From ffa3ae881691002450e7da7fd66bfe5cdd1d550b Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Thu, 21 Mar 2024 03:27:30 +0900 Subject: [PATCH] Auto Update 2024/03/20 18:27:30 --- 2014/CVE-2014-3507.json | 2 +- ...{CVE-2014-3470.json => CVE-2014-3508.json} | 10 ++--- 2018/CVE-2018-4407.json | 8 ++-- 2019/CVE-2019-0232.json | 8 ++-- 2020/CVE-2020-14144.json | 8 ++-- 2020/CVE-2020-1472.json | 8 ++-- 2021/CVE-2021-30955.json | 8 ++-- 2021/CVE-2021-3129.json | 10 ++--- 2021/CVE-2021-34527.json | 8 ++-- 2021/CVE-2021-44228.json | 8 ++-- 2022/CVE-2022-26134.json | 8 ++-- 2022/CVE-2022-38694.json | 8 ++-- 2022/CVE-2022-4543.json | 8 ++-- 2023/CVE-2023-27566.json | 8 ++-- 2023/CVE-2023-32243.json | 4 +- 2023/CVE-2023-3269.json | 8 ++-- 2023/CVE-2023-35636.json | 8 ++-- 2023/CVE-2023-36874.json | 8 ++-- 2023/CVE-2023-45866.json | 8 ++-- 2023/CVE-2023-51764.json | 8 ++-- 2024/CVE-2024-21413.json | 8 ++-- 2024/CVE-2024-21762.json | 8 ++-- 2024/CVE-2024-23334.json | 12 +++--- 2024/CVE-2024-23897.json | 8 ++-- 2024/CVE-2024-25153.json | 8 ++-- 2024/CVE-2024-25832.json | 8 ++-- 2024/CVE-2024-28085.json | 38 +++++++++++++++++++ README.md | 17 +++++---- 28 files changed, 151 insertions(+), 110 deletions(-) rename 2014/{CVE-2014-3470.json => CVE-2014-3508.json} (78%) create mode 100644 2024/CVE-2024-28085.json diff --git a/2014/CVE-2014-3507.json b/2014/CVE-2014-3507.json index d85019f925..b9a6c95c03 100644 --- a/2014/CVE-2014-3507.json +++ b/2014/CVE-2014-3507.json @@ -27,6 +27,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2014/CVE-2014-3470.json b/2014/CVE-2014-3508.json similarity index 78% rename from 2014/CVE-2014-3470.json rename to 2014/CVE-2014-3508.json index 2a7a67f41b..686af4759f 100644 --- a/2014/CVE-2014-3470.json +++ b/2014/CVE-2014-3508.json @@ -1,20 +1,20 @@ [ { "id": 686885075, - "name": "OpenSSL_1.0.1g_CVE-2014-3470", - "full_name": "hshivhare67\/OpenSSL_1.0.1g_CVE-2014-3470", + "name": "OpenSSL_1.0.1g_CVE-2014-3508", + "full_name": "hshivhare67\/OpenSSL_1.0.1g_CVE-2014-3508", "owner": { "login": "hshivhare67", "id": 67005408, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", "html_url": "https:\/\/github.com\/hshivhare67" }, - "html_url": "https:\/\/github.com\/hshivhare67\/OpenSSL_1.0.1g_CVE-2014-3470", + "html_url": "https:\/\/github.com\/hshivhare67\/OpenSSL_1.0.1g_CVE-2014-3508", "description": null, "fork": false, "created_at": "2023-09-04T06:44:34Z", - "updated_at": "2024-03-18T11:00:53Z", - "pushed_at": "2024-03-18T11:01:48Z", + "updated_at": "2024-03-20T13:13:35Z", + "pushed_at": "2024-03-20T13:13:25Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2018/CVE-2018-4407.json b/2018/CVE-2018-4407.json index e277f17559..5202ccd9b2 100644 --- a/2018/CVE-2018-4407.json +++ b/2018/CVE-2018-4407.json @@ -348,10 +348,10 @@ "description": "iOS 11 WiFi Exploit - icmp_error_CVE-2018-4407", "fork": false, "created_at": "2018-11-26T14:14:55Z", - "updated_at": "2018-11-26T20:38:51Z", + "updated_at": "2024-03-20T16:14:33Z", "pushed_at": "2018-11-26T20:38:50Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -360,7 +360,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 0 }, diff --git a/2019/CVE-2019-0232.json b/2019/CVE-2019-0232.json index