From ffbe936e129dc5f650aaf8700c54f1b0ceec575a Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Sat, 19 Oct 2024 21:30:31 +0900 Subject: [PATCH] Auto Update 2024/10/19 12:30:31 --- 2001/CVE-2001-1473.json | 8 ++++---- 2014/CVE-2014-3566.json | 8 ++++---- 2017/CVE-2017-0781.json | 8 ++++---- 2018/CVE-2018-18955.json | 8 ++++---- 2018/CVE-2018-6242.json | 8 ++++---- 2019/CVE-2019-15107.json | 8 ++++---- 2019/CVE-2019-19919.json | 33 +++++++++++++++++++++++++++++++++ 2020/CVE-2020-28458.json | 33 +++++++++++++++++++++++++++++++++ 2021/CVE-2021-1732.json | 8 ++++---- 2021/CVE-2021-23369.json | 33 +++++++++++++++++++++++++++++++++ 2021/CVE-2021-23383.json | 31 +++++++++++++++++++++++++++++++ 2021/CVE-2021-3129.json | 4 ++-- 2021/CVE-2021-42013.json | 31 ------------------------------- 2021/CVE-2021-43798.json | 31 ------------------------------- 2022/CVE-2022-38694.json | 8 ++++---- 2023/CVE-2023-30253.json | 8 ++++---- 2024/CVE-2024-21338.json | 12 ++++++------ 2024/CVE-2024-26229.json | 8 ++++---- 2024/CVE-2024-30088.json | 39 +++++++++++++++++++++++++++++++++++---- 2024/CVE-2024-30090.json | 8 ++++---- 2024/CVE-2024-33231.json | 8 ++++---- 2024/CVE-2024-34716.json | 8 ++++---- 2024/CVE-2024-35250.json | 12 ++++++------ 2024/CVE-2024-38041.json | 12 ++++++------ 2024/CVE-2024-43425.json | 8 ++++---- 2024/CVE-2024-47176.json | 39 +++++++++++++++++++++++++++++++++++---- 2024/CVE-2024-48415.json | 33 +++++++++++++++++++++++++++++++++ 2024/CVE-2024-48652.json | 33 +++++++++++++++++++++++++++++++++ 2024/CVE-2024-6387.json | 4 ++-- 2024/CVE-2024-6778.json | 8 ++++---- 2024/CVE-2024-9466.json | 33 +++++++++++++++++++++++++++++++++ README.md | 35 +++++++++++++++++++++++++++++++++-- 32 files changed, 414 insertions(+), 154 deletions(-) create mode 100644 2019/CVE-2019-19919.json create mode 100644 2020/CVE-2020-28458.json create mode 100644 2021/CVE-2021-23369.json create mode 100644 2024/CVE-2024-48415.json create mode 100644 2024/CVE-2024-48652.json create mode 100644 2024/CVE-2024-9466.json diff --git a/2001/CVE-2001-1473.json b/2001/CVE-2001-1473.json index d02af1c9f0..7447dca352 100644 --- a/2001/CVE-2001-1473.json +++ b/2001/CVE-2001-1473.json @@ -14,10 +14,10 @@ "description": "A novel approach to the old problem", "fork": false, "created_at": "2024-10-16T01:54:04Z", - "updated_at": "2024-10-16T01:56:08Z", + "updated_at": "2024-10-19T09:00:00Z", "pushed_at": "2024-10-16T01:55:18Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -32,7 +32,7 @@ ], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2014/CVE-2014-3566.json b/2014/CVE-2014-3566.json index 556fc3468e..4c23ff9c45 100644 --- a/2014/CVE-2014-3566.json +++ b/2014/CVE-2014-3566.json @@ -111,10 +111,10 @@ "description": ":poodle: Poodle (Padding Oracle On Downgraded Legacy Encryption) attack CVE-2014-3566 :poodle:", "fork": false, "created_at": "2015-02-03T20:28:27Z", - "updated_at": "2024-09-20T09:36:18Z", + "updated_at": "2024-10-19T09:50:24Z", "pushed_at": "2023-10-06T16:11:26Z", - "stargazers_count": 249, - "watchers_count": 249, + "stargazers_count": 250, + "watchers_count": 250, "has_discussions": false, "forks_count": 75, "allow_forking": true, @@ -131,7 +131,7 @@ ], "visibility": "public", "forks": 75, - "watchers": 249, + "watchers": 250, "score": 0, "subscribers_count": 17 }, diff --git a/2017/CVE-2017-0781.json b/2017/CVE-2017-0781.json index cbe1f7a5a4..188fabbc49 100644 --- a/2017/CVE-2017-0781.json +++ b/2017/CVE-2017-0781.json @@ -14,10 +14,10 @@ "description": "Blueborne CVE-2017-0781 Android heap overflow vulnerability", "fork": false, "created_at": "2017-10-09T15:13:25Z", - "updated_at": "2024-10-18T17:14:00Z", + "updated_at": "2024-10-19T11:35:53Z", "pushed_at": "2021-07-29T12:00:48Z", - "stargazers_count": 136, - "watchers_count": 136, + "stargazers_count": 137, + "watchers_count": 137, "has_discussions": false, "forks_count": 50, "allow_forking": true, @@ -32,7 +32,7 @@ ], "visibility": "public", "forks": 50, - "watchers": 136, + "watchers": 137, "score": 0, "subscribers_count": 11 }, diff --git a/2018/CVE-2018-18955.json b/2018/CVE-2018-18955.json index ce512cbae0..2e0865ef28 100644 --- a/2018/CVE-2018-18955.json +++ b/2018/CVE-2018-18955.json @@ -14,10 +14,10 @@ "description": "💀 Linux local root exploit for CVE-2018-18955", "fork": false, "created_at": "2022-01-19T14:47:47Z", - "updated_at": "2024-10-18T10:01:11Z", + "updated_at": "2024-10-19T10:10:39Z", "pushed_at": "2022-01-20T21:05:38Z", - "stargazers_count": 15, - "watchers_count": 15, + "stargazers_count": 16, + "watchers_count": 16, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -32,7 +32,7 @@ ], "visibility": "public", "forks": 3, - "watchers": 15, + "watchers": 16, "score": 0, "subscribers_count": 1 } diff --git a/2018/CVE-2018-6242.json b/2018/CVE-2018-6242.json index 3a0928e8a9..14b2b40ee8 100644 --- a/2018/CVE-2018-6242.json +++ b/2018/CVE-2018-6242.json @@ -14,10 +14,10 @@ "description": "My first Android app: Launch Fusée Gelée payloads from stock Android (CVE-2018-6242)", "fork": false, "created_at": "2018-04-28T11:50:00Z", - "updated_at": "2024-10-18T10:06:07Z", + "updated_at": "2024-10-19T11:54:50Z", "pushed_at": "2022-12-11T10:44:39Z", - "stargazers_count": 521, - "watchers_count": 521, + "stargazers_count": 522, + "watchers_count": 522, "has_discussions": false, "forks_count": 55, "allow_forking": true, @@ -33,7 +33,7 @@ ], "visibility": "public", "forks": 55, - "watchers": 521, + "watchers": 522, "score": 0, "subscribers_count": 55 }, diff --git a/2019/CVE-2019-15107.json b/2019/CVE-2019-15107.json index 183bac90be..a5aa6e7707 100644 --- a/2019/CVE-2019-15107.json +++ b/2019/CVE-2019-15107.json @@ -835,10 +835,10 @@ "description": "A PoC exploit for CVE-2019-15107 - Webmin Remote Code Execution", "fork": false, "created_at": "2023-05-08T00:25:37Z", - "updated_at": "2024-08-16T06:34:40Z", + "updated_at": "2024-10-19T09:42:20Z", "pushed_at": "2024-01-09T19:08:24Z", - "stargazers_count": 4, - "watchers_count": 4, + "stargazers_count": 5, + "watchers_count": 5, "has_discussions": false, "forks_count": 2, "allow_forking": true, @@ -852,7 +852,7 @@ ], "visibility": "public", "forks": 2, - "watchers": 4, + "watchers": 5, "score": 0, "subscribers_count": 1 }, diff --git a/2019/CVE-2019-19919.json b/2019/CVE-2019-19919.json new file mode 100644 index 0000000000..56e13deddd --- /dev/null +++ b/2019/CVE-2019-19919.json @@ -0,0 +1,33 @@ +[ + { + "id": 875201006, + "name": "CVE-2019-19919", + "full_name": "fazilbaig1\/CVE-2019-19919", + "owner": { + "login": "fazilbaig1", + "id": 25384256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25384256?v=4", + "html_url": "https:\/\/github.com\/fazilbaig1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fazilbaig1\/CVE-2019-19919", + "description": "Handlebars Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability", + "fork": false, + "created_at": "2024-10-19T11:05:45Z", + "updated_at": "2024-10-19T11:19:47Z", + "pushed_at": "2024-10-19T11:19:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28458.json b/2020/CVE-2020-28458.json new file mode 100644 index 0000000000..4770529aed --- /dev/null +++ b/2020/CVE-2020-28458.json @@ -0,0 +1,33 @@ +[ + { + "id": 875215448, + "name": "CVE-2020-28458", + "full_name": "fazilbaig1\/CVE-2020-28458", + "owner": { + "login": "fazilbaig1", + "id": 25384256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25384256?v=4", + "html_url": "https:\/\/github.com\/fazilbaig1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fazilbaig1\/CVE-2020-28458", + "description": "Affected versions of this package are vulnerable to Prototype Pollution.", + "fork": false, + "created_at": "2024-10-19T11:53:20Z", + "updated_at": "2024-10-19T11:56:50Z", + "pushed_at": "2024-10-19T11:56:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1732.json b/2021/CVE-2021-1732.json index d53215ec9c..ed0605c7ed 100644 --- a/2021/CVE-2021-1732.json +++ b/2021/CVE-2021-1732.json @@ -200,10 +200,10 @@ "description": null, "fork": false, "created_at": "2021-09-24T01:28:58Z", - "updated_at": "2024-08-12T20:16:40Z", + "updated_at": "2024-10-19T07:59:10Z", "pushed_at": "2021-11-08T01:36:39Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -212,7 +212,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 2 }, diff --git a/2021/CVE-2021-23369.json b/2021/CVE-2021-23369.json new file mode 100644 index 0000000000..ca4b4e1a55 --- /dev/null +++ b/2021/CVE-2021-23369.json @@ -0,0 +1,33 @@ +[ + { + "id": 875207519, + "name": "CVE-2021-23369", + "full_name": "fazilbaig1\/CVE-2021-23369", + "owner": { + "login": "fazilbaig1", + "id": 25384256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25384256?v=4", + "html_url": "https:\/\/github.com\/fazilbaig1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fazilbaig1\/CVE-2021-23369", + "description": "Handlebars CVE-2021-23369 Vulnerability", + "fork": false, + "created_at": "2024-10-19T11:27:31Z", + "updated_at": "2024-10-19T11:31:23Z", + "pushed_at": "2024-10-19T11:31:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-23383.json b/2021/CVE-2021-23383.json index 5d714b27f4..e3fcdc2ccb 100644 --- a/2021/CVE-2021-23383.json +++ b/2021/CVE-2021-23383.json @@ -29,5 +29,36 @@ "watchers": 1, "score": 0, "subscribers_count": 1 + }, + { + "id": 875210476, + "name": "CVE-2021-23383", + "full_name": "fazilbaig1\/CVE-2021-23383", + "owner": { + "login": "fazilbaig1", + "id": 