25 @@ +[ + { + "id": 138130645, + "name": "CVE-2018-12596", + "full_name": "alt3kx\/CVE-2018-12596", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2018-12596", + "description": "Ektron Content Management System (CMS) 9.20 SP2, remote re-enabling users (CVE-2018–12596)", + "fork": false, + "created_at": "2018-06-21T06:47:05Z", + "updated_at": "2018-10-11T00:25:47Z", + "pushed_at": "2018-10-11T00:19:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12597.json b/2018/CVE-2018-12597.json new file mode 100644 index 0000000000..2a8fd38433 --- /dev/null +++ b/2018/CVE-2018-12597.json @@ -0,0 +1,25 @@ +[ + { + "id": 138131591, + "name": "CVE-2018-12597", + "full_name": "alt3kx\/CVE-2018-12597", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2018-12597", + "description": "CVE-2018-12597", + "fork": false, + "created_at": "2018-06-21T06:55:39Z", + "updated_at": "2018-06-21T07:03:41Z", + "pushed_at": "2018-06-21T07:03:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12598.json b/2018/CVE-2018-12598.json new file mode 100644 index 0000000000..40f456ea50 --- /dev/null +++ b/2018/CVE-2018-12598.json @@ -0,0 +1,25 @@ +[ + { + "id": 138132015, + "name": "CVE-2018-12598", + "full_name": "alt3kx\/CVE-2018-12598", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2018-12598", + "description": "CVE-2018-12598", + "fork": false, + "created_at": "2018-06-21T06:59:46Z", + "updated_at": "2018-06-21T07:05:17Z", + "pushed_at": "2018-06-21T07:05:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-12613.json b/2018/CVE-2018-12613.json index 2fab9cb66f..510b8e97f6 100644 --- a/2018/CVE-2018-12613.json +++ b/2018/CVE-2018-12613.json @@ -1,4 +1,27 @@ [ + { + "id": 156870746, + "name": "CVE-2018-12613", + "full_name": "0x00-0x00\/CVE-2018-12613", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2018-12613", + "description": "PHPMyAdmin v4.8.0 and v.4.8.1 LFI exploit", + "fork": false, + "created_at": "2018-11-09T14:10:20Z", + "updated_at": "2020-03-11T07:23:14Z", + "pushed_at": "2018-11-09T14:42:23Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 3, + "forks": 3, + "watchers": 6, + "score": 0 + }, { "id": 208791479, "name": "CVE-2018-12613", diff --git a/2018/CVE-2018-1270.json b/2018/CVE-2018-1270.json index f7c305712c..ce7aaaddce 100644 --- a/2018/CVE-2018-1270.json +++ b/2018/CVE-2018-1270.json @@ -1,4 +1,73 @@ [ + { + "id": 128482458, + "name": "CVE-2018-1270", + "full_name": "CaledoniaProject\/CVE-2018-1270", + "owner": { + "login": "CaledoniaProject", + "id": 1357701, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/1357701?v=4", + "html_url": "https:\/\/github.com\/CaledoniaProject" + }, + "html_url": "https:\/\/github.com\/CaledoniaProject\/CVE-2018-1270", + "description": "Spring messaging STOMP protocol RCE", + "fork": false, + "created_at": "2018-04-07T00:14:33Z", + "updated_at": "2020-10-12T06:35:37Z", + "pushed_at": "2018-04-12T05:48:24Z", + "stargazers_count": 110, + "watchers_count": 110, + "forks_count": 25, + "forks": 25, + "watchers": 110, + "score": 0 + }, + { + "id": 129230393, + "name": "CVE-2018-1270_EXP", + "full_name": "genxor\/CVE-2018-1270_EXP", + "owner": { + "login": "genxor", + "id": 3094713, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3094713?v=4", + "html_url": "https:\/\/github.com\/genxor" + }, + "html_url": "https:\/\/github.com\/genxor\/CVE-2018-1270_EXP", + "description": null, + "fork": false, + "created_at": "2018-04-12T09:54:34Z", + "updated_at": "2019-10-11T19:04:29Z", + "pushed_at": "2018-04-12T10:00:45Z", + "stargazers_count": 19, + "watchers_count": 19, + "forks_count": 5, + "forks": 5, + "watchers": 19, + "score": 0 + }, + { + "id": 158213121, + "name": "CVE-2018-1270", + "full_name": "tafamace\/CVE-2018-1270", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-1270", + "description": null, + "fork": false, + "created_at": "2018-11-19T11:47:40Z", + "updated_at": "2018-11-19T12:00:19Z", + "pushed_at": "2018-11-19T12:00:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 162062968, "name": "CVE-2018-1270", diff --git a/2018/CVE-2018-1273.json b/2018/CVE-2018-1273.json index 6a83d53122..1ccad512fd 100644 --- a/2018/CVE-2018-1273.json +++ b/2018/CVE-2018-1273.json @@ -1,4 +1,73 @@ [ + { + "id": 129407531, + "name": "CVE-2018-1273", + "full_name": "knqyf263\/CVE-2018-1273", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-1273", + "description": "Environment for CVE-2018-1273 (Spring Data Commons)", + "fork": false, + "created_at": "2018-04-13T13:41:02Z", + "updated_at": "2019-04-24T05:33:19Z", + "pushed_at": "2018-08-15T05:26:45Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 2, + "forks": 2, + "watchers": 8, + "score": 0 + }, + { + "id": 129910523, + "name": "poc-cve-2018-1273", + "full_name": "wearearima\/poc-cve-2018-1273", + "owner": { + "login": "wearearima", + "id": 24791991, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/24791991?v=4", + "html_url": "https:\/\/github.com\/wearearima" + }, + "html_url": "https:\/\/github.com\/wearearima\/poc-cve-2018-1273", + "description": "POC for CVE-2018-1273", + "fork": false, + "created_at": "2018-04-17T13:41:00Z", + "updated_at": "2020-09-29T16:06:24Z", + "pushed_at": "2018-06-05T15:07:18Z", + "stargazers_count": 21, + "watchers_count": 21, + "forks_count": 9, + "forks": 9, + "watchers": 21, + "score": 0 + }, + { + "id": 151734933, + "name": "poc-cve-2018-1273", + "full_name": "webr0ck\/poc-cve-2018-1273", + "owner": { + "login": "webr0ck", + "id": 30629042, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/30629042?v=4", + "html_url": "https:\/\/github.com\/webr0ck" + }, + "html_url": "https:\/\/github.com\/webr0ck\/poc-cve-2018-1273", + "description": null, + "fork": false, + "created_at": "2018-10-05T14:42:07Z", + "updated_at": "2018-10-09T09:26:39Z", + "pushed_at": "2018-10-05T14:42:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 3, + "forks": 3, + "watchers": 1, + "score": 0 + }, { "id": 166271014, "name": "cve-2018-1273", diff --git a/2018/CVE-2018-12895.json b/2018/CVE-2018-12895.json new file mode 100644 index 0000000000..19d92655d1 --- /dev/null +++ b/2018/CVE-2018-12895.json @@ -0,0 +1,25 @@ +[ + { + "id": 139890292, + "name": "cve-2018-12895-hotfix", + "full_name": "bloom-ux\/cve-2018-12895-hotfix", + "owner": { + "login": "bloom-ux", + "id": 22582007, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/22582007?v=4", + "html_url": "https:\/\/github.com\/bloom-ux" + }, + "html_url": "https:\/\/github.com\/bloom-ux\/cve-2018-12895-hotfix", + "description": "Hotfix for file deletion to to code execution vulnerability in WordPress", + "fork": false, + "created_at": "2018-07-05T19:09:17Z", + "updated_at": "2018-07-05T19:48:44Z", + "pushed_at": "2018-07-05T19:48:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1304.json b/2018/CVE-2018-1304.json new file mode 100644 index 0000000000..96bd685e6b --- /dev/null +++ b/2018/CVE-2018-1304.json @@ -0,0 +1,48 @@ +[ + { + "id": 122712148, + "name": "CVE-2018-1304", + "full_name": "knqyf263\/CVE-2018-1304", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-1304", + "description": null, + "fork": false, + "created_at": "2018-02-24T06:45:21Z", + "updated_at": "2018-05-07T09:36:43Z", + "pushed_at": "2018-02-25T12:29:40Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + }, + { + "id": 124373835, + "name": "tomcat_CVE-2018-1304_testing", + "full_name": "thariyarox\/tomcat_CVE-2018-1304_testing", + "owner": { + "login": "thariyarox", + "id": 8102507, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8102507?v=4", + "html_url": "https:\/\/github.com\/thariyarox" + }, + "html_url": "https:\/\/github.com\/thariyarox\/tomcat_CVE-2018-1304_testing", + "description": null, + "fork": false, + "created_at": "2018-03-08T10:12:22Z", + "updated_at": "2018-03-08T10:24:11Z", + "pushed_at": "2018-03-08T10:30:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1305.json b/2018/CVE-2018-1305.json new file mode 100644 index 0000000000..8c5b931c46 --- /dev/null +++ b/2018/CVE-2018-1305.json @@ -0,0 +1,25 @@ +[ + { + "id": 129016985, + "name": "CVE-2018-1305", + "full_name": "Pa55w0rd\/CVE-2018-1305", + "owner": { + "login": "Pa55w0rd", + "id": 16274549, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16274549?v=4", + "html_url": "https:\/\/github.com\/Pa55w0rd" + }, + "html_url": "https:\/\/github.com\/Pa55w0rd\/CVE-2018-1305", + "description": "Apache Tomcat 安全绕过漏洞 Poc", + "fork": false, + "created_at": "2018-04-11T01:37:58Z", + "updated_at": "2020-12-14T07:06:56Z", + "pushed_at": "2018-03-12T18:05:03Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 8, + "forks": 8, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1313.json b/2018/CVE-2018-1313.json new file mode 100644 index 0000000000..4bf1cd1a54 --- /dev/null +++ b/2018/CVE-2018-1313.json @@ -0,0 +1,25 @@ +[ + { + "id": 158220324, + "name": "CVE-2018-1313", + "full_name": "tafamace\/CVE-2018-1313", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-1313", + "description": null, + "fork": false, + "created_at": "2018-11-19T12:38:21Z", + "updated_at": "2018-11-19T12:48:53Z", + "pushed_at": "2018-11-19T12:48:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1324.json b/2018/CVE-2018-1324.json new file mode 100644 index 0000000000..e1e836c990 --- /dev/null +++ b/2018/CVE-2018-1324.json @@ -0,0 +1,25 @@ +[ + { + "id": 158221452, + "name": "CVE-2018-1324", + "full_name": "tafamace\/CVE-2018-1324", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-1324", + "description": null, + "fork": false, + "created_at": "2018-11-19T12:46:37Z", + "updated_at": "2018-11-19T13:04:11Z", + "pushed_at": "2018-11-19T13:04:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-13784.json b/2018/CVE-2018-13784.json new file mode 100644 index 0000000000..54a824b69a --- /dev/null +++ b/2018/CVE-2018-13784.json @@ -0,0 +1,25 @@ +[ + { + "id": 141165293, + "name": "prestashop-exploits", + "full_name": "ambionics\/prestashop-exploits", + "owner": { + "login": "ambionics", + "id": 29630660, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/29630660?v=4", + "html_url": "https:\/\/github.com\/ambionics" + }, + "html_url": "https:\/\/github.com\/ambionics\/prestashop-exploits", + "description": "Collection of exploits\/POC for PrestaShop cookie vulnerabilities (CVE-2018-13784)", + "fork": false, + "created_at": "2018-07-16T16:33:41Z", + "updated_at": "2020-11-23T07:28:24Z", + "pushed_at": "2018-07-17T09:02:34Z", + "stargazers_count": 45, + "watchers_count": 45, + "forks_count": 10, + "forks": 10, + "watchers": 45, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-13864.json b/2018/CVE-2018-13864.json new file mode 100644 index 0000000000..7b4c749bc0 --- /dev/null +++ b/2018/CVE-2018-13864.json @@ -0,0 +1,25 @@ +[ + { + "id": 158196795, + "name": "CVE-2018-13864", + "full_name": "tafamace\/CVE-2018-13864", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-13864", + "description": null, + "fork": false, + "created_at": "2018-11-19T09:40:47Z", + "updated_at": "2018-11-19T09:45:34Z", + "pushed_at": "2018-11-19T09:45:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-14.json b/2018/CVE-2018-14.json new file mode 100644 index 0000000000..847693a214 --- /dev/null +++ b/2018/CVE-2018-14.json @@ -0,0 +1,25 @@ +[ + { + "id": 144012223, + "name": "legacySymfony", + "full_name": "lckJack\/legacySymfony", + "owner": { + "login": "lckJack", + "id": 38405856, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/38405856?v=4", + "html_url": "https:\/\/github.com\/lckJack" + }, + "html_url": "https:\/\/github.com\/lckJack\/legacySymfony", + "description": "Easy script to check if drupal 8.x-8.5.6 is vulnerable to CVE-2018-14.773", + "fork": false, + "created_at": "2018-08-08T12:42:56Z", + "updated_at": "2018-08-08T17:28:27Z", + "pushed_at": "2018-08-08T12:46:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-14083.json b/2018/CVE-2018-14083.json new file mode 100644 index 0000000000..6559af11da --- /dev/null +++ b/2018/CVE-2018-14083.json @@ -0,0 +1,25 @@ +[ + { + "id": 142094467, + "name": "CVE-2018-14083", + "full_name": "pudding2\/CVE-2018-14083", + "owner": { + "login": "pudding2", + "id": 28480779, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/28480779?v=4", + "html_url": "https:\/\/github.com\/pudding2" + }, + "html_url": "https:\/\/github.com\/pudding2\/CVE-2018-14083", + "description": null, + "fork": false, + "created_at": "2018-07-24T02:36:08Z", + "updated_at": "2019-01-14T11:31:59Z", + "pushed_at": "2018-07-24T02:56:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-14634.json b/2018/CVE-2018-14634.json new file mode 100644 index 0000000000..aa718b171c --- /dev/null +++ b/2018/CVE-2018-14634.json @@ -0,0 +1,25 @@ +[ + { + "id": 152124947, + "name": "cve-2018-14634", + "full_name": "luan0ap\/cve-2018-14634", + "owner": { + "login": "luan0ap", + "id": 26953960, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/26953960?v=4", + "html_url": "https:\/\/github.com\/luan0ap" + }, + "html_url": "https:\/\/github.com\/luan0ap\/cve-2018-14634", + "description": "proof-of-concept (PoC) for linux dists based on Debian, CentOS and RedHat - exploit 1", + "fork": false, + "created_at": "2018-10-08T18:12:03Z", + "updated_at": "2020-03-29T03:02:36Z", + "pushed_at": "2018-10-09T16:44:32Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 8, + "forks": 8, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-14665.json b/2018/CVE-2018-14665.json index 419ccc7aa7..6c12bbd0d5 100644 --- a/2018/CVE-2018-14665.json +++ b/2018/CVE-2018-14665.json @@ -1,4 +1,27 @@ [ + { + "id": 154950649, + "name": "CVE-2018-14665", + "full_name": "jas502n\/CVE-2018-14665", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-14665", + "description": "OpenBsd_CVE-2018-14665", + "fork": false, + "created_at": "2018-10-27T10:12:05Z", + "updated_at": "2020-10-26T10:10:05Z", + "pushed_at": "2018-10-27T10:44:35Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 8, + "forks": 8, + "watchers": 14, + "score": 0 + }, { "id": 155795794, "name": "CVE-2018-14665", diff --git a/2018/CVE-2018-14667.json b/2018/CVE-2018-14667.json index 26059828d9..bd892fca8a 100644 --- a/2018/CVE-2018-14667.json +++ b/2018/CVE-2018-14667.json @@ -1,4 +1,27 @@ [ + { + "id": 158057391, + "name": "cve-2018-14667", + "full_name": "nareshmail\/cve-2018-14667", + "owner": { + "login": "nareshmail", + "id": 6008091, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/6008091?v=4", + "html_url": "https:\/\/github.com\/nareshmail" + }, + "html_url": "https:\/\/github.com\/nareshmail\/cve-2018-14667", + "description": "cve-2018-14667 demo", + "fork": false, + "created_at": "2018-11-18T06:43:46Z", + "updated_at": "2020-04-01T03:46:35Z", + "pushed_at": "2018-11-17T04:13:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 158791727, "name": "CVE-2018-14667", diff --git a/2018/CVE-2018-14772.json b/2018/CVE-2018-14772.json new file mode 100644 index 0000000000..493086e325 --- /dev/null +++ b/2018/CVE-2018-14772.json @@ -0,0 +1,25 @@ +[ + { + "id": 148241935, + "name": "CVE-2018-14772", + "full_name": "spencerdodd\/CVE-2018-14772", + "owner": { + "login": "spencerdodd", + "id": 9969454, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/9969454?v=4", + "html_url": "https:\/\/github.com\/spencerdodd" + }, + "html_url": "https:\/\/github.com\/spencerdodd\/CVE-2018-14772", + "description": "RCE exploit for CVE-2018-14772", + "fork": false, + "created_at": "2018-09-11T01:24:21Z", + "updated_at": "2020-10-21T22:16:16Z", + "pushed_at": "2018-11-01T01:47:17Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 2, + "forks": 2, + "watchers": 9, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-14847.json b/2018/CVE-2018-14847.json index d796a1deaf..73d2d829c2 100644 --- a/2018/CVE-2018-14847.json +++ b/2018/CVE-2018-14847.json @@ -22,6 +22,52 @@ "watchers": 399, "score": 0 }, + { + "id": 148370201, + "name": "WinboxExploit", + "full_name": "msterusky\/WinboxExploit", + "owner": { + "login": "msterusky", + "id": 29436829, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/29436829?v=4", + "html_url": "https:\/\/github.com\/msterusky" + }, + "html_url": "https:\/\/github.com\/msterusky\/WinboxExploit", + "description": "C# implementation of BasuCert\/WinboxPoC [Winbox Critical Vulnerability (CVE-2018-14847)]", + "fork": false, + "created_at": "2018-09-11T19:36:49Z", + "updated_at": "2020-01-10T14:58:08Z", + "pushed_at": "2018-09-11T20:12:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 4, + "forks": 4, + "watchers": 4, + "score": 0 + }, + { + "id": 152906288, + "name": "MikroRoot", + "full_name": "syrex1013\/MikroRoot", + "owner": { + "login": "syrex1013", + "id": 31669127, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/31669127?v=4", + "html_url": "https:\/\/github.com\/syrex1013" + }, + "html_url": "https:\/\/github.com\/syrex1013\/MikroRoot", + "description": "Automated version of CVE-2018-14847 (MikroTik Exploit)", + "fork": false, + "created_at": "2018-10-13T19:17:42Z", + "updated_at": "2020-11-02T06:16:27Z", + "pushed_at": "2018-10-14T08:39:24Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 2, + "forks": 2, + "watchers": 13, + "score": 0 + }, { "id": 161894724, "name": "CVE-2018-14847", diff --git a/2018/CVE-2018-15131.json b/2018/CVE-2018-15131.json new file mode 100644 index 0000000000..dacd275db7 --- /dev/null +++ b/2018/CVE-2018-15131.json @@ -0,0 +1,25 @@ +[ + { + "id": 147528539, + "name": "CVE-2018-15131", + "full_name": "0x00-0x00\/CVE-2018-15131", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2018-15131", + "description": "Zimbra Collaboration Suite Username Enumeration ", + "fork": false, + "created_at": "2018-09-05T14:11:16Z", + "updated_at": "2018-10-28T04:05:13Z", + "pushed_at": "2018-09-05T14:11:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-15133.json b/2018/CVE-2018-15133.json index c3ce3f4920..4ded7746b1 100644 --- a/2018/CVE-2018-15133.json +++ b/2018/CVE-2018-15133.json @@ -1,4 +1,27 @@ [ + { + "id": 144760095, + "name": "laravel-poc-CVE-2018-15133", + "full_name": "kozmic\/laravel-poc-CVE-2018-15133", + "owner": { + "login": "kozmic", + "id": 6666, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/6666?v=4", + "html_url": "https:\/\/github.com\/kozmic" + }, + "html_url": "https:\/\/github.com\/kozmic\/laravel-poc-CVE-2018-15133", + "description": "PoC for CVE-2018-15133 (Laravel unserialize vulnerability)", + "fork": false, + "created_at": "2018-08-14T18:51:50Z", + "updated_at": "2020-12-12T02:49:56Z", + "pushed_at": "2018-09-27T07:32:19Z", + "stargazers_count": 204, + "watchers_count": 204, + "forks_count": 38, + "forks": 38, + "watchers": 204, + "score": 0 + }, { "id": 243072477, "name": "Laravel-CVE-2018-15133", diff --git a/2018/CVE-2018-15365.json b/2018/CVE-2018-15365.json new file mode 100644 index 0000000000..c2f5167e32 --- /dev/null +++ b/2018/CVE-2018-15365.json @@ -0,0 +1,25 @@ +[ + { + "id": 150475298, + "name": "CVE-2018-15365", + "full_name": "nixwizard\/CVE-2018-15365", + "owner": { + "login": "nixwizard", + "id": 3982790, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/3982790?v=4", + "html_url": "https:\/\/github.com\/nixwizard" + }, + "html_url": "https:\/\/github.com\/nixwizard\/CVE-2018-15365", + "description": null, + "fork": false, + "created_at": "2018-09-26T18:56:41Z", + "updated_at": "2018-09-27T07:31:12Z", + "pushed_at": "2018-09-27T07:31:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-15473.json b/2018/CVE-2018-15473.json index 178364c6ed..2e4020aa77 100644 --- a/2018/CVE-2018-15473.json +++ b/2018/CVE-2018-15473.json @@ -22,6 +22,29 @@ "watchers": 119, "score": 0 }, + { + "id": 145296891, + "name": "opensshenum", + "full_name": "gbonacini\/opensshenum", + "owner": { + "login": "gbonacini", + "id": 5440458, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5440458?v=4", + "html_url": "https:\/\/github.com\/gbonacini" + }, + "html_url": "https:\/\/github.com\/gbonacini\/opensshenum", + "description": "CVE-2018-15473 - Opensshenum is an user enumerator exploiting an OpenSsh bug", + "fork": false, + "created_at": "2018-08-19T11:23:54Z", + "updated_at": "2019-09-15T11:44:34Z", + "pushed_at": "2018-10-17T12:27:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, { "id": 145483388, "name": "CVE-2018-15473-Exploit", @@ -114,6 +137,29 @@ "watchers": 6, "score": 0 }, + { + "id": 155426753, + "name": "CrappyCode", + "full_name": "JoeBlackSecurity\/CrappyCode", + "owner": { + "login": "JoeBlackSecurity", + "id": 44617164, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/44617164?v=4", + "html_url": "https:\/\/github.com\/JoeBlackSecurity" + }, + "html_url": "https:\/\/github.com\/JoeBlackSecurity\/CrappyCode", + "description": "Functional script for brute forcing SSH and trying credentials - CVE-2018-15473", + "fork": false, + "created_at": "2018-10-30T17:17:09Z", + "updated_at": "2018-11-06T19:03:05Z", + "pushed_at": "2018-11-06T19:03:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 155492594, "name": "SSHUsernameBruter-SSHUB", diff --git a/2018/CVE-2018-15499.json b/2018/CVE-2018-15499.json new file mode 100644 index 0000000000..0c36d1c53c --- /dev/null +++ b/2018/CVE-2018-15499.json @@ -0,0 +1,25 @@ +[ + { + "id": 145583266, + "name": "CVE-2018-15499", + "full_name": "DownWithUp\/CVE-2018-15499", + "owner": { + "login": "DownWithUp", + "id": 16905064, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16905064?v=4", + "html_url": "https:\/\/github.com\/DownWithUp" + }, + "html_url": "https:\/\/github.com\/DownWithUp\/CVE-2018-15499", + "description": "PoC code for CVE-2018-15499 (exploit race condition for BSoD)", + "fork": false, + "created_at": "2018-08-21T15:26:35Z", + "updated_at": "2020-06-19T06:54:55Z", + "pushed_at": "2018-08-23T12:55:23Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 5, + "forks": 5, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-15727.json b/2018/CVE-2018-15727.json new file mode 100644 index 0000000000..68c774110a --- /dev/null +++ b/2018/CVE-2018-15727.json @@ -0,0 +1,25 @@ +[ + { + "id": 146628899, + "name": "grafana-CVE-2018-15727", + "full_name": "u238\/grafana-CVE-2018-15727", + "owner": { + "login": "u238", + "id": 2368573, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2368573?v=4", + "html_url": "https:\/\/github.com\/u238" + }, + "html_url": "https:\/\/github.com\/u238\/grafana-CVE-2018-15727", + "description": "a small utility to generate a cookie in order to exploit a grafana vulnerability (CVE-2018-15727)", + "fork": false, + "created_at": "2018-08-29T16:35:22Z", + "updated_at": "2020-07-29T06:48:10Z", + "pushed_at": "2018-08-31T20:31:12Z", + "stargazers_count": 21, + "watchers_count": 21, + "forks_count": 7, + "forks": 7, + "watchers": 21, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-15832.json b/2018/CVE-2018-15832.json new file mode 100644 index 0000000000..69996fe0a3 --- /dev/null +++ b/2018/CVE-2018-15832.json @@ -0,0 +1,25 @@ +[ + { + "id": 148423840, + "name": "Ubisoft-Uplay-Desktop-Client-63.0.5699.0", + "full_name": "JacksonKuo\/Ubisoft-Uplay-Desktop-Client-63.0.5699.0", + "owner": { + "login": "JacksonKuo", + "id": 5520730, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/5520730?v=4", + "html_url": "https:\/\/github.com\/JacksonKuo" + }, + "html_url": "https:\/\/github.com\/JacksonKuo\/Ubisoft-Uplay-Desktop-Client-63.0.5699.0", + "description": "CVE-2018-15832", + "fork": false, + "created_at": "2018-09-12T04:59:11Z", + "updated_at": "2018-09-12T05:05:37Z", + "pushed_at": "2018-09-12T05:00:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-15912.json b/2018/CVE-2018-15912.json new file mode 100644 index 0000000000..a6fe9bcda3 --- /dev/null +++ b/2018/CVE-2018-15912.json @@ -0,0 +1,25 @@ +[ + { + "id": 146484081, + "name": "CVE-2018-15912-PoC", + "full_name": "coderobe\/CVE-2018-15912-PoC", + "owner": { + "login": "coderobe", + "id": 8442384, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/8442384?v=4", + "html_url": "https:\/\/github.com\/coderobe" + }, + "html_url": "https:\/\/github.com\/coderobe\/CVE-2018-15912-PoC", + "description": null, + "fork": false, + "created_at": "2018-08-28T17:40:52Z", + "updated_at": "2018-08-30T10:59:24Z", + "pushed_at": "2018-08-28T17:54:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16370.json b/2018/CVE-2018-16370.json new file mode 100644 index 0000000000..917c6398f0 --- /dev/null +++ b/2018/CVE-2018-16370.json @@ -0,0 +1,25 @@ +[ + { + "id": 147602690, + "name": "CVE-2018-16370", + "full_name": "snappyJack\/CVE-2018-16370", + "owner": { + "login": "snappyJack", + "id": 16055573, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16055573?v=4", + "html_url": "https:\/\/github.com\/snappyJack" + }, + "html_url": "https:\/\/github.com\/snappyJack\/CVE-2018-16370", + "description": "In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through \/Public\/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive.", + "fork": false, + "created_at": "2018-09-06T01:52:47Z", + "updated_at": "2018-09-06T02:02:55Z", + "pushed_at": "2018-09-06T02:02:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16373.json b/2018/CVE-2018-16373.json new file mode 100644 index 0000000000..ac91b73876 --- /dev/null +++ b/2018/CVE-2018-16373.json @@ -0,0 +1,25 @@ +[ + { + "id": 147603389, + "name": "CVE-2018-16373", + "full_name": "snappyJack\/CVE-2018-16373", + "owner": { + "login": "snappyJack", + "id": 16055573, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16055573?v=4", + "html_url": "https:\/\/github.com\/snappyJack" + }, + "html_url": "https:\/\/github.com\/snappyJack\/CVE-2018-16373", + "description": "Frog CMS 0.9.5 has an Upload > vulnerability that can create files via > \/admin\/?\/plugin\/file_manager\/save", + "fork": false, + "created_at": "2018-09-06T02:00:24Z", + "updated_at": "2018-09-06T02:01:33Z", + "pushed_at": "2018-09-06T02:01:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16509.json b/2018/CVE-2018-16509.json index 396d08eb8b..84c4ffd4db 100644 --- a/2018/CVE-2018-16509.json +++ b/2018/CVE-2018-16509.json @@ -1,4 +1,27 @@ [ + { + "id": 153072697, + "name": "PIL-RCE-Ghostscript-CVE-2018-16509", + "full_name": "farisv\/PIL-RCE-Ghostscript-CVE-2018-16509", + "owner": { + "login": "farisv", + "id": 44131180, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/44131180?v=4", + "html_url": "https:\/\/github.com\/farisv" + }, + "html_url": "https:\/\/github.com\/farisv\/PIL-RCE-Ghostscript-CVE-2018-16509", + "description": "PoC + Docker Environment for Python PIL\/Pillow Remote Shell Command Execution via Ghostscript CVE-2018-16509", + "fork": false, + "created_at": "2018-10-15T07:44:43Z", + "updated_at": "2020-11-07T05:36:37Z", + "pushed_at": "2020-12-14T11:30:49Z", + "stargazers_count": 19, + "watchers_count": 19, + "forks_count": 4, + "forks": 4, + "watchers": 19, + "score": 0 + }, { "id": 157982249, "name": "CVE-2018-16509", diff --git a/2018/CVE-2018-16711.json b/2018/CVE-2018-16711.json new file mode 100644 index 0000000000..2a93996537 --- /dev/null +++ b/2018/CVE-2018-16711.json @@ -0,0 +1,25 @@ +[ + { + "id": 149358711, + "name": "CVE-2018-16711", + "full_name": "DownWithUp\/CVE-2018-16711", + "owner": { + "login": "DownWithUp", + "id": 16905064, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16905064?v=4", + "html_url": "https:\/\/github.com\/DownWithUp" + }, + "html_url": "https:\/\/github.com\/DownWithUp\/CVE-2018-16711", + "description": "PoC code for CVE-2018-16711 (exploit by wrmsr)", + "fork": false, + "created_at": "2018-09-18T22:18:32Z", + "updated_at": "2020-03-19T00:33:49Z", + "pushed_at": "2018-09-25T12:15:50Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16713.json b/2018/CVE-2018-16713.json new file mode 100644 index 0000000000..60bb27c047 --- /dev/null +++ b/2018/CVE-2018-16713.json @@ -0,0 +1,25 @@ +[ + { + "id": 148797728, + "name": "CVE-2018-16713", + "full_name": "DownWithUp\/CVE-2018-16713", + "owner": { + "login": "DownWithUp", + "id": 16905064, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16905064?v=4", + "html_url": "https:\/\/github.com\/DownWithUp" + }, + "html_url": "https:\/\/github.com\/DownWithUp\/CVE-2018-16713", + "description": "PoC code for CVE-2018-16713 (exploit by rdmsr)", + "fork": false, + "created_at": "2018-09-14T14:10:22Z", + "updated_at": "2020-03-19T00:33:43Z", + "pushed_at": "2018-09-25T12:15:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16987.json b/2018/CVE-2018-16987.json new file mode 100644 index 0000000000..c3f1bec95f --- /dev/null +++ b/2018/CVE-2018-16987.json @@ -0,0 +1,25 @@ +[ + { + "id": 148659258, + "name": "CVE-2018-16987", + "full_name": "gquere\/CVE-2018-16987", + "owner": { + "login": "gquere", + "id": 1585000, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/1585000?v=4", + "html_url": "https:\/\/github.com\/gquere" + }, + "html_url": "https:\/\/github.com\/gquere\/CVE-2018-16987", + "description": "Details about CVE-2018-16987 - Cleartext storage of TA servers' passwords in Squash TM", + "fork": false, + "created_at": "2018-09-13T15:32:48Z", + "updated_at": "2018-09-14T06:17:55Z", + "pushed_at": "2018-09-13T16:47:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17144.json b/2018/CVE-2018-17144.json new file mode 100644 index 0000000000..4aba2aab85 --- /dev/null +++ b/2018/CVE-2018-17144.json @@ -0,0 +1,48 @@ +[ + { + "id": 152480350, + "name": "ban-exploitable-bitcoin-nodes", + "full_name": "iioch\/ban-exploitable-bitcoin-nodes", + "owner": { + "login": "iioch", + "id": 18705326, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/18705326?v=4", + "html_url": "https:\/\/github.com\/iioch" + }, + "html_url": "https:\/\/github.com\/iioch\/ban-exploitable-bitcoin-nodes", + "description": "Ban all denial-of-service vulnerability exploitable nodes from your node CVE-2018-17144 ", + "fork": false, + "created_at": "2018-10-10T19:44:09Z", + "updated_at": "2018-10-16T13:56:34Z", + "pushed_at": "2018-10-10T20:08:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 155528435, + "name": "CVE-2018-17144_POC", + "full_name": "hikame\/CVE-2018-17144_POC", + "owner": { + "login": "hikame", + "id": 6397196, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/6397196?v=4", + "html_url": "https:\/\/github.com\/hikame" + }, + "html_url": "https:\/\/github.com\/hikame\/CVE-2018-17144_POC", + "description": "Put the *.py files to test\/functional folder of bitcoin sourcecode (commit: 4901c00792c1dabae4bb01e6373c9b1ed9ef3008)", + "fork": false, + "created_at": "2018-10-31T09:07:35Z", + "updated_at": "2020-12-05T14:05:15Z", + "pushed_at": "2018-11-12T10:11:00Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 6, + "forks": 6, + "watchers": 10, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17182.json b/2018/CVE-2018-17182.json new file mode 100644 index 0000000000..2beb192ee2 --- /dev/null +++ b/2018/CVE-2018-17182.json @@ -0,0 +1,71 @@ +[ + { + "id": 150880187, + "name": "CVE-2018-17182", + "full_name": "jas502n\/CVE-2018-17182", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-17182", + "description": "Linux 内核VMA-UAF 提权漏洞(CVE-2018-17182),0day", + "fork": false, + "created_at": "2018-09-29T15:58:55Z", + "updated_at": "2020-11-06T13:05:57Z", + "pushed_at": "2018-10-02T09:03:37Z", + "stargazers_count": 119, + "watchers_count": 119, + "forks_count": 48, + "forks": 48, + "watchers": 119, + "score": 0 + }, + { + "id": 151031561, + "name": "CVE-2018-17182", + "full_name": "likescam\/CVE-2018-17182", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2018-17182", + "description": null, + "fork": false, + "created_at": "2018-10-01T03:20:05Z", + "updated_at": "2018-10-01T03:20:17Z", + "pushed_at": "2018-10-01T03:20:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 151032211, + "name": "vmacache_CVE-2018-17182", + "full_name": "likescam\/vmacache_CVE-2018-17182", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/vmacache_CVE-2018-17182", + "description": null, + "fork": false, + "created_at": "2018-10-01T03:29:04Z", + "updated_at": "2018-10-01T16:07:20Z", + "pushed_at": "2018-10-01T03:34:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17418.json b/2018/CVE-2018-17418.json new file mode 100644 index 0000000000..9eca5f358b --- /dev/null +++ b/2018/CVE-2018-17418.json @@ -0,0 +1,25 @@ +[ + { + "id": 149421281, + "name": "monstra_cms-3.0.4--getshell", + "full_name": "AlwaysHereFight\/monstra_cms-3.0.4--getshell", + "owner": { + "login": "AlwaysHereFight", + "id": 21152658, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/21152658?v=4", + "html_url": "https:\/\/github.com\/AlwaysHereFight" + }, + "html_url": "https:\/\/github.com\/AlwaysHereFight\/monstra_cms-3.0.4--getshell", + "description": "monstra_cms-3.0.4-上传getshell CVE-2018-17418", + "fork": false, + "created_at": "2018-09-19T08:54:45Z", + "updated_at": "2018-10-09T06:40:44Z", + "pushed_at": "2018-09-24T15:58:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17456.json b/2018/CVE-2018-17456.json index 699cd24497..5fbea9cd32 100644 --- a/2018/CVE-2018-17456.json +++ b/2018/CVE-2018-17456.json @@ -1,4 +1,50 @@ [ + { + "id": 154035813, + "name": "CVE-2018-17456", + "full_name": "shpik-kr\/CVE-2018-17456", + "owner": { + "login": "shpik-kr", + "id": 12602773, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/12602773?v=4", + "html_url": "https:\/\/github.com\/shpik-kr" + }, + "html_url": "https:\/\/github.com\/shpik-kr\/CVE-2018-17456", + "description": "1-day", + "fork": false, + "created_at": "2018-10-21T17:46:10Z", + "updated_at": "2018-10-23T11:22:27Z", + "pushed_at": "2018-10-23T11:22:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 156715728, + "name": "CVE-2018-17456", + "full_name": "matlink\/CVE-2018-17456", + "owner": { + "login": "matlink", + "id": 4450078, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/4450078?v=4", + "html_url": "https:\/\/github.com\/matlink" + }, + "html_url": "https:\/\/github.com\/matlink\/CVE-2018-17456", + "description": null, + "fork": false, + "created_at": "2018-11-08T14:03:52Z", + "updated_at": "2018-11-08T14:21:16Z", + "pushed_at": "2018-11-08T14:21:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 190417594, "name": "CVE-2018-17456", diff --git a/2018/CVE-2018-17961.json b/2018/CVE-2018-17961.json new file mode 100644 index 0000000000..560a4f56da --- /dev/null +++ b/2018/CVE-2018-17961.json @@ -0,0 +1,25 @@ +[ + { + "id": 155720048, + "name": "CVE-2018-17961", + "full_name": "matlink\/CVE-2018-17961", + "owner": { + "login": "matlink", + "id": 4450078, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/4450078?v=4", + "html_url": "https:\/\/github.com\/matlink" + }, + "html_url": "https:\/\/github.com\/matlink\/CVE-2018-17961", + "description": null, + "fork": false, + "created_at": "2018-11-01T13:33:12Z", + "updated_at": "2019-09-02T09:36:54Z", + "pushed_at": "2018-11-01T13:33:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-18026.json b/2018/CVE-2018-18026.json new file mode 100644 index 0000000000..1dde7b777e --- /dev/null +++ b/2018/CVE-2018-18026.json @@ -0,0 +1,25 @@ +[ + { + "id": 153657332, + "name": "CVE-2018-18026", + "full_name": "DownWithUp\/CVE-2018-18026", + "owner": { + "login": "DownWithUp", + "id": 16905064, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16905064?v=4", + "html_url": "https:\/\/github.com\/DownWithUp" + }, + "html_url": "https:\/\/github.com\/DownWithUp\/CVE-2018-18026", + "description": "PoC Code for CVE-2018-18026 (exploit by stack overflow)", + "fork": false, + "created_at": "2018-10-18T16:51:26Z", + "updated_at": "2020-03-19T00:33:33Z", + "pushed_at": "2018-11-07T04:00:59Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-18387.json b/2018/CVE-2018-18387.json new file mode 100644 index 0000000000..35edea5036 --- /dev/null +++ b/2018/CVE-2018-18387.json @@ -0,0 +1,25 @@ +[ + { + "id": 153663293, + "name": "CVE-2018-18387", + "full_name": "TheeBlind\/CVE-2018-18387", + "owner": { + "login": "TheeBlind", + "id": 26583110, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/26583110?v=4", + "html_url": "https:\/\/github.com\/TheeBlind" + }, + "html_url": "https:\/\/github.com\/TheeBlind\/CVE-2018-18387", + "description": "playSMS < = 1.4.2 - Privilege escalation", + "fork": false, + "created_at": "2018-10-18T17:40:42Z", + "updated_at": "2019-03-08T13:11:49Z", + "pushed_at": "2018-10-26T16:00:05Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 3, + "forks": 3, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-18714.json b/2018/CVE-2018-18714.json new file mode 100644 index 0000000000..37b8bded46 --- /dev/null +++ b/2018/CVE-2018-18714.json @@ -0,0 +1,25 @@ +[ + { + "id": 155772208, + "name": "CVE-2018-18714", + "full_name": "DownWithUp\/CVE-2018-18714", + "owner": { + "login": "DownWithUp", + "id": 16905064, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16905064?v=4", + "html_url": "https:\/\/github.com\/DownWithUp" + }, + "html_url": "https:\/\/github.com\/DownWithUp\/CVE-2018-18714", + "description": "PoC Code for CVE-2018-18714 (exploit by stack overflow)", + "fork": false, + "created_at": "2018-11-01T20:31:50Z", + "updated_at": "2020-03-19T00:33:27Z", + "pushed_at": "2018-11-09T21:08:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19127.json b/2018/CVE-2018-19127.json new file mode 100644 index 0000000000..8e0205072b --- /dev/null +++ b/2018/CVE-2018-19127.json @@ -0,0 +1,25 @@ +[ + { + "id": 156842411, + "name": "phpcms-2008-CVE-2018-19127", + "full_name": "ab1gale\/phpcms-2008-CVE-2018-19127", + "owner": { + "login": "ab1gale", + "id": 5143253, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5143253?v=4", + "html_url": "https:\/\/github.com\/ab1gale" + }, + "html_url": "https:\/\/github.com\/ab1gale\/phpcms-2008-CVE-2018-19127", + "description": null, + "fork": false, + "created_at": "2018-11-09T09:51:26Z", + "updated_at": "2020-06-27T16:23:09Z", + "pushed_at": "2018-11-09T09:55:35Z", + "stargazers_count": 43, + "watchers_count": 43, + "forks_count": 7, + "forks": 7, + "watchers": 43, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19131.json b/2018/CVE-2018-19131.json new file mode 100644 index 0000000000..a8887933d5 --- /dev/null +++ b/2018/CVE-2018-19131.json @@ -0,0 +1,25 @@ +[ + { + "id": 157386452, + "name": "CVE-2018-19131", + "full_name": "JonathanWilbur\/CVE-2018-19131", + "owner": { + "login": "JonathanWilbur", + "id": 20342114, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20342114?v=4", + "html_url": "https:\/\/github.com\/JonathanWilbur" + }, + "html_url": "https:\/\/github.com\/JonathanWilbur\/CVE-2018-19131", + "description": "Proof-of-Concept exploit of CVE-2018-19131: Squid Proxy XSS via X.509 Certificate", + "fork": false, + "created_at": "2018-11-13T13:40:10Z", + "updated_at": "2020-09-12T08:28:34Z", + "pushed_at": "2018-11-14T02:40:24Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 2, + "forks": 2, + "watchers": 13, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2380.json b/2018/CVE-2018-2380.json new file mode 100644 index 0000000000..856ab86572 --- /dev/null +++ b/2018/CVE-2018-2380.json @@ -0,0 +1,25 @@ +[ + { + "id": 125186745, + "name": "CVE-2018-2380", + "full_name": "erpscanteam\/CVE-2018-2380", + "owner": { + "login": "erpscanteam", + "id": 35491827, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/35491827?v=4", + "html_url": "https:\/\/github.com\/erpscanteam" + }, + "html_url": "https:\/\/github.com\/erpscanteam\/CVE-2018-2380", + "description": "PoC of Remote Command Execution via Log injection on SAP NetWeaver AS JAVA CRM", + "fork": false, + "created_at": "2018-03-14T09:20:21Z", + "updated_at": "2020-08-09T21:12:29Z", + "pushed_at": "2018-03-14T12:13:43Z", + "stargazers_count": 46, + "watchers_count": 46, + "forks_count": 15, + "forks": 15, + "watchers": 46, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2628.json b/2018/CVE-2018-2628.json index 54e40b3484..5b8d0dd858 100644 --- a/2018/CVE-2018-2628.json +++ b/2018/CVE-2018-2628.json @@ -1,4 +1,303 @@ [ + { + "id": 129995161, + "name": "CVE-2018-2628", + "full_name": "forlin\/CVE-2018-2628", + "owner": { + "login": "forlin", + "id": 