f2f774a8fd..104ecc58da 100644 --- a/2019/CVE-2019-0232.json +++ b/2019/CVE-2019-0232.json @@ -193,10 +193,10 @@ "description": "Vulnerability analysis and PoC for the Apache Tomcat - CGIServlet enableCmdLineArguments Remote Code Execution (RCE)", "fork": false, "created_at": "2021-03-25T20:09:54Z", - "updated_at": "2023-12-23T22:10:00Z", + "updated_at": "2024-03-20T17:43:00Z", "pushed_at": "2021-09-04T00:45:00Z", - "stargazers_count": 9, - "watchers_count": 9, + "stargazers_count": 10, + "watchers_count": 10, "has_discussions": false, "forks_count": 9, "allow_forking": true, @@ -209,7 +209,7 @@ ], "visibility": "public", "forks": 9, - "watchers": 9, + "watchers": 10, "score": 0, "subscribers_count": 2 } diff --git a/2020/CVE-2020-14144.json b/2020/CVE-2020-14144.json index b0dbe5e674..bcbf38d00b 100644 --- a/2020/CVE-2020-14144.json +++ b/2020/CVE-2020-14144.json @@ -13,10 +13,10 @@ "description": "A script to exploit CVE-2020-14144 - GiTea authenticated Remote Code Execution using git hooks", "fork": false, "created_at": "2022-03-08T17:14:27Z", - "updated_at": "2023-09-28T11:36:51Z", + "updated_at": "2024-03-20T14:28:07Z", "pushed_at": "2022-05-03T10:40:14Z", - "stargazers_count": 15, - "watchers_count": 15, + "stargazers_count": 16, + "watchers_count": 16, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -31,7 +31,7 @@ ], "visibility": "public", "forks": 3, - "watchers": 15, + "watchers": 16, "score": 0, "subscribers_count": 2 } diff --git a/2020/CVE-2020-1472.json b/2020/CVE-2020-1472.json index 924f781d12..803fe93ac7 100644 --- a/2020/CVE-2020-1472.json +++ b/2020/CVE-2020-1472.json @@ -170,10 +170,10 @@ "description": "Exploit for zerologon cve-2020-1472", "fork": false, "created_at": "2020-09-14T19:19:07Z", - "updated_at": "2024-03-15T02:25:02Z", + "updated_at": "2024-03-20T15:48:11Z", "pushed_at": "2020-10-15T18:31:15Z", - "stargazers_count": 586, - "watchers_count": 586, + "stargazers_count": 587, + "watchers_count": 587, "has_discussions": false, "forks_count": 143, "allow_forking": true, @@ -182,7 +182,7 @@ "topics": [], "visibility": "public", "forks": 143, - "watchers": 586, + "watchers": 587, "score": 0, "subscribers_count": 13 }, diff --git a/2021/CVE-2021-30955.json b/2021/CVE-2021-30955.json index 67d27982b3..a338877f72 100644 --- a/2021/CVE-2021-30955.json +++ b/2021/CVE-2021-30955.json @@ -103,10 +103,10 @@ "description": "iOS 15.1 kernel exploit POC for CVE-2021-30955", "fork": false, "created_at": "2022-03-01T12:41:03Z", - "updated_at": "2024-02-06T14:26:28Z", + "updated_at": "2024-03-20T17:58:00Z", "pushed_at": "2022-03-01T16:11:31Z", - "stargazers_count": 255, - "watchers_count": 255, + "stargazers_count": 256, + "watchers_count": 256, "has_discussions": false, "forks_count": 46, "allow_forking": true, @@ -115,7 +115,7 @@ "topics": [], "visibility": "public", "forks": 46, - "watchers": 255, + "watchers": 256, "score": 0, "subscribers_count": 8 }, diff --git a/2021/CVE-2021-3129.json b/2021/CVE-2021-3129.json index 662d4ff749..57397169d2 100644 --- a/2021/CVE-2021-3129.json +++ b/2021/CVE-2021-3129.json @@ -13,10 +13,10 @@ "description": "Exploit for