25384256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25384256?v=4", + "html_url": "https:\/\/github.com\/fazilbaig1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fazilbaig1\/CVE-2021-23383", + "description": "The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source.", + "fork": false, + "created_at": "2024-10-19T11:37:19Z", + "updated_at": "2024-10-19T11:41:20Z", + "pushed_at": "2024-10-19T11:39:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-3129.json b/2021/CVE-2021-3129.json index db408c9926..c6793ed6a4 100644 --- a/2021/CVE-2021-3129.json +++ b/2021/CVE-2021-3129.json @@ -333,13 +333,13 @@ "stargazers_count": 8, "watchers_count": 8, "has_discussions": false, - "forks_count": 1, + "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 1, + "forks": 2, "watchers": 8, "score": 0, "subscribers_count": 1 diff --git a/2021/CVE-2021-42013.json b/2021/CVE-2021-42013.json index 3c289e960f..13a61474d5 100644 --- a/2021/CVE-2021-42013.json +++ b/2021/CVE-2021-42013.json @@ -319,37 +319,6 @@ "score": 0, "subscribers_count": 1 }, - { - "id": 445382835, - "name": "CVE-2021-42013", - "full_name": "rnsss\/CVE-2021-42013", - "owner": { - "login": "rnsss", - "id": 48343279, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48343279?v=4", - "html_url": "https:\/\/github.com\/rnsss", - "user_view_type": "public" - }, - "html_url": "https:\/\/github.com\/rnsss\/CVE-2021-42013", - "description": "CVE-2021-42013-exp", - "fork": false, - "created_at": "2022-01-07T03:12:45Z", - "updated_at": "2022-01-07T03:12:50Z", - "pushed_at": "2022-01-07T03:12:48Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 0, - "score": 0, - "subscribers_count": 1 - }, { "id": 455174932, "name": "CVE-2021-42013-LAB", diff --git a/2021/CVE-2021-43798.json b/2021/CVE-2021-43798.json index be9fd86428..b7caebde38 100644 --- a/2021/CVE-2021-43798.json +++ b/2021/CVE-2021-43798.json @@ -730,37 +730,6 @@ "score": 0, "subscribers_count": 1 }, - { - "id": 445112055, - "name": "CVE-2021-43798-poc", - "full_name": "rnsss\/CVE-2021-43798-poc", - "owner": { - "login": "rnsss", - "id": 48343279, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48343279?v=4", - "html_url": "https:\/\/github.com\/rnsss", - "user_view_type": "public" - }, - "html_url": "https:\/\/github.com\/rnsss\/CVE-2021-43798-poc", - "description": "Grafana8.x 任意文件读取", - "fork": false, - "created_at": "2022-01-06T09:25:35Z", - "updated_at": "2022-01-07T03:09:48Z", - "pushed_at": "2022-01-07T03:09:46Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 3, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 3, - "watchers": 0, - "score": 0, - "subscribers_count": 1 - }, { "id": 445709435, "name": "CVE-2021-43798-mass_scanner", diff --git a/2022/CVE-2022-38694.json b/2022/CVE-2022-38694.json index a96d3bf7f5..e6ddd68b81 100644 --- a/2022/CVE-2022-38694.json +++ b/2022/CVE-2022-38694.json @@ -14,10 +14,10 @@ "description": "This is a one-time signature verification bypass. For persistent signature verification bypass, check https:\/\/github.com\/TomKing062\/CVE-2022-38691_38692", "fork": false, "created_at": "2023-06-10T08:31:26Z", - "updated_at": "2024-10-15T11:55:50Z", + "updated_at": "2024-10-19T06:48:29Z", "pushed_at": "2024-08-01T15:09:15Z", - "stargazers_count": 267, - "watchers_count": 267, + "stargazers_count": 268, + "watchers_count": 