3012554, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3012554?v=4", + "html_url": "https:\/\/github.com\/forlin" + }, + "html_url": "https:\/\/github.com\/forlin\/CVE-2018-2628", + "description": "CVE-2018-2628", + "fork": false, + "created_at": "2018-04-18T02:56:39Z", + "updated_at": "2020-05-16T15:11:58Z", + "pushed_at": "2018-04-18T02:48:58Z", + "stargazers_count": 17, + "watchers_count": 17, + "forks_count": 42, + "forks": 42, + "watchers": 17, + "score": 0 + }, + { + "id": 130009588, + "name": "CVE-2018-2628", + "full_name": "shengqi158\/CVE-2018-2628", + "owner": { + "login": "shengqi158", + "id": 3364935, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3364935?v=4", + "html_url": "https:\/\/github.com\/shengqi158" + }, + "html_url": "https:\/\/github.com\/shengqi158\/CVE-2018-2628", + "description": "CVE-2018-2628 & CVE-2018-2893", + "fork": false, + "created_at": "2018-04-18T05:41:23Z", + "updated_at": "2020-07-22T07:26:50Z", + "pushed_at": "2018-07-20T01:24:36Z", + "stargazers_count": 75, + "watchers_count": 75, + "forks_count": 49, + "forks": 49, + "watchers": 75, + "score": 0 + }, + { + "id": 130047996, + "name": "CVE-2018-2628", + "full_name": "skydarker\/CVE-2018-2628", + "owner": { + "login": "skydarker", + "id": 25345671, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25345671?v=4", + "html_url": "https:\/\/github.com\/skydarker" + }, + "html_url": "https:\/\/github.com\/skydarker\/CVE-2018-2628", + "description": "CVE-2018-2628", + "fork": false, + "created_at": "2018-04-18T10:50:09Z", + "updated_at": "2018-04-18T11:23:19Z", + "pushed_at": "2018-04-18T11:23:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 130088305, + "name": "weblogic-cve-2018-2628", + "full_name": "jiansiting\/weblogic-cve-2018-2628", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting" + }, + "html_url": "https:\/\/github.com\/jiansiting\/weblogic-cve-2018-2628", + "description": null, + "fork": false, + "created_at": "2018-04-18T16:04:17Z", + "updated_at": "2019-11-01T06:57:08Z", + "pushed_at": "2018-04-18T16:04:26Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 10, + "forks": 10, + "watchers": 13, + "score": 0 + }, + { + "id": 130098527, + "name": "CVE-2018-2628-detect", + "full_name": "zjxzjx\/CVE-2018-2628-detect", + "owner": { + "login": "zjxzjx", + "id": 8297291, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/8297291?v=4", + "html_url": "https:\/\/github.com\/zjxzjx" + }, + "html_url": "https:\/\/github.com\/zjxzjx\/CVE-2018-2628-detect", + "description": null, + "fork": false, + "created_at": "2018-04-18T17:28:44Z", + "updated_at": "2018-11-14T06:35:35Z", + "pushed_at": "2018-04-20T03:47:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 45, + "forks": 45, + "watchers": 0, + "score": 0 + }, + { + "id": 130101048, + "name": "CVE-2018-2628-MultiThreading", + "full_name": "aedoo\/CVE-2018-2628-MultiThreading", + "owner": { + "login": "aedoo", + "id": 19517413, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/19517413?v=4", + "html_url": "https:\/\/github.com\/aedoo" + }, + "html_url": "https:\/\/github.com\/aedoo\/CVE-2018-2628-MultiThreading", + "description": "WebLogic WLS核心组件反序列化漏洞多线程批量检测脚本 CVE-2018-2628-MultiThreading", + "fork": false, + "created_at": "2018-04-18T17:50:29Z", + "updated_at": "2020-05-08T14:01:45Z", + "pushed_at": "2018-04-19T06:56:29Z", + "stargazers_count": 15, + "watchers_count": 15, + "forks_count": 19, + "forks": 19, + "watchers": 15, + "score": 0 + }, + { + "id": 130153239, + "name": "CVE-2018-2628", + "full_name": "hawk-520\/CVE-2018-2628", + "owner": { + "login": "hawk-520", + "id": 37926610, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/37926610?v=4", + "html_url": "https:\/\/github.com\/hawk-520" + }, + "html_url": "https:\/\/github.com\/hawk-520\/CVE-2018-2628", + "description": "CVE-2018-2628", + "fork": false, + "created_at": "2018-04-19T03:19:15Z", + "updated_at": "2020-10-20T18:58:02Z", + "pushed_at": "2018-04-18T18:28:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 9, + "forks": 9, + "watchers": 2, + "score": 0 + }, + { + "id": 130239892, + "name": "CVE-2018-2628", + "full_name": "9uest\/CVE-2018-2628", + "owner": { + "login": "9uest", + "id": 11766504, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/11766504?v=4", + "html_url": "https:\/\/github.com\/9uest" + }, + "html_url": "https:\/\/github.com\/9uest\/CVE-2018-2628", + "description": null, + "fork": false, + "created_at": "2018-04-19T15:56:49Z", + "updated_at": "2018-06-22T05:38:30Z", + "pushed_at": "2018-04-19T16:05:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 130291417, + "name": "CVE-2018-2628all", + "full_name": "Shadowshusky\/CVE-2018-2628all", + "owner": { + "login": "Shadowshusky", + "id": 31649758, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/31649758?v=4", + "html_url": "https:\/\/github.com\/Shadowshusky" + }, + "html_url": "https:\/\/github.com\/Shadowshusky\/CVE-2018-2628all", + "description": null, + "fork": false, + "created_at": "2018-04-20T01:24:17Z", + "updated_at": "2019-06-12T09:17:11Z", + "pushed_at": "2018-04-20T01:24:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, + { + "id": 130296227, + "name": "CVE-2018-2628", + "full_name": "shaoshore\/CVE-2018-2628", + "owner": { + "login": "shaoshore", + "id": 36906351, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/36906351?v=4", + "html_url": "https:\/\/github.com\/shaoshore" + }, + "html_url": "https:\/\/github.com\/shaoshore\/CVE-2018-2628", + "description": null, + "fork": false, + "created_at": "2018-04-20T02:14:21Z", + "updated_at": "2018-04-20T02:14:21Z", + "pushed_at": "2018-04-20T02:14:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 131935440, + "name": "ysoserial-cve-2018-2628", + "full_name": "tdy218\/ysoserial-cve-2018-2628", + "owner": { + "login": "tdy218", + "id": 4214030, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4214030?v=4", + "html_url": "https:\/\/github.com\/tdy218" + }, + "html_url": "https:\/\/github.com\/tdy218\/ysoserial-cve-2018-2628", + "description": "Some codes for bypassing Oracle WebLogic CVE-2018-2628 patch", + "fork": false, + "created_at": "2018-05-03T03:13:05Z", + "updated_at": "2020-06-29T05:15:22Z", + "pushed_at": "2018-05-21T09:06:43Z", + "stargazers_count": 100, + "watchers_count": 100, + "forks_count": 53, + "forks": 53, + "watchers": 100, + "score": 0 + }, + { + "id": 134244931, + "name": "CVE-2018-2628", + "full_name": "s0wr0b1ndef\/CVE-2018-2628", + "owner": { + "login": "s0wr0b1ndef", + "id": 37288034, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/37288034?v=4", + "html_url": "https:\/\/github.com\/s0wr0b1ndef" + }, + "html_url": "https:\/\/github.com\/s0wr0b1ndef\/CVE-2018-2628", + "description": null, + "fork": false, + "created_at": "2018-05-21T09:04:45Z", + "updated_at": "2018-06-13T08:54:52Z", + "pushed_at": "2018-05-21T09:04:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 136104138, + "name": "cve-2018-2628", + "full_name": "wrysunny\/cve-2018-2628", + "owner": { + "login": "wrysunny", + "id": 20748454, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/20748454?v=4", + "html_url": "https:\/\/github.com\/wrysunny" + }, + "html_url": "https:\/\/github.com\/wrysunny\/cve-2018-2628", + "description": "cve-2018-2628 反弹shell", + "fork": false, + "created_at": "2018-06-05T01:47:02Z", + "updated_at": "2018-06-05T01:48:07Z", + "pushed_at": "2018-06-05T01:48:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 136164259, "name": "CVE-2018-2628", @@ -22,6 +321,98 @@ "watchers": 79, "score": 0 }, + { + "id": 138707761, + "name": "CVE-2018-2628", + "full_name": "stevenlinfeng\/CVE-2018-2628", + "owner": { + "login": "stevenlinfeng", + "id": 29966693, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/29966693?v=4", + "html_url": "https:\/\/github.com\/stevenlinfeng" + }, + "html_url": "https:\/\/github.com\/stevenlinfeng\/CVE-2018-2628", + "description": null, + "fork": false, + "created_at": "2018-06-26T08:25:57Z", + "updated_at": "2018-06-26T08:25:57Z", + "pushed_at": "2018-06-26T08:25:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 139417715, + "name": "CVE-2018-2628", + "full_name": "likescam\/CVE-2018-2628", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2018-2628", + "description": null, + "fork": false, + "created_at": "2018-07-02T09:00:34Z", + "updated_at": "2019-05-26T06:58:12Z", + "pushed_at": "2018-07-02T09:00:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, + { + "id": 147341225, + "name": "WebLogic-RCE-exploit", + "full_name": "Nervous\/WebLogic-RCE-exploit", + "owner": { + "login": "Nervous", + "id": 172442, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/172442?v=4", + "html_url": "https:\/\/github.com\/Nervous" + }, + "html_url": "https:\/\/github.com\/Nervous\/WebLogic-RCE-exploit", + "description": "A remote code execution exploit for WebLogic based on CVE-2018-2628", + "fork": false, + "created_at": "2018-09-04T12:17:21Z", + "updated_at": "2019-10-11T08:19:19Z", + "pushed_at": "2018-09-04T12:21:21Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 3, + "forks": 3, + "watchers": 5, + "score": 0 + }, + { + "id": 155318699, + "name": "CVE-2018-2628", + "full_name": "Lighird\/CVE-2018-2628", + "owner": { + "login": "Lighird", + "id": 28284964, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/28284964?v=4", + "html_url": "https:\/\/github.com\/Lighird" + }, + "html_url": "https:\/\/github.com\/Lighird\/CVE-2018-2628", + "description": "CVE-2018-2628漏洞工具包", + "fork": false, + "created_at": "2018-10-30T03:26:16Z", + "updated_at": "2020-07-13T02:21:36Z", + "pushed_at": "2018-10-30T03:35:42Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 6, + "forks": 6, + "watchers": 4, + "score": 0 + }, { "id": 164424976, "name": "CVE-2018-2628", diff --git a/2018/CVE-2018-2636.json b/2018/CVE-2018-2636.json new file mode 100644 index 0000000000..ed07aefc7b --- /dev/null +++ b/2018/CVE-2018-2636.json @@ -0,0 +1,48 @@ +[ + { + "id": 119399468, + "name": "CVE-2018-2636", + "full_name": "erpscanteam\/CVE-2018-2636", + "owner": { + "login": "erpscanteam", + "id": 35491827, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/35491827?v=4", + "html_url": "https:\/\/github.com\/erpscanteam" + }, + "html_url": "https:\/\/github.com\/erpscanteam\/CVE-2018-2636", + "description": "ERPScan Public POC for CVE-2018-2636", + "fork": false, + "created_at": "2018-01-29T15:16:02Z", + "updated_at": "2020-07-17T11:18:33Z", + "pushed_at": "2018-02-01T15:36:19Z", + "stargazers_count": 23, + "watchers_count": 23, + "forks_count": 19, + "forks": 19, + "watchers": 23, + "score": 0 + }, + { + "id": 120569870, + "name": "micros_honeypot", + "full_name": "Cymmetria\/micros_honeypot", + "owner": { + "login": "Cymmetria", + "id": 19413345, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/19413345?v=4", + "html_url": "https:\/\/github.com\/Cymmetria" + }, + "html_url": "https:\/\/github.com\/Cymmetria\/micros_honeypot", + "description": "MICROS Honeypot is a low interaction honeypot to detect CVE-2018-2636 in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (MICROS). This is a directory traversal vulnerability.", + "fork": false, + "created_at": "2018-02-07T05:54:46Z", + "updated_at": "2019-08-29T20:49:08Z", + "pushed_at": "2018-09-25T22:00:12Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 4, + "forks": 4, + "watchers": 9, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2844.json b/2018/CVE-2018-2844.json new file mode 100644 index 0000000000..282e6a0f4c --- /dev/null +++ b/2018/CVE-2018-2844.json @@ -0,0 +1,25 @@ +[ + { + "id": 146413224, + "name": "virtualbox-cve-2018-2844", + "full_name": "renorobert\/virtualbox-cve-2018-2844", + "owner": { + "login": "renorobert", + "id": 4233909, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/4233909?v=4", + "html_url": "https:\/\/github.com\/renorobert" + }, + "html_url": "https:\/\/github.com\/renorobert\/virtualbox-cve-2018-2844", + "description": null, + "fork": false, + "created_at": "2018-08-28T08:04:19Z", + "updated_at": "2020-07-28T02:07:30Z", + "pushed_at": "2018-08-28T08:06:21Z", + "stargazers_count": 91, + "watchers_count": 91, + "forks_count": 32, + "forks": 32, + "watchers": 91, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2879.json b/2018/CVE-2018-2879.json index ab1dc64ddf..6584a90f27 100644 --- a/2018/CVE-2018-2879.json +++ b/2018/CVE-2018-2879.json @@ -1,4 +1,27 @@ [ + { + "id": 142485401, + "name": "Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit", + "full_name": "MostafaSoliman\/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit", + "owner": { + "login": "MostafaSoliman", + "id": 13528184, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/13528184?v=4", + "html_url": "https:\/\/github.com\/MostafaSoliman" + }, + "html_url": "https:\/\/github.com\/MostafaSoliman\/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit", + "description": null, + "fork": false, + "created_at": "2018-07-26T19:31:45Z", + "updated_at": "2020-07-10T13:31:49Z", + "pushed_at": "2018-07-27T12:09:40Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 6, + "forks": 6, + "watchers": 9, + "score": 0 + }, { "id": 142787515, "name": "oracle-oam-authentication-bypas-exploit", diff --git a/2018/CVE-2018-2893.json b/2018/CVE-2018-2893.json index 342d717d93..d9bb82f957 100644 --- a/2018/CVE-2018-2893.json +++ b/2018/CVE-2018-2893.json @@ -1,4 +1,142 @@ [ + { + "id": 141531715, + "name": "CVE-2018-2893", + "full_name": "sry309\/CVE-2018-2893", + "owner": { + "login": "sry309", + "id": 15671013, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15671013?v=4", + "html_url": "https:\/\/github.com\/sry309" + }, + "html_url": "https:\/\/github.com\/sry309\/CVE-2018-2893", + "description": "CVE-2018-2893", + "fork": false, + "created_at": "2018-07-19T06:06:10Z", + "updated_at": "2020-12-10T06:55:01Z", + "pushed_at": "2018-07-19T05:59:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 141534186, + "name": "CVE-2018-2893", + "full_name": "ryanInf\/CVE-2018-2893", + "owner": { + "login": "ryanInf", + "id": 19621374, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/19621374?v=4", + "html_url": "https:\/\/github.com\/ryanInf" + }, + "html_url": "https:\/\/github.com\/ryanInf\/CVE-2018-2893", + "description": "CVE-2018-2893 PoC", + "fork": false, + "created_at": "2018-07-19T06:28:12Z", + "updated_at": "2020-12-16T09:58:12Z", + "pushed_at": "2018-07-19T06:12:51Z", + "stargazers_count": 28, + "watchers_count": 28, + "forks_count": 37, + "forks": 37, + "watchers": 28, + "score": 0 + }, + { + "id": 141678694, + "name": "CVE-2018-2893", + "full_name": "bigsizeme\/CVE-2018-2893", + "owner": { + "login": "bigsizeme", + "id": 17845094, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/17845094?v=4", + "html_url": "https:\/\/github.com\/bigsizeme" + }, + "html_url": "https:\/\/github.com\/bigsizeme\/CVE-2018-2893", + "description": "反弹shell生成器", + "fork": false, + "created_at": "2018-07-20T07:26:43Z", + "updated_at": "2019-04-22T04:46:36Z", + "pushed_at": "2018-07-23T04:31:27Z", + "stargazers_count": 17, + "watchers_count": 17, + "forks_count": 5, + "forks": 5, + "watchers": 17, + "score": 0 + }, + { + "id": 141856470, + "name": "CVE-2018-2893", + "full_name": "pyn3rd\/CVE-2018-2893", + "owner": { + "login": "pyn3rd", + "id": 41412951, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/41412951?v=4", + "html_url": "https:\/\/github.com\/pyn3rd" + }, + "html_url": "https:\/\/github.com\/pyn3rd\/CVE-2018-2893", + "description": "CVE-2018-2893-PoC", + "fork": false, + "created_at": "2018-07-22T01:15:58Z", + "updated_at": "2020-11-20T09:59:04Z", + "pushed_at": "2018-10-27T01:42:20Z", + "stargazers_count": 90, + "watchers_count": 90, + "forks_count": 37, + "forks": 37, + "watchers": 90, + "score": 0 + }, + { + "id": 142403659, + "name": "CVE-2018-2893", + "full_name": "qianl0ng\/CVE-2018-2893", + "owner": { + "login": "qianl0ng", + "id": 26949233, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/26949233?v=4", + "html_url": "https:\/\/github.com\/qianl0ng" + }, + "html_url": "https:\/\/github.com\/qianl0ng\/CVE-2018-2893", + "description": "可以直接反弹shell", + "fork": false, + "created_at": "2018-07-26T07:16:38Z", + "updated_at": "2020-08-19T01:40:23Z", + "pushed_at": "2018-07-26T07:50:15Z", + "stargazers_count": 44, + "watchers_count": 44, + "forks_count": 14, + "forks": 14, + "watchers": 44, + "score": 0 + }, + { + "id": 151921677, + "name": "CVE-2018-2893", + "full_name": "jas502n\/CVE-2018-2893", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-2893", + "description": "CVE-2018-2893", + "fork": false, + "created_at": "2018-10-07T08:41:14Z", + "updated_at": "2020-12-16T08:25:44Z", + "pushed_at": "2018-10-07T09:53:54Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 9, + "forks": 9, + "watchers": 10, + "score": 0 + }, { "id": 219763712, "name": "CVE-2018-2893", diff --git a/2018/CVE-2018-2894.json b/2018/CVE-2018-2894.json index b9e63ed6b8..964a2a1c48 100644 --- a/2018/CVE-2018-2894.json +++ b/2018/CVE-2018-2894.json @@ -1,4 +1,50 @@ [ + { + "id": 141601079, + "name": "cve-2018-2894", + "full_name": "111ddea\/cve-2018-2894", + "owner": { + "login": "111ddea", + "id": 41444127, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/41444127?v=4", + "html_url": "https:\/\/github.com\/111ddea" + }, + "html_url": "https:\/\/github.com\/111ddea\/cve-2018-2894", + "description": "cve-2018-2894 不同别人的利用方法。", + "fork": false, + "created_at": "2018-07-19T15:50:35Z", + "updated_at": "2020-11-26T11:40:23Z", + "pushed_at": "2018-07-22T08:34:27Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 7, + "forks": 7, + "watchers": 13, + "score": 0 + }, + { + "id": 141661586, + "name": "CVE-2018-2894", + "full_name": "LandGrey\/CVE-2018-2894", + "owner": { + "login": "LandGrey", + "id": 16769779, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16769779?v=4", + "html_url": "https:\/\/github.com\/LandGrey" + }, + "html_url": "https:\/\/github.com\/LandGrey\/CVE-2018-2894", + "description": "CVE-2018-2894 WebLogic Unrestricted File Upload Lead To RCE Check Script", + "fork": false, + "created_at": "2018-07-20T03:59:18Z", + "updated_at": "2020-12-18T03:52:25Z", + "pushed_at": "2018-07-20T12:46:50Z", + "stargazers_count": 129, + "watchers_count": 129, + "forks_count": 49, + "forks": 49, + "watchers": 129, + "score": 0 + }, { "id": 151928392, "name": "CVE-2018-2894", diff --git a/2018/CVE-2018-3191.json b/2018/CVE-2018-3191.json new file mode 100644 index 0000000000..79425a4abd --- /dev/null +++ b/2018/CVE-2018-3191.json @@ -0,0 +1,117 @@ +[ + { + "id": 154076972, + "name": "CVE-2018-3191", + "full_name": "arongmh\/CVE-2018-3191", + "owner": { + "login": "arongmh", + "id": 30547070, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/30547070?v=4", + "html_url": "https:\/\/github.com\/arongmh" + }, + "html_url": "https:\/\/github.com\/arongmh\/CVE-2018-3191", + "description": "CVE-2018-3191 payload generator", + "fork": false, + "created_at": "2018-10-22T02:29:12Z", + "updated_at": "2020-04-06T11:03:47Z", + "pushed_at": "2018-10-21T17:28:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 55, + "forks": 55, + "watchers": 1, + "score": 0 + }, + { + "id": 154250933, + "name": "CVE-2018-3191", + "full_name": "pyn3rd\/CVE-2018-3191", + "owner": { + "login": "pyn3rd", + "id": 41412951, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/41412951?v=4", + "html_url": "https:\/\/github.com\/pyn3rd" + }, + "html_url": "https:\/\/github.com\/pyn3rd\/CVE-2018-3191", + "description": "CVE-2018-3191-PoC", + "fork": false, + "created_at": "2018-10-23T02:43:39Z", + "updated_at": "2020-09-17T05:40:04Z", + "pushed_at": "2018-10-26T17:54:54Z", + "stargazers_count": 93, + "watchers_count": 93, + "forks_count": 43, + "forks": 43, + "watchers": 93, + "score": 0 + }, + { + "id": 154368972, + "name": "CVE-2018-3191", + "full_name": "Libraggbond\/CVE-2018-3191", + "owner": { + "login": "Libraggbond", + "id": 37012218, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/37012218?v=4", + "html_url": "https:\/\/github.com\/Libraggbond" + }, + "html_url": "https:\/\/github.com\/Libraggbond\/CVE-2018-3191", + "description": "CVE-2018-3191 反弹shell", + "fork": false, + "created_at": "2018-10-23T17:24:43Z", + "updated_at": "2020-05-01T11:51:36Z", + "pushed_at": "2018-10-23T17:28:05Z", + "stargazers_count": 54, + "watchers_count": 54, + "forks_count": 29, + "forks": 29, + "watchers": 54, + "score": 0 + }, + { + "id": 154426418, + "name": "CVE-2018-3191", + "full_name": "jas502n\/CVE-2018-3191", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-3191", + "description": "Weblogic-CVE-2018-3191远程代码命令执行漏洞", + "fork": false, + "created_at": "2018-10-24T02:26:53Z", + "updated_at": "2020-11-19T03:42:38Z", + "pushed_at": "2018-10-24T17:42:47Z", + "stargazers_count": 63, + "watchers_count": 63, + "forks_count": 24, + "forks": 24, + "watchers": 63, + "score": 0 + }, + { + "id": 154477893, + "name": "CVE-2018-3191-Rce-Exploit", + "full_name": "mackleadmire\/CVE-2018-3191-Rce-Exploit", + "owner": { + "login": "mackleadmire", + "id": 10216868, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/10216868?v=4", + "html_url": "https:\/\/github.com\/mackleadmire" + }, + "html_url": "https:\/\/github.com\/mackleadmire\/CVE-2018-3191-Rce-Exploit", + "description": null, + "fork": false, + "created_at": "2018-10-24T09:54:00Z", + "updated_at": "2020-11-19T04:08:52Z", + "pushed_at": "2018-10-25T08:12:46Z", + "stargazers_count": 19, + "watchers_count": 19, + "forks_count": 3, + "forks": 3, + "watchers": 19, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-3245.json b/2018/CVE-2018-3245.json index 678ec671d0..fa46876046 100644 --- a/2018/CVE-2018-3245.json +++ b/2018/CVE-2018-3245.json @@ -1,4 +1,50 @@ [ + { + "id": 154452586, + "name": "CVE-2018-3245", + "full_name": "pyn3rd\/CVE-2018-3245", + "owner": { + "login": "pyn3rd", + "id": 41412951, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/41412951?v=4", + "html_url": "https:\/\/github.com\/pyn3rd" + }, + "html_url": "https:\/\/github.com\/pyn3rd\/CVE-2018-3245", + "description": "CVE-2018-3245-PoC", + "fork": false, + "created_at": "2018-10-24T06:49:33Z", + "updated_at": "2020-10-26T07:34:53Z", + "pushed_at": "2018-10-27T01:41:18Z", + "stargazers_count": 154, + "watchers_count": 154, + "forks_count": 62, + "forks": 62, + "watchers": 154, + "score": 0 + }, + { + "id": 154593773, + "name": "CVE-2018-3245", + "full_name": "jas502n\/CVE-2018-3245", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-3245", + "description": "CVE-2018-3245", + "fork": false, + "created_at": "2018-10-25T01:46:56Z", + "updated_at": "2019-08-23T03:53:49Z", + "pushed_at": "2018-10-25T02:01:39Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 9, + "forks": 9, + "watchers": 12, + "score": 0 + }, { "id": 219765536, "name": "CVE-2018-3245", diff --git a/2018/CVE-2018-3252.json b/2018/CVE-2018-3252.json index 1f5237a8df..c4aa8b379d 100644 --- a/2018/CVE-2018-3252.json +++ b/2018/CVE-2018-3252.json @@ -1,4 +1,27 @@ [ + { + "id": 154596948, + "name": "CVE-2018-3252", + "full_name": "jas502n\/CVE-2018-3252", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-3252", + "description": "Weblogic-CVE-2018-3252", + "fork": false, + "created_at": "2018-10-25T02:16:49Z", + "updated_at": "2019-03-12T05:44:19Z", + "pushed_at": "2018-10-25T02:16:50Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 2, + "forks": 2, + "watchers": 7, + "score": 0 + }, { "id": 160289379, "name": "CVE-2018-3252", diff --git a/2018/CVE-2018-3608.json b/2018/CVE-2018-3608.json new file mode 100644 index 0000000000..319e053e14 --- /dev/null +++ b/2018/CVE-2018-3608.json @@ -0,0 +1,25 @@ +[ + { + "id": 120301126, + "name": "Trend_Micro_POC", + "full_name": "ZhiyuanWang-Chengdu-Qihoo360\/Trend_Micro_POC", + "owner": { + "login": "ZhiyuanWang-Chengdu-Qihoo360", + "id": 35134599, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/35134599?v=4", + "html_url": "https:\/\/github.com\/ZhiyuanWang-Chengdu-Qihoo360" + }, + "html_url": "https:\/\/github.com\/ZhiyuanWang-Chengdu-Qihoo360\/Trend_Micro_POC", + "description": "CVE-2018-3608 Trend_Micro_CVE", + "fork": false, + "created_at": "2018-02-05T12:22:28Z", + "updated_at": "2019-09-27T17:09:24Z", + "pushed_at": "2018-02-05T12:55:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-3639.json b/2018/CVE-2018-3639.json index 15649ca0a1..628a1da271 100644 --- a/2018/CVE-2018-3639.json +++ b/2018/CVE-2018-3639.json @@ -1,4 +1,50 @@ [ + { + "id": 135628428, + "name": "ssbd-tools", + "full_name": "tyhicks\/ssbd-tools", + "owner": { + "login": "tyhicks", + "id": 1051156, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/1051156?v=4", + "html_url": "https:\/\/github.com\/tyhicks" + }, + "html_url": "https:\/\/github.com\/tyhicks\/ssbd-tools", + "description": "Tools to exercise the Linux kernel mitigation for CVE-2018-3639 (aka Variant 4) using the Speculative Store Bypass Disable (SSBD) feature of x86 processors", + "fork": false, + "created_at": "2018-05-31T19:48:18Z", + "updated_at": "2019-12-16T15:32:25Z", + "pushed_at": "2018-06-01T16:53:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + }, + { + "id": 137829375, + "name": "Intel-CVE-2018-3639-Mitigation_RegistryUpdate", + "full_name": "malindarathnayake\/Intel-CVE-2018-3639-Mitigation_RegistryUpdate", + "owner": { + "login": "malindarathnayake", + "id": 9443796, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/9443796?v=4", + "html_url": "https:\/\/github.com\/malindarathnayake" + }, + "html_url": "https:\/\/github.com\/malindarathnayake\/Intel-CVE-2018-3639-Mitigation_RegistryUpdate", + "description": null, + "fork": false, + "created_at": "2018-06-19T02:19:26Z", + "updated_at": "2018-06-19T02:57:22Z", + "pushed_at": "2018-06-19T02:57:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 186128549, "name": "CVE-2018-3639", diff --git a/2018/CVE-2018-3810.json b/2018/CVE-2018-3810.json index 9bc35c7f07..9c70213356 100644 --- a/2018/CVE-2018-3810.json +++ b/2018/CVE-2018-3810.json @@ -1,4 +1,27 @@ [ + { + "id": 127300096, + "name": "CVE-2018-3810", + "full_name": "lucad93\/CVE-2018-3810", + "owner": { + "login": "lucad93", + "id": 11524244, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/11524244?v=4", + "html_url": "https:\/\/github.com\/lucad93" + }, + "html_url": "https:\/\/github.com\/lucad93\/CVE-2018-3810", + "description": null, + "fork": false, + "created_at": "2018-03-29T14:04:11Z", + "updated_at": "2018-03-29T14:06:18Z", + "pushed_at": "2018-04-04T13:42:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, { "id": 168879431, "name": "cve-2018-3810", diff --git a/2018/CVE-2018-4087.json b/2018/CVE-2018-4087.json index f7373dd6e8..c79c41c049 100644 --- a/2018/CVE-2018-4087.json +++ b/2018/CVE-2018-4087.json @@ -21,5 +21,51 @@ "forks": 22, "watchers": 56, "score": 0 + }, + { + "id": 123298406, + "name": "UnjailMe", + "full_name": "MTJailed\/UnjailMe", + "owner": { + "login": "MTJailed", + "id": 31187886, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/31187886?v=4", + "html_url": "https:\/\/github.com\/MTJailed" + }, + "html_url": "https:\/\/github.com\/MTJailed\/UnjailMe", + "description": "A sandbox escape based on the proof-of-concept (CVE-2018-4087) by Rani Idan (Zimperium)", + "fork": false, + "created_at": "2018-02-28T14:45:06Z", + "updated_at": "2020-10-10T22:24:09Z", + "pushed_at": "2018-05-08T10:59:23Z", + "stargazers_count": 78, + "watchers_count": 78, + "forks_count": 23, + "forks": 23, + "watchers": 78, + "score": 0 + }, + { + "id": 124429247, + "name": "Exploit11.2", + "full_name": "joedaguy\/Exploit11.2", + "owner": { + "login": "joedaguy", + "id": 37167590, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/37167590?v=4", + "html_url": "https:\/\/github.com\/joedaguy" + }, + "html_url": "https:\/\/github.com\/joedaguy\/Exploit11.2", + "description": "Exploit iOS 11.2.x by ZIMPERIUM and semi-completed by me. Sandbox escapes on CVE-2018-4087. ", + "fork": false, + "created_at": "2018-03-08T18:04:31Z", + "updated_at": "2020-04-06T19:47:42Z", + "pushed_at": "2018-03-08T15:41:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 28, + "forks": 28, + "watchers": 1, + "score": 0 } ] \ No newline at end of file diff --git a/2018/CVE-2018-4110.json b/2018/CVE-2018-4110.json new file mode 100644 index 0000000000..c397179c72 --- /dev/null +++ b/2018/CVE-2018-4110.json @@ -0,0 +1,25 @@ +[ + { + "id": 105685717, + "name": "ios11-cookie-set-expire-issue", + "full_name": "bencompton\/ios11-cookie-set-expire-issue", + "owner": { + "login": "bencompton", + "id": 3343482, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3343482?v=4", + "html_url": "https:\/\/github.com\/bencompton" + }, + "html_url": "https:\/\/github.com\/bencompton\/ios11-cookie-set-expire-issue", + "description": "Reproduction of iOS 11 bug CVE-2018-4110", + "fork": false, + "created_at": "2017-10-03T18:09:30Z", + "updated_at": "2019-05-07T14:07:43Z", + "pushed_at": "2017-10-16T15:07:13Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4121.json b/2018/CVE-2018-4121.json new file mode 100644 index 0000000000..1f2b47ed64 --- /dev/null +++ b/2018/CVE-2018-4121.json @@ -0,0 +1,71 @@ +[ + { + "id": 130184573, + "name": "CVE-2018-4121", + "full_name": "FSecureLABS\/CVE-2018-4121", + "owner": { + "login": "FSecureLABS", + "id": 1469843, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/1469843?v=4", + "html_url": "https:\/\/github.com\/FSecureLABS" + }, + "html_url": "https:\/\/github.com\/FSecureLABS\/CVE-2018-4121", + "description": "macOS 10.13.3 (17D47) Safari Wasm Exploit ", + "fork": false, + "created_at": "2018-04-19T08:33:12Z", + "updated_at": "2020-04-16T03:34:01Z", + "pushed_at": "2018-04-19T11:20:41Z", + "stargazers_count": 114, + "watchers_count": 114, + "forks_count": 34, + "forks": 34, + "watchers": 114, + "score": 0 + }, + { + "id": 141314432, + "name": "CVE-2018-4121", + "full_name": "likescam\/CVE-2018-4121", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2018-4121", + "description": null, + "fork": false, + "created_at": "2018-07-17T16:15:29Z", + "updated_at": "2018-07-17T16:15:44Z", + "pushed_at": "2018-07-17T16:15:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 147746670, + "name": "CVE-2018-4121", + "full_name": "jezzus\/CVE-2018-4121", + "owner": { + "login": "jezzus", + "id": 9899999, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/9899999?v=4", + "html_url": "https:\/\/github.com\/jezzus" + }, + "html_url": "https:\/\/github.com\/jezzus\/CVE-2018-4121", + "description": null, + "fork": false, + "created_at": "2018-09-06T23:55:43Z", + "updated_at": "2018-09-06T23:55:53Z", + "pushed_at": "2018-09-06T23:55:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4150.json b/2018/CVE-2018-4150.json new file mode 100644 index 0000000000..95836e0d79 --- /dev/null +++ b/2018/CVE-2018-4150.json @@ -0,0 +1,71 @@ +[ + { + "id": 132634317, + "name": "CVE-2018-4150", + "full_name": "Jailbreaks\/CVE-2018-4150", + "owner": { + "login": "Jailbreaks", + "id": 25392316, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25392316?v=4", + "html_url": "https:\/\/github.com\/Jailbreaks" + }, + "html_url": "https:\/\/github.com\/Jailbreaks\/CVE-2018-4150", + "description": "Proof of concept for CVE-2018-4150 by @cmwdotme ", + "fork": false, + "created_at": "2018-05-08T16:12:59Z", + "updated_at": "2018-11-16T12:24:04Z", + "pushed_at": "2018-05-08T16:14:50Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 4, + "forks": 4, + "watchers": 11, + "score": 0 + }, + { + "id": 132916613, + "name": "LovelySn0w", + "full_name": "RPwnage\/LovelySn0w", + "owner": { + "login": "RPwnage", + "id": 33968601, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/33968601?v=4", + "html_url": "https:\/\/github.com\/RPwnage" + }, + "html_url": "https:\/\/github.com\/RPwnage\/LovelySn0w", + "description": "a iOS CVE-2018-4150 Application example.", + "fork": false, + "created_at": "2018-05-10T15:04:44Z", + "updated_at": "2020-12-19T19:45:56Z", + "pushed_at": "2018-05-14T14:32:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 3, + "forks": 3, + "watchers": 2, + "score": 0 + }, + { + "id": 135454936, + "name": "incomplete-exploit-for-CVE-2018-4150-bpf-filter-poc-", + "full_name": "littlelailo\/incomplete-exploit-for-CVE-2018-4150-bpf-filter-poc-", + "owner": { + "login": "littlelailo", + "id": 28736661, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/28736661?v=4", + "html_url": "https:\/\/github.com\/littlelailo" + }, + "html_url": "https:\/\/github.com\/littlelailo\/incomplete-exploit-for-CVE-2018-4150-bpf-filter-poc-", + "description": "incomplete exploit for CVE-2018-4150 (by cmwdotme) for devices without SMAP", + "fork": false, + "created_at": "2018-05-30T14:29:37Z", + "updated_at": "2020-09-29T08:51:45Z", + "pushed_at": "2018-05-30T14:39:55Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 1, + "forks": 1, + "watchers": 6, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4185.json b/2018/CVE-2018-4185.json new file mode 100644 index 0000000000..9f96da436b --- /dev/null +++ b/2018/CVE-2018-4185.json @@ -0,0 +1,25 @@ +[ + { + "id": 123051746, + "name": "x18-leak", + "full_name": "bazad\/x18-leak", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad" + }, + "html_url": "https:\/\/github.com\/bazad\/x18-leak", + "description": "CVE-2018-4185: iOS 11.2-11.2.6 kernel pointer disclosure introduced by Apple's Meltdown mitigation.", + "fork": false, + "created_at": "2018-02-27T00:58:39Z", + "updated_at": "2020-09-07T11:40:43Z", + "pushed_at": "2018-03-07T08:07:29Z", + "stargazers_count": 76, + "watchers_count": 76, + "forks_count": 12, + "forks": 12, + "watchers": 76, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4233.json b/2018/CVE-2018-4233.json new file mode 100644 index 0000000000..b2e5618bb4 --- /dev/null +++ b/2018/CVE-2018-4233.json @@ -0,0 +1,25 @@ +[ + { + "id": 144027153, + "name": "cve-2018-4233", + "full_name": "saelo\/cve-2018-4233", + "owner": { + "login": "saelo", + "id": 2453290, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2453290?v=4", + "html_url": "https:\/\/github.com\/saelo" + }, + "html_url": "https:\/\/github.com\/saelo\/cve-2018-4233", + "description": "Exploit for CVE-2018-4233, a WebKit JIT optimization bug used during Pwn2Own 2018", + "fork": false, + "created_at": "2018-08-08T14:41:20Z", + "updated_at": "2020-11-10T14:47:23Z", + "pushed_at": "2018-08-17T23:31:46Z", + "stargazers_count": 154, + "watchers_count": 154, + "forks_count": 32, + "forks": 32, + "watchers": 154, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4241.json b/2018/CVE-2018-4241.json new file mode 100644 index 0000000000..d802a4aaa8 --- /dev/null +++ b/2018/CVE-2018-4241.json @@ -0,0 +1,25 @@ +[ + { + "id": 136248519, + "name": "multi_path", + "full_name": "0neday\/multi_path", + "owner": { + "login": "0neday", + "id": 15697803, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/15697803?v=4", + "html_url": "https:\/\/github.com\/0neday" + }, + "html_url": "https:\/\/github.com\/0neday\/multi_path", + "description": "CVE-2018-4241: XNU kernel heap overflow due to bad bounds checking in MPTCP for iOS 11 - 11.3.1released by Ian Beer", + "fork": false, + "created_at": "2018-06-06T00:07:01Z", + "updated_at": "2020-12-04T15:46:11Z", + "pushed_at": "2018-06-06T23:57:48Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4243.json b/2018/CVE-2018-4243.json new file mode 100644 index 0000000000..f8079e41ee --- /dev/null +++ b/2018/CVE-2018-4243.json @@ -0,0 +1,25 @@ +[ + { + "id": 137236042, + "name": "empty_list", + "full_name": "Jailbreaks\/empty_list", + "owner": { + "login": "Jailbreaks", + "id": 25392316, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25392316?v=4", + "html_url": "https:\/\/github.com\/Jailbreaks" + }, + "html_url": "https:\/\/github.com\/Jailbreaks\/empty_list", + "description": "empty_list - exploit for p0 issue 1564 (CVE-2018-4243) iOS 11.0 - 11.3.1 kernel r\/w", + "fork": false, + "created_at": "2018-06-13T15:38:18Z", + "updated_at": "2020-08-14T07:13:49Z", + "pushed_at": "2018-06-13T15:40:15Z", + "stargazers_count": 16, + "watchers_count": 16, + "forks_count": 5, + "forks": 5, + "watchers": 16, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4248.json b/2018/CVE-2018-4248.json new file mode 100644 index 0000000000..ce664ecad0 --- /dev/null +++ b/2018/CVE-2018-4248.json @@ -0,0 +1,25 @@ +[ + { + "id": 132848731, + "name": "xpc-string-leak", + "full_name": "bazad\/xpc-string-leak", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad" + }, + "html_url": "https:\/\/github.com\/bazad\/xpc-string-leak", + "description": "CVE-2018-4248: Out-of-bounds read in libxpc during string serialization.", + "fork": false, + "created_at": "2018-05-10T04:31:38Z", + "updated_at": "2020-03-17T04:31:39Z", + "pushed_at": "2018-07-10T00:05:46Z", + "stargazers_count": 46, + "watchers_count": 46, + "forks_count": 4, + "forks": 4, + "watchers": 46, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4280.json b/2018/CVE-2018-4280.json new file mode 100644 index 0000000000..56bf942930 --- /dev/null +++ b/2018/CVE-2018-4280.json @@ -0,0 +1,48 @@ +[ + { + "id": 118415497, + "name": "launchd-portrep", + "full_name": "bazad\/launchd-portrep", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad" + }, + "html_url": "https:\/\/github.com\/bazad\/launchd-portrep", + "description": "CVE-2018-4280: Mach port replacement vulnerability in launchd on macOS 10.13.5 leading to local privilege escalation and SIP bypass.", + "fork": false, + "created_at": "2018-01-22T06:22:59Z", + "updated_at": "2020-12-07T01:17:50Z", + "pushed_at": "2018-10-28T20:23:30Z", + "stargazers_count": 48, + "watchers_count": 48, + "forks_count": 4, + "forks": 4, + "watchers": 48, + "score": 0 + }, + { + "id": 122551718, + "name": "blanket", + "full_name": "bazad\/blanket", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad" + }, + "html_url": "https:\/\/github.com\/bazad\/blanket", + "description": "CVE-2018-4280: Mach port replacement vulnerability in launchd on iOS 11.2.6 leading to sandbox escape, privilege escalation, and codesigning bypass.", + "fork": false, + "created_at": "2018-02-23T00:19:05Z", + "updated_at": "2020-12-01T17:34:39Z", + "pushed_at": "2018-11-13T00:26:18Z", + "stargazers_count": 209, + "watchers_count": 209, + "forks_count": 38, + "forks": 38, + "watchers": 209, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4327.json b/2018/CVE-2018-4327.json new file mode 100644 index 0000000000..8a73ce2dfb --- /dev/null +++ b/2018/CVE-2018-4327.json @@ -0,0 +1,48 @@ +[ + { + "id": 148367467, + "name": "brokentooth", + "full_name": "omerporze\/brokentooth", + "owner": { + "login": "omerporze", + "id": 6332303, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/6332303?v=4", + "html_url": "https:\/\/github.com\/omerporze" + }, + "html_url": "https:\/\/github.com\/omerporze\/brokentooth", + "description": " POC for CVE-2018-4327", + "fork": false, + "created_at": "2018-09-11T19:15:09Z", + "updated_at": "2020-12-16T15:32:46Z", + "pushed_at": "2018-09-13T15:59:05Z", + "stargazers_count": 40, + "watchers_count": 40, + "forks_count": 8, + "forks": 8, + "watchers": 40, + "score": 0 + }, + { + "id": 148547298, + "name": "POC-CVE-2018-4327-and-CVE-2018-4330", + "full_name": "harryanon\/POC-CVE-2018-4327-and-CVE-2018-4330", + "owner": { + "login": "harryanon", + "id": 37672417, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/37672417?v=4", + "html_url": "https:\/\/github.com\/harryanon" + }, + "html_url": "https:\/\/github.com\/harryanon\/POC-CVE-2018-4327-and-CVE-2018-4330", + "description": null, + "fork": false, + "created_at": "2018-09-12T22:00:58Z", + "updated_at": "2018-09-30T09:47:45Z", + "pushed_at": "2018-09-12T22:01:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4330.json b/2018/CVE-2018-4330.json new file mode 100644 index 0000000000..57716a6e5e --- /dev/null +++ b/2018/CVE-2018-4330.json @@ -0,0 +1,25 @@ +[ + { + "id": 148663645, + "name": "toothfairy", + "full_name": "omerporze\/toothfairy", + "owner": { + "login": "omerporze", + "id": 