CVE-2021-3129", "fork": false, "created_at": "2021-01-13T12:52:20Z", - "updated_at": "2024-03-13T08:58:26Z", + "updated_at": "2024-03-20T16:43:03Z", "pushed_at": "2021-01-29T13:59:07Z", - "stargazers_count": 258, - "watchers_count": 258, + "stargazers_count": 259, + "watchers_count": 259, "has_discussions": false, "forks_count": 68, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 68, - "watchers": 258, + "watchers": 259, "score": 0, "subscribers_count": 14 }, @@ -510,7 +510,7 @@ "fork": false, "created_at": "2022-12-10T03:32:34Z", "updated_at": "2024-03-01T23:09:57Z", - "pushed_at": "2023-09-25T09:53:00Z", + "pushed_at": "2024-03-20T14:21:14Z", "stargazers_count": 3, "watchers_count": 3, "has_discussions": false, diff --git a/2021/CVE-2021-34527.json b/2021/CVE-2021-34527.json index 54b6f65615..36d13bb190 100644 --- a/2021/CVE-2021-34527.json +++ b/2021/CVE-2021-34527.json @@ -236,10 +236,10 @@ "description": "A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE", "fork": false, "created_at": "2021-07-05T20:13:49Z", - "updated_at": "2024-03-15T10:35:26Z", + "updated_at": "2024-03-20T15:12:11Z", "pushed_at": "2023-08-25T16:11:40Z", - "stargazers_count": 743, - "watchers_count": 743, + "stargazers_count": 744, + "watchers_count": 744, "has_discussions": false, "forks_count": 113, "allow_forking": true, @@ -248,7 +248,7 @@ "topics": [], "visibility": "public", "forks": 113, - "watchers": 743, + "watchers": 744, "score": 0, "subscribers_count": 10 }, diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index c9cae9ce27..64f833ab44 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -907,10 +907,10 @@ "description": "A Proof-Of-Concept for the CVE-2021-44228 vulnerability. ", "fork": false, "created_at": "2021-12-10T23:19:28Z", - "updated_at": "2024-03-18T15:37:12Z", + "updated_at": "2024-03-20T17:39:24Z", "pushed_at": "2024-02-12T22:37:25Z", - "stargazers_count": 1728, - "watchers_count": 1728, + "stargazers_count": 1725, + "watchers_count": 1725, "has_discussions": false, "forks_count": 515, "allow_forking": true, @@ -924,7 +924,7 @@ ], "visibility": "public", "forks": 515, - "watchers": 1728, + "watchers": 1725, "score": 0, "subscribers_count": 28 }, diff --git a/2022/CVE-2022-26134.json b/2022/CVE-2022-26134.json index 40a0e3bc54..e4be23d84a 100644 --- a/2022/CVE-2022-26134.json +++ b/2022/CVE-2022-26134.json @@ -1215,10 +1215,10 @@ "description": "Atlassian Confluence (CVE-2022-26134) - Unauthenticated Remote code execution (RCE)", "fork": false, "created_at": "2022-07-05T04:30:42Z", - "updated_at": "2024-02-04T20:58:37Z", + "updated_at": "2024-03-20T15:27:00Z", "pushed_at": "2024-03-03T07:02:48Z", - "stargazers_count": 21, - "watchers_count": 21, + "stargazers_count": 22, + "watchers_count": 22, "has_discussions": false, "forks_count": 11, "allow_forking": true, @@ -1232,7 +1232,7 @@ ], "visibility": "public", "forks": 11, - "watchers": 21, + "watchers": 22, "score": 0, "subscribers_count": 1 }, diff --git a/2022/CVE-2022-38694.json b/2022/CVE-2022-38694.json index f1011b36c7..1c27533eaf 100644 --- a/2022/CVE-2022-38694.json +++ b/2022/CVE-2022-38694.json @@ -13,10 +13,10 @@ "description": "This is a one-time signature verification bypass. For persistent signature verification bypass, check