6332303, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/6332303?v=4", + "html_url": "https:\/\/github.com\/omerporze" + }, + "html_url": "https:\/\/github.com\/omerporze\/toothfairy", + "description": "CVE-2018-4330 POC for iOS", + "fork": false, + "created_at": "2018-09-13T16:05:20Z", + "updated_at": "2018-12-04T20:03:15Z", + "pushed_at": "2018-09-13T18:34:20Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 2, + "forks": 2, + "watchers": 13, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4331.json b/2018/CVE-2018-4331.json new file mode 100644 index 0000000000..30da9b005c --- /dev/null +++ b/2018/CVE-2018-4331.json @@ -0,0 +1,25 @@ +[ + { + "id": 114446755, + "name": "gsscred-race", + "full_name": "bazad\/gsscred-race", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad" + }, + "html_url": "https:\/\/github.com\/bazad\/gsscred-race", + "description": "CVE-2018-4331: Exploit for a race condition in the GSSCred system service on iOS 11.2.", + "fork": false, + "created_at": "2017-12-16T08:48:08Z", + "updated_at": "2020-04-14T17:58:29Z", + "pushed_at": "2018-01-09T07:23:15Z", + "stargazers_count": 20, + "watchers_count": 20, + "forks_count": 5, + "forks": 5, + "watchers": 20, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4343.json b/2018/CVE-2018-4343.json new file mode 100644 index 0000000000..b3eb38b5af --- /dev/null +++ b/2018/CVE-2018-4343.json @@ -0,0 +1,25 @@ +[ + { + "id": 113555592, + "name": "gsscred-move-uaf", + "full_name": "bazad\/gsscred-move-uaf", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad" + }, + "html_url": "https:\/\/github.com\/bazad\/gsscred-move-uaf", + "description": "CVE-2018-4343: Proof-of-concept for a use-after-free in the GSSCred daemon on macOS and iOS.", + "fork": false, + "created_at": "2017-12-08T09:15:37Z", + "updated_at": "2020-10-10T06:38:29Z", + "pushed_at": "2017-12-09T23:23:47Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 1, + "forks": 1, + "watchers": 6, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4407.json b/2018/CVE-2018-4407.json index b65bf06ea8..f94831923b 100644 --- a/2018/CVE-2018-4407.json +++ b/2018/CVE-2018-4407.json @@ -1,4 +1,73 @@ [ + { + "id": 155684007, + "name": "check_icmp_dos", + "full_name": "Pa55w0rd\/check_icmp_dos", + "owner": { + "login": "Pa55w0rd", + "id": 16274549, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16274549?v=4", + "html_url": "https:\/\/github.com\/Pa55w0rd" + }, + "html_url": "https:\/\/github.com\/Pa55w0rd\/check_icmp_dos", + "description": "iOS 12 \/ OS X Remote Kernel Heap Overflow (CVE-2018-4407) POC", + "fork": false, + "created_at": "2018-11-01T08:21:59Z", + "updated_at": "2020-04-06T11:00:33Z", + "pushed_at": "2018-11-01T08:53:23Z", + "stargazers_count": 59, + "watchers_count": 59, + "forks_count": 14, + "forks": 14, + "watchers": 59, + "score": 0 + }, + { + "id": 155748281, + "name": "cve-2018-4407", + "full_name": "unixpickle\/cve-2018-4407", + "owner": { + "login": "unixpickle", + "id": 406021, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/406021?v=4", + "html_url": "https:\/\/github.com\/unixpickle" + }, + "html_url": "https:\/\/github.com\/unixpickle\/cve-2018-4407", + "description": "Crash macOS and iOS devices with one packet", + "fork": false, + "created_at": "2018-11-01T17:03:25Z", + "updated_at": "2020-04-06T10:58:21Z", + "pushed_at": "2018-11-15T21:13:37Z", + "stargazers_count": 49, + "watchers_count": 49, + "forks_count": 18, + "forks": 18, + "watchers": 49, + "score": 0 + }, + { + "id": 155810193, + "name": "check_icmp_dos-CVE-2018-4407-", + "full_name": "s2339956\/check_icmp_dos-CVE-2018-4407-", + "owner": { + "login": "s2339956", + "id": 17181670, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/17181670?v=4", + "html_url": "https:\/\/github.com\/s2339956" + }, + "html_url": "https:\/\/github.com\/s2339956\/check_icmp_dos-CVE-2018-4407-", + "description": "CVE-2018-4407 概述與實現", + "fork": false, + "created_at": "2018-11-02T03:38:41Z", + "updated_at": "2018-11-02T03:48:36Z", + "pushed_at": "2018-11-02T03:48:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, { "id": 155836421, "name": "AppleDOS", @@ -68,6 +137,75 @@ "watchers": 13, "score": 0 }, + { + "id": 155925880, + "name": "node-cve-2018-4407", + "full_name": "SamDecrock\/node-cve-2018-4407", + "owner": { + "login": "SamDecrock", + "id": 550487, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/550487?v=4", + "html_url": "https:\/\/github.com\/SamDecrock" + }, + "html_url": "https:\/\/github.com\/SamDecrock\/node-cve-2018-4407", + "description": "Node.js PoC exploit code for CVE-2018-4407", + "fork": false, + "created_at": "2018-11-02T22:00:17Z", + "updated_at": "2020-06-19T07:48:32Z", + "pushed_at": "2018-11-02T22:13:40Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 6, + "forks": 6, + "watchers": 11, + "score": 0 + }, + { + "id": 156039963, + "name": "CVE-2018-4407", + "full_name": "r3dxpl0it\/CVE-2018-4407", + "owner": { + "login": "r3dxpl0it", + "id": 43002597, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/43002597?v=4", + "html_url": "https:\/\/github.com\/r3dxpl0it" + }, + "html_url": "https:\/\/github.com\/r3dxpl0it\/CVE-2018-4407", + "description": "IOS\/MAC Denial-Of-Service [POC\/EXPLOIT FOR MASSIVE ATTACK TO IOS\/MAC IN NETWORK]", + "fork": false, + "created_at": "2018-11-04T01:47:05Z", + "updated_at": "2020-09-22T13:46:40Z", + "pushed_at": "2018-11-04T02:25:08Z", + "stargazers_count": 22, + "watchers_count": 22, + "forks_count": 10, + "forks": 10, + "watchers": 22, + "score": 0 + }, + { + "id": 156051346, + "name": "CVE-2018-4407", + "full_name": "lucagiovagnoli\/CVE-2018-4407", + "owner": { + "login": "lucagiovagnoli", + "id": 4341034, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/4341034?v=4", + "html_url": "https:\/\/github.com\/lucagiovagnoli" + }, + "html_url": "https:\/\/github.com\/lucagiovagnoli\/CVE-2018-4407", + "description": "A buffer overflow vulnerability in the XNU kernel's ICMP error code causes IOS devices to crash (laptops and mobiles).", + "fork": false, + "created_at": "2018-11-04T05:10:38Z", + "updated_at": "2019-12-06T13:15:13Z", + "pushed_at": "2018-11-04T19:00:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, { "id": 156611823, "name": "Apple-Remote-Crash-Tool-CVE-2018-4407", diff --git a/2018/CVE-2018-4878.json b/2018/CVE-2018-4878.json index cfd7e0500e..bd1bfd62d0 100644 --- a/2018/CVE-2018-4878.json +++ b/2018/CVE-2018-4878.json @@ -1,4 +1,211 @@ [ + { + "id": 118241221, + "name": "CVE-2018-4878-", + "full_name": "ydl555\/CVE-2018-4878-", + "owner": { + "login": "ydl555", + "id": 12909271, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/12909271?v=4", + "html_url": "https:\/\/github.com\/ydl555" + }, + "html_url": "https:\/\/github.com\/ydl555\/CVE-2018-4878-", + "description": "备忘:flash挂马工具备份 CVE-2018-4878", + "fork": false, + "created_at": "2018-01-20T12:32:26Z", + "updated_at": "2018-06-14T13:18:54Z", + "pushed_at": "2018-06-12T03:04:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 120909146, + "name": "CVE-2018-4878", + "full_name": "mdsecactivebreach\/CVE-2018-4878", + "owner": { + "login": "mdsecactivebreach", + "id": 29373540, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/29373540?v=4", + "html_url": "https:\/\/github.com\/mdsecactivebreach" + }, + "html_url": "https:\/\/github.com\/mdsecactivebreach\/CVE-2018-4878", + "description": null, + "fork": false, + "created_at": "2018-02-09T13:30:46Z", + "updated_at": "2020-03-26T07:15:42Z", + "pushed_at": "2018-02-09T14:38:27Z", + "stargazers_count": 21, + "watchers_count": 21, + "forks_count": 17, + "forks": 17, + "watchers": 21, + "score": 0 + }, + { + "id": 120962228, + "name": "CVE-2018-4878", + "full_name": "hybridious\/CVE-2018-4878", + "owner": { + "login": "hybridious", + "id": 26754785, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26754785?v=4", + "html_url": "https:\/\/github.com\/hybridious" + }, + "html_url": "https:\/\/github.com\/hybridious\/CVE-2018-4878", + "description": "Aggressor Script to just launch IE driveby for CVE-2018-4878", + "fork": false, + "created_at": "2018-02-09T22:25:03Z", + "updated_at": "2018-02-10T09:26:14Z", + "pushed_at": "2018-02-09T22:09:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 5, + "forks": 5, + "watchers": 0, + "score": 0 + }, + { + "id": 121002284, + "name": "CVE-2018-4878", + "full_name": "vysecurity\/CVE-2018-4878", + "owner": { + "login": "vysecurity", + "id": 3596242, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3596242?v=4", + "html_url": "https:\/\/github.com\/vysecurity" + }, + "html_url": "https:\/\/github.com\/vysecurity\/CVE-2018-4878", + "description": "Aggressor Script to launch IE driveby for CVE-2018-4878", + "fork": false, + "created_at": "2018-02-10T09:30:18Z", + "updated_at": "2020-11-14T14:15:50Z", + "pushed_at": "2018-02-10T19:39:10Z", + "stargazers_count": 77, + "watchers_count": 77, + "forks_count": 33, + "forks": 33, + "watchers": 77, + "score": 0 + }, + { + "id": 122663508, + "name": "CVE-2018-4878", + "full_name": "KathodeN\/CVE-2018-4878", + "owner": { + "login": "KathodeN", + "id": 29355827, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/29355827?v=4", + "html_url": "https:\/\/github.com\/KathodeN" + }, + "html_url": "https:\/\/github.com\/KathodeN\/CVE-2018-4878", + "description": "CVE-2018-4878 样本", + "fork": false, + "created_at": "2018-02-23T19:24:40Z", + "updated_at": "2020-12-10T06:55:01Z", + "pushed_at": "2018-02-22T07:10:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 125353862, + "name": "CVE-2018-4878", + "full_name": "Sch01ar\/CVE-2018-4878", + "owner": { + "login": "Sch01ar", + "id": 28928231, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/28928231?v=4", + "html_url": "https:\/\/github.com\/Sch01ar" + }, + "html_url": "https:\/\/github.com\/Sch01ar\/CVE-2018-4878", + "description": null, + "fork": false, + "created_at": "2018-03-15T10:56:29Z", + "updated_at": "2018-03-17T15:53:22Z", + "pushed_at": "2018-03-17T15:53:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + }, + { + "id": 128007297, + "name": "CVE-2018-4878", + "full_name": "SyFi\/CVE-2018-4878", + "owner": { + "login": "SyFi", + "id": 26314806, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/26314806?v=4", + "html_url": "https:\/\/github.com\/SyFi" + }, + "html_url": "https:\/\/github.com\/SyFi\/CVE-2018-4878", + "description": "Flash Exploit Poc", + "fork": false, + "created_at": "2018-04-04T04:33:44Z", + "updated_at": "2020-05-29T17:05:11Z", + "pushed_at": "2018-09-03T11:41:25Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 10, + "forks": 10, + "watchers": 10, + "score": 0 + }, + { + "id": 137009230, + "name": "CVE-2018-4878", + "full_name": "ydl555\/CVE-2018-4878", + "owner": { + "login": "ydl555", + "id": 12909271, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/12909271?v=4", + "html_url": "https:\/\/github.com\/ydl555" + }, + "html_url": "https:\/\/github.com\/ydl555\/CVE-2018-4878", + "description": " CVE-2018-4878 flash 0day", + "fork": false, + "created_at": "2018-06-12T02:57:59Z", + "updated_at": "2018-06-12T03:01:52Z", + "pushed_at": "2018-06-12T02:57:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 153381902, + "name": "CVE-2018-4878", + "full_name": "B0fH\/CVE-2018-4878", + "owner": { + "login": "B0fH", + "id": 1335037, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/1335037?v=4", + "html_url": "https:\/\/github.com\/B0fH" + }, + "html_url": "https:\/\/github.com\/B0fH\/CVE-2018-4878", + "description": "Metasploit module for CVE-2018-4878", + "fork": false, + "created_at": "2018-10-17T02:11:24Z", + "updated_at": "2018-12-26T09:33:54Z", + "pushed_at": "2018-10-24T02:18:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, { "id": 162440583, "name": "CVE-2018-4878", diff --git a/2018/CVE-2018-4901.json b/2018/CVE-2018-4901.json new file mode 100644 index 0000000000..f1ca0aaef0 --- /dev/null +++ b/2018/CVE-2018-4901.json @@ -0,0 +1,25 @@ +[ + { + "id": 125818046, + "name": "CVE-2018-4901", + "full_name": "bigric3\/CVE-2018-4901", + "owner": { + "login": "bigric3", + "id": 22165361, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/22165361?v=4", + "html_url": "https:\/\/github.com\/bigric3" + }, + "html_url": "https:\/\/github.com\/bigric3\/CVE-2018-4901", + "description": "crash poc & Leak info PoC", + "fork": false, + "created_at": "2018-03-19T07:27:53Z", + "updated_at": "2018-11-16T12:24:04Z", + "pushed_at": "2018-03-19T07:29:42Z", + "stargazers_count": 18, + "watchers_count": 18, + "forks_count": 5, + "forks": 5, + "watchers": 18, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5234.json b/2018/CVE-2018-5234.json new file mode 100644 index 0000000000..8a694e8b2e --- /dev/null +++ b/2018/CVE-2018-5234.json @@ -0,0 +1,25 @@ +[ + { + "id": 131737249, + "name": "ble_norton_core", + "full_name": "embedi\/ble_norton_core", + "owner": { + "login": "embedi", + "id": 24190344, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/24190344?v=4", + "html_url": "https:\/\/github.com\/embedi" + }, + "html_url": "https:\/\/github.com\/embedi\/ble_norton_core", + "description": "PoC exploit for CVE-2018-5234", + "fork": false, + "created_at": "2018-05-01T16:40:30Z", + "updated_at": "2020-10-31T17:50:41Z", + "pushed_at": "2018-05-02T08:50:57Z", + "stargazers_count": 28, + "watchers_count": 28, + "forks_count": 9, + "forks": 9, + "watchers": 28, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5711.json b/2018/CVE-2018-5711.json new file mode 100644 index 0000000000..bf77f38a10 --- /dev/null +++ b/2018/CVE-2018-5711.json @@ -0,0 +1,48 @@ +[ + { + "id": 119782218, + "name": "Test-7-2-0-PHP-CVE-2018-5711", + "full_name": "huzhenghui\/Test-7-2-0-PHP-CVE-2018-5711", + "owner": { + "login": "huzhenghui", + "id": 4843755, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4843755?v=4", + "html_url": "https:\/\/github.com\/huzhenghui" + }, + "html_url": "https:\/\/github.com\/huzhenghui\/Test-7-2-0-PHP-CVE-2018-5711", + "description": null, + "fork": false, + "created_at": "2018-02-01T04:21:13Z", + "updated_at": "2018-02-02T07:40:36Z", + "pushed_at": "2018-02-01T06:24:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 119790221, + "name": "Test-7-2-1-PHP-CVE-2018-5711", + "full_name": "huzhenghui\/Test-7-2-1-PHP-CVE-2018-5711", + "owner": { + "login": "huzhenghui", + "id": 4843755, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4843755?v=4", + "html_url": "https:\/\/github.com\/huzhenghui" + }, + "html_url": "https:\/\/github.com\/huzhenghui\/Test-7-2-1-PHP-CVE-2018-5711", + "description": null, + "fork": false, + "created_at": "2018-02-01T06:00:14Z", + "updated_at": "2018-02-02T04:30:18Z", + "pushed_at": "2018-02-01T06:23:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5740.json b/2018/CVE-2018-5740.json new file mode 100644 index 0000000000..6dc37b94ef --- /dev/null +++ b/2018/CVE-2018-5740.json @@ -0,0 +1,25 @@ +[ + { + "id": 144792218, + "name": "cve-2018-5740", + "full_name": "sischkg\/cve-2018-5740", + "owner": { + "login": "sischkg", + "id": 3468384, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/3468384?v=4", + "html_url": "https:\/\/github.com\/sischkg" + }, + "html_url": "https:\/\/github.com\/sischkg\/cve-2018-5740", + "description": null, + "fork": false, + "created_at": "2018-08-15T01:50:41Z", + "updated_at": "2019-02-25T15:06:06Z", + "pushed_at": "2018-08-15T06:25:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5951.json b/2018/CVE-2018-5951.json new file mode 100644 index 0000000000..20cb7609c6 --- /dev/null +++ b/2018/CVE-2018-5951.json @@ -0,0 +1,25 @@ +[ + { + "id": 118846181, + "name": "CVE-2018-5951", + "full_name": "Nat-Lab\/CVE-2018-5951", + "owner": { + "login": "Nat-Lab", + "id": 18462539, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/18462539?v=4", + "html_url": "https:\/\/github.com\/Nat-Lab" + }, + "html_url": "https:\/\/github.com\/Nat-Lab\/CVE-2018-5951", + "description": "MikroTik RouterOS Denial of Service Vulnerability", + "fork": false, + "created_at": "2018-01-25T01:40:02Z", + "updated_at": "2020-10-01T13:43:56Z", + "pushed_at": "2018-02-11T06:51:29Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 7, + "forks": 7, + "watchers": 6, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5955.json b/2018/CVE-2018-5955.json index 6b575e9df3..d742f56b36 100644 --- a/2018/CVE-2018-5955.json +++ b/2018/CVE-2018-5955.json @@ -1,4 +1,27 @@ [ + { + "id": 148261072, + "name": "GitStackRCE", + "full_name": "cisp\/GitStackRCE", + "owner": { + "login": "cisp", + "id": 11972644, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/11972644?v=4", + "html_url": "https:\/\/github.com\/cisp" + }, + "html_url": "https:\/\/github.com\/cisp\/GitStackRCE", + "description": "GitStackRCE漏洞(CVE-2018-5955)EXP", + "fork": false, + "created_at": "2018-09-11T04:39:43Z", + "updated_at": "2018-09-21T15:13:18Z", + "pushed_at": "2018-09-11T04:40:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, { "id": 229491909, "name": "Cerberus", @@ -13,13 +36,13 @@ "description": "一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能", "fork": false, "created_at": "2019-12-21T22:45:55Z", - "updated_at": "2020-12-17T02:38:53Z", + "updated_at": "2020-12-19T15:10:59Z", "pushed_at": "2020-01-05T21:46:25Z", - "stargazers_count": 340, - "watchers_count": 340, + "stargazers_count": 341, + "watchers_count": 341, "forks_count": 78, "forks": 78, - "watchers": 340, + "watchers": 341, "score": 0 } ] \ No newline at end of file diff --git a/2018/CVE-2018-6242.json b/2018/CVE-2018-6242.json index 6ce87583ae..b25ca5afd3 100644 --- a/2018/CVE-2018-6242.json +++ b/2018/CVE-2018-6242.json @@ -1,4 +1,50 @@ [ + { + "id": 131405057, + "name": "NXLoader", + "full_name": "DavidBuchanan314\/NXLoader", + "owner": { + "login": "DavidBuchanan314", + "id": 13520633, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/13520633?v=4", + "html_url": "https:\/\/github.com\/DavidBuchanan314" + }, + "html_url": "https:\/\/github.com\/DavidBuchanan314\/NXLoader", + "description": "My first Android app: Launch Fusée Gelée payloads from stock Android (CVE-2018-6242)", + "fork": false, + "created_at": "2018-04-28T11:50:00Z", + "updated_at": "2020-12-05T12:32:45Z", + "pushed_at": "2018-08-30T05:37:03Z", + "stargazers_count": 411, + "watchers_count": 411, + "forks_count": 53, + "forks": 53, + "watchers": 411, + "score": 0 + }, + { + "id": 134342730, + "name": "rcm-modchips", + "full_name": "reswitched\/rcm-modchips", + "owner": { + "login": "reswitched", + "id": 26338222, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/26338222?v=4", + "html_url": "https:\/\/github.com\/reswitched" + }, + "html_url": "https:\/\/github.com\/reswitched\/rcm-modchips", + "description": "Collection of \"modchip\" designs for launching payloads via the Tegra RCM bug (CVE-2018-6242) ", + "fork": false, + "created_at": "2018-05-22T01:15:14Z", + "updated_at": "2019-01-22T23:33:39Z", + "pushed_at": "2018-05-22T07:44:42Z", + "stargazers_count": 21, + "watchers_count": 21, + "forks_count": 3, + "forks": 3, + "watchers": 21, + "score": 0 + }, { "id": 213283473, "name": "fusho", diff --git a/2018/CVE-2018-6376.json b/2018/CVE-2018-6376.json new file mode 100644 index 0000000000..7e4204ea7c --- /dev/null +++ b/2018/CVE-2018-6376.json @@ -0,0 +1,25 @@ +[ + { + "id": 121202213, + "name": "CVE-2018-6376", + "full_name": "knqyf263\/CVE-2018-6376", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-6376", + "description": "Joomla!, Second Order SQL Injection", + "fork": false, + "created_at": "2018-02-12T05:02:52Z", + "updated_at": "2018-10-04T17:23:42Z", + "pushed_at": "2018-02-12T12:14:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6389.json b/2018/CVE-2018-6389.json index 894314c0e1..f8c5387b27 100644 --- a/2018/CVE-2018-6389.json +++ b/2018/CVE-2018-6389.json @@ -1,4 +1,211 @@ [ + { + "id": 120386140, + "name": "wordpress-fix-cve-2018-6389", + "full_name": "yolabingo\/wordpress-fix-cve-2018-6389", + "owner": { + "login": "yolabingo", + "id": 628954, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/628954?v=4", + "html_url": "https:\/\/github.com\/yolabingo" + }, + "html_url": "https:\/\/github.com\/yolabingo\/wordpress-fix-cve-2018-6389", + "description": "Apache RewriteRule to mitigate potential DoS attack via Wordpress wp-admin\/load-scripts.php file", + "fork": false, + "created_at": "2018-02-06T01:43:33Z", + "updated_at": "2018-02-08T01:19:57Z", + "pushed_at": "2018-02-06T01:46:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 120477120, + "name": "CVE-2018-6389", + "full_name": "WazeHell\/CVE-2018-6389", + "owner": { + "login": "WazeHell", + "id": 20618414, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20618414?v=4", + "html_url": "https:\/\/github.com\/WazeHell" + }, + "html_url": "https:\/\/github.com\/WazeHell\/CVE-2018-6389", + "description": "CVE-2018-6389 Exploit In WordPress DoS ", + "fork": false, + "created_at": "2018-02-06T15:16:03Z", + "updated_at": "2020-07-04T11:10:46Z", + "pushed_at": "2018-02-06T15:36:29Z", + "stargazers_count": 76, + "watchers_count": 76, + "forks_count": 36, + "forks": 36, + "watchers": 76, + "score": 0 + }, + { + "id": 120533146, + "name": "modsecurity-cve-2018-6389", + "full_name": "rastating\/modsecurity-cve-2018-6389", + "owner": { + "login": "rastating", + "id": 2500434, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/2500434?v=4", + "html_url": "https:\/\/github.com\/rastating" + }, + "html_url": "https:\/\/github.com\/rastating\/modsecurity-cve-2018-6389", + "description": "A ModSecurity ruleset for detecting potential attacks using CVE-2018-6389", + "fork": false, + "created_at": "2018-02-06T22:51:21Z", + "updated_at": "2020-10-21T21:49:25Z", + "pushed_at": "2018-02-07T01:05:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 120540306, + "name": "CVE-2018-6389", + "full_name": "knqyf263\/CVE-2018-6389", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-6389", + "description": "WordPress DoS (CVE-2018-6389)", + "fork": false, + "created_at": "2018-02-07T00:20:57Z", + "updated_at": "2020-01-17T20:42:25Z", + "pushed_at": "2018-02-07T00:43:23Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 2, + "forks": 2, + "watchers": 10, + "score": 0 + }, + { + "id": 120617956, + "name": "cve-2018-6389-php-patcher", + "full_name": "JulienGadanho\/cve-2018-6389-php-patcher", + "owner": { + "login": "JulienGadanho", + "id": 18120161, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/18120161?v=4", + "html_url": "https:\/\/github.com\/JulienGadanho" + }, + "html_url": "https:\/\/github.com\/JulienGadanho\/cve-2018-6389-php-patcher", + "description": "Patch Wordpress DOS breach (CVE-2018-6389) in PHP", + "fork": false, + "created_at": "2018-02-07T13:22:31Z", + "updated_at": "2018-12-02T15:55:12Z", + "pushed_at": "2018-02-13T08:19:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 3, + "forks": 3, + "watchers": 1, + "score": 0 + }, + { + "id": 120916403, + "name": "wordpress-CVE-2018-6389", + "full_name": "dsfau\/wordpress-CVE-2018-6389", + "owner": { + "login": "dsfau", + "id": 26786936, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26786936?v=4", + "html_url": "https:\/\/github.com\/dsfau" + }, + "html_url": "https:\/\/github.com\/dsfau\/wordpress-CVE-2018-6389", + "description": "Metasploit module for WordPress DOS load-scripts.php CVE-2018-638", + "fork": false, + "created_at": "2018-02-09T14:37:44Z", + "updated_at": "2018-12-11T09:20:38Z", + "pushed_at": "2018-02-09T19:40:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 121636079, + "name": "CVE-2018-6389-FIX", + "full_name": "Jetserver\/CVE-2018-6389-FIX", + "owner": { + "login": "Jetserver", + "id": 16237996, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16237996?v=4", + "html_url": "https:\/\/github.com\/Jetserver" + }, + "html_url": "https:\/\/github.com\/Jetserver\/CVE-2018-6389-FIX", + "description": "Global Fix for Wordpress CVE-2018-6389", + "fork": false, + "created_at": "2018-02-15T14:00:14Z", + "updated_at": "2018-02-15T14:02:54Z", + "pushed_at": "2018-02-18T11:40:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 122881954, + "name": "PoC---CVE-2018-6389", + "full_name": "thechrono13\/PoC---CVE-2018-6389", + "owner": { + "login": "thechrono13", + "id": 23078415, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23078415?v=4", + "html_url": "https:\/\/github.com\/thechrono13" + }, + "html_url": "https:\/\/github.com\/thechrono13\/PoC---CVE-2018-6389", + "description": "Proof of Concept of vunerability CVE-2018-6389 on Wordpress 4.9.2", + "fork": false, + "created_at": "2018-02-25T22:06:05Z", + "updated_at": "2018-02-25T22:07:50Z", + "pushed_at": "2018-02-26T10:13:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 122955721, + "name": "cve-2018-6389", + "full_name": "BlackRouter\/cve-2018-6389", + "owner": { + "login": "BlackRouter", + "id": 15177510, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/15177510?v=4", + "html_url": "https:\/\/github.com\/BlackRouter" + }, + "html_url": "https:\/\/github.com\/BlackRouter\/cve-2018-6389", + "description": null, + "fork": false, + "created_at": "2018-02-26T10:45:27Z", + "updated_at": "2018-02-26T10:45:27Z", + "pushed_at": "2018-02-26T10:47:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 123245165, "name": "PoC---CVE-2018-6389", @@ -22,6 +229,52 @@ "watchers": 0, "score": 0 }, + { + "id": 123487751, + "name": "wordpress-cve-2018-6389", + "full_name": "JavierOlmedo\/wordpress-cve-2018-6389", + "owner": { + "login": "JavierOlmedo", + "id": 15904748, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15904748?v=4", + "html_url": "https:\/\/github.com\/JavierOlmedo" + }, + "html_url": "https:\/\/github.com\/JavierOlmedo\/wordpress-cve-2018-6389", + "description": "CVE-2018-6389 WordPress Core - 'load-scripts.php' Denial of Service <= 4.9.4", + "fork": false, + "created_at": "2018-03-01T20:19:14Z", + "updated_at": "2018-03-19T20:05:40Z", + "pushed_at": "2018-03-07T20:11:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 123791550, + "name": "wordpress_cve-2018-6389", + "full_name": "m3ssap0\/wordpress_cve-2018-6389", + "owner": { + "login": "m3ssap0", + "id": 705120, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/705120?v=4", + "html_url": "https:\/\/github.com\/m3ssap0" + }, + "html_url": "https:\/\/github.com\/m3ssap0\/wordpress_cve-2018-6389", + "description": "Tries to exploit a WordPress vulnerability (CVE-2018-6389) which can be used to cause a Denial of Service.", + "fork": false, + "created_at": "2018-03-04T13:33:15Z", + "updated_at": "2018-09-18T13:02:37Z", + "pushed_at": "2018-03-10T11:57:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, { "id": 123796262, "name": "Shiva", @@ -45,6 +298,98 @@ "watchers": 80, "score": 0 }, + { + "id": 130395597, + "name": "Wordpress-Hack-CVE-2018-6389", + "full_name": "mudhappy\/Wordpress-Hack-CVE-2018-6389", + "owner": { + "login": "mudhappy", + "id": 7614944, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7614944?v=4", + "html_url": "https:\/\/github.com\/mudhappy" + }, + "html_url": "https:\/\/github.com\/mudhappy\/Wordpress-Hack-CVE-2018-6389", + "description": null, + "fork": false, + "created_at": "2018-04-20T17:45:38Z", + "updated_at": "2018-04-20T17:48:12Z", + "pushed_at": "2018-04-20T17:48:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 132090592, + "name": "WP-DOS-Exploit-CVE-2018-6389", + "full_name": "armaanpathan12345\/WP-DOS-Exploit-CVE-2018-6389", + "owner": { + "login": "armaanpathan12345", + "id": 16278863, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16278863?v=4", + "html_url": "https:\/\/github.com\/armaanpathan12345" + }, + "html_url": "https:\/\/github.com\/armaanpathan12345\/WP-DOS-Exploit-CVE-2018-6389", + "description": "WP-DOS-Exploit-CVE-2018-6389", + "fork": false, + "created_at": "2018-05-04T05:15:33Z", + "updated_at": "2018-05-04T05:19:30Z", + "pushed_at": "2018-05-04T05:19:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + }, + { + "id": 146678844, + "name": "trellis-cve-2018-6389", + "full_name": "ItinerisLtd\/trellis-cve-2018-6389", + "owner": { + "login": "ItinerisLtd", + "id": 32365928, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/32365928?v=4", + "html_url": "https:\/\/github.com\/ItinerisLtd" + }, + "html_url": "https:\/\/github.com\/ItinerisLtd\/trellis-cve-2018-6389", + "description": "Mitigate CVE-2018-6389 WordPress load-scripts \/ load-styles attacks", + "fork": false, + "created_at": "2018-08-30T01:25:20Z", + "updated_at": "2020-08-11T04:43:27Z", + "pushed_at": "2018-08-30T01:47:48Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 0, + "forks": 0, + "watchers": 7, + "score": 0 + }, + { + "id": 155115549, + "name": "Wordpress-DOS", + "full_name": "Zazzzles\/Wordpress-DOS", + "owner": { + "login": "Zazzzles", + "id": 16189557, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/16189557?v=4", + "html_url": "https:\/\/github.com\/Zazzzles" + }, + "html_url": "https:\/\/github.com\/Zazzzles\/Wordpress-DOS", + "description": "Exploit for vulnerability CVE-2018-6389 on wordpress sites", + "fork": false, + "created_at": "2018-10-28T21:05:04Z", + "updated_at": "2020-06-17T01:53:45Z", + "pushed_at": "2018-11-01T06:45:17Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 2, + "forks": 2, + "watchers": 4, + "score": 0 + }, { "id": 164352797, "name": "tvsz", @@ -128,8 +473,8 @@ "description": null, "fork": false, "created_at": "2020-10-18T14:01:59Z", - "updated_at": "2020-12-17T23:54:10Z", - "pushed_at": "2020-12-17T23:54:07Z", + "updated_at": "2020-12-19T21:09:14Z", + "pushed_at": "2020-12-19T21:09:12Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, diff --git a/2018/CVE-2018-6396.json b/2018/CVE-2018-6396.json new file mode 100644 index 0000000000..684ac62d1e --- /dev/null +++ b/2018/CVE-2018-6396.json @@ -0,0 +1,25 @@ +[ + { + "id": 123634317, + "name": "joomla-cve-2018-6396", + "full_name": "JavierOlmedo\/joomla-cve-2018-6396", + "owner": { + "login": "JavierOlmedo", + "id": 15904748, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15904748?v=4", + "html_url": "https:\/\/github.com\/JavierOlmedo" + }, + "html_url": "https:\/\/github.com\/JavierOlmedo\/joomla-cve-2018-6396", + "description": "Joomla - Component Google Map Landkarten <= 4.2.3 - SQL Injection", + "fork": false, + "created_at": "2018-03-02T21:46:28Z", + "updated_at": "2019-09-20T10:02:47Z", + "pushed_at": "2018-03-07T20:13:21Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 3, + "forks": 3, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6407.json b/2018/CVE-2018-6407.json new file mode 100644 index 0000000000..eda3cd1041 --- /dev/null +++ b/2018/CVE-2018-6407.json @@ -0,0 +1,25 @@ +[ + { + "id": 119438300, + "name": "ConceptronicIPCam_MultipleVulnerabilities", + "full_name": "dreadlocked\/ConceptronicIPCam_MultipleVulnerabilities", + "owner": { + "login": "dreadlocked", + "id": 7407033, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/7407033?v=4", + "html_url": "https:\/\/github.com\/dreadlocked" + }, + "html_url": "https:\/\/github.com\/dreadlocked\/ConceptronicIPCam_MultipleVulnerabilities", + "description": "[CVE-2018-6407 & CVE-2018-6408] Conceptronic IPCam Administration panel CSRF and Denial of Service", + "fork": false, + "created_at": "2018-01-29T20:36:54Z", + "updated_at": "2020-04-01T13:33:57Z", + "pushed_at": "2018-01-31T00:13:31Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 7, + "forks": 7, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6479.json b/2018/CVE-2018-6479.json new file mode 100644 index 0000000000..0f3c35a369 --- /dev/null +++ b/2018/CVE-2018-6479.json @@ -0,0 +1,25 @@ +[ + { + "id": 119714188, + "name": "netwave-dosvulnerability", + "full_name": "dreadlocked\/netwave-dosvulnerability", + "owner": { + "login": "dreadlocked", + "id": 7407033, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/7407033?v=4", + "html_url": "https:\/\/github.com\/dreadlocked" + }, + "html_url": "https:\/\/github.com\/dreadlocked\/netwave-dosvulnerability", + "description": "[CVE-2018-6479] Netwave IP Camera server vulnerable to Denial of Service via one single huge POST request.", + "fork": false, + "created_at": "2018-01-31T16:38:48Z", + "updated_at": "2020-04-06T19:50:52Z", + "pushed_at": "2018-02-01T20:08:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 5, + "forks": 5, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6518.json b/2018/CVE-2018-6518.json new file mode 100644 index 0000000000..078aa2aac5 --- /dev/null +++ b/2018/CVE-2018-6518.json @@ -0,0 +1,25 @@ +[ + { + "id": 131035487, + "name": "Composr-CMS-10.0.13-Cross-Site-Scripting-XSS", + "full_name": "faizzaidi\/Composr-CMS-10.0.13-Cross-Site-Scripting-XSS", + "owner": { + "login": "faizzaidi", + "id": 12153050, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/12153050?v=4", + "html_url": "https:\/\/github.com\/faizzaidi" + }, + "html_url": "https:\/\/github.com\/faizzaidi\/Composr-CMS-10.0.13-Cross-Site-Scripting-XSS", + "description": "Composr CMS 10.0.13 Cross Site Scripting(XSS) Assigned CVE Number: CVE-2018-6518", + "fork": false, + "created_at": "2018-04-25T16:35:41Z", + "updated_at": "2020-07-17T05:22:18Z", + "pushed_at": "2018-04-25T16:37:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6546.json b/2018/CVE-2018-6546.json new file mode 100644 index 0000000000..db29a1a4af --- /dev/null +++ b/2018/CVE-2018-6546.json @@ -0,0 +1,48 @@ +[ + { + "id": 129653418, + "name": "CVE-2018-6546-Exploit", + "full_name": "securifera\/CVE-2018-6546-Exploit", + "owner": { + "login": "securifera", + "id": 12126525, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/12126525?v=4", + "html_url": "https:\/\/github.com\/securifera" + }, + "html_url": "https:\/\/github.com\/securifera\/CVE-2018-6546-Exploit", + "description": "CVE-2018-6546-Exploit", + "fork": false, + "created_at": "2018-04-15T21:42:20Z", + "updated_at": "2020-06-06T02:32:24Z", + "pushed_at": "2018-04-15T21:59:34Z", + "stargazers_count": 41, + "watchers_count": 41, + "forks_count": 10, + "forks": 10, + "watchers": 41, + "score": 0 + }, + { + "id": 142284375, + "name": "CVE-2018-6546", + "full_name": "YanZiShuang\/CVE-2018-6546", + "owner": { + "login": "YanZiShuang", + "id": 41621080, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/41621080?v=4", + "html_url": "https:\/\/github.com\/YanZiShuang" + }, + "html_url": "https:\/\/github.com\/YanZiShuang\/CVE-2018-6546", + "description": null, + "fork": false, + "created_at": "2018-07-25T10:22:53Z", + "updated_at": "2019-09-02T13:24:16Z", + "pushed_at": "2018-07-25T11:59:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6574.json b/2018/CVE-2018-6574.json index 2ff23d067d..332a488219 100644 --- a/2018/CVE-2018-6574.json +++ b/2018/CVE-2018-6574.json @@ -1,4 +1,165 @@ [ + { + "id": 127698499, + "name": "cve-2018-6574", + "full_name": "acole76\/cve-2018-6574", + "owner": { + "login": "acole76", + "id": 1920278, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/1920278?v=4", + "html_url": "https:\/\/github.com\/acole76" + }, + "html_url": "https:\/\/github.com\/acole76\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2018-04-02T03:34:29Z", + "updated_at": "2018-04-02T03:44:17Z", + "pushed_at": "2018-04-02T03:44:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 130792609, + "name": "CVE-2018-6574-POC", + "full_name": "neargle\/CVE-2018-6574-POC", + "owner": { + "login": "neargle", + "id": 7868679, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/7868679?v=4", + "html_url": "https:\/\/github.com\/neargle" + }, + "html_url": "https:\/\/github.com\/neargle\/CVE-2018-6574-POC", + "description": "CVE-2018-6574 POC : golang 'go get' remote command execution during source code build", + "fork": false, + "created_at": "2018-04-24T03:44:20Z", + "updated_at": "2020-11-01T09:29:29Z", + "pushed_at": "2018-04-24T16:32:22Z", + "stargazers_count": 22, + "watchers_count": 22, + "forks_count": 10, + "forks": 10, + "watchers": 22, + "score": 0 + }, + { + "id": 133783468, + "name": "go-get-rce", + "full_name": "willbo4r\/go-get-rce", + "owner": { + "login": "willbo4r", + "id": 13272847, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/13272847?v=4", + "html_url": "https:\/\/github.com\/willbo4r" + }, + "html_url": "https:\/\/github.com\/willbo4r\/go-get-rce", + "description": "CVE-2018-6574 for pentesterLAB", + "fork": false, + "created_at": "2018-05-17T08:32:40Z", + "updated_at": "2018-05-17T08:33:33Z", + "pushed_at": "2018-05-17T08:33:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 134137690, + "name": "go-get-rce", + "full_name": "ahmetmanga\/go-get-rce", + "owner": { + "login": "ahmetmanga", + "id": 25594206, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/25594206?v=4", + "html_url": "https:\/\/github.com\/ahmetmanga" + }, + "html_url": "https:\/\/github.com\/ahmetmanga\/go-get-rce", + "description": "cve-2018-6574 @pentesterlab", + "fork": false, + "created_at": "2018-05-20T09:39:15Z", + "updated_at": "2018-05-20T09:40:53Z", + "pushed_at": "2018-05-20T09:40:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 134184478, + "name": "cve-2018-6574", + "full_name": "ahmetmanga\/cve-2018-6574", + "owner": { + "login": "ahmetmanga", + "id": 25594206, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/25594206?v=4", + "html_url": "https:\/\/github.com\/ahmetmanga" + }, + "html_url": "https:\/\/github.com\/ahmetmanga\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2018-05-20T20:32:15Z", + "updated_at": "2018-05-20T20:33:17Z", + "pushed_at": "2018-05-20T20:33:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 150020637, + "name": "cve-2018-6574", + "full_name": "kenprice\/cve-2018-6574", + "owner": { + "login": "kenprice", + "id": 8813522, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8813522?v=4", + "html_url": "https:\/\/github.com\/kenprice" + }, + "html_url": "https:\/\/github.com\/kenprice\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2018-09-23T20:00:38Z", + "updated_at": "2018-09-23T20:17:54Z", + "pushed_at": "2018-09-23T20:16:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 155760240, + "name": "cve-2018-6574", + "full_name": "redirected\/cve-2018-6574", + "owner": { + "login": "redirected", + "id": 11227335, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/11227335?v=4", + "html_url": "https:\/\/github.com\/redirected" + }, + "html_url": "https:\/\/github.com\/redirected\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2018-11-01T18:44:35Z", + "updated_at": "2018-11-01T18:57:35Z", + "pushed_at": "2018-11-01T18:57:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 162044535, "name": "CVE-2018-6574-POC", diff --git a/2018/CVE-2018-6643.json b/2018/CVE-2018-6643.json new file mode 100644 index 0000000000..a708ccf584 --- /dev/null +++ b/2018/CVE-2018-6643.json @@ -0,0 +1,25 @@ +[ + { + "id": 146195248, + "name": "CVE-2018-6643", + "full_name": "undefinedmode\/CVE-2018-6643", + "owner": { + "login": "undefinedmode", + "id": 4165481, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4165481?v=4", + "html_url": "https:\/\/github.com\/undefinedmode" + }, + "html_url": "https:\/\/github.com\/undefinedmode\/CVE-2018-6643", + "description": "CVE-2018-6643", + "fork": false, + "created_at": "2018-08-26T16:03:08Z", + "updated_at": "2018-08-27T13:36:10Z", + "pushed_at": "2018-08-28T23:03:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6789.json b/2018/CVE-2018-6789.json index 96322d007b..408784dcbb 100644 --- a/2018/CVE-2018-6789.json +++ b/2018/CVE-2018-6789.json @@ -1,4 +1,27 @@ [ + { + "id": 125541441, + "name": "exim-vuln-poc", + "full_name": "c0llision\/exim-vuln-poc", + "owner": { + "login": "c0llision", + "id": 32601427, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/32601427?v=4", + "html_url": "https:\/\/github.com\/c0llision" + }, + "html_url": "https:\/\/github.com\/c0llision\/exim-vuln-poc", + "description": "CVE-2018-6789", + "fork": false, + "created_at": "2018-03-16T16:21:22Z", + "updated_at": "2018-05-03T17:20:25Z", + "pushed_at": "2018-05-03T17:20:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, { "id": 156674030, "name": "CVE-2018-6789", diff --git a/2018/CVE-2018-6791.json b/2018/CVE-2018-6791.json new file mode 100644 index 0000000000..95fb613a7e --- /dev/null +++ b/2018/CVE-2018-6791.json @@ -0,0 +1,25 @@ +[ + { + "id": 121303569, + "name": "KDE_Vuln", + "full_name": "rarar0\/KDE_Vuln", + "owner": { + "login": "rarar0", + "id": 14985119, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/14985119?v=4", + "html_url": "https:\/\/github.com\/rarar0" + }, + "html_url": "https:\/\/github.com\/rarar0\/KDE_Vuln", + "description": "CVE-2018-6791 Troubleshooting", + "fork": false, + "created_at": "2018-02-12T21:21:29Z", + "updated_at": "2019-01-03T01:14:32Z", + "pushed_at": "2018-02-13T21:14:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6890.json b/2018/CVE-2018-6890.json new file mode 100644 index 0000000000..feea11f423 --- /dev/null +++ b/2018/CVE-2018-6890.json @@ -0,0 +1,25 @@ +[ + { + "id": 121122391, + "name": "WolfCMS-XSS-POC", + "full_name": "pradeepjairamani\/WolfCMS-XSS-POC", + "owner": { + "login": "pradeepjairamani", + "id": 24669027, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/24669027?v=4", + "html_url": "https:\/\/github.com\/pradeepjairamani" + }, + "html_url": "https:\/\/github.com\/pradeepjairamani\/WolfCMS-XSS-POC", + "description": "WolfCMS-v0.8.3.1 Cross Site Scripting(XSS) Assigned CVE Number: CVE-2018-6890", + "fork": false, + "created_at": "2018-02-11T12:43:41Z", + "updated_at": "2018-04-15T22:32:05Z", + "pushed_at": "2018-04-08T07:41:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6892.json b/2018/CVE-2018-6892.json index cf58647b88..808d077a50 100644 --- a/2018/CVE-2018-6892.json +++ b/2018/CVE-2018-6892.json @@ -1,4 +1,50 @@ [ + { + "id": 135526594, + "name": "CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass", + "full_name": "manojcode\/CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass", + "owner": { + "login": "manojcode", + "id": 17510282, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/17510282?v=4", + "html_url": "https:\/\/github.com\/manojcode" + }, + "html_url": "https:\/\/github.com\/manojcode\/CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass", + "description": "My version - CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass on Win7 x64 CVE-2018-6892", + "fork": false, + "created_at": "2018-05-31T03:25:02Z", + "updated_at": "2018-06-04T01:09:39Z", + "pushed_at": "2018-06-04T01:09:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 135564232, + "name": "-Win10-x64-CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass", + "full_name": "manojcode\/-Win10-x64-CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass", + "owner": { + "login": "manojcode", + "id": 17510282, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/17510282?v=4", + "html_url": "https:\/\/github.com\/manojcode" + }, + "html_url": "https:\/\/github.com\/manojcode\/-Win10-x64-CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass", + "description": "My version - [Win10 x64] CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass CVE-2018-6892", + "fork": false, + "created_at": "2018-05-31T09:44:07Z", + "updated_at": "2018-05-31T16:18:39Z", + "pushed_at": "2018-05-31T09:45:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, { "id": 281250144, "name": "CVE-2018-6892-Golang", diff --git a/2018/CVE-2018-6905.json b/2018/CVE-2018-6905.json new file mode 100644 index 0000000000..5b5017ed42 --- /dev/null +++ b/2018/CVE-2018-6905.json @@ -0,0 +1,25 @@ +[ + { + "id": 128607175, + "name": "TYPO3-XSS-POC", + "full_name": "pradeepjairamani\/TYPO3-XSS-POC", + "owner": { + "login": "pradeepjairamani", + "id": 24669027, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/24669027?v=4", + "html_url": "https:\/\/github.com\/pradeepjairamani" + }, + "html_url": "https:\/\/github.com\/pradeepjairamani\/TYPO3-XSS-POC", + "description": "Typo3 -v9.1.0 Persistent Cross Site Scripting(XSS) Assigned CVE Number: CVE-2018-6905", + "fork": false, + "created_at": "2018-04-08T06:34:34Z", + "updated_at": "2019-01-18T12:19:17Z", + "pushed_at": "2018-04-08T07:42:12Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7171.json b/2018/CVE-2018-7171.json new file mode 100644 index 0000000000..02f34e8aac --- /dev/null +++ b/2018/CVE-2018-7171.json @@ -0,0 +1,25 @@ +[ + { + "id": 116845038, + "name": "sharingIsCaring", + "full_name": "mechanico\/sharingIsCaring", + "owner": { + "login": "mechanico", + "id": 32109749, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/32109749?v=4", + "html_url": "https:\/\/github.com\/mechanico" + }, + "html_url": "https:\/\/github.com\/mechanico\/sharingIsCaring", + "description": "TwonkyMedia Server 7.0.11-8.5 Directory Traversal CVE-2018-7171", + "fork": false, + "created_at": "2018-01-09T17:01:45Z", + "updated_at": "2020-07-11T06:38:46Z", + "pushed_at": "2018-06-03T14:54:18Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 6, + "forks": 6, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7197.json b/2018/CVE-2018-7197.json new file mode 100644 index 0000000000..33a5d65fc9 --- /dev/null +++ b/2018/CVE-2018-7197.json @@ -0,0 +1,25 @@ +[ + { + "id": 122677679, + "name": "CVE-2018-7197", + "full_name": "Alyssa-o-Herrera\/CVE-2018-7197", + "owner": { + "login": "Alyssa-o-Herrera", + "id": 27867026, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/27867026?v=4", + "html_url": "https:\/\/github.com\/Alyssa-o-Herrera" + }, + "html_url": "https:\/\/github.com\/Alyssa-o-Herrera\/CVE-2018-7197", + "description": "CVE-2018-7197 Write up", + "fork": false, + "created_at": "2018-02-23T22:06:51Z", + "updated_at": "2018-10-04T17:25:29Z", + "pushed_at": "2018-02-23T22:07:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7211.json b/2018/CVE-2018-7211.json new file mode 100644 index 0000000000..1aefab8bd7 --- /dev/null +++ b/2018/CVE-2018-7211.json @@ -0,0 +1,25 @@ +[ + { + "id": 121942694, + "name": "CVE-2018-7211-PoC", + "full_name": "c3r34lk1ll3r\/CVE-2018-7211-PoC", + "owner": { + "login": "c3r34lk1ll3r", + "id": 12492834, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/12492834?v=4", + "html_url": "https:\/\/github.com\/c3r34lk1ll3r" + }, + "html_url": "https:\/\/github.com\/c3r34lk1ll3r\/CVE-2018-7211-PoC", + "description": "This is the original PoC of CVE-2018-7211", + "fork": false, + "created_at": "2018-02-18T10:47:00Z", + "updated_at": "2018-02-18T10:48:45Z", + "pushed_at": "2018-02-18T10:53:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7249.json b/2018/CVE-2018-7249.json new file mode 100644 index 0000000000..03c6465c3d --- /dev/null +++ b/2018/CVE-2018-7249.json @@ -0,0 +1,25 @@ +[ + { + "id": 122389904, + "name": "NotSecDrv", + "full_name": "Elvin9\/NotSecDrv", + "owner": { + "login": "Elvin9", + "id": 10520535, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/10520535?v=4", + "html_url": "https:\/\/github.com\/Elvin9" + }, + "html_url": "https:\/\/github.com\/Elvin9\/NotSecDrv", + "description": "A PoC for CVE-2018-7249", + "fork": false, + "created_at": "2018-02-21T20:31:09Z", + "updated_at": "2020-10-21T22:15:43Z", + "pushed_at": "2018-03-01T19:06:50Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 8, + "forks": 8, + "watchers": 13, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7250.json b/2018/CVE-2018-7250.json new file mode 100644 index 0000000000..d97bc7e10e --- /dev/null +++ b/2018/CVE-2018-7250.json @@ -0,0 +1,25 @@ +[ + { + "id": 122391619, + "name": "SecDrvPoolLeak", + "full_name": "Elvin9\/SecDrvPoolLeak", + "owner": { + "login": "Elvin9", + "id": 10520535, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/10520535?v=4", + "html_url": "https:\/\/github.com\/Elvin9" + }, + "html_url": "https:\/\/github.com\/Elvin9\/SecDrvPoolLeak", + "description": "A PoC for CVE-2018-7250", + "fork": false, + "created_at": "2018-02-21T20:47:39Z", + "updated_at": "2020-10-21T22:15:43Z", + "pushed_at": "2018-02-27T11:10:01Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 4, + "forks": 4, + "watchers": 7, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7422.json b/2018/CVE-2018-7422.json new file mode 100644 index 0000000000..a31d715245 --- /dev/null +++ b/2018/CVE-2018-7422.json @@ -0,0 +1,25 @@ +[ + { + "id": 156874990, + "name": "CVE-2018-7422", + "full_name": "0x00-0x00\/CVE-2018-7422", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2018-7422", + "description": "Wordpress plugin Site-Editor v1.1.1 LFI exploit", + "fork": false, + "created_at": "2018-11-09T14:42:57Z", + "updated_at": "2019-09-27T14:14:03Z", + "pushed_at": "2018-11-09T14:43:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7600.json b/2018/CVE-2018-7600.json index 708bb3f274..1f7611d37d 100644 --- a/2018/CVE-2018-7600.json +++ b/2018/CVE-2018-7600.json @@ -1,4 +1,27 @@ [ + { + "id": 127405676, + "name": "CVE-2018-7600-Drupal-RCE", + "full_name": "g0rx\/CVE-2018-7600-Drupal-RCE", + "owner": { + "login": "g0rx", + "id": 10961397, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/10961397?v=4", + "html_url": "https:\/\/github.com\/g0rx" + }, + "html_url": "https:\/\/github.com\/g0rx\/CVE-2018-7600-Drupal-RCE", + "description": "CVE-2018-7600 Drupal RCE", + "fork": false, + "created_at": "2018-03-30T08:52:54Z", + "updated_at": "2020-11-25T13:33:13Z", + "pushed_at": "2018-04-18T06:58:39Z", + "stargazers_count": 110, + "watchers_count": 110, + "forks_count": 49, + "forks": 49, + "watchers": 110, + "score": 0 + }, { "id": 127436541, "name": "CVE-2018-7600", @@ -45,6 +68,374 @@ "watchers": 449, "score": 0 }, + { + "id": 129384553, + "name": "CVE-2018-7600", + "full_name": "knqyf263\/CVE-2018-7600", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-7600", + "description": "CVE-2018-7600 (Drupal)", + "fork": false, + "created_at": "2018-04-13T10:04:36Z", + "updated_at": "2020-04-04T18:09:28Z", + "pushed_at": "2018-11-17T14:47:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 3, + "forks": 3, + "watchers": 3, + "score": 0 + }, + { + "id": 129500604, + "name": "CVE-2018-7600-Drupal-0day-RCE", + "full_name": "dr-iman\/CVE-2018-7600-Drupal-0day-RCE", + "owner": { + "login": "dr-iman", + "id": 25507113, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/25507113?v=4", + "html_url": "https:\/\/github.com\/dr-iman" + }, + "html_url": "https:\/\/github.com\/dr-iman\/CVE-2018-7600-Drupal-0day-RCE", + "description": "Drupal 0day Remote PHP Code Execution (Perl)", + "fork": false, + "created_at": "2018-04-14T09:02:54Z", + "updated_at": "2020-04-06T19:37:49Z", + "pushed_at": "2018-04-14T09:06:44Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 7, + "forks": 7, + "watchers": 7, + "score": 0 + }, + { + "id": 129514721, + "name": "drupalgeddon2", + "full_name": "jirojo2\/drupalgeddon2", + "owner": { + "login": "jirojo2", + "id": 3594710, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3594710?v=4", + "html_url": "https:\/\/github.com\/jirojo2" + }, + "html_url": "https:\/\/github.com\/jirojo2\/drupalgeddon2", + "description": "MSF exploit module for Drupalgeddon 2 (CVE-2018-7600 \/ SA-CORE-2018-002)", + "fork": false, + "created_at": "2018-04-14T12:26:10Z", + "updated_at": "2018-04-26T08:15:06Z", + "pushed_at": "2018-04-14T23:48:33Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 1, + "forks": 1, + "watchers": 5, + "score": 0 + }, + { + "id": 129543577, + "name": "CVE-2018-7600", + "full_name": "dwisiswant0\/CVE-2018-7600", + "owner": { + "login": "dwisiswant0", + "id": 25837540, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25837540?v=4", + "html_url": "https:\/\/github.com\/dwisiswant0" + }, + "html_url": "https:\/\/github.com\/dwisiswant0\/CVE-2018-7600", + "description": "PoC for CVE-2018-7600 Drupal SA-CORE-2018-002 (Drupalgeddon 2).", + "fork": false, + "created_at": "2018-04-14T18:26:26Z", + "updated_at": "2018-05-07T09:33:54Z", + "pushed_at": "2018-04-14T20:52:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 3, + "forks": 3, + "watchers": 3, + "score": 0 + }, + { + "id": 129569913, + "name": "CVE-2018-7600", + "full_name": "thehappydinoa\/CVE-2018-7600", + "owner": { + "login": "thehappydinoa", + "id": 30162978, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/30162978?v=4", + "html_url": "https:\/\/github.com\/thehappydinoa" + }, + "html_url": "https:\/\/github.com\/thehappydinoa\/CVE-2018-7600", + "description": "Proof-of-Concept for Drupal CVE-2018-7600 \/ SA-CORE-2018-002", + "fork": false, + "created_at": "2018-04-15T02:21:59Z", + "updated_at": "2019-12-30T13:14:00Z", + "pushed_at": "2018-05-04T00:53:24Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 0, + "forks": 0, + "watchers": 6, + "score": 0 + }, + { + "id": 129605925, + "name": "CVE-2018-7600", + "full_name": "sl4cky\/CVE-2018-7600", + "owner": { + "login": "sl4cky", + "id": 13188087, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/13188087?v=4", + "html_url": "https:\/\/github.com\/sl4cky" + }, + "html_url": "https:\/\/github.com\/sl4cky\/CVE-2018-7600", + "description": "Testing and exploitation tool for Drupalgeddon 2 (CVE-2018-7600)", + "fork": false, + "created_at": "2018-04-15T12:01:41Z", + "updated_at": "2020-07-09T18:52:40Z", + "pushed_at": "2018-04-15T12:31:03Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 3, + "forks": 3, + "watchers": 6, + "score": 0 + }, + { + "id": 129620689, + "name": "CVE-2018-7600-Masschecker", + "full_name": "sl4cky\/CVE-2018-7600-Masschecker", + "owner": { + "login": "sl4cky", + "id": 13188087, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/13188087?v=4", + "html_url": "https:\/\/github.com\/sl4cky" + }, + "html_url": "https:\/\/github.com\/sl4cky\/CVE-2018-7600-Masschecker", + "description": "Tool to check for CVE-2018-7600 vulnerability on several URLS", + "fork": false, + "created_at": "2018-04-15T14:56:35Z", + "updated_at": "2020-07-09T18:52:40Z", + "pushed_at": "2018-04-15T14:58:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + }, + { + "id": 129800155, + "name": "CVE-2018-7600", + "full_name": "FireFart\/CVE-2018-7600", + "owner": { + "login": "FireFart", + "id": 105281, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/105281?v=4", + "html_url": "https:\/\/github.com\/FireFart" + }, + "html_url": "https:\/\/github.com\/FireFart\/CVE-2018-7600", + "description": "CVE-2018-7600 - Drupal 7.x RCE", + "fork": false, + "created_at": "2018-04-16T20:16:21Z", + "updated_at": "2020-12-17T09:40:30Z", + "pushed_at": "2018-04-18T20:34:19Z", + "stargazers_count": 68, + "watchers_count": 68, + "forks_count": 35, + "forks": 35, + "watchers": 68, + "score": 0 + }, + { + "id": 129927277, + "name": "CVE-2018-7600", + "full_name": "pimps\/CVE-2018-7600", + "owner": { + "login": "pimps", + "id": 11393266, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/11393266?v=4", + "html_url": "https:\/\/github.com\/pimps" + }, + "html_url": "https:\/\/github.com\/pimps\/CVE-2018-7600", + "description": "Exploit for Drupal 7 <= 7.57 CVE-2018-7600", + "fork": false, + "created_at": "2018-04-17T15:38:15Z", + "updated_at": "2020-11-17T04:35:19Z", + "pushed_at": "2018-04-26T15:40:28Z", + "stargazers_count": 81, + "watchers_count": 81, + "forks_count": 36, + "forks": 36, + "watchers": 81, + "score": 0 + }, + { + "id": 130154422, + "name": "drupalgeddon2", + "full_name": "lorddemon\/drupalgeddon2", + "owner": { + "login": "lorddemon", + "id": 6675738, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/6675738?v=4", + "html_url": "https:\/\/github.com\/lorddemon" + }, + "html_url": "https:\/\/github.com\/lorddemon\/drupalgeddon2", + "description": "Exploit for CVE-2018-7600.. called drupalgeddon2, ", + "fork": false, + "created_at": "2018-04-19T03:31:47Z", + "updated_at": "2020-06-18T08:10:33Z", + "pushed_at": "2018-04-19T03:38:24Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 7, + "forks": 7, + "watchers": 4, + "score": 0 + }, + { + "id": 130234974, + "name": "CVE-2018-7600", + "full_name": "Sch01ar\/CVE-2018-7600", + "owner": { + "login": "Sch01ar", + "id": 28928231, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/28928231?v=4", + "html_url": "https:\/\/github.com\/Sch01ar" + }, + "html_url": "https:\/\/github.com\/Sch01ar\/CVE-2018-7600", + "description": null, + "fork": false, + "created_at": "2018-04-19T15:18:12Z", + "updated_at": "2018-04-19T15:59:09Z", + "pushed_at": "2018-04-19T15:59:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 130868059, + "name": "drupal-check", + "full_name": "Hestat\/drupal-check", + "owner": { + "login": "Hestat", + "id": 22892300, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22892300?v=4", + "html_url": "https:\/\/github.com\/Hestat" + }, + "html_url": "https:\/\/github.com\/Hestat\/drupal-check", + "description": "Tool to dive Apache logs for evidence of exploitation of CVE-2018-7600", + "fork": false, + "created_at": "2018-04-24T14:34:46Z", + "updated_at": "2018-07-08T12:46:15Z", + "pushed_at": "2018-05-08T17:30:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + }, + { + "id": 131244306, + "name": "CVE-2018-7600-drupalgeddon2-scanner", + "full_name": "fyraiga\/CVE-2018-7600-drupalgeddon2-scanner", + "owner": { + "login": "fyraiga", + "id": 38775758, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/38775758?v=4", + "html_url": "https:\/\/github.com\/fyraiga" + }, + "html_url": "https:\/\/github.com\/fyraiga\/CVE-2018-7600-drupalgeddon2-scanner", + "description": "Drupalgeddon2 POC + Scanner (adapted)", + "fork": false, + "created_at": "2018-04-27T04:11:43Z", + "updated_at": "2020-11-19T09:06:56Z", + "pushed_at": "2018-08-08T02:58:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 131665156, + "name": "drupalgeddon-2", + "full_name": "Damian972\/drupalgeddon-2", + "owner": { + "login": "Damian972", + "id": 25445518, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25445518?v=4", + "html_url": "https:\/\/github.com\/Damian972" + }, + "html_url": "https:\/\/github.com\/Damian972\/drupalgeddon-2", + "description": "Vuln checker for Drupal v7.x + v8.x (CVE-2018-7600 \/ SA-CORE-2018-002)", + "fork": false, + "created_at": "2018-05-01T01:38:43Z", + "updated_at": "2019-02-28T05:09:20Z", + "pushed_at": "2018-05-03T01:23:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 134812138, + "name": "CVE-2018-7600", + "full_name": "Jyozi\/CVE-2018-7600", + "owner": { + "login": "Jyozi", + "id": 20456656, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20456656?v=4", + "html_url": "https:\/\/github.com\/Jyozi" + }, + "html_url": "https:\/\/github.com\/Jyozi\/CVE-2018-7600", + "description": null, + "fork": false, + "created_at": "2018-05-25T06:19:05Z", + "updated_at": "2018-05-25T06:20:54Z", + "pushed_at": "2018-05-25T06:20:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 140643631, + "name": "CVE-2018-7600", + "full_name": "happynote3966\/CVE-2018-7600", + "owner": { + "login": "happynote3966", + "id": 19719330, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/19719330?v=4", + "html_url": "https:\/\/github.com\/happynote3966" + }, + "html_url": "https:\/\/github.com\/happynote3966\/CVE-2018-7600", + "description": null, + "fork": false, + "created_at": "2018-07-12T01:12:44Z", + "updated_at": "2018-07-17T03:24:11Z", + "pushed_at": "2018-07-17T03:24:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 151199861, "name": "CVE-2018-7600-Drupal-RCE", @@ -82,13 +473,13 @@ "description": "CVE-2018-7600 POC (Drupal RCE)", "fork": false, "created_at": "2018-10-23T21:47:59Z", - "updated_at": "2020-08-31T14:52:39Z", + "updated_at": "2020-12-19T16:12:43Z", "pushed_at": "2020-08-31T14:52:37Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 4, + "watchers_count": 4, "forks_count": 3, "forks": 3, - "watchers": 3, + "watchers": 4, "score": 0 }, { diff --git a/2018/CVE-2018-7602.json b/2018/CVE-2018-7602.json index 6ce16b28e2..43a4be3b6b 100644 --- a/2018/CVE-2018-7602.json +++ b/2018/CVE-2018-7602.json @@ -1,4 +1,50 @@ [ + { + "id": 131232015, + "name": "Drupalgedon3", + "full_name": "1337g\/Drupalgedon3", + "owner": { + "login": "1337g", + "id": 32504404, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/32504404?v=4", + "html_url": "https:\/\/github.com\/1337g" + }, + "html_url": "https:\/\/github.com\/1337g\/Drupalgedon3", + "description": "POC to test\/exploit drupal vulnerability SA-CORE-2018-004 \/ CVE-2018-7602", + "fork": false, + "created_at": "2018-04-27T01:59:31Z", + "updated_at": "2020-04-02T11:58:48Z", + "pushed_at": "2018-04-26T14:49:51Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 2, + "forks": 2, + "watchers": 5, + "score": 0 + }, + { + "id": 140663638, + "name": "CVE-2018-7602", + "full_name": "happynote3966\/CVE-2018-7602", + "owner": { + "login": "happynote3966", + "id": 19719330, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/19719330?v=4", + "html_url": "https:\/\/github.com\/happynote3966" + }, + "html_url": "https:\/\/github.com\/happynote3966\/CVE-2018-7602", + "description": null, + "fork": false, + "created_at": "2018-07-12T05:08:14Z", + "updated_at": "2018-07-17T02:57:18Z", + "pushed_at": "2018-07-17T02:57:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, { "id": 155205612, "name": "CVE-2018-7602", diff --git a/2018/CVE-2018-7747.json b/2018/CVE-2018-7747.json new file mode 100644 index 0000000000..08a1c7f83c --- /dev/null +++ b/2018/CVE-2018-7747.json @@ -0,0 +1,25 @@ +[ + { + "id": 130383133, + "name": "CVE-2018-7747", + "full_name": "mindpr00f\/CVE-2018-7747", + "owner": { + "login": "mindpr00f", + "id": 38467006, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/38467006?v=4", + "html_url": "https:\/\/github.com\/mindpr00f" + }, + "html_url": "https:\/\/github.com\/mindpr00f\/CVE-2018-7747", + "description": "CalderaForms 1.5.9.1 XSS (WordPress plugin) - tutorial", + "fork": false, + "created_at": "2018-04-20T15:49:23Z", + "updated_at": "2018-04-21T13:40:18Z", + "pushed_at": "2018-04-21T13:40:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7750.json b/2018/CVE-2018-7750.json new file mode 100644 index 0000000000..0a972d19ca --- /dev/null +++ b/2018/CVE-2018-7750.json @@ -0,0 +1,25 @@ +[ + { + "id": 156363089, + "name": "CVE-2018-7750", + "full_name": "jm33-m0\/CVE-2018-7750", + "owner": { + "login": "jm33-m0", + "id": 10167884, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/10167884?v=4", + "html_url": "https:\/\/github.com\/jm33-m0" + }, + "html_url": "https:\/\/github.com\/jm33-m0\/CVE-2018-7750", + "description": "an RCE (remote command execution) approach of CVE-2018-7750", + "fork": false, + "created_at": "2018-11-06T10:01:13Z", + "updated_at": "2020-04-06T10:57:16Z", + "pushed_at": "2018-11-06T10:10:31Z", + "stargazers_count": 17, + "watchers_count": 17, + "forks_count": 8, + "forks": 8, + "watchers": 17, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8038.json b/2018/CVE-2018-8038.json new file mode 100644 index 0000000000..283bd2a06d --- /dev/null +++ b/2018/CVE-2018-8038.json @@ -0,0 +1,25 @@ +[ + { + "id": 158217015, + "name": "CVE-2018-8038", + "full_name": "tafamace\/CVE-2018-8038", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-8038", + "description": null, + "fork": false, + "created_at": "2018-11-19T12:14:45Z", + "updated_at": "2018-11-19T12:37:32Z", + "pushed_at": "2018-11-19T12:37:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8039.json b/2018/CVE-2018-8039.json new file mode 100644 index 0000000000..9a2135bc56 --- /dev/null +++ b/2018/CVE-2018-8039.json @@ -0,0 +1,25 @@ +[ + { + "id": 158216115, + "name": "CVE-2018-8039", + "full_name": "tafamace\/CVE-2018-8039", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-8039", + "description": null, + "fork": false, + "created_at": "2018-11-19T12:08:07Z", + "updated_at": "2018-11-19T12:29:15Z", + "pushed_at": "2018-11-19T12:29:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8060.json b/2018/CVE-2018-8060.json new file mode 100644 index 0000000000..02741c716a --- /dev/null +++ b/2018/CVE-2018-8060.json @@ -0,0 +1,25 @@ +[ + { + "id": 131338446, + "name": "SIOCtl", + "full_name": "otavioarj\/SIOCtl", + "owner": { + "login": "otavioarj", + "id": 851029, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/851029?v=4", + "html_url": "https:\/\/github.com\/otavioarj" + }, + "html_url": "https:\/\/github.com\/otavioarj\/SIOCtl", + "description": "Simple IOCTL dispatcher for CVE-2018-8060\/8061", + "fork": false, + "created_at": "2018-04-27T19:45:20Z", + "updated_at": "2019-01-22T23:13:45Z", + "pushed_at": "2018-05-09T22:05:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 3, + "forks": 3, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8065.json b/2018/CVE-2018-8065.json new file mode 100644 index 0000000000..f709b0c7d3 --- /dev/null +++ b/2018/CVE-2018-8065.json @@ -0,0 +1,25 @@ +[ + { + "id": 134886212, + "name": "CVE-2018-8065", + "full_name": "EgeBalci\/CVE-2018-8065", + "owner": { + "login": "EgeBalci", + "id": 17179401, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/17179401?v=4", + "html_url": "https:\/\/github.com\/EgeBalci" + }, + "html_url": "https:\/\/github.com\/EgeBalci\/CVE-2018-8065", + "description": "Flexense HTTP Server <= 10.6.24 - Denial Of Service Exploit", + "fork": false, + "created_at": "2018-05-25T17:31:05Z", + "updated_at": "2020-09-09T15:23:11Z", + "pushed_at": "2018-09-03T18:25:53Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 5, + "forks": 5, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8078.json b/2018/CVE-2018-8078.json new file mode 100644 index 0000000000..c6b266408d --- /dev/null +++ b/2018/CVE-2018-8078.json @@ -0,0 +1,25 @@ +[ + { + "id": 124507539, + "name": "YZMCMSxss", + "full_name": "AlwaysHereFight\/YZMCMSxss", + "owner": { + "login": "AlwaysHereFight", + "id": 21152658, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/21152658?v=4", + "html_url": "https:\/\/github.com\/AlwaysHereFight" + }, + "html_url": "https:\/\/github.com\/AlwaysHereFight\/YZMCMSxss", + "description": "YZMCMS v3.7最新版xss漏洞 CVE-2018-8078", + "fork": false, + "created_at": "2018-03-09T07:56:56Z", + "updated_at": "2020-01-30T09:51:26Z", + "pushed_at": "2018-03-13T02:44:27Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 2, + "forks": 2, + "watchers": 7, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8090.json b/2018/CVE-2018-8090.json new file mode 100644 index 0000000000..db8ccee9de --- /dev/null +++ b/2018/CVE-2018-8090.json @@ -0,0 +1,25 @@ +[ + { + "id": 141976453, + "name": "CVE-2018-8090", + "full_name": "kernelm0de\/CVE-2018-8090", + "owner": { + "login": "kernelm0de", + "id": 30472260, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/30472260?v=4", + "html_url": "https:\/\/github.com\/kernelm0de" + }, + "html_url": "https:\/\/github.com\/kernelm0de\/CVE-2018-8090", + "description": "DLL Hijacking in Quickheal Total Security\/ Internet Security\/ Antivirus Pro (Installers)", + "fork": false, + "created_at": "2018-07-23T07:17:07Z", + "updated_at": "2019-01-22T12:46:02Z", + "pushed_at": "2018-07-26T13:39:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8108.json b/2018/CVE-2018-8108.json new file mode 100644 index 0000000000..3287f73d8b --- /dev/null +++ b/2018/CVE-2018-8108.json @@ -0,0 +1,25 @@ +[ + { + "id": 125155388, + "name": "BUI-select-xss", + "full_name": "zlgxzswjy\/BUI-select-xss", + "owner": { + "login": "zlgxzswjy", + "id": 12388719, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/12388719?v=4", + "html_url": "https:\/\/github.com\/zlgxzswjy" + }, + "html_url": "https:\/\/github.com\/zlgxzswjy\/BUI-select-xss", + "description": "cve-2018-8108", + "fork": false, + "created_at": "2018-03-14T04:32:01Z", + "updated_at": "2018-03-14T04:54:50Z", + "pushed_at": "2018-03-14T04:54:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8120.json b/2018/CVE-2018-8120.json index 4872b0bd60..5be4b52615 100644 --- a/2018/CVE-2018-8120.json +++ b/2018/CVE-2018-8120.json @@ -1,4 +1,165 @@ [ + { + "id": 133785986, + "name": "cve-2018-8120", + "full_name": "bigric3\/cve-2018-8120", + "owner": { + "login": "bigric3", + "id": 22165361, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/22165361?v=4", + "html_url": "https:\/\/github.com\/bigric3" + }, + "html_url": "https:\/\/github.com\/bigric3\/cve-2018-8120", + "description": null, + "fork": false, + "created_at": "2018-05-17T08:51:39Z", + "updated_at": "2020-12-18T03:54:01Z", + "pushed_at": "2018-05-18T07:49:45Z", + "stargazers_count": 165, + "watchers_count": 165, + "forks_count": 71, + "forks": 71, + "watchers": 165, + "score": 0 + }, + { + "id": 134023459, + "name": "CVE-2018-8120", + "full_name": "unamer\/CVE-2018-8120", + "owner": { + "login": "unamer", + "id": 12728984, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/12728984?v=4", + "html_url": "https:\/\/github.com\/unamer" + }, + "html_url": "https:\/\/github.com\/unamer\/CVE-2018-8120", + "description": "CVE-2018-8120 Windows LPE exploit", + "fork": false, + "created_at": "2018-05-19T02:43:15Z", + "updated_at": "2020-12-18T15:53:18Z", + "pushed_at": "2018-05-30T13:09:54Z", + "stargazers_count": 442, + "watchers_count": 442, + "forks_count": 204, + "forks": 204, + "watchers": 442, + "score": 0 + }, + { + "id": 136113184, + "name": "cve-2018-8120", + "full_name": "ne1llee\/cve-2018-8120", + "owner": { + "login": "ne1llee", + "id": 12810839, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/12810839?v=4", + "html_url": "https:\/\/github.com\/ne1llee" + }, + "html_url": "https:\/\/github.com\/ne1llee\/cve-2018-8120", + "description": null, + "fork": false, + "created_at": "2018-06-05T03:12:52Z", + "updated_at": "2020-07-02T08:47:02Z", + "pushed_at": "2018-06-05T03:48:43Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 3, + "forks": 3, + "watchers": 4, + "score": 0 + }, + { + "id": 136446726, + "name": "CVE-2018-8120", + "full_name": "alpha1ab\/CVE-2018-8120", + "owner": { + "login": "alpha1ab", + "id": 39789275, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/39789275?v=4", + "html_url": "https:\/\/github.com\/alpha1ab" + }, + "html_url": "https:\/\/github.com\/alpha1ab\/CVE-2018-8120", + "description": "CVE-2018-8120 Exploit for Win2003 Win2008 WinXP Win7 ", + "fork": false, + "created_at": "2018-06-07T08:30:07Z", + "updated_at": "2020-12-06T15:23:23Z", + "pushed_at": "2018-08-08T05:48:24Z", + "stargazers_count": 277, + "watchers_count": 277, + "forks_count": 120, + "forks": 120, + "watchers": 277, + "score": 0 + }, + { + "id": 137569820, + "name": "CVE-2018-8120", + "full_name": "areuu\/CVE-2018-8120", + "owner": { + "login": "areuu", + "id": 15951836, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/15951836?v=4", + "html_url": "https:\/\/github.com\/areuu" + }, + "html_url": "https:\/\/github.com\/areuu\/CVE-2018-8120", + "description": "CVE-2018-8120 POC", + "fork": false, + "created_at": "2018-06-16T09:40:27Z", + "updated_at": "2019-11-21T07:01:19Z", + "pushed_at": "2018-06-16T10:18:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 140512208, + "name": "CVE-2018-8120", + "full_name": "EVOL4\/CVE-2018-8120", + "owner": { + "login": "EVOL4", + "id": 26862344, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/26862344?v=4", + "html_url": "https:\/\/github.com\/EVOL4" + }, + "html_url": "https:\/\/github.com\/EVOL4\/CVE-2018-8120", + "description": "dd", + "fork": false, + "created_at": "2018-07-11T02:41:16Z", + "updated_at": "2018-11-16T12:24:05Z", + "pushed_at": "2018-08-10T13:06:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 144975276, + "name": "CVE-2018-8120", + "full_name": "ozkanbilge\/CVE-2018-8120", + "owner": { + "login": "ozkanbilge", + "id": 39211596, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/39211596?v=4", + "html_url": "https:\/\/github.com\/ozkanbilge" + }, + "html_url": "https:\/\/github.com\/ozkanbilge\/CVE-2018-8120", + "description": "CVE-2018-8120 Windows LPE exploit", + "fork": false, + "created_at": "2018-08-16T10:51:00Z", + "updated_at": "2020-10-20T17:21:43Z", + "pushed_at": "2018-08-16T10:53:19Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, { "id": 162424739, "name": "CVE-2018-8120", diff --git a/2018/CVE-2018-8172.json b/2018/CVE-2018-8172.json new file mode 100644 index 0000000000..3de4a63130 --- /dev/null +++ b/2018/CVE-2018-8172.json @@ -0,0 +1,25 @@ +[ + { + "id": 145187210, + "name": "CVE-2018-8172", + "full_name": "SyFi\/CVE-2018-8172", + "owner": { + "login": "SyFi", + "id": 26314806, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/26314806?v=4", + "html_url": "https:\/\/github.com\/SyFi" + }, + "html_url": "https:\/\/github.com\/SyFi\/CVE-2018-8172", + "description": "Microsoft Visual Studio CVE-2018-8172 Remote Code Execution Vulnerability", + "fork": false, + "created_at": "2018-08-18T03:37:15Z", + "updated_at": "2020-10-21T22:16:11Z", + "pushed_at": "2018-08-18T03:56:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 3, + "forks": 3, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8174.json b/2018/CVE-2018-8174.json index df8a106423..147becba97 100644 --- a/2018/CVE-2018-8174.json +++ b/2018/CVE-2018-8174.json @@ -1,4 +1,142 @@ [ + { + "id": 134479769, + "name": "CVE-2018-8174-msf", + "full_name": "0x09AL\/CVE-2018-8174-msf", + "owner": { + "login": "0x09AL", + "id": 25826294, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/25826294?v=4", + "html_url": "https:\/\/github.com\/0x09AL" + }, + "html_url": "https:\/\/github.com\/0x09AL\/CVE-2018-8174-msf", + "description": "CVE-2018-8174 - VBScript memory corruption exploit.", + "fork": false, + "created_at": "2018-05-22T21:50:32Z", + "updated_at": "2020-09-06T20:31:04Z", + "pushed_at": "2018-05-23T20:43:58Z", + "stargazers_count": 164, + "watchers_count": 164, + "forks_count": 78, + "forks": 78, + "watchers": 164, + "score": 0 + }, + { + "id": 135381512, + "name": "CVE-2018-8174_EXP", + "full_name": "Yt1g3r\/CVE-2018-8174_EXP", + "owner": { + "login": "Yt1g3r", + "id": 12625147, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/12625147?v=4", + "html_url": "https:\/\/github.com\/Yt1g3r" + }, + "html_url": "https:\/\/github.com\/Yt1g3r\/CVE-2018-8174_EXP", + "description": "CVE-2018-8174_python", + "fork": false, + "created_at": "2018-05-30T03:12:32Z", + "updated_at": "2020-11-16T15:39:46Z", + "pushed_at": "2018-05-30T03:33:14Z", + "stargazers_count": 129, + "watchers_count": 129, + "forks_count": 56, + "forks": 56, + "watchers": 129, + "score": 0 + }, + { + "id": 135767741, + "name": "CVE-2018-8174", + "full_name": "SyFi\/CVE-2018-8174", + "owner": { + "login": "SyFi", + "id": 26314806, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/26314806?v=4", + "html_url": "https:\/\/github.com\/SyFi" + }, + "html_url": "https:\/\/github.com\/SyFi\/CVE-2018-8174", + "description": "MS Word MS WordPad via IE VBS Engine RCE ", + "fork": false, + "created_at": "2018-06-01T22:12:54Z", + "updated_at": "2020-10-15T19:47:06Z", + "pushed_at": "2018-06-01T22:18:59Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 11, + "forks": 11, + "watchers": 9, + "score": 0 + }, + { + "id": 138712476, + "name": "Rig-Exploit-for-CVE-2018-8174", + "full_name": "orf53975\/Rig-Exploit-for-CVE-2018-8174", + "owner": { + "login": "orf53975", + "id": 25189997, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/25189997?v=4", + "html_url": "https:\/\/github.com\/orf53975" + }, + "html_url": "https:\/\/github.com\/orf53975\/Rig-Exploit-for-CVE-2018-8174", + "description": "Rig Exploit for CVE-2018-8174 As with its previous campaigns, Rig’s Seamless campaign uses malvertising. In this case, the malvertisements have a hidden iframe that redirects victims to Rig’s landing page, which includes an exploit for CVE-2018-8174 and shellcode. This enables remote code execution of the shellcode obfuscated in the landing page. After successful exploitation, a second-stage downloader is retrieved, which appears to be a variant of SmokeLoader due to the URL. It would then download the final payload, a Monero miner.", + "fork": false, + "created_at": "2018-06-26T09:03:45Z", + "updated_at": "2018-11-16T12:24:05Z", + "pushed_at": "2018-06-08T14:33:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 140478620, + "name": "cve-2018-8174_analysis", + "full_name": "piotrflorczyk\/cve-2018-8174_analysis", + "owner": { + "login": "piotrflorczyk", + "id": 7830144, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7830144?v=4", + "html_url": "https:\/\/github.com\/piotrflorczyk" + }, + "html_url": "https:\/\/github.com\/piotrflorczyk\/cve-2018-8174_analysis", + "description": "Analysis of VBS exploit CVE-2018-8174", + "fork": false, + "created_at": "2018-07-10T19:31:25Z", + "updated_at": "2020-08-22T07:25:12Z", + "pushed_at": "2018-07-12T08:35:13Z", + "stargazers_count": 16, + "watchers_count": 16, + "forks_count": 16, + "forks": 16, + "watchers": 16, + "score": 0 + }, + { + "id": 147615569, + "name": "CVE-2018-8174-msf", + "full_name": "likescam\/CVE-2018-8174-msf", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2018-8174-msf", + "description": null, + "fork": false, + "created_at": "2018-09-06T04:03:25Z", + "updated_at": "2018-09-06T04:03:37Z", + "pushed_at": "2018-09-06T04:03:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 188212551, "name": "ie11_vbscript_exploit", diff --git a/2018/CVE-2018-8208.json b/2018/CVE-2018-8208.json new file mode 100644 index 0000000000..0cb06fc6b4 --- /dev/null +++ b/2018/CVE-2018-8208.json @@ -0,0 +1,25 @@ +[ + { + "id": 144541015, + "name": "CVE-2018-8208", + "full_name": "kaisaryousuf\/CVE-2018-8208", + "owner": { + "login": "kaisaryousuf", + "id": 27071719, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/27071719?v=4", + "html_url": "https:\/\/github.com\/kaisaryousuf" + }, + "html_url": "https:\/\/github.com\/kaisaryousuf\/CVE-2018-8208", + "description": null, + "fork": false, + "created_at": "2018-08-13T06:56:11Z", + "updated_at": "2018-11-12T16:22:38Z", + "pushed_at": "2018-06-21T15:06:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8214.json b/2018/CVE-2018-8214.json new file mode 100644 index 0000000000..db51621cae --- /dev/null +++ b/2018/CVE-2018-8214.json @@ -0,0 +1,25 @@ +[ + { + "id": 138600643, + "name": "CVE-2018-8214", + "full_name": "guwudoor\/CVE-2018-8214", + "owner": { + "login": "guwudoor", + "id": 40532741, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/40532741?v=4", + "html_url": "https:\/\/github.com\/guwudoor" + }, + "html_url": "https:\/\/github.com\/guwudoor\/CVE-2018-8214", + "description": null, + "fork": false, + "created_at": "2018-06-25T13:43:58Z", + "updated_at": "2018-11-12T16:22:38Z", + "pushed_at": "2018-06-21T15:24:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 4, + "forks": 4, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8353.json b/2018/CVE-2018-8353.json new file mode 100644 index 0000000000..fe4eb4d268 --- /dev/null +++ b/2018/CVE-2018-8353.json @@ -0,0 +1,25 @@ +[ + { + "id": 148192905, + "name": "CVE-2018-8353-POC", + "full_name": "whereisr0da\/CVE-2018-8353-POC", + "owner": { + "login": "whereisr0da", + "id": 37551872, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/37551872?v=4", + "html_url": "https:\/\/github.com\/whereisr0da" + }, + "html_url": "https:\/\/github.com\/whereisr0da\/CVE-2018-8353-POC", + "description": "Simple poc of CVE-2018-8353 Microsoft Scripting Engine Use After Free", + "fork": false, + "created_at": "2018-09-10T17:28:05Z", + "updated_at": "2018-10-15T01:07:56Z", + "pushed_at": "2018-09-10T17:32:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 4, + "forks": 4, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8420.json b/2018/CVE-2018-8420.json new file mode 100644 index 0000000000..ceb05af5d1 --- /dev/null +++ b/2018/CVE-2018-8420.json @@ -0,0 +1,25 @@ +[ + { + "id": 148446677, + "name": "CVE-2018-8420", + "full_name": "idkwim\/CVE-2018-8420", + "owner": { + "login": "idkwim", + "id": 4337087, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4337087?v=4", + "html_url": "https:\/\/github.com\/idkwim" + }, + "html_url": "https:\/\/github.com\/idkwim\/CVE-2018-8420", + "description": null, + "fork": false, + "created_at": "2018-09-12T08:22:54Z", + "updated_at": "2020-10-21T22:16:16Z", + "pushed_at": "2018-09-12T03:50:14Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 53, + "forks": 53, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8440.json b/2018/CVE-2018-8440.json new file mode 100644 index 0000000000..179865d868 --- /dev/null +++ b/2018/CVE-2018-8440.json @@ -0,0 +1,25 @@ +[ + { + "id": 155593957, + "name": "CVE-2018-8440", + "full_name": "sourceincite\/CVE-2018-8440", + "owner": { + "login": "sourceincite", + "id": 13770985, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/13770985?v=4", + "html_url": "https:\/\/github.com\/sourceincite" + }, + "html_url": "https:\/\/github.com\/sourceincite\/CVE-2018-8440", + "description": "CVE-2018-8440 standalone exploit", + "fork": false, + "created_at": "2018-10-31T17:00:43Z", + "updated_at": "2020-11-29T07:53:06Z", + "pushed_at": "2018-10-31T19:05:17Z", + "stargazers_count": 71, + "watchers_count": 71, + "forks_count": 22, + "forks": 22, + "watchers": 71, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8495.json b/2018/CVE-2018-8495.json new file mode 100644 index 0000000000..ecd1af239d --- /dev/null +++ b/2018/CVE-2018-8495.json @@ -0,0 +1,25 @@ +[ + { + "id": 152781400, + "name": "CVE-2018-8495-POC", + "full_name": "whereisr0da\/CVE-2018-8495-POC", + "owner": { + "login": "whereisr0da", + "id": 37551872, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/37551872?v=4", + "html_url": "https:\/\/github.com\/whereisr0da" + }, + "html_url": "https:\/\/github.com\/whereisr0da\/CVE-2018-8495-POC", + "description": "Simple poc of CVE-2018-8495 Microsoft Edge Remote Code Execution", + "fork": false, + "created_at": "2018-10-12T16:49:57Z", + "updated_at": "2019-01-11T09:07:45Z", + "pushed_at": "2018-10-12T16:52:34Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 8, + "forks": 8, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8733.json b/2018/CVE-2018-8733.json new file mode 100644 index 0000000000..49ecd2d594 --- /dev/null +++ b/2018/CVE-2018-8733.json @@ -0,0 +1,25 @@ +[ + { + "id": 132509937, + "name": "Nagios-XI-5.2.6-9-5.3-5.4-Chained-Remote-Root-Exploit-Fixed", + "full_name": "xfer0\/Nagios-XI-5.2.6-9-5.3-5.4-Chained-Remote-Root-Exploit-Fixed", + "owner": { + "login": "xfer0", + "id": 30201498, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/30201498?v=4", + "html_url": "https:\/\/github.com\/xfer0" + }, + "html_url": "https:\/\/github.com\/xfer0\/Nagios-XI-5.2.6-9-5.3-5.4-Chained-Remote-Root-Exploit-Fixed", + "description": "Fixed exploit for Nagios CVE-2018-8733, CVE-2018-8734, CVE-2018-8735, CVE-2018-8736 https:\/\/www.exploit-db.com\/exploits\/44560\/", + "fork": false, + "created_at": "2018-05-07T19:55:36Z", + "updated_at": "2020-04-27T15:35:39Z", + "pushed_at": "2018-05-07T19:55:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8820.json b/2018/CVE-2018-8820.json new file mode 100644 index 0000000000..dd21981f26 --- /dev/null +++ b/2018/CVE-2018-8820.json @@ -0,0 +1,25 @@ +[ + { + "id": 127013387, + "name": "frevvomapexec", + "full_name": "hateshape\/frevvomapexec", + "owner": { + "login": "hateshape", + "id": 31131951, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/31131951?v=4", + "html_url": "https:\/\/github.com\/hateshape" + }, + "html_url": "https:\/\/github.com\/hateshape\/frevvomapexec", + "description": " PoC Exploit for CVE-2018-8820", + "fork": false, + "created_at": "2018-03-27T16:09:46Z", + "updated_at": "2019-01-29T17:35:37Z", + "pushed_at": "2018-03-27T17:00:14Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 0, + "forks": 0, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8897.json b/2018/CVE-2018-8897.json new file mode 100644 index 0000000000..7ce5138fb1 --- /dev/null +++ b/2018/CVE-2018-8897.json @@ -0,0 +1,94 @@ +[ + { + "id": 132952646, + "name": "CVE-2018-8897", + "full_name": "nmulasmajic\/CVE-2018-8897", + "owner": { + "login": "nmulasmajic", + "id": 30013958, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/30013958?v=4", + "html_url": "https:\/\/github.com\/nmulasmajic" + }, + "html_url": "https:\/\/github.com\/nmulasmajic\/CVE-2018-8897", + "description": "Implements the POP\/MOV SS (CVE-2018-8897) vulnerability by bugchecking the machine (local DoS). ", + "fork": false, + "created_at": "2018-05-10T20:46:30Z", + "updated_at": "2020-12-09T22:13:11Z", + "pushed_at": "2018-05-10T20:47:59Z", + "stargazers_count": 71, + "watchers_count": 71, + "forks_count": 28, + "forks": 28, + "watchers": 71, + "score": 0 + }, + { + "id": 133221173, + "name": "pop-mov-ss-exploit", + "full_name": "jiazhang0\/pop-mov-ss-exploit", + "owner": { + "login": "jiazhang0", + "id": 10241344, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/10241344?v=4", + "html_url": "https:\/\/github.com\/jiazhang0" + }, + "html_url": "https:\/\/github.com\/jiazhang0\/pop-mov-ss-exploit", + "description": "The exploitation for CVE-2018-8897", + "fork": false, + "created_at": "2018-05-13T09:05:07Z", + "updated_at": "2018-05-20T21:56:22Z", + "pushed_at": "2018-05-16T14:15:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 4, + "forks": 4, + "watchers": 3, + "score": 0 + }, + { + "id": 133268202, + "name": "CVE-2018-8897", + "full_name": "can1357\/CVE-2018-8897", + "owner": { + "login": "can1357", + "id": 11807264, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/11807264?v=4", + "html_url": "https:\/\/github.com\/can1357" + }, + "html_url": "https:\/\/github.com\/can1357\/CVE-2018-8897", + "description": "Arbitrary code execution with kernel privileges using CVE-2018-8897.", + "fork": false, + "created_at": "2018-05-13T19:34:17Z", + "updated_at": "2020-12-04T09:50:33Z", + "pushed_at": "2018-05-18T12:26:53Z", + "stargazers_count": 371, + "watchers_count": 371, + "forks_count": 106, + "forks": 106, + "watchers": 371, + "score": 0 + }, + { + "id": 144062105, + "name": "syscall_exploit_CVE-2018-8897", + "full_name": "nmulasmajic\/syscall_exploit_CVE-2018-8897", + "owner": { + "login": "nmulasmajic", + "id": 30013958, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/30013958?v=4", + "html_url": "https:\/\/github.com\/nmulasmajic" + }, + "html_url": "https:\/\/github.com\/nmulasmajic\/syscall_exploit_CVE-2018-8897", + "description": "Implements the POP\/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).", + "fork": false, + "created_at": "2018-08-08T20:04:56Z", + "updated_at": "2020-12-07T09:30:43Z", + "pushed_at": "2018-08-08T20:12:20Z", + "stargazers_count": 106, + "watchers_count": 106, + "forks_count": 24, + "forks": 24, + "watchers": 106, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8941.json b/2018/CVE-2018-8941.json new file mode 100644 index 0000000000..810fb29514 --- /dev/null +++ b/2018/CVE-2018-8941.json @@ -0,0 +1,25 @@ +[ + { + "id": 127970329, + "name": "CVE-2018-8941", + "full_name": "SECFORCE\/CVE-2018-8941", + "owner": { + "login": "SECFORCE", + "id": 8157384, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8157384?v=4", + "html_url": "https:\/\/github.com\/SECFORCE" + }, + "html_url": "https:\/\/github.com\/SECFORCE\/CVE-2018-8941", + "description": "D-Link DSL-3782 Code Execution (Proof of Concept)", + "fork": false, + "created_at": "2018-04-03T21:22:34Z", + "updated_at": "2020-05-18T10:42:30Z", + "pushed_at": "2018-04-03T21:59:31Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 9, + "forks": 9, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8970.json b/2018/CVE-2018-8970.json new file mode 100644 index 0000000000..dba7544388 --- /dev/null +++ b/2018/CVE-2018-8970.json @@ -0,0 +1,25 @@ +[ + { + "id": 126690207, + "name": "CVE-2018-8970", + "full_name": "tiran\/CVE-2018-8970", + "owner": { + "login": "tiran", + "id": 444071, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/444071?v=4", + "html_url": "https:\/\/github.com\/tiran" + }, + "html_url": "https:\/\/github.com\/tiran\/CVE-2018-8970", + "description": "Demo for https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2018-8970", + "fork": false, + "created_at": "2018-03-25T11:22:47Z", + "updated_at": "2018-04-10T15:41:19Z", + "pushed_at": "2018-03-25T11:23:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9059.json b/2018/CVE-2018-9059.json new file mode 100644 index 0000000000..be803bc5ac --- /dev/null +++ b/2018/CVE-2018-9059.json @@ -0,0 +1,25 @@ +[ + { + "id": 134121800, + "name": "easy-file-share-7.2-exploit-CVE-2018-9059", + "full_name": "manojcode\/easy-file-share-7.2-exploit-CVE-2018-9059", + "owner": { + "login": "manojcode", + "id": 17510282, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/17510282?v=4", + "html_url": "https:\/\/github.com\/manojcode" + }, + "html_url": "https:\/\/github.com\/manojcode\/easy-file-share-7.2-exploit-CVE-2018-9059", + "description": "My version - Easy File Sharing Web Server 7.2 - 'UserID' - Win 7 'DEP' bypass ", + "fork": false, + "created_at": "2018-05-20T05:13:25Z", + "updated_at": "2018-05-21T06:49:16Z", + "pushed_at": "2018-05-21T06:49:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9075.json b/2018/CVE-2018-9075.json new file mode 100644 index 0000000000..32c43d012f --- /dev/null +++ b/2018/CVE-2018-9075.json @@ -0,0 +1,25 @@ +[ + { + "id": 150627369, + "name": "cve-2018-9075", + "full_name": "beverlymiller818\/cve-2018-9075", + "owner": { + "login": "beverlymiller818", + "id": 43651541, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/43651541?v=4", + "html_url": "https:\/\/github.com\/beverlymiller818" + }, + "html_url": "https:\/\/github.com\/beverlymiller818\/cve-2018-9075", + "description": null, + "fork": false, + "created_at": "2018-09-27T17:58:00Z", + "updated_at": "2018-09-27T19:26:57Z", + "pushed_at": "2018-09-27T19:27:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9160.json b/2018/CVE-2018-9160.json new file mode 100644 index 0000000000..f0fd10b582 --- /dev/null +++ b/2018/CVE-2018-9160.json @@ -0,0 +1,25 @@ +[ + { + "id": 131106110, + "name": "sickrageWTF", + "full_name": "mechanico\/sickrageWTF", + "owner": { + "login": "mechanico", + "id": 32109749, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/32109749?v=4", + "html_url": "https:\/\/github.com\/mechanico" + }, + "html_url": "https:\/\/github.com\/mechanico\/sickrageWTF", + "description": "CVE-2018-9160", + "fork": false, + "created_at": "2018-04-26T05:49:09Z", + "updated_at": "2018-04-26T06:38:11Z", + "pushed_at": "2018-04-26T06:38:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9206.json b/2018/CVE-2018-9206.json index e5fbf38f5d..1d67d12dee 100644 --- a/2018/CVE-2018-9206.json +++ b/2018/CVE-2018-9206.json @@ -1,4 +1,50 @@ [ + { + "id": 154178141, + "name": "CVE-2018-9206", + "full_name": "Den1al\/CVE-2018-9206", + "owner": { + "login": "Den1al", + "id": 7230603, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/7230603?v=4", + "html_url": "https:\/\/github.com\/Den1al" + }, + "html_url": "https:\/\/github.com\/Den1al\/CVE-2018-9206", + "description": "A Python PoC for CVE-2018-9206", + "fork": false, + "created_at": "2018-10-22T16:33:22Z", + "updated_at": "2020-06-04T11:39:14Z", + "pushed_at": "2018-10-22T16:49:08Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 10, + "forks": 10, + "watchers": 13, + "score": 0 + }, + { + "id": 154564555, + "name": "JQShell", + "full_name": "Stahlz\/JQShell", + "owner": { + "login": "Stahlz", + "id": 4689086, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/4689086?v=4", + "html_url": "https:\/\/github.com\/Stahlz" + }, + "html_url": "https:\/\/github.com\/Stahlz\/JQShell", + "description": "A weaponized version of CVE-2018-9206", + "fork": false, + "created_at": "2018-10-24T20:24:20Z", + "updated_at": "2020-10-26T09:05:01Z", + "pushed_at": "2018-10-30T01:48:42Z", + "stargazers_count": 63, + "watchers_count": 63, + "forks_count": 17, + "forks": 17, + "watchers": 63, + "score": 0 + }, { "id": 165319420, "name": "cve-2018-9206", diff --git a/2018/CVE-2018-9411.json b/2018/CVE-2018-9411.json new file mode 100644 index 0000000000..e7912d6f53 --- /dev/null +++ b/2018/CVE-2018-9411.json @@ -0,0 +1,25 @@ +[ + { + "id": 155439217, + "name": "CVE-2018-9411", + "full_name": "tamirzb\/CVE-2018-9411", + "owner": { + "login": "tamirzb", + "id": 1054209, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/1054209?v=4", + "html_url": "https:\/\/github.com\/tamirzb" + }, + "html_url": "https:\/\/github.com\/tamirzb\/CVE-2018-9411", + "description": "Exploit code for CVE-2018-9411 for MediaCasService", + "fork": false, + "created_at": "2018-10-30T18:48:20Z", + "updated_at": "2020-10-21T22:16:25Z", + "pushed_at": "2018-10-30T21:51:16Z", + "stargazers_count": 49, + "watchers_count": 49, + "forks_count": 14, + "forks": 14, + "watchers": 49, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9539.json b/2018/CVE-2018-9539.json new file mode 100644 index 0000000000..5eb2150e1e --- /dev/null +++ b/2018/CVE-2018-9539.json @@ -0,0 +1,25 @@ +[ + { + "id": 157086233, + "name": "CVE-2018-9539", + "full_name": "tamirzb\/CVE-2018-9539", + "owner": { + "login": "tamirzb", + "id": 1054209, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/1054209?v=4", + "html_url": "https:\/\/github.com\/tamirzb" + }, + "html_url": "https:\/\/github.com\/tamirzb\/CVE-2018-9539", + "description": " PoC code for CVE-2018-9539", + "fork": false, + "created_at": "2018-11-11T14:14:04Z", + "updated_at": "2019-07-11T00:57:55Z", + "pushed_at": "2018-11-11T14:19:32Z", + "stargazers_count": 18, + "watchers_count": 18, + "forks_count": 8, + "forks": 8, + "watchers": 18, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9948.json b/2018/CVE-2018-9948.json new file mode 100644 index 0000000000..f8cced72d4 --- /dev/null +++ b/2018/CVE-2018-9948.json @@ -0,0 +1,48 @@ +[ + { + "id": 143491453, + "name": "Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958", + "full_name": "manojcode\/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958", + "owner": { + "login": "manojcode", + "id": 17510282, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/17510282?v=4", + "html_url": "https:\/\/github.com\/manojcode" + }, + "html_url": "https:\/\/github.com\/manojcode\/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958", + "description": "Foxit Reader version 9.0.1.1049 Use After Free with ASLR and DEP bypass on heap", + "fork": false, + "created_at": "2018-08-04T02:32:28Z", + "updated_at": "2018-09-17T14:27:42Z", + "pushed_at": "2018-09-11T14:19:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, + { + "id": 145526091, + "name": "cve-2018-9948-9958-exp", + "full_name": "orangepirate\/cve-2018-9948-9958-exp", + "owner": { + "login": "orangepirate", + "id": 40813235, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/40813235?v=4", + "html_url": "https:\/\/github.com\/orangepirate" + }, + "html_url": "https:\/\/github.com\/orangepirate\/cve-2018-9948-9958-exp", + "description": "a exp for cve-2018-9948\/9958 , current shellcode called win-calc ", + "fork": false, + "created_at": "2018-08-21T07:43:38Z", + "updated_at": "2018-08-24T00:18:07Z", + "pushed_at": "2018-08-24T00:18:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9958.json b/2018/CVE-2018-9958.json new file mode 100644 index 0000000000..74fd656723 --- /dev/null +++ b/2018/CVE-2018-9958.json @@ -0,0 +1,25 @@ +[ + { + "id": 138641204, + "name": "CVE-2018-9958--Exploit", + "full_name": "t3rabyt3-zz\/CVE-2018-9958--Exploit", + "owner": { + "login": "t3rabyt3-zz", + "id": 37320349, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/37320349?v=4", + "html_url": "https:\/\/github.com\/t3rabyt3-zz" + }, + "html_url": "https:\/\/github.com\/t3rabyt3-zz\/CVE-2018-9958--Exploit", + "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Text Annotations. When setting the point attribute, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process.", + "fork": false, + "created_at": "2018-06-25T19:34:36Z", + "updated_at": "2018-06-25T19:43:30Z", + "pushed_at": "2018-06-25T19:43:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9995.json b/2018/CVE-2018-9995.json index 80ab4d9cf0..0b7f092e8d 100644 --- a/2018/CVE-2018-9995.json +++ b/2018/CVE-2018-9995.json @@ -22,6 +22,121 @@ "watchers": 436, "score": 0 }, + { + "id": 132603275, + "name": "CVE-2018-9995_Batch_scanning_exp", + "full_name": "zzh217\/CVE-2018-9995_Batch_scanning_exp", + "owner": { + "login": "zzh217", + "id": 26359175, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26359175?v=4", + "html_url": "https:\/\/github.com\/zzh217" + }, + "html_url": "https:\/\/github.com\/zzh217\/CVE-2018-9995_Batch_scanning_exp", + "description": "CVE-2018-9995_Batch_scanning_exp", + "fork": false, + "created_at": "2018-05-08T12:07:26Z", + "updated_at": "2018-11-29T12:00:35Z", + "pushed_at": "2018-08-09T14:41:32Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 2, + "forks": 2, + "watchers": 4, + "score": 0 + }, + { + "id": 132681023, + "name": "CVE-2018-9995_check", + "full_name": "Huangkey\/CVE-2018-9995_check", + "owner": { + "login": "Huangkey", + "id": 22346795, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/22346795?v=4", + "html_url": "https:\/\/github.com\/Huangkey" + }, + "html_url": "https:\/\/github.com\/Huangkey\/CVE-2018-9995_check", + "description": "DVR系列摄像头批量检测", + "fork": false, + "created_at": "2018-05-09T00:43:24Z", + "updated_at": "2020-07-23T08:06:05Z", + "pushed_at": "2018-05-09T10:13:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 133002644, + "name": "CVE-2018-9995-ModifiedByGwolfs", + "full_name": "gwolfs\/CVE-2018-9995-ModifiedByGwolfs", + "owner": { + "login": "gwolfs", + "id": 39183087, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/39183087?v=4", + "html_url": "https:\/\/github.com\/gwolfs" + }, + "html_url": "https:\/\/github.com\/gwolfs\/CVE-2018-9995-ModifiedByGwolfs", + "description": null, + "fork": false, + "created_at": "2018-05-11T07:05:37Z", + "updated_at": "2018-05-21T06:35:44Z", + "pushed_at": "2018-05-21T06:35:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 139241933, + "name": "cve-2018-9995", + "full_name": "shacojx\/cve-2018-9995", + "owner": { + "login": "shacojx", + "id": 19655109, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/19655109?v=4", + "html_url": "https:\/\/github.com\/shacojx" + }, + "html_url": "https:\/\/github.com\/shacojx\/cve-2018-9995", + "description": "exploit camera with vuln cve-2018-9995 ( Novo, CeNova, QSee, Pulnix, XVR 5 in 1 (title: \"XVR Login\"), Securus, - Security. Never Compromise !! - Night OWL, DVR Login, HVR Login, MDVR Login )", + "fork": false, + "created_at": "2018-06-30T10:54:40Z", + "updated_at": "2020-06-09T05:57:47Z", + "pushed_at": "2018-06-30T10:55:19Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + }, + { + "id": 150025071, + "name": "DVR-Exploiter", + "full_name": "Cyb0r9\/DVR-Exploiter", + "owner": { + "login": "Cyb0r9", + "id": 43474676, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/43474676?v=4", + "html_url": "https:\/\/github.com\/Cyb0r9" + }, + "html_url": "https:\/\/github.com\/Cyb0r9\/DVR-Exploiter", + "description": "DVR-Exploiter a Bash Script Program Exploit The DVR's Based on CVE-2018-9995", + "fork": false, + "created_at": "2018-09-23T20:58:40Z", + "updated_at": "2020-12-11T04:05:48Z", + "pushed_at": "2018-10-11T16:54:31Z", + "stargazers_count": 80, + "watchers_count": 80, + "forks_count": 41, + "forks": 41, + "watchers": 80, + "score": 0 + }, { "id": 167874136, "name": "CVE-2018-9995", diff --git a/2019/CVE-2019-17558.json b/2019/CVE-2019-17558.json index 28ae59d270..c772726cbf 100644 --- a/2019/CVE-2019-17558.json +++ b/2019/CVE-2019-17558.json @@ -36,13 +36,13 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2020-12-19T08:14:50Z", + "updated_at": "2020-12-19T17:08:43Z", "pushed_at": "2020-11-07T05:55:00Z", - "stargazers_count": 2183, - "watchers_count": 2183, + "stargazers_count": 2184, + "watchers_count": 2184, "forks_count": 613, "forks": 613, - "watchers": 2183, + "watchers": 2184, "score": 0 }, { diff --git a/2019/CVE-2019-19781.json b/2019/CVE-2019-19781.json index 8a24b7a131..ed95d826ec 100644 --- a/2019/CVE-2019-19781.json +++ b/2019/CVE-2019-19781.json @@ -155,8 +155,8 @@ "pushed_at": "2020-08-28T14:09:20Z", "stargazers_count": 100, "watchers_count": 100, - "forks_count": 33, - "forks": 33, + "forks_count": 34, + "forks": 34, "watchers": 100, "score": 0 }, diff --git a/2019/CVE-2019-2215.json b/2019/CVE-2019-2215.json index 464a5a5f0e..957d3bd3b7 100644 --- a/2019/CVE-2019-2215.json +++ b/2019/CVE-2019-2215.json @@ -63,8 +63,8 @@ "pushed_at": "2019-10-15T01:04:08Z", "stargazers_count": 57, "watchers_count": 57, - "forks_count": 43, - "forks": 43, + "forks_count": 42, + "forks": 42, "watchers": 57, "score": 0 }, diff --git a/2019/CVE-2019-5475.json b/2019/CVE-2019-5475.json index 5fce5d1334..5becf6eca5 100644 --- a/2019/CVE-2019-5475.json +++ b/2019/CVE-2019-5475.json @@ -59,8 +59,8 @@ "description": "CVE-2019-5475 靶场: RCE 漏洞", "fork": false, "created_at": "2020-12-16T14:03:16Z", - "updated_at": "2020-12-19T13:03:38Z", - "pushed_at": "2020-12-19T13:03:36Z", + "updated_at": "2020-12-19T15:43:52Z", + "pushed_at": "2020-12-19T15:43:50Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, diff --git a/2020/CVE-2020-0601.json b/2020/CVE-2020-0601.json index 31151845cd..6ed6937ad0 100644 --- a/2020/CVE-2020-0601.json +++ b/2020/CVE-2020-0601.json @@ -1,27 +1,4 @@ [ - { - "id": 233959211, - "name": "CVE-2020-0601", - "full_name": "nissan-sudo\/CVE-2020-0601", - "owner": { - "login": "nissan-sudo", - "id": 58976920, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/58976920?v=4", - "html_url": "https:\/\/github.com\/nissan-sudo" - }, - "html_url": "https:\/\/github.com\/nissan-sudo\/CVE-2020-0601", - "description": "Remote Code Execution Exploit ", - "fork": false, - "created_at": "2020-01-14T23:53:18Z", - "updated_at": "2020-01-27T17:28:37Z", - "pushed_at": "2020-01-14T23:56:22Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 1, - "forks": 1, - "watchers": 2, - "score": 0 - }, { "id": 233960159, "name": "cve-2020-0601", @@ -45,52 +22,6 @@ "watchers": 34, "score": 0 }, - { - "id": 234134766, - "name": "CVE-2020-0601", - "full_name": "SherlockSec\/CVE-2020-0601", - "owner": { - "login": "SherlockSec", - "id": 37545173, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/37545173?v=4", - "html_url": "https:\/\/github.com\/SherlockSec" - }, - "html_url": "https:\/\/github.com\/SherlockSec\/CVE-2020-0601", - "description": "A Windows Crypto Exploit", - "fork": false, - "created_at": "2020-01-15T17:26:58Z", - "updated_at": "2020-01-16T20:56:07Z", - "pushed_at": "2020-01-15T17:28:20Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - }, - { - "id": 234146234, - "name": "CVE-2020-0601", - "full_name": "JPurrier\/CVE-2020-0601", - "owner": { - "login": "JPurrier", - "id": 25715340, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25715340?v=4", - "html_url": "https:\/\/github.com\/JPurrier" - }, - "html_url": "https:\/\/github.com\/JPurrier\/CVE-2020-0601", - "description": null, - "fork": false, - "created_at": "2020-01-15T18:31:30Z", - "updated_at": "2020-01-17T10:49:19Z", - "pushed_at": "2020-01-17T10:49:17Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, { "id": 234190972, "name": "cve-2020-0601-plugin", @@ -114,29 +45,6 @@ "watchers": 5, "score": 0 }, - { - "id": 234191063, - "name": "CurveBall", - "full_name": "ollypwn\/CurveBall", - "owner": { - "login": "ollypwn", - "id": 53348818, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/53348818?v=4", - "html_url": "https:\/\/github.com\/ollypwn" - }, - "html_url": "https:\/\/github.com\/ollypwn\/CurveBall", - "description": "PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll)", - "fork": false, - "created_at": "2020-01-15T23:07:41Z", - "updated_at": "2020-12-18T15:31:06Z", - "pushed_at": "2020-01-20T23:33:19Z", - "stargazers_count": 848, - "watchers_count": 848, - "forks_count": 219, - "forks": 219, - "watchers": 848, - "score": 0 - }, { "id": 234192123, "name": "chainoffools", @@ -160,75 +68,6 @@ "watchers": 333, "score": 0 }, - { - "id": 234220195, - "name": "Awesome-CVE-2020-0601", - "full_name": "RrUZi\/Awesome-CVE-2020-0601", - "owner": { - "login": "RrUZi", - "id": 43235635, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/43235635?v=4", - "html_url": "https:\/\/github.com\/RrUZi" - }, - "html_url": "https:\/\/github.com\/RrUZi\/Awesome-CVE-2020-0601", - "description": "😂An awesome curated list of repos for CVE-2020-0601.", - "fork": false, - "created_at": "2020-01-16T02:46:21Z", - "updated_at": "2020-02-13T14:33:37Z", - "pushed_at": "2020-02-02T02:29:23Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 1, - "forks": 1, - "watchers": 3, - "score": 0 - }, - { - "id": 234317211, - "name": "CVE-2020-0601", - "full_name": "BleepSec\/CVE-2020-0601", - "owner": { - "login": "BleepSec", - "id": 550582, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/550582?v=4", - "html_url": "https:\/\/github.com\/BleepSec" - }, - "html_url": "https:\/\/github.com\/BleepSec\/CVE-2020-0601", - "description": "Curated list of CVE-2020-0601 resources", - "fork": false, - "created_at": "2020-01-16T12:40:48Z", - "updated_at": "2020-09-05T23:01:53Z", - "pushed_at": "2020-02-03T21:24:45Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 2, - "forks": 2, - "watchers": 2, - "score": 0 - }, - { - "id": 234378948, - "name": "CVE-2020-0601", - "full_name": "apmunch\/CVE-2020-0601", - "owner": { - "login": "apmunch", - "id": 7328483, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/7328483?v=4", - "html_url": "https:\/\/github.com\/apmunch" - }, - "html_url": "https:\/\/github.com\/apmunch\/CVE-2020-0601", - "description": null, - "fork": false, - "created_at": "2020-01-16T17:54:36Z", - "updated_at": "2020-01-16T18:04:01Z", - "pushed_at": "2020-01-16T18:03:59Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, { "id": 234433419, "name": "badecparams", @@ -252,213 +91,6 @@ "watchers": 60, "score": 0 }, - { - "id": 234442281, - "name": "cve-2020-0601-utils", - "full_name": "0xxon\/cve-2020-0601-utils", - "owner": { - "login": "0xxon", - "id": 1538460, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/1538460?v=4", - "html_url": "https:\/\/github.com\/0xxon" - }, - "html_url": "https:\/\/github.com\/0xxon\/cve-2020-0601-utils", - "description": "C++ based utility to check if certificates are trying to exploit CVE-2020-0601", - "fork": false, - "created_at": "2020-01-17T01:02:52Z", - "updated_at": "2020-01-21T19:49:00Z", - "pushed_at": "2020-01-21T19:48:58Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 2, - "forks": 2, - "watchers": 0, - "score": 0 - }, - { - "id": 234588471, - "name": "CVE-2020-0601", - "full_name": "MarkusZehnle\/CVE-2020-0601", - "owner": { - "login": "MarkusZehnle", - "id": 60010315, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/60010315?v=4", - "html_url": "https:\/\/github.com\/MarkusZehnle" - }, - "html_url": "https:\/\/github.com\/MarkusZehnle\/CVE-2020-0601", - "description": null, - "fork": false, - "created_at": "2020-01-17T16:24:31Z", - "updated_at": "2020-01-17T16:42:32Z", - "pushed_at": "2020-01-17T16:42:30Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "forks": 1, - "watchers": 0, - "score": 0 - }, - { - "id": 234598729, - "name": "CVE-2020-0601", - "full_name": "YoannDqr\/CVE-2020-0601", - "owner": { - "login": "YoannDqr", - "id": 26006989, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/26006989?v=4", - "html_url": "https:\/\/github.com\/YoannDqr" - }, - "html_url": "https:\/\/github.com\/YoannDqr\/CVE-2020-0601", - "description": "CurveBall CVE exploitation", - "fork": false, - "created_at": "2020-01-17T17:17:55Z", - "updated_at": "2020-02-09T12:37:38Z", - "pushed_at": "2020-01-20T10:52:57Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 0, - "forks": 0, - "watchers": 2, - "score": 0 - }, - { - "id": 234714299, - "name": "cve-2020-0601-Perl", - "full_name": "thimelp\/cve-2020-0601-Perl", - "owner": { - "login": "thimelp", - "id": 60032194, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/60032194?v=4", - "html_url": "https:\/\/github.com\/thimelp" - }, - "html_url": "https:\/\/github.com\/thimelp\/cve-2020-0601-Perl", - "description": "Perl version of recently published scripts to build ECC certificates with specific parameters re CVE-2020-0601", - "fork": false, - "created_at": "2020-01-18T09:58:16Z", - "updated_at": "2020-02-07T23:24:44Z", - "pushed_at": "2020-01-18T12:07:06Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 234920281, - "name": "curveball_lua", - "full_name": "dlee35\/curveball_lua", - "owner": { - "login": "dlee35", - "id": 7849311, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7849311?v=4", - "html_url": "https:\/\/github.com\/dlee35" - }, - "html_url": "https:\/\/github.com\/dlee35\/curveball_lua", - "description": "Repo containing lua scripts and PCAP to find CVE-2020-0601 exploit attempts via network traffic", - "fork": false, - "created_at": "2020-01-19T15:20:19Z", - "updated_at": "2020-01-19T21:25:55Z", - "pushed_at": "2020-01-19T21:25:53Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 234944443, - "name": "-CVE-2020-0601-ECC---EXPLOIT", - "full_name": "IIICTECH\/-CVE-2020-0601-ECC---EXPLOIT", - "owner": { - "login": "IIICTECH", - "id": 5104528, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/5104528?v=4", - "html_url": "https:\/\/github.com\/IIICTECH" - }, - "html_url": "https:\/\/github.com\/IIICTECH\/-CVE-2020-0601-ECC---EXPLOIT", - "description": "CurveBall (CVE-2020-0601) - PoC CVE-2020-0601, or commonly referred to as CurveBall, is a vulnerability in which the signature of certificates using elliptic curve cryptography (ECC) is not correctly verified. Attackers can supply hand-rolled generators, bypassing validation, antivirus & all non-protections. ", - "fork": false, - "created_at": "2020-01-19T18:20:26Z", - "updated_at": "2020-01-27T17:28:54Z", - "pushed_at": "2020-01-19T18:26:33Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - }, - { - "id": 235000073, - "name": "CVE-2020-0601", - "full_name": "Ash112121\/CVE-2020-0601", - "owner": { - "login": "Ash112121", - "id": 50549802, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/50549802?v=4", - "html_url": "https:\/\/github.com\/Ash112121" - }, - "html_url": "https:\/\/github.com\/Ash112121\/CVE-2020-0601", - "description": null, - "fork": false, - "created_at": "2020-01-20T02:04:05Z", - "updated_at": "2020-01-20T02:05:22Z", - "pushed_at": "2020-01-20T02:05:20Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 235145190, - "name": "curveball", - "full_name": "gentilkiwi\/curveball", - "owner": { - "login": "gentilkiwi", - "id": 2307945, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2307945?v=4", - "html_url": "https:\/\/github.com\/gentilkiwi" - }, - "html_url": "https:\/\/github.com\/gentilkiwi\/curveball", - "description": "CVE-2020-0601 #curveball - Alternative Key Calculator", - "fork": false, - "created_at": "2020-01-20T16:24:20Z", - "updated_at": "2020-10-22T16:56:08Z", - "pushed_at": "2020-01-20T23:00:14Z", - "stargazers_count": 63, - "watchers_count": 63, - "forks_count": 11, - "forks": 11, - "watchers": 63, - "score": 0 - }, - { - "id": 235858699, - "name": "CurveBall", - "full_name": "Hans-MartinHannibalLauridsen\/CurveBall", - "owner": { - "login": "Hans-MartinHannibalLauridsen", - "id": 19854797, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/19854797?v=4", - "html_url": "https:\/\/github.com\/Hans-MartinHannibalLauridsen" - }, - "html_url": "https:\/\/github.com\/Hans-MartinHannibalLauridsen\/CurveBall", - "description": "CVE-2020-0601: Windows CryptoAPI Vulnerability. (CurveBall\/ChainOfFools)", - "fork": false, - "created_at": "2020-01-23T18:26:48Z", - "updated_at": "2020-11-12T18:41:17Z", - "pushed_at": "2020-01-28T10:11:44Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - }, { "id": 236119532, "name": "PoC_CurveBall", @@ -482,121 +114,6 @@ "watchers": 0, "score": 0 }, - { - "id": 236845131, - "name": "Curveball", - "full_name": "ioncodes\/Curveball", - "owner": { - "login": "ioncodes", - "id": 18533297, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/18533297?v=4", - "html_url": "https:\/\/github.com\/ioncodes" - }, - "html_url": "https:\/\/github.com\/ioncodes\/Curveball", - "description": "PoC for CVE-2020-0601 - CryptoAPI exploit", - "fork": false, - "created_at": "2020-01-28T21:24:54Z", - "updated_at": "2020-10-30T02:47:32Z", - "pushed_at": "2020-01-28T22:06:57Z", - "stargazers_count": 18, - "watchers_count": 18, - "forks_count": 3, - "forks": 3, - "watchers": 18, - "score": 0 - }, - { - "id": 236884560, - "name": "gringotts", - "full_name": "amlweems\/gringotts", - "owner": { - "login": "amlweems", - "id": 117625, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/117625?v=4", - "html_url": "https:\/\/github.com\/amlweems" - }, - "html_url": "https:\/\/github.com\/amlweems\/gringotts", - "description": "proof of concept for CVE-2020-0601", - "fork": false, - "created_at": "2020-01-29T01:59:43Z", - "updated_at": "2020-01-29T02:12:44Z", - "pushed_at": "2020-01-30T20:16:15Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 237977846, - "name": "CVE-2020-0601", - "full_name": "aloswoya\/CVE-2020-0601", - "owner": { - "login": "aloswoya", - "id": 21354684, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/21354684?v=4", - "html_url": "https:\/\/github.com\/aloswoya" - }, - "html_url": "https:\/\/github.com\/aloswoya\/CVE-2020-0601", - "description": "PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll) POC: https:\/\/github.com\/ollypwn\/CurveBall", - "fork": false, - "created_at": "2020-02-03T13:58:07Z", - "updated_at": "2020-02-03T16:30:26Z", - "pushed_at": "2020-02-03T16:30:25Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 0, - "forks": 0, - "watchers": 2, - "score": 0 - }, - { - "id": 237996900, - "name": "CurveBallDetection", - "full_name": "talbeerysec\/CurveBallDetection", - "owner": { - "login": "talbeerysec", - "id": 25826743, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25826743?v=4", - "html_url": "https:\/\/github.com\/talbeerysec" - }, - "html_url": "https:\/\/github.com\/talbeerysec\/CurveBallDetection", - "description": "Resources related to CurveBall (CVE-2020-0601) detection", - "fork": false, - "created_at": "2020-02-03T15:25:54Z", - "updated_at": "2020-02-03T21:05:53Z", - "pushed_at": "2020-02-03T21:05:50Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "forks": 1, - "watchers": 0, - "score": 0 - }, - { - "id": 238791221, - "name": "CurveballCertTool", - "full_name": "david4599\/CurveballCertTool", - "owner": { - "login": "david4599", - "id": 29437084, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29437084?v=4", - "html_url": "https:\/\/github.com\/david4599" - }, - "html_url": "https:\/\/github.com\/david4599\/CurveballCertTool", - "description": "PoC for CVE-2020-0601 vulnerability (Code Signing)", - "fork": false, - "created_at": "2020-02-06T21:46:31Z", - "updated_at": "2020-02-17T01:12:16Z", - "pushed_at": "2020-02-06T22:04:17Z", - "stargazers_count": 4, - "watchers_count": 4, - "forks_count": 4, - "forks": 4, - "watchers": 4, - "score": 0 - }, { "id": 241135389, "name": "CVE-2020-0601-EXP", diff --git a/2020/CVE-2020-0609.json b/2020/CVE-2020-0609.json index 69ca700b4a..fc12d1295e 100644 --- a/2020/CVE-2020-0609.json +++ b/2020/CVE-2020-0609.json @@ -21,97 +21,5 @@ "forks": 5, "watchers": 34, "score": 0 - }, - { - "id": 235899471, - "name": "BlueGate", - "full_name": "ollypwn\/BlueGate", - "owner": { - "login": "ollypwn", - "id": 53348818, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/53348818?v=4", - "html_url": "https:\/\/github.com\/ollypwn" - }, - "html_url": "https:\/\/github.com\/ollypwn\/BlueGate", - "description": "PoC (DoS + scanner) for CVE-2020-0609 & CVE-2020-0610 - RD Gateway RCE", - "fork": false, - "created_at": "2020-01-23T22:29:46Z", - "updated_at": "2020-12-12T09:15:12Z", - "pushed_at": "2020-01-24T15:21:06Z", - "stargazers_count": 232, - "watchers_count": 232, - "forks_count": 73, - "forks": 73, - "watchers": 232, - "score": 0 - }, - { - "id": 235935839, - "name": "RDGScanner", - "full_name": "MalwareTech\/RDGScanner", - "owner": { - "login": "MalwareTech", - "id": 7256561, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7256561?v=4", - "html_url": "https:\/\/github.com\/MalwareTech" - }, - "html_url": "https:\/\/github.com\/MalwareTech\/RDGScanner", - "description": "A proof-of-concept scanner to check an RDG Gateway Server for vulnerabilities CVE-2020-0609 & CVE-2020-0610.", - "fork": false, - "created_at": "2020-01-24T03:52:49Z", - "updated_at": "2020-12-10T08:53:59Z", - "pushed_at": "2020-01-26T21:04:27Z", - "stargazers_count": 69, - "watchers_count": 69, - "forks_count": 30, - "forks": 30, - "watchers": 69, - "score": 0 - }, - { - "id": 236030102, - "name": "CVE-2020-0609", - "full_name": "Bechsen\/CVE-2020-0609", - "owner": { - "login": "Bechsen", - "id": 6298298, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/6298298?v=4", - "html_url": "https:\/\/github.com\/Bechsen" - }, - "html_url": "https:\/\/github.com\/Bechsen\/CVE-2020-0609", - "description": null, - "fork": false, - "created_at": "2020-01-24T15:39:39Z", - "updated_at": "2020-01-28T12:36:06Z", - "pushed_at": "2020-01-28T12:36:04Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 2, - "forks": 2, - "watchers": 1, - "score": 0 - }, - { - "id": 236072228, - "name": "BlueGate", - "full_name": "ioncodes\/BlueGate", - "owner": { - "login": "ioncodes", - "id": 18533297, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/18533297?v=4", - "html_url": "https:\/\/github.com\/ioncodes" - }, - "html_url": "https:\/\/github.com\/ioncodes\/BlueGate", - "description": "PoC for the Remote Desktop Gateway vulnerability - CVE-2020-0609 & CVE-2020-0610", - "fork": false, - "created_at": "2020-01-24T19:47:45Z", - "updated_at": "2020-12-11T14:22:52Z", - "pushed_at": "2020-01-31T13:49:06Z", - "stargazers_count": 74, - "watchers_count": 74, - "forks_count": 17, - "forks": 17, - "watchers": 74, - "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-0674.json b/2020/CVE-2020-0674.json index cbd12e02b5..ea23a3f13f 100644 --- a/2020/CVE-2020-0674.json +++ b/2020/CVE-2020-0674.json @@ -1,27 +1,4 @@ [ - { - "id": 235790827, - "name": "CVE-2020-0674", - "full_name": "binaryfigments\/CVE-2020-0674", - "owner": { - "login": "binaryfigments", - "id": 2205121, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/2205121?v=4", - "html_url": "https:\/\/github.com\/binaryfigments" - }, - "html_url": "https:\/\/github.com\/binaryfigments\/CVE-2020-0674", - "description": "Info about CVE-2020-0674", - "fork": false, - "created_at": "2020-01-23T12:30:51Z", - "updated_at": "2020-03-30T17:27:13Z", - "pushed_at": "2020-01-23T12:54:24Z", - "stargazers_count": 14, - "watchers_count": 14, - "forks_count": 9, - "forks": 9, - "watchers": 14, - "score": 0 - }, { "id": 262167867, "name": "CVE-2020-0674-Exploit", diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json index c263278b53..70cbf71e61 100644 --- a/2020/CVE-2020-0796.json +++ b/2020/CVE-2020-0796.json @@ -105,13 +105,13 @@ "description": "Scanner for CVE-2020-0796 - SMBv3 RCE", "fork": false, "created_at": "2020-03-11T15:21:27Z", - "updated_at": "2020-12-17T22:22:43Z", + "updated_at": "2020-12-19T16:37:32Z", "pushed_at": "2020-10-01T08:36:29Z", - "stargazers_count": 567, - "watchers_count": 567, + "stargazers_count": 568, + "watchers_count": 568, "forks_count": 190, "forks": 190, - "watchers": 567, + "watchers": 568, "score": 0 }, { diff --git a/2020/CVE-2020-1350.json b/2020/CVE-2020-1350.json index 6579da6948..552698bb0e 100644 --- a/2020/CVE-2020-1350.json +++ b/2020/CVE-2020-1350.json @@ -151,13 +151,13 @@ "description": "A denial-of-service proof-of-concept for CVE-2020-1350", "fork": false, "created_at": "2020-07-15T23:00:00Z", - "updated_at": "2020-12-10T17:55:52Z", + "updated_at": "2020-12-19T20:36:23Z", "pushed_at": "2020-07-17T13:07:29Z", - "stargazers_count": 221, - "watchers_count": 221, + "stargazers_count": 222, + "watchers_count": 222, "forks_count": 52, "forks": 52, - "watchers": 221, + "watchers": 222, "score": 0 }, { diff --git a/2020/CVE-2020-1472.json b/2020/CVE-2020-1472.json index cb62f0a927..72ee8b4476 100644 --- a/2020/CVE-2020-1472.json +++ b/2020/CVE-2020-1472.json @@ -36,13 +36,13 @@ "description": "Test tool for CVE-2020-1472", "fork": false, "created_at": "2020-09-08T08:58:37Z", - "updated_at": "2020-12-18T14:04:28Z", + "updated_at": "2020-12-19T19:05:33Z", "pushed_at": "2020-10-21T12:10:28Z", - "stargazers_count": 1213, - "watchers_count": 1213, + "stargazers_count": 1214, + "watchers_count": 1214, "forks_count": 279, "forks": 279, - "watchers": 1213, + "watchers": 1214, "score": 0 }, { diff --git a/2020/CVE-2020-14882.json b/2020/CVE-2020-14882.json index 4a07a560f8..3857689210 100644 --- a/2020/CVE-2020-14882.json +++ b/2020/CVE-2020-14882.json @@ -13,13 +13,13 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2020-12-19T08:14:50Z", + "updated_at": "2020-12-19T17:08:43Z", "pushed_at": "2020-11-07T05:55:00Z", - "stargazers_count": 2183, - "watchers_count": 2183, + "stargazers_count": 2184, + "watchers_count": 2184, "forks_count": 613, "forks": 613, - "watchers": 2183, + "watchers": 2184, "score": 0 }, { diff --git a/2020/CVE-2020-1611.json b/2020/CVE-2020-1611.json deleted file mode 100644 index 33a3c99052..0000000000 --- a/2020/CVE-2020-1611.