https:\/\/github.com\/TomKing062\/CVE-2022-38691_38692", "fork": false, "created_at": "2023-06-10T08:31:26Z", - "updated_at": "2024-03-19T18:38:16Z", + "updated_at": "2024-03-20T15:37:22Z", "pushed_at": "2024-02-23T14:48:26Z", - "stargazers_count": 180, - "watchers_count": 180, + "stargazers_count": 181, + "watchers_count": 181, "has_discussions": true, "forks_count": 23, "allow_forking": true, @@ -28,7 +28,7 @@ ], "visibility": "public", "forks": 23, - "watchers": 180, + "watchers": 181, "score": 0, "subscribers_count": 7 } diff --git a/2022/CVE-2022-4543.json b/2022/CVE-2022-4543.json index ba1f6d4f39..60b202a863 100644 --- a/2022/CVE-2022-4543.json +++ b/2022/CVE-2022-4543.json @@ -13,10 +13,10 @@ "description": null, "fork": false, "created_at": "2023-07-10T02:34:01Z", - "updated_at": "2023-07-11T01:38:50Z", + "updated_at": "2024-03-20T14:06:28Z", "pushed_at": "2023-11-22T07:48:54Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 2 } diff --git a/2023/CVE-2023-27566.json b/2023/CVE-2023-27566.json index c08df273dc..5cf34b5ecd 100644 --- a/2023/CVE-2023-27566.json +++ b/2023/CVE-2023-27566.json @@ -13,10 +13,10 @@ "description": "MOC3ingbird Exploit for Live2D (CVE-2023-27566)", "fork": false, "created_at": "2023-03-03T01:57:28Z", - "updated_at": "2024-01-13T10:58:21Z", + "updated_at": "2024-03-20T15:34:45Z", "pushed_at": "2023-09-19T01:12:41Z", - "stargazers_count": 72, - "watchers_count": 72, + "stargazers_count": 73, + "watchers_count": 73, "has_discussions": true, "forks_count": 5, "allow_forking": true, @@ -32,7 +32,7 @@ ], "visibility": "public", "forks": 5, - "watchers": 72, + "watchers": 73, "score": 0, "subscribers_count": 2 } diff --git a/2023/CVE-2023-32243.json b/2023/CVE-2023-32243.json index f3b84d8273..3148437cd0 100644 --- a/2023/CVE-2023-32243.json +++ b/2023/CVE-2023-32243.json @@ -78,7 +78,7 @@ "stargazers_count": 83, "watchers_count": 83, "has_discussions": false, - "forks_count": 26, + "forks_count": 24, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -88,7 +88,7 @@ "wordpress-plugin" ], "visibility": "public", - "forks": 26, + "forks": 24, "watchers": 83, "score": 0, "subscribers_count": 4 diff --git a/2023/CVE-2023-3269.json b/2023/CVE-2023-3269.json index f585b484be..212b1e46fc 100644 --- a/2023/CVE-2023-3269.json +++ b/2023/CVE-2023-3269.json @@ -13,10 +13,10 @@ "description": "CVE-2023-3269: Linux kernel privilege escalation vulnerability", "fork": false, "created_at": "2023-06-28T13:22:26Z", - "updated_at": "2024-03-18T17:53:37Z", + "updated_at": "2024-03-20T15:08:54Z", "pushed_at": "2023-07-28T13:20:45Z", - "stargazers_count": 444, - "watchers_count": 444, + "stargazers_count": 445, + "watchers_count": 445, "has_discussions": false, "forks_count": 45, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 45, - "watchers": 444, + "watchers": 445, "score": 0, "subscribers_count": 14 } diff --git a/2023/CVE-2023-35636.json b/2023/CVE-2023-35636.json index 6441ec0b2d..f7c87cf169 100644 --- a/2023/CVE-2023-35636.json +++ b/2023/CVE-2023-35636.json @@ -13,10 +13,10 @@ "description": "Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC", "fork": false, "created_at": "2024-01-29T17:08:05Z", - "updated_at": "2024-03-02T01:56:18Z", + "updated_at": "2024-03-20T18:16:21Z", "pushed_at": "2024-01-30T05:58:08Z", - "stargazers_count": 