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 235582404, - "name": "CVE-2020-1611", - "full_name": "Ibonok\/CVE-2020-1611", - "owner": { - "login": "Ibonok", - "id": 37837775, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/37837775?v=4", - "html_url": "https:\/\/github.com\/Ibonok" - }, - "html_url": "https:\/\/github.com\/Ibonok\/CVE-2020-1611", - "description": "Juniper Junos Space (CVE-2020-1611) (PoC)", - "fork": false, - "created_at": "2020-01-22T13:45:21Z", - "updated_at": "2020-12-08T01:53:06Z", - "pushed_at": "2020-01-22T14:01:32Z", - "stargazers_count": 21, - "watchers_count": 21, - "forks_count": 8, - "forks": 8, - "watchers": 21, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-17530.json b/2020/CVE-2020-17530.json index bad3dddb36..2c226319cb 100644 --- a/2020/CVE-2020-17530.json +++ b/2020/CVE-2020-17530.json @@ -33,10 +33,10 @@ "html_url": "https:\/\/github.com\/wuzuowei" }, "html_url": "https:\/\/github.com\/wuzuowei\/CVE-2020-17530", - "description": "Collect S2-061 payloads", + "description": "S2-061 的payload,以及对应简单的PoC\/Exp", "fork": false, "created_at": "2020-12-10T17:42:37Z", - "updated_at": "2020-12-18T23:06:04Z", + "updated_at": "2020-12-19T15:33:47Z", "pushed_at": "2020-12-18T00:57:50Z", "stargazers_count": 30, "watchers_count": 30, diff --git a/2020/CVE-2020-2551.json b/2020/CVE-2020-2551.json index 44b53a5de4..563160b015 100644 --- a/2020/CVE-2020-2551.json +++ b/2020/CVE-2020-2551.json @@ -22,29 +22,6 @@ "watchers": 839, "score": 0 }, - { - "id": 234696172, - "name": "CVE-2020-2551", - "full_name": "jas502n\/CVE-2020-2551", - "owner": { - "login": "jas502n", - "id": 16593068, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", - "html_url": "https:\/\/github.com\/jas502n" - }, - "html_url": "https:\/\/github.com\/jas502n\/CVE-2020-2551", - "description": "Weblogic RCE with IIOP", - "fork": false, - "created_at": "2020-01-18T07:08:06Z", - "updated_at": "2020-10-29T01:38:33Z", - "pushed_at": "2020-01-18T07:14:34Z", - "stargazers_count": 76, - "watchers_count": 76, - "forks_count": 13, - "forks": 13, - "watchers": 76, - "score": 0 - }, { "id": 234901198, "name": "CVE-2020-2551", @@ -59,13 +36,13 @@ "description": "how detect CVE-2020-2551 poc exploit python Weblogic RCE with IIOP", "fork": false, "created_at": "2020-01-19T13:01:32Z", - "updated_at": "2020-12-09T04:01:14Z", + "updated_at": "2020-12-19T21:08:17Z", "pushed_at": "2020-05-22T08:46:20Z", - "stargazers_count": 146, - "watchers_count": 146, + "stargazers_count": 147, + "watchers_count": 147, "forks_count": 33, "forks": 33, - "watchers": 146, + "watchers": 147, "score": 0 }, { diff --git a/2020/CVE-2020-2655.json b/2020/CVE-2020-2655.json deleted file mode 100644 index e15c1ddb3f..0000000000 --- a/2020/CVE-2020-2655.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 233879183, - "name": "CVE-2020-2655-DemoServer", - "full_name": "RUB-NDS\/CVE-2020-2655-DemoServer", - "owner": { - "login": "RUB-NDS", - "id": 11559003, - "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/11559003?v=4", - "html_url": "https:\/\/github.com\/RUB-NDS" - }, - "html_url": "https:\/\/github.com\/RUB-NDS\/CVE-2020-2655-DemoServer", - "description": null, - "fork": false, - "created_at": "2020-01-14T15:59:48Z", - "updated_at": "2020-03-20T23:04:07Z", - "pushed_at": "2020-01-20T10:45:47Z", - "stargazers_count": 5, - "watchers_count": 5, - "forks_count": 1, - "forks": 1, - "watchers": 5, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-3452.json b/2020/CVE-2020-3452.json index 4f9e2cf70c..fd3c9ba264 100644 --- a/2020/CVE-2020-3452.json +++ b/2020/CVE-2020-3452.json @@ -293,8 +293,8 @@ "pushed_at": "2020-12-13T13:49:30Z", "stargazers_count": 9, "watchers_count": 9, - "forks_count": 3, - "forks": 3, + "forks_count": 4, + "forks": 4, "watchers": 9, "score": 0 } diff --git a/2020/CVE-2020-3833.json b/2020/CVE-2020-3833.json deleted file mode 100644 index 4ea8c85668..0000000000 --- a/2020/CVE-2020-3833.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 235952111, - "name": "Safari-Address-Bar-Spoof-CVE-2020-3833-", - "full_name": "c0d3G33k\/Safari-Address-Bar-Spoof-CVE-2020-3833-", - "owner": { - "login": "c0d3G33k", - "id": 16446505, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16446505?v=4", - "html_url": "https:\/\/github.com\/c0d3G33k" - }, - "html_url": "https:\/\/github.com\/c0d3G33k\/Safari-Address-Bar-Spoof-CVE-2020-3833-", - "description": null, - "fork": false, - "created_at": "2020-01-24T06:35:07Z", - "updated_at": "2020-09-23T12:58:01Z", - "pushed_at": "2020-01-24T06:49:16Z", - "stargazers_count": 4, - "watchers_count": 4, - "forks_count": 1, - "forks": 1, - "watchers": 4, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-5236.json b/2020/CVE-2020-5236.json deleted file mode 100644 index 70b8e2840c..0000000000 --- a/2020/CVE-2020-5236.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 238621679, - "name": "CVE-2020-5236", - "full_name": "motikan2010\/CVE-2020-5236", - "owner": { - "login": "motikan2010", - "id": 3177297, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3177297?v=4", - "html_url": "https:\/\/github.com\/motikan2010" - }, - "html_url": "https:\/\/github.com\/motikan2010\/CVE-2020-5236", - "description": "Waitress 1.4.2 ReDoS - CVE-2020-5236 (Blog Sample Code)", - "fork": false, - "created_at": "2020-02-06T06:21:02Z", - "updated_at": "2020-08-27T17:38:17Z", - "pushed_at": "2020-02-06T09:45:23Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 1, - "forks": 1, - "watchers": 2, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-5398.json b/2020/CVE-2020-5398.json deleted file mode 100644 index de543045e7..0000000000 --- a/2020/CVE-2020-5398.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 234478120, - "name": "CVE-2020-5398", - "full_name": "motikan2010\/CVE-2020-5398", - "owner": { - "login": "motikan2010", - "id": 3177297, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3177297?v=4", - "html_url": "https:\/\/github.com\/motikan2010" - }, - "html_url": "https:\/\/github.com\/motikan2010\/CVE-2020-5398", - "description": "💣 CVE-2020-5398 - RFD(Reflected File Download) Attack for Spring MVC", - "fork": false, - "created_at": "2020-01-17T05:35:01Z", - "updated_at": "2020-11-27T08:19:08Z", - "pushed_at": "2020-01-22T04:58:59Z", - "stargazers_count": 78, - "watchers_count": 78, - "forks_count": 21, - "forks": 21, - "watchers": 78, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-5509.json b/2020/CVE-2020-5509.json deleted file mode 100644 index d1c15f15ef..0000000000 --- a/2020/CVE-2020-5509.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 231982886, - "name": "CVE-2020-5509", - "full_name": "FULLSHADE\/CVE-2020-5509", - "owner": { - "login": "FULLSHADE", - "id": 54753063, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/54753063?v=4", - "html_url": "https:\/\/github.com\/FULLSHADE" - }, - "html_url": "https:\/\/github.com\/FULLSHADE\/CVE-2020-5509", - "description": "Car Rental Project v.1.0 Remote Code Execution", - "fork": false, - "created_at": "2020-01-05T22:13:24Z", - "updated_at": "2020-12-09T12:26:48Z", - "pushed_at": "2020-01-05T22:23:20Z", - "stargazers_count": 5, - "watchers_count": 5, - "forks_count": 2, - "forks": 2, - "watchers": 5, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-72381.json b/2020/CVE-2020-72381.json deleted file mode 100644 index fd0798cecd..0000000000 --- a/2020/CVE-2020-72381.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 236367767, - "name": "CVE-2020-72381", - "full_name": "jdordonezn\/CVE-2020-72381", - "owner": { - "login": "jdordonezn", - "id": 20976774, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/20976774?v=4", - "html_url": "https:\/\/github.com\/jdordonezn" - }, - "html_url": "https:\/\/github.com\/jdordonezn\/CVE-2020-72381", - "description": null, - "fork": false, - "created_at": "2020-01-26T19:56:34Z", - "updated_at": "2020-09-25T00:09:23Z", - "pushed_at": "2020-01-26T19:56:35Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-7661.json b/2020/CVE-2020-7661.json index bdea637262..4c3919ebe4 100644 --- a/2020/CVE-2020-7661.json +++ b/2020/CVE-2020-7661.json @@ -17,8 +17,8 @@ "pushed_at": "2020-10-19T18:03:23Z", "stargazers_count": 17, "watchers_count": 17, - "forks_count": 2, - "forks": 2, + "forks_count": 3, + "forks": 3, "watchers": 17, "score": 0 } diff --git a/2020/CVE-2020-7799.json b/2020/CVE-2020-7799.json index c8483e3635..a81659d7b0 100644 --- a/2020/CVE-2020-7799.json +++ b/2020/CVE-2020-7799.json @@ -1,27 +1,4 @@ [ - { - "id": 239452179, - "name": "cve-2020-7799", - "full_name": "Pikaqi\/cve-2020-7799", - "owner": { - "login": "Pikaqi", - "id": 29857108, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29857108?v=4", - "html_url": "https:\/\/github.com\/Pikaqi" - }, - "html_url": "https:\/\/github.com\/Pikaqi\/cve-2020-7799", - "description": "批量检测cve-2020-7799", - "fork": false, - "created_at": "2020-02-10T07:27:21Z", - "updated_at": "2020-02-10T08:08:44Z", - "pushed_at": "2020-02-10T08:08:42Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 2, - "forks": 2, - "watchers": 0, - "score": 0 - }, { "id": 241617298, "name": "CVE-2020-7799", diff --git a/2020/CVE-2020-7980.json b/2020/CVE-2020-7980.json deleted file mode 100644 index a332454b11..0000000000 --- a/2020/CVE-2020-7980.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 236865005, - "name": "Satellian-CVE-2020-7980", - "full_name": "Xh4H\/Satellian-CVE-2020-7980", - "owner": { - "login": "Xh4H", - "id": 20613820, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20613820?v=4", - "html_url": "https:\/\/github.com\/Xh4H" - }, - "html_url": "https:\/\/github.com\/Xh4H\/Satellian-CVE-2020-7980", - "description": "PoC script that shows RCE vulnerability over Intellian Satellite controller", - "fork": false, - "created_at": "2020-01-28T23:27:20Z", - "updated_at": "2020-11-08T08:03:31Z", - "pushed_at": "2020-01-30T11:42:26Z", - "stargazers_count": 46, - "watchers_count": 46, - "forks_count": 9, - "forks": 9, - "watchers": 46, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-8597.json b/2020/CVE-2020-8597.json index 6582a6b474..44829f580f 100644 --- a/2020/CVE-2020-8597.json +++ b/2020/CVE-2020-8597.json @@ -36,13 +36,13 @@ "description": "CVE-2020-8597 pppd buffer overflow poc", "fork": false, "created_at": "2020-03-07T19:00:46Z", - "updated_at": "2020-11-26T15:03:36Z", + "updated_at": "2020-12-19T15:39:36Z", "pushed_at": "2020-03-12T11:10:31Z", - "stargazers_count": 36, - "watchers_count": 36, + "stargazers_count": 37, + "watchers_count": 37, "forks_count": 5, "forks": 5, - "watchers": 36, + "watchers": 37, "score": 0 }, { diff --git a/README.md b/README.md index 7396bc6729..fffb09cb00 100644 --- a/README.md +++ b/README.md @@ -114,32 +114,11 @@ Race condition in the Intel(R) Driver and Support Assistant before version 20.1. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'. -- [nissan-sudo/CVE-2020-0601](https://github.com/nissan-sudo/CVE-2020-0601) - [0xxon/cve-2020-0601](https://github.com/0xxon/cve-2020-0601) -- [SherlockSec/CVE-2020-0601](https://github.com/SherlockSec/CVE-2020-0601) -- [JPurrier/CVE-2020-0601](https://github.com/JPurrier/CVE-2020-0601) - [0xxon/cve-2020-0601-plugin](https://github.com/0xxon/cve-2020-0601-plugin) -- [ollypwn/CurveBall](https://github.com/ollypwn/CurveBall) - [kudelskisecurity/chainoffools](https://github.com/kudelskisecurity/chainoffools) -- [RrUZi/Awesome-CVE-2020-0601](https://github.com/RrUZi/Awesome-CVE-2020-0601) -- [BleepSec/CVE-2020-0601](https://github.com/BleepSec/CVE-2020-0601) -- [apmunch/CVE-2020-0601](https://github.com/apmunch/CVE-2020-0601) - [saleemrashid/badecparams](https://github.com/saleemrashid/badecparams) -- [0xxon/cve-2020-0601-utils](https://github.com/0xxon/cve-2020-0601-utils) -- [MarkusZehnle/CVE-2020-0601](https://github.com/MarkusZehnle/CVE-2020-0601) -- [YoannDqr/CVE-2020-0601](https://github.com/YoannDqr/CVE-2020-0601) -- [thimelp/cve-2020-0601-Perl](https://github.com/thimelp/cve-2020-0601-Perl) -- [dlee35/curveball_lua](https://github.com/dlee35/curveball_lua) -- [IIICTECH/-CVE-2020-0601-ECC---EXPLOIT](https://github.com/IIICTECH/-CVE-2020-0601-ECC---EXPLOIT) -- [Ash112121/CVE-2020-0601](https://github.com/Ash112121/CVE-2020-0601) -- [gentilkiwi/curveball](https://github.com/gentilkiwi/curveball) -- [Hans-MartinHannibalLauridsen/CurveBall](https://github.com/Hans-MartinHannibalLauridsen/CurveBall) - [apodlosky/PoC_CurveBall](https://github.com/apodlosky/PoC_CurveBall) -- [ioncodes/Curveball](https://github.com/ioncodes/Curveball) -- [amlweems/gringotts](https://github.com/amlweems/gringotts) -- [aloswoya/CVE-2020-0601](https://github.com/aloswoya/CVE-2020-0601) -- [talbeerysec/CurveBallDetection](https://github.com/talbeerysec/CurveBallDetection) -- [david4599/CurveballCertTool](https://github.com/david4599/CurveballCertTool) - [eastmountyxz/CVE-2020-0601-EXP](https://github.com/eastmountyxz/CVE-2020-0601-EXP) - [eastmountyxz/CVE-2018-20250-WinRAR](https://github.com/eastmountyxz/CVE-2018-20250-WinRAR) - [gremwell/cve-2020-0601_poc](https://github.com/gremwell/cve-2020-0601_poc) @@ -154,10 +133,6 @@ A remote code execution vulnerability exists in Windows Remote Desktop Gateway ( - [2d4d/rdg_scanner_cve-2020-0609](https://github.com/2d4d/rdg_scanner_cve-2020-0609) -- [ollypwn/BlueGate](https://github.com/ollypwn/BlueGate) -- [MalwareTech/RDGScanner](https://github.com/MalwareTech/RDGScanner) -- [Bechsen/CVE-2020-0609](https://github.com/Bechsen/CVE-2020-0609) -- [ioncodes/BlueGate](https://github.com/ioncodes/BlueGate) ### CVE-2020-0618 (2020-02-11) @@ -192,7 +167,6 @@ An elevation of privilege vulnerability exists in the way that the Windows Kerne A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767. -- [binaryfigments/CVE-2020-0674](https://github.com/binaryfigments/CVE-2020-0674) - [maxpl0it/CVE-2020-0674-Exploit](https://github.com/maxpl0it/CVE-2020-0674-Exploit) - [Ken-Abruzzi/CVE-2020-0674](https://github.com/Ken-Abruzzi/CVE-2020-0674) @@ -577,14 +551,6 @@ An information disclosure vulnerability exists when attaching files to Outlook m - [0neb1n/CVE-2020-1493](https://github.com/0neb1n/CVE-2020-1493) -### CVE-2020-1611 (2020-01-15) - - -A Local File Inclusion vulnerability in Juniper Networks Junos Space allows an attacker to view all files on the target when the device receives malicious HTTP packets. This issue affects: Juniper Networks Junos Space versions prior to 19.4R1. - - -- [Ibonok/CVE-2020-1611](https://github.com/Ibonok/CVE-2020-1611) - ### CVE-2020-1764 (2020-03-26) @@ -704,7 +670,6 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - [0xn0ne/weblogicScanner](https://github.com/0xn0ne/weblogicScanner) -- [jas502n/CVE-2020-2551](https://github.com/jas502n/CVE-2020-2551) - [hktalent/CVE-2020-2551](https://github.com/hktalent/CVE-2020-2551) - [0nise/CVE-2020-2551](https://github.com/0nise/CVE-2020-2551) - [Y4er/CVE-2020-2551](https://github.com/Y4er/CVE-2020-2551) @@ -725,14 +690,6 @@ Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (compo - [Maskhe/cve-2020-2555](https://github.com/Maskhe/cve-2020-2555) - [Uvemode/CVE-2020-2555](https://github.com/Uvemode/CVE-2020-2555) -### CVE-2020-2655 (2020-01-15) - - -Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). - - -- [RUB-NDS/CVE-2020-2655-DemoServer](https://github.com/RUB-NDS/CVE-2020-2655-DemoServer) - ### CVE-2020-2883 (2020-04-15) @@ -809,14 +766,6 @@ Adobe Genuine Integrity Service versions Version 6.4 and earlier have an insecur - [hessandrew/CVE-2020-3766_APSB20-12](https://github.com/hessandrew/CVE-2020-3766_APSB20-12) -### CVE-2020-3833 (2020-02-27) - - -An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 13.0.5. Visiting a malicious website may lead to address bar spoofing. - - -- [c0d3G33k/Safari-Address-Bar-Spoof-CVE-2020-3833-](https://github.com/c0d3G33k/Safari-Address-Bar-Spoof-CVE-2020-3833-) - ### CVE-2020-3952 (2020-04-10) @@ -869,14 +818,6 @@ IBM Maximo Asset Management 7.6.0.1 and 7.6.0.2 is vulnerable to an XML External - [Ibonok/CVE-2020-4463](https://github.com/Ibonok/CVE-2020-4463) -### CVE-2020-5236 (2020-02-03) - - -Waitress version 1.4.2 allows a DOS attack When waitress receives a header that contains invalid characters. When a header like "Bad-header: xxxxxxxxxxxxxxx\x10" is received, it will cause the regular expression engine to catastrophically backtrack causing the process to use 100% CPU time and blocking any other interactions. This allows an attacker to send a single request with an invalid header and take the service offline. This issue was introduced in version 1.4.2 when the regular expression was updated to attempt to match the behaviour required by errata associated with RFC7230. The regular expression that is used to validate incoming headers has been updated in version 1.4.3, it is recommended that people upgrade to the new version of Waitress as soon as possible. - - -- [motikan2010/CVE-2020-5236](https://github.com/motikan2010/CVE-2020-5236) - ### CVE-2020-5248 (2020-05-12) @@ -919,14 +860,6 @@ In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulne - [GUI/legacy-rails-CVE-2020-5267-patch](https://github.com/GUI/legacy-rails-CVE-2020-5267-patch) -### CVE-2020-5398 (2020-01-16) - - -In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input. - - -- [motikan2010/CVE-2020-5398](https://github.com/motikan2010/CVE-2020-5398) - ### CVE-2020-5410 (2020-06-02) @@ -937,14 +870,6 @@ Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1. - [osamahamad/CVE-2020-5410-POC](https://github.com/osamahamad/CVE-2020-5410-POC) - [mugisyahid/ki-vuln-cve-2020-5410](https://github.com/mugisyahid/ki-vuln-cve-2020-5410) -### CVE-2020-5509 (2020-01-14) - - -PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image. - - -- [FULLSHADE/CVE-2020-5509](https://github.com/FULLSHADE/CVE-2020-5509) - ### CVE-2020-5837 (2020-05-11) @@ -1182,7 +1107,6 @@ Incorrect handling of Upgrade header with the value websocket leads in crashing An issue was discovered in FusionAuth before 1.11.0. An authenticated user, allowed to edit e-mail templates (Home -> Settings -> Email Templates) or themes (Home -> Settings -> Themes), can execute commands on the underlying operating system by abusing freemarker.template.utility.Execute in the Apache FreeMarker engine that processes custom templates. -- [Pikaqi/cve-2020-7799](https://github.com/Pikaqi/cve-2020-7799) - [ianxtianxt/CVE-2020-7799](https://github.com/ianxtianxt/CVE-2020-7799) ### CVE-2020-7897 @@ -1216,14 +1140,6 @@ Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows - [shacojx/GLiferay](https://github.com/shacojx/GLiferay) - [shacojx/POC-CVE-2020-7961-Token-iterate](https://github.com/shacojx/POC-CVE-2020-7961-Token-iterate) -### CVE-2020-7980 (2020-01-25) - - -Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed. - - -- [Xh4H/Satellian-CVE-2020-7980](https://github.com/Xh4H/Satellian-CVE-2020-7980) - ### CVE-2020-8004 (2020-04-06) @@ -3335,9 +3251,6 @@ In the Macally WIFISD2-2A82 Media and Travel Router 2.000.010, the Guest user is ### CVE-2020-35488 - [GuillaumePetit84/CVE-2020-35488](https://github.com/GuillaumePetit84/CVE-2020-35488) -### CVE-2020-72381 -- [jdordonezn/CVE-2020-72381](https://github.com/jdordonezn/CVE-2020-72381) - ## 2019 ### CVE-2019-0053 (2019-07-11) @@ -6943,6 +6856,7 @@ Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impa A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system, or cause a reload of the affected device. This vulnerability affects Cisco ASA Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, ASA 1000V Cloud Firewall, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4110 Security Appliance, Firepower 9300 ASA Security Module, Firepower Threat Defense Software (FTD). Cisco Bug IDs: CSCvg35618. +- [1337g/CVE-2018-0101-DOS-POC](https://github.com/1337g/CVE-2018-0101-DOS-POC) - [Cymmetria/ciscoasa_honeypot](https://github.com/Cymmetria/ciscoasa_honeypot) ### CVE-2018-0114 (2018-01-04) @@ -6978,6 +6892,7 @@ A vulnerability in the web interface of the Cisco Adaptive Security Appliance (A - [milo2012/CVE-2018-0296](https://github.com/milo2012/CVE-2018-0296) - [yassineaboukir/CVE-2018-0296](https://github.com/yassineaboukir/CVE-2018-0296) +- [bhenner1/CVE-2018-0296](https://github.com/bhenner1/CVE-2018-0296) - [qiantu88/CVE-2018-0296](https://github.com/qiantu88/CVE-2018-0296) ### CVE-2018-0708 (2018-07-16) @@ -6994,8 +6909,20 @@ Command injection vulnerability in networking of QNAP Q'center Virtual Appliance Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812. +- [zldww2011/CVE-2018-0802_POC](https://github.com/zldww2011/CVE-2018-0802_POC) +- [rxwx/CVE-2018-0802](https://github.com/rxwx/CVE-2018-0802) +- [Ridter/RTF_11882_0802](https://github.com/Ridter/RTF_11882_0802) +- [likescam/CVE-2018-0802_CVE-2017-11882](https://github.com/likescam/CVE-2018-0802_CVE-2017-11882) - [dcsync/rtfkit](https://github.com/dcsync/rtfkit) +### CVE-2018-0824 (2018-05-09) + + +A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. + + +- [codewhitesec/UnmarshalPwn](https://github.com/codewhitesec/UnmarshalPwn) + ### CVE-2018-0886 (2018-03-14) @@ -7004,6 +6931,41 @@ The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows - [preempt/credssp](https://github.com/preempt/credssp) +### CVE-2018-0952 (2018-08-15) + + +An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations, aka "Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Microsoft Visual Studio, Windows 10 Servers. + + +- [atredispartners/CVE-2018-0952-SystemCollector](https://github.com/atredispartners/CVE-2018-0952-SystemCollector) + +### CVE-2018-14 +- [lckJack/legacySymfony](https://github.com/lckJack/legacySymfony) + +### CVE-2018-1010 (2018-04-11) + + +A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-1012, CVE-2018-1013, CVE-2018-1015, CVE-2018-1016. + + +- [ymgh96/Detecting-the-patch-of-CVE-2018-1010](https://github.com/ymgh96/Detecting-the-patch-of-CVE-2018-1010) + +### CVE-2018-1026 (2018-04-11) + + +A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-1030. + + +- [ymgh96/Detecting-the-CVE-2018-1026-and-its-patch](https://github.com/ymgh96/Detecting-the-CVE-2018-1026-and-its-patch) + +### CVE-2018-1056 (2018-07-27) + + +An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files. + + +- [rotemkama/Gpon-Routers](https://github.com/rotemkama/Gpon-Routers) + ### CVE-2018-1088 (2018-04-18) @@ -7018,6 +6980,8 @@ A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any glu DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol. +- [knqyf263/CVE-2018-1111](https://github.com/knqyf263/CVE-2018-1111) +- [kkirsche/CVE-2018-1111](https://github.com/kkirsche/CVE-2018-1111) - [baldassarreFe/FEP3370-advanced-ethical-hacking](https://github.com/baldassarreFe/FEP3370-advanced-ethical-hacking) ### CVE-2018-1133 (2018-05-25) @@ -7045,12 +7009,23 @@ Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions - [AbsoZed/CVE-2018-1235](https://github.com/AbsoZed/CVE-2018-1235) +### CVE-2018-1259 (2018-05-11) + + +Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with XMLBeam 1.4.14 or earlier versions, contains a property binder vulnerability caused by improper restriction of XML external entity references as underlying library XMLBeam does not restrict external reference expansion. An unauthenticated remote malicious user can supply specially crafted request parameters against Spring Data's projection-based request payload binding to access arbitrary files on the system. + + +- [tafamace/CVE-2018-1259](https://github.com/tafamace/CVE-2018-1259) + ### CVE-2018-1270 (2018-04-06) Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. +- [CaledoniaProject/CVE-2018-1270](https://github.com/CaledoniaProject/CVE-2018-1270) +- [genxor/CVE-2018-1270_EXP](https://github.com/genxor/CVE-2018-1270_EXP) +- [tafamace/CVE-2018-1270](https://github.com/tafamace/CVE-2018-1270) - [Venscor/CVE-2018-1270](https://github.com/Venscor/CVE-2018-1270) - [mprunet/owasp-formation-cve-2018-1270](https://github.com/mprunet/owasp-formation-cve-2018-1270) @@ -7060,6 +7035,9 @@ Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 a Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack. +- [knqyf263/CVE-2018-1273](https://github.com/knqyf263/CVE-2018-1273) +- [wearearima/poc-cve-2018-1273](https://github.com/wearearima/poc-cve-2018-1273) +- [webr0ck/poc-cve-2018-1273](https://github.com/webr0ck/poc-cve-2018-1273) - [cved-sources/cve-2018-1273](https://github.com/cved-sources/cve-2018-1273) - [jas502n/cve-2018-1273](https://github.com/jas502n/cve-2018-1273) @@ -7080,6 +7058,23 @@ When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an - [xDro1d/CVE-2018-1297](https://github.com/xDro1d/CVE-2018-1297) - [Al1ex/CVE-2018-1297](https://github.com/Al1ex/CVE-2018-1297) +### CVE-2018-1304 (2018-02-28) + + +The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected. + + +- [knqyf263/CVE-2018-1304](https://github.com/knqyf263/CVE-2018-1304) +- [thariyarox/tomcat_CVE-2018-1304_testing](https://github.com/thariyarox/tomcat_CVE-2018-1304_testing) + +### CVE-2018-1305 (2018-02-23) + + +Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them. + + +- [Pa55w0rd/CVE-2018-1305](https://github.com/Pa55w0rd/CVE-2018-1305) + ### CVE-2018-1306 (2018-06-27) @@ -7088,6 +7083,22 @@ The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pl - [JJSO12/Apache-Pluto-3.0.0--CVE-2018-1306](https://github.com/JJSO12/Apache-Pluto-3.0.0--CVE-2018-1306) +### CVE-2018-1313 (2018-05-07) + + +In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network packet can be used to request the Derby Network Server to boot a database whose location and contents are under the user's control. If the Derby Network Server is not running with a Java Security Manager policy file, the attack is successful. If the server is using a policy file, the policy file must permit the database location to be read for the attack to work. The default Derby Network Server policy file distributed with the affected releases includes a permissive policy as the default Network Server policy, which allows the attack to work. + + +- [tafamace/CVE-2018-1313](https://github.com/tafamace/CVE-2018-1313) + +### CVE-2018-1324 (2018-03-16) + + +A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. This can be used to mount a denial of service attack against services that use Compress' zip package. + + +- [tafamace/CVE-2018-1324](https://github.com/tafamace/CVE-2018-1324) + ### CVE-2018-1335 (2018-04-25) @@ -7105,6 +7116,14 @@ IBM Security Identity Manager 6.0.0 Virtual Appliance is vulnerable to a XML Ext - [attakercyebr/hack4lx_CVE-2018-2019](https://github.com/attakercyebr/hack4lx_CVE-2018-2019) +### CVE-2018-2380 (2018-03-01) + + +SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs. + + +- [erpscanteam/CVE-2018-2380](https://github.com/erpscanteam/CVE-2018-2380) + ### CVE-2018-2392 (2018-02-14) @@ -7119,17 +7138,52 @@ Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). +- [forlin/CVE-2018-2628](https://github.com/forlin/CVE-2018-2628) +- [shengqi158/CVE-2018-2628](https://github.com/shengqi158/CVE-2018-2628) +- [skydarker/CVE-2018-2628](https://github.com/skydarker/CVE-2018-2628) +- [jiansiting/weblogic-cve-2018-2628](https://github.com/jiansiting/weblogic-cve-2018-2628) +- [zjxzjx/CVE-2018-2628-detect](https://github.com/zjxzjx/CVE-2018-2628-detect) +- [aedoo/CVE-2018-2628-MultiThreading](https://github.com/aedoo/CVE-2018-2628-MultiThreading) +- [hawk-520/CVE-2018-2628](https://github.com/hawk-520/CVE-2018-2628) +- [9uest/CVE-2018-2628](https://github.com/9uest/CVE-2018-2628) +- [Shadowshusky/CVE-2018-2628all](https://github.com/Shadowshusky/CVE-2018-2628all) +- [shaoshore/CVE-2018-2628](https://github.com/shaoshore/CVE-2018-2628) +- [tdy218/ysoserial-cve-2018-2628](https://github.com/tdy218/ysoserial-cve-2018-2628) +- [s0wr0b1ndef/CVE-2018-2628](https://github.com/s0wr0b1ndef/CVE-2018-2628) +- [wrysunny/cve-2018-2628](https://github.com/wrysunny/cve-2018-2628) - [jas502n/CVE-2018-2628](https://github.com/jas502n/CVE-2018-2628) +- [stevenlinfeng/CVE-2018-2628](https://github.com/stevenlinfeng/CVE-2018-2628) +- [likescam/CVE-2018-2628](https://github.com/likescam/CVE-2018-2628) +- [Nervous/WebLogic-RCE-exploit](https://github.com/Nervous/WebLogic-RCE-exploit) +- [Lighird/CVE-2018-2628](https://github.com/Lighird/CVE-2018-2628) - [0xMJ/CVE-2018-2628](https://github.com/0xMJ/CVE-2018-2628) - [0xn0ne/weblogicScanner](https://github.com/0xn0ne/weblogicScanner) - [seethen/cve-2018-2628](https://github.com/seethen/cve-2018-2628) +### CVE-2018-2636 (2018-01-17) + + +Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Security). Supported versions that are affected are 2.7, 2.8 and 2.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality Simphony. CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [erpscanteam/CVE-2018-2636](https://github.com/erpscanteam/CVE-2018-2636) +- [Cymmetria/micros_honeypot](https://github.com/Cymmetria/micros_honeypot) + +### CVE-2018-2844 (2018-04-18) + + +Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.36 and Prior to 5.2.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). + + +- [renorobert/virtualbox-cve-2018-2844](https://github.com/renorobert/virtualbox-cve-2018-2844) + ### CVE-2018-2879 (2018-04-18) Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. While the vulnerability is in Oracle Access Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Access Manager. Note: Please refer to Doc ID <a href="http://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=2386496.1">My Oracle Support Note 2386496.1 for instructions on how to address this issue. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H). +- [MostafaSoliman/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit](https://github.com/MostafaSoliman/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit) - [AymanElSherif/oracle-oam-authentication-bypas-exploit](https://github.com/AymanElSherif/oracle-oam-authentication-bypas-exploit) - [redtimmy/OAMBuster](https://github.com/redtimmy/OAMBuster) @@ -7139,6 +7193,12 @@ Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). +- [sry309/CVE-2018-2893](https://github.com/sry309/CVE-2018-2893) +- [ryanInf/CVE-2018-2893](https://github.com/ryanInf/CVE-2018-2893) +- [bigsizeme/CVE-2018-2893](https://github.com/bigsizeme/CVE-2018-2893) +- [pyn3rd/CVE-2018-2893](https://github.com/pyn3rd/CVE-2018-2893) +- [qianl0ng/CVE-2018-2893](https://github.com/qianl0ng/CVE-2018-2893) +- [jas502n/CVE-2018-2893](https://github.com/jas502n/CVE-2018-2893) - [ianxtianxt/CVE-2018-2893](https://github.com/ianxtianxt/CVE-2018-2893) ### CVE-2018-2894 (2018-07-18) @@ -7147,16 +7207,32 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). +- [111ddea/cve-2018-2894](https://github.com/111ddea/cve-2018-2894) +- [LandGrey/CVE-2018-2894](https://github.com/LandGrey/CVE-2018-2894) - [jas502n/CVE-2018-2894](https://github.com/jas502n/CVE-2018-2894) - [k8gege/PyLadon](https://github.com/k8gege/PyLadon) - [changpin666com/CVE-2018-2894-Weblogic-](https://github.com/changpin666com/CVE-2018-2894-Weblogic-) +### CVE-2018-3191 (2018-10-16) + + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [arongmh/CVE-2018-3191](https://github.com/arongmh/CVE-2018-3191) +- [pyn3rd/CVE-2018-3191](https://github.com/pyn3rd/CVE-2018-3191) +- [Libraggbond/CVE-2018-3191](https://github.com/Libraggbond/CVE-2018-3191) +- [jas502n/CVE-2018-3191](https://github.com/jas502n/CVE-2018-3191) +- [mackleadmire/CVE-2018-3191-Rce-Exploit](https://github.com/mackleadmire/CVE-2018-3191-Rce-Exploit) + ### CVE-2018-3245 (2018-10-16) Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). +- [pyn3rd/CVE-2018-3245](https://github.com/pyn3rd/CVE-2018-3245) +- [jas502n/CVE-2018-3245](https://github.com/jas502n/CVE-2018-3245) - [ianxtianxt/CVE-2018-3245](https://github.com/ianxtianxt/CVE-2018-3245) ### CVE-2018-3252 (2018-10-16) @@ -7165,6 +7241,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). +- [jas502n/CVE-2018-3252](https://github.com/jas502n/CVE-2018-3252) - [b1ueb0y/CVE-2018-3252](https://github.com/b1ueb0y/CVE-2018-3252) - [pyn3rd/CVE-2018-3252](https://github.com/pyn3rd/CVE-2018-3252) @@ -7179,12 +7256,22 @@ Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (su - [ndureiss/e1000_vulnerability_exploit](https://github.com/ndureiss/e1000_vulnerability_exploit) +### CVE-2018-3608 (2018-07-06) + + +A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes. + + +- [ZhiyuanWang-Chengdu-Qihoo360/Trend_Micro_POC](https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Trend_Micro_POC) + ### CVE-2018-3639 (2018-05-22) Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. +- [tyhicks/ssbd-tools](https://github.com/tyhicks/ssbd-tools) +- [malindarathnayake/Intel-CVE-2018-3639-Mitigation_RegistryUpdate](https://github.com/malindarathnayake/Intel-CVE-2018-3639-Mitigation_RegistryUpdate) - [mmxsrup/CVE-2018-3639](https://github.com/mmxsrup/CVE-2018-3639) - [Shuiliusheng/CVE-2018-3639-specter-v4-](https://github.com/Shuiliusheng/CVE-2018-3639-specter-v4-) @@ -7219,6 +7306,7 @@ A command injection vulnerability in egg-scripts <v2.8.1 allows arbitrary she Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The saveGoogleCode() function in smartgooglecode.php does not check if the current request is made by an authorized user, thus allowing any unauthenticated user to successfully update the inserted code. +- [lucad93/CVE-2018-3810](https://github.com/lucad93/CVE-2018-3810) - [cved-sources/cve-2018-3810](https://github.com/cved-sources/cve-2018-3810) ### CVE-2018-3811 (2018-01-01) @@ -7245,6 +7333,26 @@ An issue was discovered in certain Apple products. iOS before 11.2.5 is affected - [rani-i/bluetoothdPoC](https://github.com/rani-i/bluetoothdPoC) +- [MTJailed/UnjailMe](https://github.com/MTJailed/UnjailMe) +- [joedaguy/Exploit11.2](https://github.com/joedaguy/Exploit11.2) + +### CVE-2018-4110 (2018-04-03) + + +An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Web App" component. It allows remote attackers to bypass intended restrictions on cookie persistence. + + +- [bencompton/ios11-cookie-set-expire-issue](https://github.com/bencompton/ios11-cookie-set-expire-issue) + +### CVE-2018-4121 (2018-04-03) + + +An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. + + +- [FSecureLABS/CVE-2018-4121](https://github.com/FSecureLABS/CVE-2018-4121) +- [likescam/CVE-2018-4121](https://github.com/likescam/CVE-2018-4121) +- [jezzus/CVE-2018-4121](https://github.com/jezzus/CVE-2018-4121) ### CVE-2018-4124 (2018-04-03) @@ -7254,6 +7362,24 @@ An issue was discovered in certain Apple products. iOS before 11.2.6 is affected - [ZecOps/TELUGU_CVE-2018-4124_POC](https://github.com/ZecOps/TELUGU_CVE-2018-4124_POC) +### CVE-2018-4150 (2018-04-03) + + +An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. + + +- [Jailbreaks/CVE-2018-4150](https://github.com/Jailbreaks/CVE-2018-4150) +- [RPwnage/LovelySn0w](https://github.com/RPwnage/LovelySn0w) +- [littlelailo/incomplete-exploit-for-CVE-2018-4150-bpf-filter-poc-](https://github.com/littlelailo/incomplete-exploit-for-CVE-2018-4150-bpf-filter-poc-) + +### CVE-2018-4185 (2019-01-11) + + +In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. + + +- [bazad/x18-leak](https://github.com/bazad/x18-leak) + ### CVE-2018-4193 (2018-06-08) @@ -7262,6 +7388,22 @@ An issue was discovered in certain Apple products. macOS before 10.13.5 is affec - [Synacktiv-contrib/CVE-2018-4193](https://github.com/Synacktiv-contrib/CVE-2018-4193) +### CVE-2018-4233 (2018-06-08) + + +An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. + + +- [saelo/cve-2018-4233](https://github.com/saelo/cve-2018-4233) + +### CVE-2018-4241 (2018-06-08) + + +An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in mptcp_usr_connectx allows attackers to execute arbitrary code in a privileged context via a crafted app. + + +- [0neday/multi_path](https://github.com/0neday/multi_path) + ### CVE-2018-4242 (2018-06-08) @@ -7270,15 +7412,79 @@ An issue was discovered in certain Apple products. macOS before 10.13.5 is affec - [yeonnic/Look-at-The-XNU-Through-A-Tube-CVE-2018-4242-Write-up-Translation-](https://github.com/yeonnic/Look-at-The-XNU-Through-A-Tube-CVE-2018-4242-Write-up-Translation-) +### CVE-2018-4243 (2018-06-08) + + +An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in getvolattrlist allows attackers to execute arbitrary code in a privileged context via a crafted app. + + +- [Jailbreaks/empty_list](https://github.com/Jailbreaks/empty_list) + +### CVE-2018-4248 (2019-04-03) + + +An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2. + + +- [bazad/xpc-string-leak](https://github.com/bazad/xpc-string-leak) + +### CVE-2018-4280 (2019-04-03) + + +A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2. + + +- [bazad/launchd-portrep](https://github.com/bazad/launchd-portrep) +- [bazad/blanket](https://github.com/bazad/blanket) + +### CVE-2018-4327 (2019-04-03) + + +A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1. + + +- [omerporze/brokentooth](https://github.com/omerporze/brokentooth) +- [harryanon/POC-CVE-2018-4327-and-CVE-2018-4330](https://github.com/harryanon/POC-CVE-2018-4327-and-CVE-2018-4330) + +### CVE-2018-4330 (2019-01-11) + + +In iOS before 11.4, a memory corruption issue exists and was addressed with improved memory handling. + + +- [omerporze/toothfairy](https://github.com/omerporze/toothfairy) + +### CVE-2018-4331 (2019-04-03) + + +A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. + + +- [bazad/gsscred-race](https://github.com/bazad/gsscred-race) + +### CVE-2018-4343 (2019-04-03) + + +A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. + + +- [bazad/gsscred-move-uaf](https://github.com/bazad/gsscred-move-uaf) + ### CVE-2018-4407 (2019-04-03) A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. +- [Pa55w0rd/check_icmp_dos](https://github.com/Pa55w0rd/check_icmp_dos) +- [unixpickle/cve-2018-4407](https://github.com/unixpickle/cve-2018-4407) +- [s2339956/check_icmp_dos-CVE-2018-4407-](https://github.com/s2339956/check_icmp_dos-CVE-2018-4407-) - [farisv/AppleDOS](https://github.com/farisv/AppleDOS) - [WyAtu/CVE-2018-4407](https://github.com/WyAtu/CVE-2018-4407) - [zteeed/CVE-2018-4407-IOS](https://github.com/zteeed/CVE-2018-4407-IOS) +- [SamDecrock/node-cve-2018-4407](https://github.com/SamDecrock/node-cve-2018-4407) +- [r3dxpl0it/CVE-2018-4407](https://github.com/r3dxpl0it/CVE-2018-4407) +- [lucagiovagnoli/CVE-2018-4407](https://github.com/lucagiovagnoli/CVE-2018-4407) - [anonymouz4/Apple-Remote-Crash-Tool-CVE-2018-4407](https://github.com/anonymouz4/Apple-Remote-Crash-Tool-CVE-2018-4407) - [soccercab/wifi](https://github.com/soccercab/wifi) - [zeng9t/CVE-2018-4407-iOS-exploit](https://github.com/zeng9t/CVE-2018-4407-iOS-exploit) @@ -7324,9 +7530,34 @@ A memory corruption issue was addressed with improved memory handling. This issu A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018. +- [ydl555/CVE-2018-4878-](https://github.com/ydl555/CVE-2018-4878-) +- [mdsecactivebreach/CVE-2018-4878](https://github.com/mdsecactivebreach/CVE-2018-4878) +- [hybridious/CVE-2018-4878](https://github.com/hybridious/CVE-2018-4878) +- [vysecurity/CVE-2018-4878](https://github.com/vysecurity/CVE-2018-4878) +- [KathodeN/CVE-2018-4878](https://github.com/KathodeN/CVE-2018-4878) +- [Sch01ar/CVE-2018-4878](https://github.com/Sch01ar/CVE-2018-4878) +- [SyFi/CVE-2018-4878](https://github.com/SyFi/CVE-2018-4878) +- [ydl555/CVE-2018-4878](https://github.com/ydl555/CVE-2018-4878) +- [B0fH/CVE-2018-4878](https://github.com/B0fH/CVE-2018-4878) - [Yable/CVE-2018-4878](https://github.com/Yable/CVE-2018-4878) - [HuanWoWeiLan/SoftwareSystemSecurity-2019](https://github.com/HuanWoWeiLan/SoftwareSystemSecurity-2019) +### CVE-2018-4901 (2018-02-27) + + +An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the document identity representation. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code. + + +- [bigric3/CVE-2018-4901](https://github.com/bigric3/CVE-2018-4901) + +### CVE-2018-5234 (2018-04-30) + + +The Norton Core router prior to v237 may be susceptible to a command injection exploit. This is a type of attack in which the goal is execution of arbitrary commands on the host system via vulnerable software. + + +- [embedi/ble_norton_core](https://github.com/embedi/ble_norton_core) + ### CVE-2018-5353 (2020-09-29) @@ -7343,6 +7574,15 @@ The custom GINA/CP module in ANIXIS Password Reset Client before version 3.22 al - [missing0x00/CVE-2018-5354](https://github.com/missing0x00/CVE-2018-5354) +### CVE-2018-5711 (2018-01-16) + + +gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx. + + +- [huzhenghui/Test-7-2-0-PHP-CVE-2018-5711](https://github.com/huzhenghui/Test-7-2-0-PHP-CVE-2018-5711) +- [huzhenghui/Test-7-2-1-PHP-CVE-2018-5711](https://github.com/huzhenghui/Test-7-2-1-PHP-CVE-2018-5711) + ### CVE-2018-5724 (2018-01-16) @@ -7359,12 +7599,29 @@ Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potenti - [ezelf/seatel_terminals](https://github.com/ezelf/seatel_terminals) +### CVE-2018-5740 (2019-01-16) + + +"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2. + + +- [sischkg/cve-2018-5740](https://github.com/sischkg/cve-2018-5740) + +### CVE-2018-5951 (2020-03-02) + + +An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack. + + +- [Nat-Lab/CVE-2018-5951](https://github.com/Nat-Lab/CVE-2018-5951) + ### CVE-2018-5955 (2018-01-21) An issue was discovered in GitStack through 2.3.10. User controlled input is not sufficiently filtered, allowing an unauthenticated attacker to add a user to the server via the username and password fields to the rest/user/ URI. +- [cisp/GitStackRCE](https://github.com/cisp/GitStackRCE) - [YagamiiLight/Cerberus](https://github.com/YagamiiLight/Cerberus) ### CVE-2018-6242 (2018-05-01) @@ -7373,29 +7630,102 @@ An issue was discovered in GitStack through 2.3.10. User controlled input is not Some NVIDIA Tegra mobile processors released prior to 2016 contain a buffer overflow vulnerability in BootROM Recovery Mode (RCM). An attacker with physical access to the device's USB and the ability to force the device to reboot into RCM could exploit the vulnerability to execute unverified code. +- [DavidBuchanan314/NXLoader](https://github.com/DavidBuchanan314/NXLoader) +- [reswitched/rcm-modchips](https://github.com/reswitched/rcm-modchips) - [switchjs/fusho](https://github.com/switchjs/fusho) - [ChrisFigura/react-tegra-payload-launcher](https://github.com/ChrisFigura/react-tegra-payload-launcher) - [austinhartzheim/fusee-gelee](https://github.com/austinhartzheim/fusee-gelee) +### CVE-2018-6376 (2018-01-30) + + +In Joomla! before 3.8.4, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message. + + +- [knqyf263/CVE-2018-6376](https://github.com/knqyf263/CVE-2018-6376) + ### CVE-2018-6389 (2018-02-06) In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times. +- [yolabingo/wordpress-fix-cve-2018-6389](https://github.com/yolabingo/wordpress-fix-cve-2018-6389) +- [WazeHell/CVE-2018-6389](https://github.com/WazeHell/CVE-2018-6389) +- [rastating/modsecurity-cve-2018-6389](https://github.com/rastating/modsecurity-cve-2018-6389) +- [knqyf263/CVE-2018-6389](https://github.com/knqyf263/CVE-2018-6389) +- [JulienGadanho/cve-2018-6389-php-patcher](https://github.com/JulienGadanho/cve-2018-6389-php-patcher) +- [dsfau/wordpress-CVE-2018-6389](https://github.com/dsfau/wordpress-CVE-2018-6389) +- [Jetserver/CVE-2018-6389-FIX](https://github.com/Jetserver/CVE-2018-6389-FIX) +- [thechrono13/PoC---CVE-2018-6389](https://github.com/thechrono13/PoC---CVE-2018-6389) +- [BlackRouter/cve-2018-6389](https://github.com/BlackRouter/cve-2018-6389) - [alessiogilardi/PoC---CVE-2018-6389](https://github.com/alessiogilardi/PoC---CVE-2018-6389) +- [JavierOlmedo/wordpress-cve-2018-6389](https://github.com/JavierOlmedo/wordpress-cve-2018-6389) +- [m3ssap0/wordpress_cve-2018-6389](https://github.com/m3ssap0/wordpress_cve-2018-6389) - [s0md3v/Shiva](https://github.com/s0md3v/Shiva) +- [mudhappy/Wordpress-Hack-CVE-2018-6389](https://github.com/mudhappy/Wordpress-Hack-CVE-2018-6389) +- [armaanpathan12345/WP-DOS-Exploit-CVE-2018-6389](https://github.com/armaanpathan12345/WP-DOS-Exploit-CVE-2018-6389) +- [ItinerisLtd/trellis-cve-2018-6389](https://github.com/ItinerisLtd/trellis-cve-2018-6389) +- [Zazzzles/Wordpress-DOS](https://github.com/Zazzzles/Wordpress-DOS) - [fakedob/tvsz](https://github.com/fakedob/tvsz) - [heisenberg-official/Wordpress-DOS-Attack-CVE-2018-6389](https://github.com/heisenberg-official/Wordpress-DOS-Attack-CVE-2018-6389) - [ianxtianxt/CVE-2018-6389](https://github.com/ianxtianxt/CVE-2018-6389) - [Elsfa7-110/CVE-2018-6389](https://github.com/Elsfa7-110/CVE-2018-6389) +### CVE-2018-6396 (2018-02-17) + + +SQL Injection exists in the Google Map Landkarten through 4.2.3 component for Joomla! via the cid or id parameter in a layout=form_markers action, or the map parameter in a layout=default action. + + +- [JavierOlmedo/joomla-cve-2018-6396](https://github.com/JavierOlmedo/joomla-cve-2018-6396) + +### CVE-2018-6407 (2018-01-30) + + +An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to /hy-cgi/devices.cgi?cmd=searchlandevice. The crash completely freezes the device. + + +- [dreadlocked/ConceptronicIPCam_MultipleVulnerabilities](https://github.com/dreadlocked/ConceptronicIPCam_MultipleVulnerabilities) + +### CVE-2018-6479 (2018-01-31) + + +An issue was discovered on Netwave IP Camera devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to the / URI. + + +- [dreadlocked/netwave-dosvulnerability](https://github.com/dreadlocked/netwave-dosvulnerability) + +### CVE-2018-6518 (2018-04-26) + + +Composr CMS 10.0.13 has XSS via the site_name parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php. + + +- [faizzaidi/Composr-CMS-10.0.13-Cross-Site-Scripting-XSS](https://github.com/faizzaidi/Composr-CMS-10.0.13-Cross-Site-Scripting-XSS) + +### CVE-2018-6546 (2018-04-13) + + +plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, executes code at a user-defined (local or SMB) path as SYSTEM when the execute_installer parameter is used in an HTTP message. This occurs without properly authenticating the user. + + +- [securifera/CVE-2018-6546-Exploit](https://github.com/securifera/CVE-2018-6546-Exploit) +- [YanZiShuang/CVE-2018-6546](https://github.com/YanZiShuang/CVE-2018-6546) + ### CVE-2018-6574 (2018-02-07) Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked. +- [acole76/cve-2018-6574](https://github.com/acole76/cve-2018-6574) +- [neargle/CVE-2018-6574-POC](https://github.com/neargle/CVE-2018-6574-POC) +- [willbo4r/go-get-rce](https://github.com/willbo4r/go-get-rce) +- [ahmetmanga/go-get-rce](https://github.com/ahmetmanga/go-get-rce) +- [ahmetmanga/cve-2018-6574](https://github.com/ahmetmanga/cve-2018-6574) +- [kenprice/cve-2018-6574](https://github.com/kenprice/cve-2018-6574) +- [redirected/cve-2018-6574](https://github.com/redirected/cve-2018-6574) - [20matan/CVE-2018-6574-POC](https://github.com/20matan/CVE-2018-6574-POC) - [zur250/Zur-Go-GET-RCE-Solution](https://github.com/zur250/Zur-Go-GET-RCE-Solution) - [mekhalleh/cve-2018-6574](https://github.com/mekhalleh/cve-2018-6574) @@ -7442,24 +7772,59 @@ An issue was discovered that affects all producers of BIOS firmware who make a c - [kkamagui/napper-for-tpm](https://github.com/kkamagui/napper-for-tpm) +### CVE-2018-6643 (2018-08-28) + + +Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter. + + +- [undefinedmode/CVE-2018-6643](https://github.com/undefinedmode/CVE-2018-6643) + ### CVE-2018-6789 (2018-02-08) An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely. +- [c0llision/exim-vuln-poc](https://github.com/c0llision/exim-vuln-poc) - [beraphin/CVE-2018-6789](https://github.com/beraphin/CVE-2018-6789) - [synacktiv/Exim-CVE-2018-6789](https://github.com/synacktiv/Exim-CVE-2018-6789) - [martinclauss/exim-rce-cve-2018-6789](https://github.com/martinclauss/exim-rce-cve-2018-6789) +### CVE-2018-6791 (2018-02-06) + + +An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a possibility of arbitrary command execution. An example of an offending volume label is "$(touch b)" -- this will create a file called b in the home folder. + + +- [rarar0/KDE_Vuln](https://github.com/rarar0/KDE_Vuln) + +### CVE-2018-6890 (2018-02-22) + + +Cross-site scripting (XSS) vulnerability in Wolf CMS 0.8.3.1 via the page editing feature, as demonstrated by /?/admin/page/edit/3. + + +- [pradeepjairamani/WolfCMS-XSS-POC](https://github.com/pradeepjairamani/WolfCMS-XSS-POC) + ### CVE-2018-6892 (2018-02-11) An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution. +- [manojcode/CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass](https://github.com/manojcode/CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass) +- [manojcode/-Win10-x64-CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass](https://github.com/manojcode/-Win10-x64-CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass) - [latortuga71/CVE-2018-6892-Golang](https://github.com/latortuga71/CVE-2018-6892-Golang) +### CVE-2018-6905 (2018-04-08) + + +The page module in TYPO3 before 8.7.11, and 9.1.0, has XSS via $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'], as demonstrated by an admin entering a crafted site name during the installation process. + + +- [pradeepjairamani/TYPO3-XSS-POC](https://github.com/pradeepjairamani/TYPO3-XSS-POC) + ### CVE-2018-6961 (2018-06-11) @@ -7477,6 +7842,46 @@ VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650 - [heaphopopotamus/vmxnet3Hunter](https://github.com/heaphopopotamus/vmxnet3Hunter) +### CVE-2018-7171 (2018-03-30) + + +Directory traversal vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to share the contents of arbitrary directories via a .. (dot dot) in the contentbase parameter to rpc/set_all. + + +- [mechanico/sharingIsCaring](https://github.com/mechanico/sharingIsCaring) + +### CVE-2018-7197 (2018-02-17) + + +An issue was discovered in Pluck through 4.7.4. A stored cross-site scripting (XSS) vulnerability allows remote unauthenticated users to inject arbitrary web script or HTML into admin/blog Reaction Comments via a crafted URL. + + +- [Alyssa-o-Herrera/CVE-2018-7197](https://github.com/Alyssa-o-Herrera/CVE-2018-7197) + +### CVE-2018-7211 (2018-02-17) + + +An issue was discovered in iDashboards 9.6b. The SSO implementation is affected by a weak obfuscation library, allowing man-in-the-middle attackers to discover credentials. + + +- [c3r34lk1ll3r/CVE-2018-7211-PoC](https://github.com/c3r34lk1ll3r/CVE-2018-7211-PoC) + +### CVE-2018-7249 (2018-02-26) + + +An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Two carefully timed calls to IOCTL 0xCA002813 can cause a race condition that leads to a use-after-free. When exploited, an unprivileged attacker can run arbitrary code in the kernel. + + +- [Elvin9/NotSecDrv](https://github.com/Elvin9/NotSecDrv) + +### CVE-2018-7250 (2018-02-26) + + +An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. An uninitialized kernel pool allocation in IOCTL 0xCA002813 allows a local unprivileged attacker to leak 16 bits of uninitialized kernel PagedPool data. + + +- [Elvin9/SecDrvPoolLeak](https://github.com/Elvin9/SecDrvPoolLeak) + ### CVE-2018-7284 (2018-02-21) @@ -7485,6 +7890,14 @@ A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through - [Rodrigo-D/astDoS](https://github.com/Rodrigo-D/astDoS) +### CVE-2018-7422 (2018-03-19) + + +A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal. + + +- [0x00-0x00/CVE-2018-7422](https://github.com/0x00-0x00/CVE-2018-7422) + ### CVE-2018-7489 (2018-02-26) @@ -7499,8 +7912,25 @@ FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x befor Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations. +- [g0rx/CVE-2018-7600-Drupal-RCE](https://github.com/g0rx/CVE-2018-7600-Drupal-RCE) - [a2u/CVE-2018-7600](https://github.com/a2u/CVE-2018-7600) - [dreadlocked/Drupalgeddon2](https://github.com/dreadlocked/Drupalgeddon2) +- [knqyf263/CVE-2018-7600](https://github.com/knqyf263/CVE-2018-7600) +- [dr-iman/CVE-2018-7600-Drupal-0day-RCE](https://github.com/dr-iman/CVE-2018-7600-Drupal-0day-RCE) +- [jirojo2/drupalgeddon2](https://github.com/jirojo2/drupalgeddon2) +- [dwisiswant0/CVE-2018-7600](https://github.com/dwisiswant0/CVE-2018-7600) +- [thehappydinoa/CVE-2018-7600](https://github.com/thehappydinoa/CVE-2018-7600) +- [sl4cky/CVE-2018-7600](https://github.com/sl4cky/CVE-2018-7600) +- [sl4cky/CVE-2018-7600-Masschecker](https://github.com/sl4cky/CVE-2018-7600-Masschecker) +- [FireFart/CVE-2018-7600](https://github.com/FireFart/CVE-2018-7600) +- [pimps/CVE-2018-7600](https://github.com/pimps/CVE-2018-7600) +- [lorddemon/drupalgeddon2](https://github.com/lorddemon/drupalgeddon2) +- [Sch01ar/CVE-2018-7600](https://github.com/Sch01ar/CVE-2018-7600) +- [Hestat/drupal-check](https://github.com/Hestat/drupal-check) +- [fyraiga/CVE-2018-7600-drupalgeddon2-scanner](https://github.com/fyraiga/CVE-2018-7600-drupalgeddon2-scanner) +- [Damian972/drupalgeddon-2](https://github.com/Damian972/drupalgeddon-2) +- [Jyozi/CVE-2018-7600](https://github.com/Jyozi/CVE-2018-7600) +- [happynote3966/CVE-2018-7600](https://github.com/happynote3966/CVE-2018-7600) - [shellord/CVE-2018-7600-Drupal-RCE](https://github.com/shellord/CVE-2018-7600-Drupal-RCE) - [r3dxpl0it/CVE-2018-7600](https://github.com/r3dxpl0it/CVE-2018-7600) - [cved-sources/cve-2018-7600](https://github.com/cved-sources/cve-2018-7600) @@ -7519,6 +7949,8 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild. +- [1337g/Drupalgedon3](https://github.com/1337g/Drupalgedon3) +- [happynote3966/CVE-2018-7602](https://github.com/happynote3966/CVE-2018-7602) - [kastellanos/CVE-2018-7602](https://github.com/kastellanos/CVE-2018-7602) - [cyberharsh/DrupalCVE-2018-7602](https://github.com/cyberharsh/DrupalCVE-2018-7602) @@ -7538,6 +7970,22 @@ A potential Remote Unauthorized Access in Micro Focus Fortify Software Security - [alt3kx/CVE-2018-7691](https://github.com/alt3kx/CVE-2018-7691) +### CVE-2018-7747 (2018-04-20) + + +Multiple cross-site scripting (XSS) vulnerabilities in the Caldera Forms plugin before 1.6.0-rc.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a greeting message, (2) the email transaction log, or (3) an imported form. + + +- [mindpr00f/CVE-2018-7747](https://github.com/mindpr00f/CVE-2018-7747) + +### CVE-2018-7750 (2018-03-13) + + +transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step. + + +- [jm33-m0/CVE-2018-7750](https://github.com/jm33-m0/CVE-2018-7750) + ### CVE-2018-7935 - [lawrenceamer/CVE-2018-7935](https://github.com/lawrenceamer/CVE-2018-7935) @@ -7565,6 +8013,22 @@ Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting - [cairuojin/CVE-2018-8032](https://github.com/cairuojin/CVE-2018-8032) +### CVE-2018-8038 (2018-07-05) + + +Versions of Apache CXF Fediz prior to 1.4.4 do not fully disable Document Type Declarations (DTDs) when either parsing the Identity Provider response in the application plugins, or in the Identity Provider itself when parsing certain XML-based parameters. + + +- [tafamace/CVE-2018-8038](https://github.com/tafamace/CVE-2018-8038) + +### CVE-2018-8039 (2018-07-02) + + +It is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");'. When this system property is set, CXF uses some reflection to try to make the HostnameVerifier work with the old com.sun.net.ssl.HostnameVerifier interface. However, the default HostnameVerifier implementation in CXF does not implement the method in this interface, and an exception is thrown. However, in Apache CXF prior to 3.2.5 and 3.1.16 the exception is caught in the reflection code and not properly propagated. What this means is that if you are using the com.sun.net.ssl stack with CXF, an error with TLS hostname verification will not be thrown, leaving a CXF client subject to man-in-the-middle attacks. + + +- [tafamace/CVE-2018-8039](https://github.com/tafamace/CVE-2018-8039) + ### CVE-2018-8045 (2018-03-14) @@ -7573,6 +8037,46 @@ In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable in a SQL - [luckybool1020/CVE-2018-8045](https://github.com/luckybool1020/CVE-2018-8045) +### CVE-2018-8060 (2018-05-09) + + +HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send an IOCTL to the device driver. If input and/or output buffer pointers are NULL or if these buffers' data are invalid, a NULL/invalid pointer access occurs, resulting in a Windows kernel panic aka Blue Screen. This affects IOCTLs higher than 0x85FE2600 with the HWiNFO32 symbolic device name. + + +- [otavioarj/SIOCtl](https://github.com/otavioarj/SIOCtl) + +### CVE-2018-8065 (2018-03-12) + + +An issue was discovered in the web server in Flexense SyncBreeze Enterprise 10.6.24. There is a user mode write access violation on the syncbrs.exe memory region that can be triggered by rapidly sending a variety of HTTP requests with long HTTP header values or long URIs. + + +- [EgeBalci/CVE-2018-8065](https://github.com/EgeBalci/CVE-2018-8065) + +### CVE-2018-8078 (2018-03-13) + + +YzmCMS 3.7 has Stored XSS via the title parameter to advertisement/adver/edit.html. + + +- [AlwaysHereFight/YZMCMSxss](https://github.com/AlwaysHereFight/YZMCMSxss) + +### CVE-2018-8090 (2018-07-25) + + +Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - Version 10.0.0.37; Quick Heal Internet Security 32 bit 17.00 (QHIS32.exe), (QHISFT32.exe) - Version 10.0.0.37; Quick Heal AntiVirus Pro 64 bit 17.00 (QHAV64.exe), (QHAVFT64.exe) - Version 10.0.0.37; and Quick Heal AntiVirus Pro 32 bit 17.00 (QHAV32.exe), (QHAVFT32.exe) - Version 10.0.0.37 allow DLL Hijacking because of Insecure Library Loading. + + +- [kernelm0de/CVE-2018-8090](https://github.com/kernelm0de/CVE-2018-8090) + +### CVE-2018-8108 (2018-03-14) + + +The select component in bui through 2018-03-13 has XSS because it performs an escape operation on already-escaped text, as demonstrated by workGroupList text. + + +- [zlgxzswjy/BUI-select-xss](https://github.com/zlgxzswjy/BUI-select-xss) + ### CVE-2018-8115 (2018-05-02) @@ -7587,23 +8091,60 @@ A remote code execution vulnerability exists when the Windows Host Compute Servi An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8124, CVE-2018-8164, CVE-2018-8166. +- [bigric3/cve-2018-8120](https://github.com/bigric3/cve-2018-8120) +- [unamer/CVE-2018-8120](https://github.com/unamer/CVE-2018-8120) +- [ne1llee/cve-2018-8120](https://github.com/ne1llee/cve-2018-8120) +- [alpha1ab/CVE-2018-8120](https://github.com/alpha1ab/CVE-2018-8120) +- [areuu/CVE-2018-8120](https://github.com/areuu/CVE-2018-8120) +- [EVOL4/CVE-2018-8120](https://github.com/EVOL4/CVE-2018-8120) +- [ozkanbilge/CVE-2018-8120](https://github.com/ozkanbilge/CVE-2018-8120) - [qiantu88/CVE-2018-8120](https://github.com/qiantu88/CVE-2018-8120) - [Y0n0Y/cve-2018-8120-exp](https://github.com/Y0n0Y/cve-2018-8120-exp) - [DreamoneOnly/CVE-2018-8120](https://github.com/DreamoneOnly/CVE-2018-8120) - [StartZYP/CVE-2018-8120](https://github.com/StartZYP/CVE-2018-8120) - [wikiZ/cve-2018-8120](https://github.com/wikiZ/cve-2018-8120) +### CVE-2018-8172 (2018-07-10) + + +A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio, Expression Blend 4. + + +- [SyFi/CVE-2018-8172](https://github.com/SyFi/CVE-2018-8172) + ### CVE-2018-8174 (2018-05-09) A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. +- [0x09AL/CVE-2018-8174-msf](https://github.com/0x09AL/CVE-2018-8174-msf) +- [Yt1g3r/CVE-2018-8174_EXP](https://github.com/Yt1g3r/CVE-2018-8174_EXP) +- [SyFi/CVE-2018-8174](https://github.com/SyFi/CVE-2018-8174) +- [orf53975/Rig-Exploit-for-CVE-2018-8174](https://github.com/orf53975/Rig-Exploit-for-CVE-2018-8174) +- [piotrflorczyk/cve-2018-8174_analysis](https://github.com/piotrflorczyk/cve-2018-8174_analysis) +- [likescam/CVE-2018-8174-msf](https://github.com/likescam/CVE-2018-8174-msf) - [ruthlezs/ie11_vbscript_exploit](https://github.com/ruthlezs/ie11_vbscript_exploit) - [ericisnotrealname/CVE-2018-8174_EXP](https://github.com/ericisnotrealname/CVE-2018-8174_EXP) - [www201001/https-github.com-iBearcat-CVE-2018-8174_EXP](https://github.com/www201001/https-github.com-iBearcat-CVE-2018-8174_EXP) - [www201001/https-github.com-iBearcat-CVE-2018-8174_EXP.git-](https://github.com/www201001/https-github.com-iBearcat-CVE-2018-8174_EXP.git-) +### CVE-2018-8208 (2018-06-14) + + +An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8214. + + +- [kaisaryousuf/CVE-2018-8208](https://github.com/kaisaryousuf/CVE-2018-8208) + +### CVE-2018-8214 (2018-06-14) + + +An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8208. + + +- [guwudoor/CVE-2018-8214](https://github.com/guwudoor/CVE-2018-8214) + ### CVE-2018-8284 (2018-07-10) @@ -7612,6 +8153,14 @@ A remote code execution vulnerability exists when the Microsoft .NET Framework f - [quantiti/CVE-2018-8284-Sharepoint-RCE](https://github.com/quantiti/CVE-2018-8284-Sharepoint-RCE) +### CVE-2018-8353 (2018-08-15) + + +A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390. + + +- [whereisr0da/CVE-2018-8353-POC](https://github.com/whereisr0da/CVE-2018-8353-POC) + ### CVE-2018-8389 (2018-08-15) @@ -7628,6 +8177,22 @@ A remote code execution vulnerability exists when the Windows Shell does not pro - [whereisr0da/CVE-2018-8414-POC](https://github.com/whereisr0da/CVE-2018-8414-POC) +### CVE-2018-8420 (2018-09-12) + + +A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka "MS XML Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. + + +- [idkwim/CVE-2018-8420](https://github.com/idkwim/CVE-2018-8420) + +### CVE-2018-8440 (2018-09-12) + + +An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. + + +- [sourceincite/CVE-2018-8440](https://github.com/sourceincite/CVE-2018-8440) + ### CVE-2018-8453 (2018-10-10) @@ -7638,6 +8203,14 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - [ze0r/cve-2018-8453-exp](https://github.com/ze0r/cve-2018-8453-exp) - [thepwnrip/leHACK-Analysis-of-CVE-2018-8453](https://github.com/thepwnrip/leHACK-Analysis-of-CVE-2018-8453) +### CVE-2018-8495 (2018-10-10) + + +A remote code execution vulnerability exists when Windows Shell improperly handles URIs, aka "Windows Shell Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. + + +- [whereisr0da/CVE-2018-8495-POC](https://github.com/whereisr0da/CVE-2018-8495-POC) + ### CVE-2018-8581 (2018-11-13) @@ -7665,6 +8238,41 @@ Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Je - [GeunSam2/CVE-2018-8718](https://github.com/GeunSam2/CVE-2018-8718) +### CVE-2018-8733 (2018-04-17) + + +Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an unauthenticated attacker to make configuration changes and leverage an authenticated SQL injection vulnerability. + + +- [xfer0/Nagios-XI-5.2.6-9-5.3-5.4-Chained-Remote-Root-Exploit-Fixed](https://github.com/xfer0/Nagios-XI-5.2.6-9-5.3-5.4-Chained-Remote-Root-Exploit-Fixed) + +### CVE-2018-8820 (2018-03-28) + + +An issue was discovered in Square 9 GlobalForms 6.2.x. A Time Based SQL injection vulnerability in the "match" parameter allows remote authenticated attackers to execute arbitrary SQL commands. It is possible to upgrade access to full server compromise via xp_cmdshell. In some cases, the authentication requirement for the attack can be met by sending the default admin credentials. + + +- [hateshape/frevvomapexec](https://github.com/hateshape/frevvomapexec) + +### CVE-2018-8897 (2018-05-08) + + +A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs. + + +- [nmulasmajic/CVE-2018-8897](https://github.com/nmulasmajic/CVE-2018-8897) +- [jiazhang0/pop-mov-ss-exploit](https://github.com/jiazhang0/pop-mov-ss-exploit) +- [can1357/CVE-2018-8897](https://github.com/can1357/CVE-2018-8897) +- [nmulasmajic/syscall_exploit_CVE-2018-8897](https://github.com/nmulasmajic/syscall_exploit_CVE-2018-8897) + +### CVE-2018-8941 (2018-04-03) + + +Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v. 1.01 has a buffer overflow, allowing authenticated remote attackers to execute arbitrary code via a long Addr value to the 'set Diagnostics_Entry' function in an HTTP request, related to /userfs/bin/tcapi. + + +- [SECFORCE/CVE-2018-8941](https://github.com/SECFORCE/CVE-2018-8941) + ### CVE-2018-8943 (2018-03-22) @@ -7673,12 +8281,46 @@ There is a SQL injection in the PHPSHE 1.6 userbank parameter. - [coolboy0816/CVE-2018-8943](https://github.com/coolboy0816/CVE-2018-8943) +### CVE-2018-8970 (2018-03-24) + + +The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: the LibreSSL documentation indicates that this special case is supported, but the BoringSSL documentation does not. + + +- [tiran/CVE-2018-8970](https://github.com/tiran/CVE-2018-8970) + +### CVE-2018-9059 (2018-04-20) + + +Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 allows remote attackers to execute arbitrary code via a malicious login request to forum.ghp. NOTE: this may overlap CVE-2014-3791. + + +- [manojcode/easy-file-share-7.2-exploit-CVE-2018-9059](https://github.com/manojcode/easy-file-share-7.2-exploit-CVE-2018-9059) + +### CVE-2018-9075 (2018-09-28) + + +For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when joining a PersonalCloud setup, an attacker can craft a command injection payload using backtick "``" characters in the client:password parameter. As a result, arbitrary commands may be executed as the root user. The attack requires a value __c and iomega parameter. + + +- [beverlymiller818/cve-2018-9075](https://github.com/beverlymiller818/cve-2018-9075) + +### CVE-2018-9160 (2018-03-31) + + +SickRage before v2018.03.09-1 includes cleartext credentials in HTTP responses. + + +- [mechanico/sickrageWTF](https://github.com/mechanico/sickrageWTF) + ### CVE-2018-9206 (2018-10-11) Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0 +- [Den1al/CVE-2018-9206](https://github.com/Den1al/CVE-2018-9206) +- [Stahlz/JQShell](https://github.com/Stahlz/JQShell) - [cved-sources/cve-2018-9206](https://github.com/cved-sources/cve-2018-9206) ### CVE-2018-9207 (2018-11-19) @@ -7708,6 +8350,9 @@ An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who ### CVE-2018-9375 - [IOActive/AOSP-ExploitUserDictionary](https://github.com/IOActive/AOSP-ExploitUserDictionary) +### CVE-2018-9411 +- [tamirzb/CVE-2018-9411](https://github.com/tamirzb/CVE-2018-9411) + ### CVE-2018-9468 - [IOActive/AOSP-DownloadProviderHijacker](https://github.com/IOActive/AOSP-DownloadProviderHijacker) @@ -7719,9 +8364,26 @@ In the content provider of the download manager, there is a possible SQL injecti - [IOActive/AOSP-DownloadProviderDbDumper](https://github.com/IOActive/AOSP-DownloadProviderDbDumper) +### CVE-2018-9539 (2018-11-14) + + +In the ClearKey CAS descrambler, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-113027383 + + +- [tamirzb/CVE-2018-9539](https://github.com/tamirzb/CVE-2018-9539) + ### CVE-2018-9546 - [IOActive/AOSP-DownloadProviderHeadersDumper](https://github.com/IOActive/AOSP-DownloadProviderHeadersDumper) +### CVE-2018-9948 (2018-05-17) + + +This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of typed arrays. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-5380. + + +- [manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958](https://github.com/manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958) +- [orangepirate/cve-2018-9948-9958-exp](https://github.com/orangepirate/cve-2018-9948-9958-exp) + ### CVE-2018-9950 (2018-05-17) @@ -7738,6 +8400,14 @@ This vulnerability allows remote attackers to execute arbitrary code on vulnerab - [sharmasandeepkr/cve-2018-9951](https://github.com/sharmasandeepkr/cve-2018-9951) +### CVE-2018-9958 (2018-05-17) + + +This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Text Annotations. When setting the point attribute, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5620. + + +- [t3rabyt3-zz/CVE-2018-9958--Exploit](https://github.com/t3rabyt3-zz/CVE-2018-9958--Exploit) + ### CVE-2018-9995 (2018-04-10) @@ -7745,6 +8415,11 @@ TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in - [ezelf/CVE-2018-9995_dvr_credentials](https://github.com/ezelf/CVE-2018-9995_dvr_credentials) +- [zzh217/CVE-2018-9995_Batch_scanning_exp](https://github.com/zzh217/CVE-2018-9995_Batch_scanning_exp) +- [Huangkey/CVE-2018-9995_check](https://github.com/Huangkey/CVE-2018-9995_check) +- [gwolfs/CVE-2018-9995-ModifiedByGwolfs](https://github.com/gwolfs/CVE-2018-9995-ModifiedByGwolfs) +- [shacojx/cve-2018-9995](https://github.com/shacojx/cve-2018-9995) +- [Cyb0r9/DVR-Exploiter](https://github.com/Cyb0r9/DVR-Exploiter) - [codeholic2k18/CVE-2018-9995](https://github.com/codeholic2k18/CVE-2018-9995) - [TateYdq/CVE-2018-9995-ModifiedByGwolfs](https://github.com/TateYdq/CVE-2018-9995-ModifiedByGwolfs) - [ABIZCHI/CVE-2018-9995_dvr_credentials](https://github.com/ABIZCHI/CVE-2018-9995_dvr_credentials) @@ -7763,6 +8438,14 @@ Monstra CMS 3.0.4 has Stored XSS via the Name field on the Create New Page scree - [GeunSam2/CVE-2018-10118](https://github.com/GeunSam2/CVE-2018-10118) +### CVE-2018-10299 (2018-04-23) + + +An integer overflow in the batchTransfer function of a smart contract implementation for Beauty Ecosystem Coin (BEC), the Ethereum ERC20 token used in the Beauty Chain economic system, allows attackers to accomplish an unauthorized increase of digital assets by providing two _receivers arguments in conjunction with a large _value argument, as exploited in the wild in April 2018, aka the "batchOverflow" issue. + + +- [phzietsman/batchOverflow](https://github.com/phzietsman/batchOverflow) + ### CVE-2018-10388 (2019-12-23) @@ -7771,6 +8454,53 @@ Format string vulnerability in the logMess function in TFTP Server SP 1.66 and e - [0xddaa/CVE-2018-10388](https://github.com/0xddaa/CVE-2018-10388) +### CVE-2018-10467 +- [alt3kx/CVE-2018-10467](https://github.com/alt3kx/CVE-2018-10467) + +### CVE-2018-10517 (2018-04-27) + + +In CMS Made Simple (CMSMS) through 2.2.7, the "module import" operation in the admin dashboard contains a remote code execution vulnerability, exploitable by an admin user, because an XML Package can contain base64-encoded PHP code in a data element. + + +- [0x00-0x00/CVE-2018-10517](https://github.com/0x00-0x00/CVE-2018-10517) + +### CVE-2018-10546 (2018-04-29) + + +An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences. + + +- [dsfau/CVE-2018-10546](https://github.com/dsfau/CVE-2018-10546) + +### CVE-2018-10561 (2018-05-03) + + +An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device. + + +- [vhackor/GPON-home-routers-Exploit](https://github.com/vhackor/GPON-home-routers-Exploit) + +### CVE-2018-10562 (2018-05-03) + + +An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output. + + +- [f3d0x0/GPON](https://github.com/f3d0x0/GPON) +- [649/Pingpon-Exploit](https://github.com/649/Pingpon-Exploit) +- [Choudai/GPON-LOADER](https://github.com/Choudai/GPON-LOADER) +- [c0ld1/GPON_RCE](https://github.com/c0ld1/GPON_RCE) +- [ATpiu/CVE-2018-10562](https://github.com/ATpiu/CVE-2018-10562) + +### CVE-2018-10583 (2018-05-01) + + +An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document. + + +- [TaharAmine/CVE-2018-10583](https://github.com/TaharAmine/CVE-2018-10583) + ### CVE-2018-10678 (2018-05-13) @@ -7779,6 +8509,25 @@ MyBB 1.8.15, when accessed with Microsoft Edge, mishandles 'target="_blank& - [hbranco/CVE-2018-10678](https://github.com/hbranco/CVE-2018-10678) +### CVE-2018-10715 +- [alt3kx/CVE-2018-10715](https://github.com/alt3kx/CVE-2018-10715) + +### CVE-2018-10732 (2018-05-28) + + +The REST API in Dataiku DSS before 4.2.3 allows remote attackers to obtain sensitive information (i.e., determine if a username is valid) because of profile pictures visibility. + + +- [alt3kx/CVE-2018-10732](https://github.com/alt3kx/CVE-2018-10732) + +### CVE-2018-10821 (2018-06-14) + + +Cross-site scripting (XSS) vulnerability in backend/pages/modify.php in BlackCatCMS 1.3 allows remote authenticated users with the Admin role to inject arbitrary web script or HTML via the search panel. + + +- [BalvinderSingh23/Cross-Site-Scripting-Reflected-XSS-Vulnerability-in-blackcatcms_v1.3](https://github.com/BalvinderSingh23/Cross-Site-Scripting-Reflected-XSS-Vulnerability-in-blackcatcms_v1.3) + ### CVE-2018-10920 (2018-08-02) @@ -7793,9 +8542,29 @@ Improper input validation bug in DNS resolver component of Knot Resolver before A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access. +- [SoledaD208/CVE-2018-10933](https://github.com/SoledaD208/CVE-2018-10933) - [blacknbunny/CVE-2018-10933](https://github.com/blacknbunny/CVE-2018-10933) +- [hook-s3c/CVE-2018-10933](https://github.com/hook-s3c/CVE-2018-10933) +- [kn6869610/CVE-2018-10933](https://github.com/kn6869610/CVE-2018-10933) +- [leapsecurity/libssh-scanner](https://github.com/leapsecurity/libssh-scanner) +- [likescam/CVE-2018-10933_ssh](https://github.com/likescam/CVE-2018-10933_ssh) +- [trbpnd/bpnd-libssh](https://github.com/trbpnd/bpnd-libssh) +- [likescam/CVE-2018-10933-libSSH-Authentication-Bypass](https://github.com/likescam/CVE-2018-10933-libSSH-Authentication-Bypass) +- [marco-lancini/hunt-for-cve-2018-10933](https://github.com/marco-lancini/hunt-for-cve-2018-10933) +- [hackerhouse-opensource/cve-2018-10933](https://github.com/hackerhouse-opensource/cve-2018-10933) +- [cve-2018/cve-2018-10933](https://github.com/cve-2018/cve-2018-10933) +- [jas502n/CVE-2018-10933](https://github.com/jas502n/CVE-2018-10933) +- [ninp0/cve-2018-10933_poc](https://github.com/ninp0/cve-2018-10933_poc) +- [pghook/CVE-2018-10933_Scanner](https://github.com/pghook/CVE-2018-10933_Scanner) +- [Virgula0/POC-CVE-2018-10933](https://github.com/Virgula0/POC-CVE-2018-10933) +- [shifa123/pythonprojects-CVE-2018-10933](https://github.com/shifa123/pythonprojects-CVE-2018-10933) - [xFreed0m/CVE-2018-10933](https://github.com/xFreed0m/CVE-2018-10933) +- [Bifrozt/CVE-2018-10933](https://github.com/Bifrozt/CVE-2018-10933) +- [r3dxpl0it/CVE-2018-10933](https://github.com/r3dxpl0it/CVE-2018-10933) +- [ivanacostarubio/libssh-scanner](https://github.com/ivanacostarubio/libssh-scanner) +- [throwawayaccount12312312/precompiled-CVE-2018-10933](https://github.com/throwawayaccount12312312/precompiled-CVE-2018-10933) - [ensimag-security/CVE-2018-10933](https://github.com/ensimag-security/CVE-2018-10933) +- [Ad1bDaw/libSSH-bypass](https://github.com/Ad1bDaw/libSSH-bypass) - [sambiyal/CVE-2018-10933-POC](https://github.com/sambiyal/CVE-2018-10933-POC) - [nikhil1232/LibSSH-Authentication-Bypass](https://github.com/nikhil1232/LibSSH-Authentication-Bypass) - [Kurlee/LibSSH-exploit](https://github.com/Kurlee/LibSSH-exploit) @@ -7814,6 +8583,14 @@ A weakness was found in postgresql-jdbc before version 42.2.5. It was possible t - [tafamace/CVE-2018-10936](https://github.com/tafamace/CVE-2018-10936) +### CVE-2018-10949 (2018-05-09) + + +mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 allows Account Enumeration by leveraging a Discrepancy between the "HTTP 404 - account is not active" and "HTTP 401 - must authenticate" errors. + + +- [0x00-0x00/CVE-2018-10949](https://github.com/0x00-0x00/CVE-2018-10949) + ### CVE-2018-11235 (2018-05-30) @@ -7821,6 +8598,11 @@ In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before - [Rogdham/CVE-2018-11235](https://github.com/Rogdham/CVE-2018-11235) +- [vmotos/CVE-2018-11235](https://github.com/vmotos/CVE-2018-11235) +- [Choihosu/cve-2018-11235](https://github.com/Choihosu/cve-2018-11235) +- [CHYbeta/CVE-2018-11235-DEMO](https://github.com/CHYbeta/CVE-2018-11235-DEMO) +- [Kiss-sh0t/CVE-2018-11235-poc](https://github.com/Kiss-sh0t/CVE-2018-11235-poc) +- [H0K5/clone_and_pwn](https://github.com/H0K5/clone_and_pwn) - [knqyf263/CVE-2018-11235](https://github.com/knqyf263/CVE-2018-11235) - [ygouzerh/CVE-2018-11235](https://github.com/ygouzerh/CVE-2018-11235) - [qweraqq/CVE-2018-11235-Git-Submodule-CE](https://github.com/qweraqq/CVE-2018-11235-Git-Submodule-CE) @@ -7840,8 +8622,41 @@ In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution. +- [evilmiracle/CVE-2018-11236](https://github.com/evilmiracle/CVE-2018-11236) - [rockysec/CVE-2018-11236](https://github.com/rockysec/CVE-2018-11236) +### CVE-2018-11311 (2018-05-20) + + +A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials. + + +- [EmreOvunc/mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password](https://github.com/EmreOvunc/mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password) + +### CVE-2018-11450 (2018-07-09) + + +A reflected Cross-Site-Scripting (XSS) vulnerability has been identified in Siemens PLM Software TEAMCENTER (V9.1.2.5). If a user visits the login portal through the URL crafted by the attacker, the attacker can insert html/javascript and thus alter/rewrite the login portal page. Siemens PLM Software TEAMCENTER V9.1.3 and newer are not affected. + + +- [LucvanDonk/Siemens-Siemens-PLM-Software-TEAMCENTER-Reflected-Cross-Site-Scripting-XSS-vulnerability](https://github.com/LucvanDonk/Siemens-Siemens-PLM-Software-TEAMCENTER-Reflected-Cross-Site-Scripting-XSS-vulnerability) + +### CVE-2018-11510 (2018-06-28) + + +The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecate_js.cgi file by embedding OS commands in the 'script' parameter. + + +- [mefulton/CVE-2018-11510](https://github.com/mefulton/CVE-2018-11510) + +### CVE-2018-11517 (2018-05-28) + + +mySCADA myPRO 7 allows remote attackers to discover all ProjectIDs in a project by sending all of the prj parameter values from 870000 to 875000 in t=0&rq=0 requests to TCP port 11010. + + +- [EmreOvunc/mySCADA-myPRO-7-projectID-Disclosure](https://github.com/EmreOvunc/mySCADA-myPRO-7-projectID-Disclosure) + ### CVE-2018-11564 (2018-06-01) @@ -7850,6 +8665,14 @@ Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malici - [GeunSam2/CVE-2018-11564](https://github.com/GeunSam2/CVE-2018-11564) +### CVE-2018-11631 (2018-05-31) + + +Rondaful M1 Wristband Smart Band 1 devices allow remote attackers to send an arbitrary number of call or SMS notifications via crafted Bluetooth Low Energy (BLE) traffic. + + +- [xMagass/bandexploit](https://github.com/xMagass/bandexploit) + ### CVE-2018-11686 (2019-07-03) @@ -7889,7 +8712,18 @@ From version 1.3.0 onward, Apache Spark's standalone master exposes a REST API f Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace. +- [trbpnd/CVE-2018-11776](https://github.com/trbpnd/CVE-2018-11776) - [xfox64x/CVE-2018-11776](https://github.com/xfox64x/CVE-2018-11776) +- [jiguangin/CVE-2018-11776](https://github.com/jiguangin/CVE-2018-11776) +- [hook-s3c/CVE-2018-11776-Python-PoC](https://github.com/hook-s3c/CVE-2018-11776-Python-PoC) +- [mazen160/struts-pwn_CVE-2018-11776](https://github.com/mazen160/struts-pwn_CVE-2018-11776) +- [bhdresh/CVE-2018-11776](https://github.com/bhdresh/CVE-2018-11776) +- [knqyf263/CVE-2018-11776](https://github.com/knqyf263/CVE-2018-11776) +- [Ekultek/Strutter](https://github.com/Ekultek/Strutter) +- [tuxotron/cve-2018-11776-docker](https://github.com/tuxotron/cve-2018-11776-docker) +- [brianwrf/S2-057-CVE-2018-11776](https://github.com/brianwrf/S2-057-CVE-2018-11776) +- [649/Apache-Struts-Shodan-Exploit](https://github.com/649/Apache-Struts-Shodan-Exploit) +- [jezzus/CVE-2018-11776-Python-PoC](https://github.com/jezzus/CVE-2018-11776-Python-PoC) - [cved-sources/cve-2018-11776](https://github.com/cved-sources/cve-2018-11776) - [OzNetNerd/apche-struts-vuln-demo-cve-2018-11776](https://github.com/OzNetNerd/apche-struts-vuln-demo-cve-2018-11776) - [cucadili/CVE-2018-11776](https://github.com/cucadili/CVE-2018-11776) @@ -7912,6 +8746,22 @@ Incorrect bound check can lead to potential buffer overwrite in WLAN controller - [jguard01/cve-2018-11882](https://github.com/jguard01/cve-2018-11882) +### CVE-2018-12018 (2018-07-04) + + +The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum (aka geth) before 1.8.11 may lead to an access violation because of an integer signedness error for the array index, which allows attackers to launch a Denial of Service attack by sending a packet with a -1 query.Skip value. The vulnerable remote node would be crashed by such an attack immediately, aka the EPoD (Ethereum Packet of Death) issue. + + +- [k3v142/CVE-2018-12018](https://github.com/k3v142/CVE-2018-12018) + +### CVE-2018-12031 (2018-06-07) + + +Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action. + + +- [EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion](https://github.com/EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion) + ### CVE-2018-12038 (2018-11-20) @@ -7937,6 +8787,14 @@ A vulnerability in register allocation in JavaScript can lead to type confusion, - [Hydra3evil/cve-2018-12386](https://github.com/Hydra3evil/cve-2018-12386) - [0xLyte/cve-2018-12386](https://github.com/0xLyte/cve-2018-12386) +### CVE-2018-12418 (2018-06-14) + + +Archive.java in Junrar before 1.0.1, as used in Apache Tika and other products, is affected by a denial of service vulnerability due to an infinite loop when handling corrupt RAR files. + + +- [tafamace/CVE-2018-12418](https://github.com/tafamace/CVE-2018-12418) + ### CVE-2018-12421 (2018-06-14) @@ -7945,6 +8803,14 @@ LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a us - [ReverseBrain/CVE-2018-12421](https://github.com/ReverseBrain/CVE-2018-12421) +### CVE-2018-12463 (2018-07-12) + + +An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC), version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. + + +- [alt3kx/CVE-2018-12463](https://github.com/alt3kx/CVE-2018-12463) + ### CVE-2018-12533 (2018-06-18) @@ -7953,12 +8819,43 @@ JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to i - [TheKalin/CVE-2018-12533](https://github.com/TheKalin/CVE-2018-12533) +### CVE-2018-12537 (2018-08-14) + + +In Eclipse Vert.x version 3.0 to 3.5.1, the HttpServer response headers and HttpClient request headers do not filter carriage return and line feed characters from the header value. This allow unfiltered values to inject a new header in the client request or server response. + + +- [tafamace/CVE-2018-12537](https://github.com/tafamace/CVE-2018-12537) + +### CVE-2018-12540 (2018-07-12) + + +In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter. This allows replay attacks with previously issued tokens which are not expired yet. + + +- [tafamace/CVE-2018-12540](https://github.com/tafamace/CVE-2018-12540) + +### CVE-2018-12596 (2018-10-10) + + +Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site CU 22 allows remote attackers to call aspx pages via the "activateuser.aspx" page, even if a page is located under the /WorkArea/ path, which is forbidden (normally available exclusively for local admins). + + +- [alt3kx/CVE-2018-12596](https://github.com/alt3kx/CVE-2018-12596) + +### CVE-2018-12597 +- [alt3kx/CVE-2018-12597](https://github.com/alt3kx/CVE-2018-12597) + +### CVE-2018-12598 +- [alt3kx/CVE-2018-12598](https://github.com/alt3kx/CVE-2018-12598) + ### CVE-2018-12613 (2018-06-21) An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the "$cfg['AllowArbitraryServer'] = true" case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the "$cfg['ServerDefault'] = 0" case (which bypasses the login requirement and runs the vulnerable code without any authentication). +- [0x00-0x00/CVE-2018-12613](https://github.com/0x00-0x00/CVE-2018-12613) - [ivanitlearning/CVE-2018-12613](https://github.com/ivanitlearning/CVE-2018-12613) - [eastmountyxz/CVE-2018-12613-phpMyAdmin](https://github.com/eastmountyxz/CVE-2018-12613-phpMyAdmin) @@ -7970,6 +8867,14 @@ Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, - [sharmasandeepkr/cve-2018-12798](https://github.com/sharmasandeepkr/cve-2018-12798) +### CVE-2018-12895 (2018-06-26) + + +WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file. This is related to missing filename validation in the wp-includes/post.php wp_delete_attachment function. The attacker must have capabilities for files and posts that are normally available only to the Author, Editor, and Administrator roles. The attack methodology is to delete wp-config.php and then launch a new installation process to increase the attacker's privileges. + + +- [bloom-ux/cve-2018-12895-hotfix](https://github.com/bloom-ux/cve-2018-12895-hotfix) + ### CVE-2018-13257 (2019-11-18) @@ -8018,6 +8923,30 @@ An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6. - [shinecome/zip](https://github.com/shinecome/zip) +### CVE-2018-13784 (2018-07-09) + + +PrestaShop before 1.6.1.20 and 1.7.x before 1.7.3.4 mishandles cookie encryption in Cookie.php, Rinjdael.php, and Blowfish.php. + + +- [ambionics/prestashop-exploits](https://github.com/ambionics/prestashop-exploits) + +### CVE-2018-13864 (2018-07-17) + + +A directory traversal vulnerability has been found in the Assets controller in Play Framework 2.6.12 through 2.6.15 (fixed in 2.6.16) when running on Windows. It allows a remote attacker to download arbitrary files from the target server via specially crafted HTTP requests. + + +- [tafamace/CVE-2018-13864](https://github.com/tafamace/CVE-2018-13864) + +### CVE-2018-14083 (2018-07-25) + + +LICA miniCMTS E8K(u/i/...) devices allow remote attackers to obtain sensitive information via a direct POST request for the inc/user.ini file, leading to discovery of a password hash. + + +- [pudding2/CVE-2018-14083](https://github.com/pudding2/CVE-2018-14083) + ### CVE-2018-14442 (2018-07-20) @@ -8027,12 +8956,21 @@ Foxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Free that lea - [payatu/CVE-2018-14442](https://github.com/payatu/CVE-2018-14442) - [sharmasandeepkr/PS-2018-002---CVE-2018-14442](https://github.com/sharmasandeepkr/PS-2018-002---CVE-2018-14442) +### CVE-2018-14634 (2018-09-25) + + +An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable. + + +- [luan0ap/cve-2018-14634](https://github.com/luan0ap/cve-2018-14634) + ### CVE-2018-14665 (2018-10-25) A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges. +- [jas502n/CVE-2018-14665](https://github.com/jas502n/CVE-2018-14665) - [bolonobolo/CVE-2018-14665](https://github.com/bolonobolo/CVE-2018-14665) - [samueldustin/cve-2018-14665](https://github.com/samueldustin/cve-2018-14665) @@ -8042,6 +8980,7 @@ A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via org.ajax4jsf.resource.UserResource$UriData. +- [nareshmail/cve-2018-14667](https://github.com/nareshmail/cve-2018-14667) - [zeroto01/CVE-2018-14667](https://github.com/zeroto01/CVE-2018-14667) - [r00t4dm/CVE-2018-14667](https://github.com/r00t4dm/CVE-2018-14667) - [syriusbughunt/CVE-2018-14667](https://github.com/syriusbughunt/CVE-2018-14667) @@ -8064,6 +9003,14 @@ The database backup feature in upload/source/admincp/admincp_db.php in Discuz! 2 - [FoolMitAh/CVE-2018-14729](https://github.com/FoolMitAh/CVE-2018-14729) +### CVE-2018-14772 (2018-10-16) + + +Pydio 4.2.1 through 8.2.1 has an authenticated remote code execution vulnerability in which an attacker with administrator access to the web application can execute arbitrary code on the underlying system via Command Injection. + + +- [spencerdodd/CVE-2018-14772](https://github.com/spencerdodd/CVE-2018-14772) + ### CVE-2018-14847 (2018-08-02) @@ -8071,24 +9018,43 @@ MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read a - [BasuCert/WinboxPoC](https://github.com/BasuCert/WinboxPoC) +- [msterusky/WinboxExploit](https://github.com/msterusky/WinboxExploit) +- [syrex1013/MikroRoot](https://github.com/syrex1013/MikroRoot) - [jas502n/CVE-2018-14847](https://github.com/jas502n/CVE-2018-14847) - [th3f3n1x87/winboxPOC](https://github.com/th3f3n1x87/winboxPOC) - [mahmoodsabir/mikrotik-beast](https://github.com/mahmoodsabir/mikrotik-beast) - [sinichi449/Python-MikrotikLoginExploit](https://github.com/sinichi449/Python-MikrotikLoginExploit) - [yukar1z0e/CVE-2018-14847](https://github.com/yukar1z0e/CVE-2018-14847) +### CVE-2018-15131 (2019-05-30) + + +An issue was discovered in Synacor Zimbra Collaboration Suite 8.6.x before 8.6.0 Patch 11, 8.7.x before 8.7.11 Patch 6, 8.8.x before 8.8.8 Patch 9, and 8.8.9 before 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authentication requests. + + +- [0x00-0x00/CVE-2018-15131](https://github.com/0x00-0x00/CVE-2018-15131) + ### CVE-2018-15133 (2018-08-09) In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in gadgetchains/Laravel/RCE/3/chain.php in phpggc. The attacker must know the application key, which normally would never occur, but could happen if the attacker previously had privileged access or successfully accomplished a previous attack. +- [kozmic/laravel-poc-CVE-2018-15133](https://github.com/kozmic/laravel-poc-CVE-2018-15133) - [Bilelxdz/Laravel-CVE-2018-15133](https://github.com/Bilelxdz/Laravel-CVE-2018-15133) - [Prabesh01/Laravel-PHP-Unit-RCE-Auto-shell-uploader](https://github.com/Prabesh01/Laravel-PHP-Unit-RCE-Auto-shell-uploader) - [iansangaji/laravel-rce-cve-2018-15133](https://github.com/iansangaji/laravel-rce-cve-2018-15133) - [AlienX2001/better-poc-for-CVE-2018-15133](https://github.com/AlienX2001/better-poc-for-CVE-2018-15133) - [aljavier/exploit_laravel_cve-2018-15133](https://github.com/aljavier/exploit_laravel_cve-2018-15133) +### CVE-2018-15365 (2018-09-28) + + +A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. An attacker must be an authenticated user in order to exploit the vulnerability. + + +- [nixwizard/CVE-2018-15365](https://github.com/nixwizard/CVE-2018-15365) + ### CVE-2018-15473 (2018-08-17) @@ -8096,10 +9062,12 @@ OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not dela - [trimstray/massh-enum](https://github.com/trimstray/massh-enum) +- [gbonacini/opensshenum](https://github.com/gbonacini/opensshenum) - [Rhynorater/CVE-2018-15473-Exploit](https://github.com/Rhynorater/CVE-2018-15473-Exploit) - [epi052/cve-2018-15473](https://github.com/epi052/cve-2018-15473) - [pyperanger/CVE-2018-15473_exploit](https://github.com/pyperanger/CVE-2018-15473_exploit) - [r3dxpl0it/CVE-2018-15473](https://github.com/r3dxpl0it/CVE-2018-15473) +- [JoeBlackSecurity/CrappyCode](https://github.com/JoeBlackSecurity/CrappyCode) - [JoeBlackSecurity/SSHUsernameBruter-SSHUB](https://github.com/JoeBlackSecurity/SSHUsernameBruter-SSHUB) - [cved-sources/cve-2018-15473](https://github.com/cved-sources/cve-2018-15473) - [LINYIKAI/CVE-2018-15473-exp](https://github.com/LINYIKAI/CVE-2018-15473-exp) @@ -8115,6 +9083,14 @@ OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not dela - [Sait-Nuri/CVE-2018-15473](https://github.com/Sait-Nuri/CVE-2018-15473) - [WildfootW/CVE-2018-15473_OpenSSH_7.7](https://github.com/WildfootW/CVE-2018-15473_OpenSSH_7.7) +### CVE-2018-15499 (2018-08-24) + + +GEAR Software products that include GEARAspiWDM.sys, 2.2.5.0, allow local users to cause a denial of service (Race Condition and BSoD on Windows) by not checking that user-mode memory is available right before writing to it. A check is only performed at the beginning of a long subroutine. + + +- [DownWithUp/CVE-2018-15499](https://github.com/DownWithUp/CVE-2018-15499) + ### CVE-2018-15686 (2018-10-26) @@ -8123,6 +9099,22 @@ A vulnerability in unit_deserialize of systemd allows an attacker to supply arbi - [hpcprofessional/remediate_cesa_2019_2091](https://github.com/hpcprofessional/remediate_cesa_2019_2091) +### CVE-2018-15727 (2018-08-29) + + +Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user. + + +- [u238/grafana-CVE-2018-15727](https://github.com/u238/grafana-CVE-2018-15727) + +### CVE-2018-15832 (2018-09-20) + + +upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI handlers. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of the current process. + + +- [JacksonKuo/Ubisoft-Uplay-Desktop-Client-63.0.5699.0](https://github.com/JacksonKuo/Ubisoft-Uplay-Desktop-Client-63.0.5699.0) + ### CVE-2018-15835 (2018-11-30) @@ -8139,6 +9131,14 @@ The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerabl - [cved-sources/cve-2018-15877](https://github.com/cved-sources/cve-2018-15877) +### CVE-2018-15912 (2018-08-29) + + +An issue was discovered in manjaro-update-system.sh in manjaro-system 20180716-1 on Manjaro Linux. A local attacker can install or remove arbitrary packages and package repositories potentially containing hooks with arbitrary code, which will automatically be run as root, or remove packages vital to the system. + + +- [coderobe/CVE-2018-15912-PoC](https://github.com/coderobe/CVE-2018-15912-PoC) + ### CVE-2018-15961 (2018-09-25) @@ -8209,6 +9209,22 @@ ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitial ### CVE-2018-16341 - [mpgn/CVE-2018-16341](https://github.com/mpgn/CVE-2018-16341) +### CVE-2018-16370 (2018-09-02) + + +In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive. + + +- [snappyJack/CVE-2018-16370](https://github.com/snappyJack/CVE-2018-16370) + +### CVE-2018-16373 (2018-09-02) + + +Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager/save. + + +- [snappyJack/CVE-2018-16373](https://github.com/snappyJack/CVE-2018-16373) + ### CVE-2018-16447 (2018-09-04) @@ -8223,6 +9239,7 @@ Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF. An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. +- [farisv/PIL-RCE-Ghostscript-CVE-2018-16509](https://github.com/farisv/PIL-RCE-Ghostscript-CVE-2018-16509) - [knqyf263/CVE-2018-16509](https://github.com/knqyf263/CVE-2018-16509) - [cved-sources/cve-2018-16509](https://github.com/cved-sources/cve-2018-16509) - [rhpco/CVE-2018-16509](https://github.com/rhpco/CVE-2018-16509) @@ -8371,6 +9388,14 @@ LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a - [Nurdilin/CVE-2018-16706](https://github.com/Nurdilin/CVE-2018-16706) +### CVE-2018-16711 (2018-09-26) + + +IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402088) with a buffer containing user defined content. The driver's subroutine will execute a wrmsr instruction with the user's buffer for input. + + +- [DownWithUp/CVE-2018-16711](https://github.com/DownWithUp/CVE-2018-16711) + ### CVE-2018-16712 (2018-09-26) @@ -8379,6 +9404,14 @@ IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_ - [DownWithUp/CVE-2018-16712](https://github.com/DownWithUp/CVE-2018-16712) +### CVE-2018-16713 (2018-09-26) + + +IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402084) with a buffer containing user defined content. The driver's subroutine will execute a rdmsr instruction with the user's buffer for input, and provide output from the instruction. + + +- [DownWithUp/CVE-2018-16713](https://github.com/DownWithUp/CVE-2018-16713) + ### CVE-2018-16763 (2018-09-09) @@ -8423,6 +9456,14 @@ libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out - [zjw88282740/CVE-2018-16890](https://github.com/zjw88282740/CVE-2018-16890) +### CVE-2018-16987 (2018-09-13) + + +Squash TM through 1.18.0 presents the cleartext passwords of external services in the administration panel, as demonstrated by a ta-server-password field in the HTML source code. + + +- [gquere/CVE-2018-16987](https://github.com/gquere/CVE-2018-16987) + ### CVE-2018-17024 (2018-09-13) @@ -8439,6 +9480,25 @@ e107 2.1.9 allows CSRF via e107_admin/wmessage.php?mode=&action=inline&a - [himanshurahi/e107_2.1.9_CSRF_POC](https://github.com/himanshurahi/e107_2.1.9_CSRF_POC) +### CVE-2018-17144 (2018-09-19) + + +Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoind or Bitcoin-Qt crash. + + +- [iioch/ban-exploitable-bitcoin-nodes](https://github.com/iioch/ban-exploitable-bitcoin-nodes) +- [hikame/CVE-2018-17144_POC](https://github.com/hikame/CVE-2018-17144_POC) + +### CVE-2018-17182 (2018-09-19) + + +An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations. + + +- [jas502n/CVE-2018-17182](https://github.com/jas502n/CVE-2018-17182) +- [likescam/CVE-2018-17182](https://github.com/likescam/CVE-2018-17182) +- [likescam/vmacache_CVE-2018-17182](https://github.com/likescam/vmacache_CVE-2018-17182) + ### CVE-2018-17207 (2018-09-19) @@ -8479,6 +9539,14 @@ Stored XSS exists in views/fields/wysiwyg.js in EspoCRM 5.3.6 via a /#Email/view - [security-breachlock/CVE-2018-17302](https://github.com/security-breachlock/CVE-2018-17302) +### CVE-2018-17418 (2019-03-07) + + +Monstra CMS 3.0.4 allows remote attackers to execute arbitrary PHP code via a mixed-case file extension, as demonstrated by the 123.PhP filename, because plugins\box\filesmanager\filesmanager.admin.php mishandles the forbidden_types variable. + + +- [AlwaysHereFight/monstra_cms-3.0.4--getshell](https://github.com/AlwaysHereFight/monstra_cms-3.0.4--getshell) + ### CVE-2018-17431 (2019-01-29) @@ -8493,6 +9561,8 @@ Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execu Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character. +- [shpik-kr/CVE-2018-17456](https://github.com/shpik-kr/CVE-2018-17456) +- [matlink/CVE-2018-17456](https://github.com/matlink/CVE-2018-17456) - [799600966/CVE-2018-17456](https://github.com/799600966/CVE-2018-17456) - [AnonymKing/CVE-2018-17456](https://github.com/AnonymKing/CVE-2018-17456) @@ -8504,6 +9574,22 @@ An incorrect access control vulnerability in the FTP configuration of WiFiRanger - [Luct0r/CVE-2018-17873](https://github.com/Luct0r/CVE-2018-17873) +### CVE-2018-17961 (2018-10-15) + + +Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183. + + +- [matlink/CVE-2018-17961](https://github.com/matlink/CVE-2018-17961) + +### CVE-2018-18026 (2018-10-19) + + +IMFCameraProtect.sys in IObit Malware Fighter 6.2 (and possibly lower versions) is vulnerable to a stack-based buffer overflow. The attacker can use DeviceIoControl to pass a user specified size which can be used to overwrite return addresses. This can lead to a denial of service or code execution attack. + + +- [DownWithUp/CVE-2018-18026](https://github.com/DownWithUp/CVE-2018-18026) + ### CVE-2018-18368 (2019-11-15) @@ -8512,6 +9598,14 @@ Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU1, may be susceptib - [DimopoulosElias/SEPM-EoP](https://github.com/DimopoulosElias/SEPM-EoP) +### CVE-2018-18387 (2018-10-29) + + +playSMS through 1.4.2 allows Privilege Escalation through Daemon abuse. + + +- [TheeBlind/CVE-2018-18387](https://github.com/TheeBlind/CVE-2018-18387) + ### CVE-2018-18500 (2019-02-05) @@ -8528,6 +9622,14 @@ An issue was discovered in the wiki API in GitLab Community and Enterprise Editi - [Snowming04/CVE-2018-18649](https://github.com/Snowming04/CVE-2018-18649) +### CVE-2018-18714 (2018-11-01) + + +RegFilter.sys in IOBit Malware Fighter 6.2 and earlier is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E010. This can lead to denial of service (DoS) or code execution with root privileges. + + +- [DownWithUp/CVE-2018-18714](https://github.com/DownWithUp/CVE-2018-18714) + ### CVE-2018-18778 (2018-10-28) @@ -8553,6 +9655,22 @@ PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attacker - [farisv/PrestaShop-CVE-2018-19126](https://github.com/farisv/PrestaShop-CVE-2018-19126) +### CVE-2018-19127 (2018-11-09) + + +A code injection vulnerability in /type.php in PHPCMS 2008 allows attackers to write arbitrary content to a website cache file with a controllable filename, leading to arbitrary code execution. The PHP code is sent via the template parameter, and is written to a data/cache_template/*.tpl.php file along with a "<?php function " substring. + + +- [ab1gale/phpcms-2008-CVE-2018-19127](https://github.com/ab1gale/phpcms-2008-CVE-2018-19127) + +### CVE-2018-19131 (2018-11-09) + + +Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors. + + +- [JonathanWilbur/CVE-2018-19131](https://github.com/JonathanWilbur/CVE-2018-19131) + ### CVE-2018-19207 (2018-11-12) @@ -8925,6 +10043,22 @@ The woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in the Product - [parzel/CVE-2018-20966](https://github.com/parzel/CVE-2018-20966) +### CVE-2018-1000001 (2018-01-31) + + +In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. + + +- [0x00-0x00/CVE-2018-1000001](https://github.com/0x00-0x00/CVE-2018-1000001) + +### CVE-2018-1000006 (2018-01-24) + + +GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user clicks on a specially crafted URL. This has been fixed in versions 1.8.2-beta.4, 1.7.11, and 1.6.16. + + +- [CHYbeta/CVE-2018-1000006-DEMO](https://github.com/CHYbeta/CVE-2018-1000006-DEMO) + ### CVE-2018-1000030 (2018-02-08) @@ -8941,6 +10075,22 @@ Ajenti version version 2 contains a Cross ite Request Forgery (CSRF) vulnerabili - [SECFORCE/CVE-2018-1000082-exploit](https://github.com/SECFORCE/CVE-2018-1000082-exploit) +### CVE-2018-1000117 (2018-03-07) + + +Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5. + + +- [u0pattern/CVE-2018-1000117-Exploit](https://github.com/u0pattern/CVE-2018-1000117-Exploit) + +### CVE-2018-1000134 (2018-03-16) + + +UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty password when running in synchronous mode. commit with applied fix https://github.com/pingidentity/ldapsdk/commit/8471904a02438c03965d21367890276bc25fa5a6#diff-f6cb23b459be1ec17df1da33760087fd that can result in Ability to impersonate any valid user. This attack appear to be exploitable via Providing valid username and empty password against servers that do not do additional validation as per https://tools.ietf.org/html/rfc4513#section-5.1.1. This vulnerability appears to have been fixed in after commit 8471904a02438c03965d21367890276bc25fa5a6. + + +- [dragotime/cve-2018-1000134](https://github.com/dragotime/cve-2018-1000134) + ### CVE-2018-1000140 (2018-03-23) @@ -8950,6 +10100,14 @@ rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerabil - [s0/rsyslog-librelp-CVE-2018-1000140](https://github.com/s0/rsyslog-librelp-CVE-2018-1000140) - [s0/rsyslog-librelp-CVE-2018-1000140-fixed](https://github.com/s0/rsyslog-librelp-CVE-2018-1000140-fixed) +### CVE-2018-1000199 (2018-05-24) + + +The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f. + + +- [dsfau/CVE-2018-1000199](https://github.com/dsfau/CVE-2018-1000199) + ### CVE-2018-1000224 (2018-08-20) @@ -8958,6 +10116,22 @@ Godot Engine version All versions prior to 2.1.5, all 3.0 versions prior to 3.0. - [zann1x/ITS](https://github.com/zann1x/ITS) +### CVE-2018-1000529 (2018-06-26) + + +Grails Fields plugin version 2.2.7 contains a Cross Site Scripting (XSS) vulnerability in Using the display tag that can result in XSS . This vulnerability appears to have been fixed in 2.2.8. + + +- [martinfrancois/CVE-2018-1000529](https://github.com/martinfrancois/CVE-2018-1000529) + +### CVE-2018-1000802 (2018-09-18) + + +Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace. + + +- [tna0y/CVE-2018-1000802-PoC](https://github.com/tna0y/CVE-2018-1000802-PoC) + ### CVE-2018-1000861 (2018-12-10) @@ -9007,22 +10181,6 @@ The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Serv - [sheri31/0005poc](https://github.com/sheri31/0005poc) -### CVE-2017-0038 (2017-02-20) - - -gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process heap memory via a crafted EMF file, as demonstrated by an EMR_SETDIBITSTODEVICE record with modified Device Independent Bitmap (DIB) dimensions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-3216, CVE-2016-3219, and/or CVE-2016-3220. - - -- [k0keoyo/CVE-2017-0038-EXP-C-JS](https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS) - -### CVE-2017-0065 (2017-03-16) - - -Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0068. - - -- [Dankirk/cve-2017-0065](https://github.com/Dankirk/cve-2017-0065) - ### CVE-2017-0075 (2017-03-16) @@ -9031,22 +10189,6 @@ Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows - [4B5F5F4B/HyperV](https://github.com/4B5F5F4B/HyperV) -### CVE-2017-0106 (2017-04-12) - - -Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." - - -- [ryhanson/CVE-2017-0106](https://github.com/ryhanson/CVE-2017-0106) - -### CVE-2017-0108 (2017-03-16) - - -The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Graphics Component Remote Code Execution Vulnerability." This vulnerability is different from that described in CVE-2017-0014. - - -- [homjxi0e/CVE-2017-0108](https://github.com/homjxi0e/CVE-2017-0108) - ### CVE-2017-0143 (2017-03-16) @@ -9079,17 +10221,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API." -- [ryhanson/CVE-2017-0199](https://github.com/ryhanson/CVE-2017-0199) -- [SyFi/cve-2017-0199](https://github.com/SyFi/cve-2017-0199) - [bhdresh/CVE-2017-0199](https://github.com/bhdresh/CVE-2017-0199) -- [NotAwful/CVE-2017-0199-Fix](https://github.com/NotAwful/CVE-2017-0199-Fix) -- [haibara3839/CVE-2017-0199-master](https://github.com/haibara3839/CVE-2017-0199-master) -- [Exploit-install/CVE-2017-0199](https://github.com/Exploit-install/CVE-2017-0199) -- [zakybstrd21215/PoC-CVE-2017-0199](https://github.com/zakybstrd21215/PoC-CVE-2017-0199) -- [n1shant-sinha/CVE-2017-0199](https://github.com/n1shant-sinha/CVE-2017-0199) -- [kn0wm4d/htattack](https://github.com/kn0wm4d/htattack) -- [joke998/Cve-2017-0199](https://github.com/joke998/Cve-2017-0199) -- [joke998/Cve-2017-0199-](https://github.com/joke998/Cve-2017-0199-) - [sUbc0ol/Microsoft-Word-CVE-2017-0199-](https://github.com/sUbc0ol/Microsoft-Word-CVE-2017-0199-) - [viethdgit/CVE-2017-0199](https://github.com/viethdgit/CVE-2017-0199) - [nicpenning/RTF-Cleaner](https://github.com/nicpenning/RTF-Cleaner) @@ -9098,14 +10230,6 @@ Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, - [likescam/CVE-2017-0199](https://github.com/likescam/CVE-2017-0199) - [stealth-ronin/CVE-2017-0199-PY-KIT](https://github.com/stealth-ronin/CVE-2017-0199-PY-KIT) -### CVE-2017-0204 (2017-04-12) - - -Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to bypass the Office Protected View via a specially crafted document, aka "Microsoft Office Security Feature Bypass Vulnerability." - - -- [ryhanson/CVE-2017-0204](https://github.com/ryhanson/CVE-2017-0204) - ### CVE-2017-0213 (2017-05-12) @@ -9145,14 +10269,6 @@ The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows - [R06otMD5/cve-2017-0263-poc](https://github.com/R06otMD5/cve-2017-0263-poc) -### CVE-2017-0290 (2017-05-09) - - -The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 does not properly scan a specially crafted file leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." - - -- [homjxi0e/CVE-2017-0290-](https://github.com/homjxi0e/CVE-2017-0290-) - ### CVE-2017-0411 (2017-02-08) @@ -9167,7 +10283,6 @@ An elevation of privilege vulnerability in the Framework APIs could enable a loc A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33718716. -- [JiounDai/CVE-2017-0478](https://github.com/JiounDai/CVE-2017-0478) - [likescam/CVE-2017-0478](https://github.com/likescam/CVE-2017-0478) ### CVE-2017-0541 (2017-04-07) @@ -9176,7 +10291,6 @@ A remote code execution vulnerability in the Framesequence library could enable A remote code execution vulnerability in sonivox in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34031018. -- [JiounDai/CVE-2017-0541](https://github.com/JiounDai/CVE-2017-0541) - [likescam/CVE-2017-0541](https://github.com/likescam/CVE-2017-0541) ### CVE-2017-0554 (2017-04-07) @@ -9259,9 +10373,6 @@ An issue was discovered in certain Apple products. iOS before 10.2.1 is affected An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (buffer overflow) via a crafted app. -- [maximehip/extra_recipe](https://github.com/maximehip/extra_recipe) -- [JackBro/extra_recipe](https://github.com/JackBro/extra_recipe) -- [Rootkitsmm/extra_recipe-iOS-10.2](https://github.com/Rootkitsmm/extra_recipe-iOS-10.2) - [Peterpan0927/CVE-2017-2370](https://github.com/Peterpan0927/CVE-2017-2370) ### CVE-2017-2388 (2017-04-01) @@ -9272,14 +10383,6 @@ An issue was discovered in certain Apple products. macOS before 10.12.4 is affec - [bazad/IOFireWireFamily-null-deref](https://github.com/bazad/IOFireWireFamily-null-deref) -### CVE-2017-2636 (2017-03-07) - - -Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline. - - -- [alexzorin/cve-2017-2636-el](https://github.com/alexzorin/cve-2017-2636-el) - ### CVE-2017-2666 (2018-07-27) @@ -9371,21 +10474,12 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - [ianxtianxt/CVE-2017-3506](https://github.com/ianxtianxt/CVE-2017-3506) - [Al1ex/CVE-2017-3506](https://github.com/Al1ex/CVE-2017-3506) -### CVE-2017-3599 (2017-04-24) - - -Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue is an integer overflow in sql/auth/sql_authentication.cc which allows remote attackers to cause a denial of service via a crafted authentication packet. - - -- [SECFORCE/CVE-2017-3599](https://github.com/SECFORCE/CVE-2017-3599) - ### CVE-2017-3730 (2017-05-04) In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack. -- [guidovranken/CVE-2017-3730](https://github.com/guidovranken/CVE-2017-3730) - [ymmah/OpenSSL-CVE-2017-3730](https://github.com/ymmah/OpenSSL-CVE-2017-3730) ### CVE-2017-3881 (2017-03-17) @@ -9394,10 +10488,6 @@ In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters fo A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device; and (2) the incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. This affects Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2 EtherSwitch Service Module, Enhanced Layer 2/3 EtherSwitch Service Module, Gigabit Ethernet Switch Module (CGESM) for HP, IE Industrial Ethernet switches, ME 4924-10GE switch, RF Gateway 10, and SM-X Layer 2/3 EtherSwitch Service Module. Cisco Bug IDs: CSCvd48893. -- [artkond/cisco-rce](https://github.com/artkond/cisco-rce) -- [homjxi0e/CVE-2017-3881-exploit-cisco-](https://github.com/homjxi0e/CVE-2017-3881-exploit-cisco-) -- [homjxi0e/CVE-2017-3881-Cisco](https://github.com/homjxi0e/CVE-2017-3881-Cisco) -- [zakybstrd21215/PoC-CVE-2017-3881](https://github.com/zakybstrd21215/PoC-CVE-2017-3881) - [1337g/CVE-2017-3881](https://github.com/1337g/CVE-2017-3881) ### CVE-2017-4490 @@ -9415,14 +10505,6 @@ An issue was discovered in Pivotal Spring Web Flow through 2.4.4. Applications t - [cved-sources/cve-2017-4971](https://github.com/cved-sources/cve-2017-4971) -### CVE-2017-5005 (2017-01-02) - - -Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and AntiVirus Pro 10.1.0.316 and earlier on OS X allows remote attackers to execute arbitrary code via a crafted LC_UNIXTHREAD.cmdsize field in a Mach-O file that is mishandled during a Security Scan (aka Custom Scan) operation. - - -- [payatu/QuickHeal](https://github.com/payatu/QuickHeal) - ### CVE-2017-5007 (2017-02-17) @@ -9454,14 +10536,6 @@ An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method a - [cscli/CVE-2017-5223](https://github.com/cscli/CVE-2017-5223) -### CVE-2017-5415 (2018-06-11) - - -An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by "blob:" as the protocol, leading to user confusion and further spoofing attacks. This vulnerability affects Firefox < 52. - - -- [649/CVE-2017-5415](https://github.com/649/CVE-2017-5415) - ### CVE-2017-5487 (2017-01-14) @@ -9473,48 +10547,16 @@ wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST AP - [GeunSam2/CVE-2017-5487](https://github.com/GeunSam2/CVE-2017-5487) - [patilkr/wp-CVE-2017-5487-exploit](https://github.com/patilkr/wp-CVE-2017-5487-exploit) -### CVE-2017-5633 (2017-03-06) - - -Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI programs. - - -- [cardangi/Exploit-CVE-2017-5633](https://github.com/cardangi/Exploit-CVE-2017-5633) - ### CVE-2017-5638 (2017-03-10) The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string. -- [PolarisLab/S2-045](https://github.com/PolarisLab/S2-045) -- [Flyteas/Struts2-045-Exp](https://github.com/Flyteas/Struts2-045-Exp) -- [bongbongco/cve-2017-5638](https://github.com/bongbongco/cve-2017-5638) -- [jas502n/S2-045-EXP-POC-TOOLS](https://github.com/jas502n/S2-045-EXP-POC-TOOLS) -- [mthbernardes/strutszeiro](https://github.com/mthbernardes/strutszeiro) -- [xsscx/cve-2017-5638](https://github.com/xsscx/cve-2017-5638) -- [immunio/apache-struts2-CVE-2017-5638](https://github.com/immunio/apache-struts2-CVE-2017-5638) -- [Masahiro-Yamada/OgnlContentTypeRejectorValve](https://github.com/Masahiro-Yamada/OgnlContentTypeRejectorValve) -- [aljazceru/CVE-2017-5638-Apache-Struts2](https://github.com/aljazceru/CVE-2017-5638-Apache-Struts2) -- [sjitech/test_struts2_vulnerability_CVE-2017-5638](https://github.com/sjitech/test_struts2_vulnerability_CVE-2017-5638) -- [jrrombaldo/CVE-2017-5638](https://github.com/jrrombaldo/CVE-2017-5638) -- [random-robbie/CVE-2017-5638](https://github.com/random-robbie/CVE-2017-5638) - [initconf/CVE-2017-5638_struts](https://github.com/initconf/CVE-2017-5638_struts) - [mazen160/struts-pwn](https://github.com/mazen160/struts-pwn) -- [ret2jazzy/Struts-Apache-ExploitPack](https://github.com/ret2jazzy/Struts-Apache-ExploitPack) -- [lolwaleet/ExpStruts](https://github.com/lolwaleet/ExpStruts) -- [oktavianto/CVE-2017-5638-Apache-Struts2](https://github.com/oktavianto/CVE-2017-5638-Apache-Struts2) -- [jrrdev/cve-2017-5638](https://github.com/jrrdev/cve-2017-5638) -- [opt9/Strutshock](https://github.com/opt9/Strutshock) -- [falcon-lnhg/StrutsShell](https://github.com/falcon-lnhg/StrutsShell) -- [bhagdave/CVE-2017-5638](https://github.com/bhagdave/CVE-2017-5638) - [jas502n/st2-046-poc](https://github.com/jas502n/st2-046-poc) -- [KarzsGHR/S2-046_S2-045_POC](https://github.com/KarzsGHR/S2-046_S2-045_POC) -- [gsfish/S2-Reaper](https://github.com/gsfish/S2-Reaper) -- [mcassano/cve-2017-5638](https://github.com/mcassano/cve-2017-5638) -- [opt9/Strutscli](https://github.com/opt9/Strutscli) - [tahmed11/strutsy](https://github.com/tahmed11/strutsy) -- [payatu/CVE-2017-5638](https://github.com/payatu/CVE-2017-5638) - [Aasron/Struts2-045-Exp](https://github.com/Aasron/Struts2-045-Exp) - [SpiderMate/Stutsfi](https://github.com/SpiderMate/Stutsfi) - [jpacora/Struts2Shell](https://github.com/jpacora/Struts2Shell) @@ -9562,9 +10604,7 @@ In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT). -- [CerberusSecurity/CVE-2017-5689](https://github.com/CerberusSecurity/CVE-2017-5689) - [x1sec/amthoneypot](https://github.com/x1sec/amthoneypot) -- [Bijaye/intel_amt_bypass](https://github.com/Bijaye/intel_amt_bypass) - [embedi/amt_auth_bypass_poc](https://github.com/embedi/amt_auth_bypass_poc) ### CVE-2017-5693 (2018-07-31) @@ -9677,14 +10717,6 @@ D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, DGS-1510-28P, DG - [varangamin/CVE-2017-6206](https://github.com/varangamin/CVE-2017-6206) -### CVE-2017-6370 (2017-03-17) - - -TYPO3 7.6.15 sends an http request to an index.php?loginProvider URI in cases with an https Referer, which allows remote attackers to obtain sensitive cleartext information by sniffing the network and reading the userident and username fields. - - -- [faizzaidi/TYPO3-v7.6.15-Unencrypted-Login-Request](https://github.com/faizzaidi/TYPO3-v7.6.15-Unencrypted-Login-Request) - ### CVE-2017-6558 (2017-03-09) @@ -9724,7 +10756,6 @@ Cross-site scripting (XSS) vulnerability in the Open-Xchange webmail before 7.6. AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862. -- [patrickfreed/nfsen-exploit](https://github.com/patrickfreed/nfsen-exploit) - [KeyStrOke95/nfsen_1.3.7_CVE-2017-6971](https://github.com/KeyStrOke95/nfsen_1.3.7_CVE-2017-6971) ### CVE-2017-7038 (2017-07-20) @@ -9786,32 +10817,13 @@ The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel - [rockl/cve-2017-7184](https://github.com/rockl/cve-2017-7184) - [rockl/cve-2017-7184-bak](https://github.com/rockl/cve-2017-7184-bak) -### CVE-2017-7188 (2017-04-14) - - -Zurmo 3.1.1 Stable allows a Cross-Site Scripting (XSS) attack with a base64-encoded SCRIPT element within a data: URL in the returnUrl parameter to default/toggleCollapse. - - -- [faizzaidi/Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC](https://github.com/faizzaidi/Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC) - ### CVE-2017-7269 (2017-03-26) Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016. -- [eliuha/webdav_exploit](https://github.com/eliuha/webdav_exploit) - [lcatro/CVE-2017-7269-Echo-PoC](https://github.com/lcatro/CVE-2017-7269-Echo-PoC) -- [caicai1355/CVE-2017-7269-exploit](https://github.com/caicai1355/CVE-2017-7269-exploit) -- [M1a0rz/CVE-2017-7269](https://github.com/M1a0rz/CVE-2017-7269) -- [whiteHat001/cve-2017-7269picture](https://github.com/whiteHat001/cve-2017-7269picture) -- [zcgonvh/cve-2017-7269](https://github.com/zcgonvh/cve-2017-7269) -- [jrrombaldo/CVE-2017-7269](https://github.com/jrrombaldo/CVE-2017-7269) -- [g0rx/iis6-exploit-2017-CVE-2017-7269](https://github.com/g0rx/iis6-exploit-2017-CVE-2017-7269) -- [slimpagey/IIS_6.0_WebDAV_Ruby](https://github.com/slimpagey/IIS_6.0_WebDAV_Ruby) -- [homjxi0e/cve-2017-7269](https://github.com/homjxi0e/cve-2017-7269) -- [xiaovpn/CVE-2017-7269](https://github.com/xiaovpn/CVE-2017-7269) -- [zcgonvh/cve-2017-7269-tool](https://github.com/zcgonvh/cve-2017-7269-tool) - [mirrorblack/CVE-2017-7269](https://github.com/mirrorblack/CVE-2017-7269) - [Al1ex/CVE-2017-7269](https://github.com/Al1ex/CVE-2017-7269) @@ -9885,14 +10897,6 @@ Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer - [cyberharsh/nginx-CVE-2017-7529](https://github.com/cyberharsh/nginx-CVE-2017-7529) - [daehee/nginx-overflow](https://github.com/daehee/nginx-overflow) -### CVE-2017-7648 (2017-04-10) - - -Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation. - - -- [notmot/CVE-2017-7648.](https://github.com/notmot/CVE-2017-7648.) - ### CVE-2017-7679 (2017-06-19) @@ -9950,8 +10954,6 @@ Malicious PATCH requests submitted to servers using Spring Data REST versions pr WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary passwords by making a crafted wp-login.php?action=lostpassword request and then arranging for this message to bounce or be resent, leading to transmission of the reset key to a mailbox on an attacker-controlled SMTP server. This is related to problematic use of the SERVER_NAME variable in wp-includes/pluggable.php in conjunction with the PHP mail function. Exploitation is not achievable in all cases because it requires at least one of the following: (1) the attacker can prevent the victim from receiving any e-mail messages for an extended period of time (such as 5 days), (2) the victim's e-mail system sends an autoresponse containing the original message, or (3) the victim manually composes a reply containing the original message. -- [homjxi0e/CVE-2017-8295-WordPress-4.7.4---Unauthorized-Password-Reset](https://github.com/homjxi0e/CVE-2017-8295-WordPress-4.7.4---Unauthorized-Password-Reset) -- [alash3al/wp-allowed-hosts](https://github.com/alash3al/wp-allowed-hosts) - [cyberheartmi9/CVE-2017-8295](https://github.com/cyberheartmi9/CVE-2017-8295) ### CVE-2017-8382 (2017-05-16) @@ -10062,14 +11064,6 @@ An issue was discovered on Accellion FTA devices before FTA_9_12_180. There is X - [Voraka/cve-2017-8760](https://github.com/Voraka/cve-2017-8760) -### CVE-2017-8779 (2017-05-04) - - -rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb. - - -- [drbothen/GO-RPCBOMB](https://github.com/drbothen/GO-RPCBOMB) - ### CVE-2017-8802 (2018-01-16) @@ -15350,8 +16344,6 @@ Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execut - [adenkiewicz/CVE-2003-0264](https://github.com/adenkiewicz/CVE-2003-0264) - [fyoderxx/slmail-exploit](https://github.com/fyoderxx/slmail-exploit) -- [war4uthor/CVE-2003-0264](https://github.com/war4uthor/CVE-2003-0264) -- [pwncone/CVE-2003-0264-SLmail-5.5](https://github.com/pwncone/CVE-2003-0264-SLmail-5.5) ### CVE-2003-0282 (2003-05-14)