38, - "watchers_count": 38, + "stargazers_count": 39, + "watchers_count": 39, "has_discussions": false, "forks_count": 6, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 6, - "watchers": 38, + "watchers": 39, "score": 0, "subscribers_count": 2 } diff --git a/2023/CVE-2023-36874.json b/2023/CVE-2023-36874.json index f61e1a7b3e..f1c09517cb 100644 --- a/2023/CVE-2023-36874.json +++ b/2023/CVE-2023-36874.json @@ -103,10 +103,10 @@ "description": "Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE", "fork": false, "created_at": "2023-08-24T22:24:34Z", - "updated_at": "2024-03-16T19:13:57Z", + "updated_at": "2024-03-20T18:06:57Z", "pushed_at": "2023-08-25T00:30:01Z", - "stargazers_count": 179, - "watchers_count": 179, + "stargazers_count": 180, + "watchers_count": 180, "has_discussions": false, "forks_count": 28, "allow_forking": true, @@ -115,7 +115,7 @@ "topics": [], "visibility": "public", "forks": 28, - "watchers": 179, + "watchers": 180, "score": 0, "subscribers_count": 4 } diff --git a/2023/CVE-2023-45866.json b/2023/CVE-2023-45866.json index 1bff962764..7eb8b410c2 100644 --- a/2023/CVE-2023-45866.json +++ b/2023/CVE-2023-45866.json @@ -13,10 +13,10 @@ "description": "🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)", "fork": false, "created_at": "2024-01-16T06:52:02Z", - "updated_at": "2024-03-17T18:47:30Z", + "updated_at": "2024-03-20T18:19:11Z", "pushed_at": "2024-02-06T21:45:34Z", - "stargazers_count": 37, - "watchers_count": 37, + "stargazers_count": 38, + "watchers_count": 38, "has_discussions": false, "forks_count": 11, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 11, - "watchers": 37, + "watchers": 38, "score": 0, "subscribers_count": 3 }, diff --git a/2023/CVE-2023-51764.json b/2023/CVE-2023-51764.json index f6d175ce21..cc3bc08fae 100644 --- a/2023/CVE-2023-51764.json +++ b/2023/CVE-2023-51764.json @@ -13,10 +13,10 @@ "description": "Postfix SMTP Smuggling - Expect Script POC", "fork": false, "created_at": "2023-12-26T17:02:20Z", - "updated_at": "2024-03-02T01:56:36Z", + "updated_at": "2024-03-20T18:17:06Z", "pushed_at": "2023-12-26T20:16:45Z", - "stargazers_count": 25, - "watchers_count": 25, + "stargazers_count": 26, + "watchers_count": 26, "has_discussions": false, "forks_count": 12, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 12, - "watchers": 25, + "watchers": 26, "score": 0, "subscribers_count": 2 }, diff --git a/2024/CVE-2024-21413.json b/2024/CVE-2024-21413.json index 30318b9c96..cb42cd6677 100644 --- a/2024/CVE-2024-21413.json +++ b/2024/CVE-2024-21413.json @@ -73,10 +73,10 @@ "description": "Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - CVE-2024-21413 POC", "fork": false, "created_at": "2024-02-16T21:10:31Z", - "updated_at": "2024-03-12T23:38:45Z", + "updated_at": "2024-03-20T18:18:50Z", "pushed_at": "2024-02-16T22:23:37Z", - "stargazers_count": 8, - "watchers_count": 8, + "stargazers_count": 9, + "watchers_count": 9, "has_discussions": false, "forks_count": 2, "allow_forking": true, @@ -85,7 +85,7 @@ "topics": [], "visibility": "public", "forks": 2, - "watchers": 8, + "watchers": 9, "score": 0, "subscribers_count": 1 }, diff --git a/2024/CVE-2024-21762.json b/2024/CVE-2024-21762.json index e54af3bfce..c08f4fc877 100644 --- a/2024/CVE-2024-21762.json +++ b/2024/CVE-2024-21762.json @@ -103,10 +103,10 @@ "description": "out-of-bounds write in Fortinet FortiOS CVE-2024-21762 vulnerability ", "fork": false, "created_at": "2024-03-13T09:17:28Z", - "updated_at": "2024-03-20T10:10:13Z", + "updated_at": "2024-03-20T18:22:47Z", "pushed_at": "2024-03-16T00:35:12Z", - "stargazers_count": 51, - "watchers_count": 51, + "stargazers_count": 55, + "watchers_count": 55, "has_discussions": false, "forks_count": 8, "allow_forking": true, @@ -115,7 +115,7 @@ "topics": [], "visibility": "public", "forks": 8, - "watchers": 51, + "watchers": 55, "score": 0, "subscribers_count": 3 }, diff --git a/2024/CVE-2024-23334.json b/2024/CVE-2024-23334.json index 222b50fc30..5e74fc62a7 100644 --- a/2024/CVE-2024-23334.json +++ b/2024/CVE-2024-23334.json @@ -103,19 +103,19 @@ "description": "aiohttp LFI (CVE-2024-23334)", "fork": false, "created_at": "2024-03-19T16:28:56Z", - "updated_at": "2024-03-20T09:10:10Z", + "updated_at": "2024-03-20T15:22:02Z", "pushed_at": "2024-03-19T17:06:26Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 6, + "watchers_count": 6, "has_discussions": false, - "forks_count": 1, + "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 1, - "watchers": 3, + "forks": 2, + "watchers": 6, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-23897.json b/2024/CVE-2024-23897.json index ca41227746..29e738ad8b 100644 --- a/2024/CVE-2024-23897.json +++ b/2024/CVE-2024-23897.json @@ -73,10 +73,10 @@ "description": "CVE-2024-23897", "fork": false, "created_at": "2024-01-26T09:44:32Z", - "updated_at": "2024-03-20T11:23:44Z", + "updated_at": "2024-03-20T12:48:03Z", "pushed_at": "2024-01-28T06:47:28Z", - "stargazers_count": 157, - "watchers_count": 157, + "stargazers_count": 158, + "watchers_count": 158, "has_discussions": false, "forks_count": 29, "allow_forking": true, @@ -85,7 +85,7 @@ "topics": [], "visibility": "public", "forks": 29, - "watchers": 157, + "watchers": 158, "score": 0, "subscribers_count": 2 }, diff --git a/2024/CVE-2024-25153.json b/2024/CVE-2024-25153.json index 150c24b498..63c171ce75 100644 --- a/2024/CVE-2024-25153.json +++ b/2024/CVE-2024-25153.json @@ -13,10 +13,10 @@ "description": "Proof-of-concept exploit for CVE-2024-25153.", "fork": false, "created_at": "2024-03-12T17:26:10Z", - "updated_at": "2024-03-20T06:36:40Z", + "updated_at": "2024-03-20T17:19:55Z", "pushed_at": "2024-03-13T09:46:07Z", - "stargazers_count": 31, - "watchers_count": 31, + "stargazers_count": 32, + "watchers_count": 32, "has_discussions": false, "forks_count": 10, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 10, - "watchers": 31, + "watchers": 32, "score": 0, "subscribers_count": 5 }, diff --git a/2024/CVE-2024-25832.json b/2024/CVE-2024-25832.json index dbcedb2f11..4515bd33ba 100644 --- a/2024/CVE-2024-25832.json +++ b/2024/CVE-2024-25832.json @@ -13,10 +13,10 @@ "description": "PoC Script for CVE-2024-25832: Exploit chain reverse shell, information disclosure (root password leak) + unrestricted file upload in DataCube3", "fork": false, "created_at": "2024-03-06T04:11:59Z", - "updated_at": "2024-03-07T07:17:11Z", + "updated_at": "2024-03-20T18:09:07Z", "pushed_at": "2024-03-06T04:32:54Z", - "stargazers_count": 2, - "watchers_count": 2, + "stargazers_count": 3, + "watchers_count": 3, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -34,7 +34,7 @@ ], "visibility": "public", "forks": 1, - "watchers": 2, + "watchers": 3, "score": 0, "subscribers_count": 0 } diff --git a/2024/CVE-2024-28085.json b/2024/CVE-2024-28085.json new file mode 100644 index 0000000000..3f0ad1c59b --- /dev/null +++ b/2024/CVE-2024-28085.json @@ -0,0 +1,38 @@ +[ + { + "id": 770117095, + "name": "CVE-2024-28085", + "full_name": "skyler-ferrante\/CVE-2024-28085", + "owner": { + "login": "skyler-ferrante", + "id": 24577503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24577503?v=4", + "html_url": "https:\/\/github.com\/skyler-ferrante" + }, + "html_url": "https:\/\/github.com\/skyler-ferrante\/CVE-2024-28085", + "description": "WallEscape vulnerability in util-linux", + "fork": false, + "created_at": "2024-03-11T00:15:03Z", + "updated_at": "2024-03-20T15:07:02Z", + "pushed_at": "2024-03-12T00:28:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-28085", + "exploit", + "privilege-escalation", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/README.md b/README.md index a568aa4ced..afd12cf0b8 100644 --- a/README.md +++ b/README.md @@ -931,6 +931,9 @@ ### CVE-2024-27697 - [SanjinDedic/FuguHub-8.4-Authenticated-RCE-CVE-2024-27697](https://github.com/SanjinDedic/FuguHub-8.4-Authenticated-RCE-CVE-2024-27697) +### CVE-2024-28085 +- [skyler-ferrante/CVE-2024-28085](https://github.com/skyler-ferrante/CVE-2024-28085) + ### CVE-2024-28088 (-) LangChain through 0.1.10 allows ../ directory traversal by an actor who is able to control the final part of the path parameter in a load_chain call. This bypasses the intended behavior of loading configurations only from the hwchase17/langchain-hub GitHub repository. The outcome can be disclosure of an API key for a large language model online service, or remote code execution. @@ -38662,13 +38665,6 @@ - [azet/CVE-2014-3466_PoC](https://github.com/azet/CVE-2014-3466_PoC) -### CVE-2014-3470 (2014-06-05) - -The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value. - - -- [hshivhare67/OpenSSL_1.0.1g_CVE-2014-3470](https://github.com/hshivhare67/OpenSSL_1.0.1g_CVE-2014-3470) - ### CVE-2014-3507 (2014-08-13) Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via zero-length DTLS fragments that trigger improper handling of the return value of a certain insert function. @@ -38676,6 +38672,13 @@ - [Satheesh575555/openSSL_1.0.1g_CVE-2014-3507](https://github.com/Satheesh575555/openSSL_1.0.1g_CVE-2014-3507) +### CVE-2014-3508 (2014-08-13) + +The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to obtain sensitive information from process stack memory by reading output from X509_name_oneline, X509_name_print_ex, and unspecified other functions. + + +- [hshivhare67/OpenSSL_1.0.1g_CVE-2014-3508](https://github.com/hshivhare67/OpenSSL_1.0.1g_CVE-2014-3508) + ### CVE-2014-3544 (2014-07-29) Cross-site scripting (XSS) vulnerability in user/profile.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via the Skype ID profile field.