268, "has_discussions": true, "forks_count": 39, "allow_forking": true, @@ -29,7 +29,7 @@ ], "visibility": "public", "forks": 39, - "watchers": 267, + "watchers": 268, "score": 0, "subscribers_count": 5 }, diff --git a/2023/CVE-2023-30253.json b/2023/CVE-2023-30253.json index 4880ec7036..847ac6d6d6 100644 --- a/2023/CVE-2023-30253.json +++ b/2023/CVE-2023-30253.json @@ -138,10 +138,10 @@ "description": "In Dolibarr 17.0.0 with the CMS Website plugin (core) enabled, an authenticated attacker can obtain remote command execution via php code injection bypassing the application restrictions.", "fork": false, "created_at": "2024-06-24T16:22:31Z", - "updated_at": "2024-09-14T00:00:06Z", + "updated_at": "2024-10-19T08:13:33Z", "pushed_at": "2024-06-24T16:39:15Z", - "stargazers_count": 6, - "watchers_count": 6, + "stargazers_count": 7, + "watchers_count": 7, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -154,7 +154,7 @@ ], "visibility": "public", "forks": 0, - "watchers": 6, + "watchers": 7, "score": 0, "subscribers_count": 1 }, diff --git a/2024/CVE-2024-21338.json b/2024/CVE-2024-21338.json index c0eae9a8ae..03c8694735 100644 --- a/2024/CVE-2024-21338.json +++ b/2024/CVE-2024-21338.json @@ -76,19 +76,19 @@ "description": "PoC for the Untrusted Pointer Dereference in the appid.sys driver", "fork": false, "created_at": "2024-04-23T19:09:22Z", - "updated_at": "2024-10-18T18:57:57Z", + "updated_at": "2024-10-19T12:08:11Z", "pushed_at": "2024-04-23T19:13:53Z", - "stargazers_count": 9, - "watchers_count": 9, + "stargazers_count": 10, + "watchers_count": 10, "has_discussions": false, - "forks_count": 3, + "forks_count": 4, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 3, - "watchers": 9, + "forks": 4, + "watchers": 10, "score": 0, "subscribers_count": 1 }, diff --git a/2024/CVE-2024-26229.json b/2024/CVE-2024-26229.json index 5ad3808277..5b73ee5e29 100644 --- a/2024/CVE-2024-26229.json +++ b/2024/CVE-2024-26229.json @@ -76,10 +76,10 @@ "description": "BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel", "fork": false, "created_at": "2024-06-13T11:57:50Z", - "updated_at": "2024-10-18T18:17:44Z", + "updated_at": "2024-10-19T09:51:41Z", "pushed_at": "2024-06-13T07:30:48Z", - "stargazers_count": 11, - "watchers_count": 11, + "stargazers_count": 12, + "watchers_count": 12, "has_discussions": false, "forks_count": 29, "allow_forking": true, @@ -88,7 +88,7 @@ "topics": [], "visibility": "public", "forks": 29, - "watchers": 11, + "watchers": 12, "score": 0, "subscribers_count": 0 }, diff --git a/2024/CVE-2024-30088.json b/2024/CVE-2024-30088.json index f29fd4e724..30ac42ad34 100644 --- a/2024/CVE-2024-30088.json +++ b/2024/CVE-2024-30088.json @@ -14,10 +14,10 @@ "description": null, "fork": false, "created_at": "2024-06-24T10:37:26Z", - "updated_at": "2024-10-19T06:07:30Z", + "updated_at": "2024-10-19T10:43:10Z", "pushed_at": "2024-07-31T19:11:55Z", - "stargazers_count": 221, - "watchers_count": 221, + "stargazers_count": 222, + "watchers_count": 222, "has_discussions": false, "forks_count": 47, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 47, - "watchers": 221, + "watchers": 222, "score": 0, "subscribers_count": 3 }, @@ -184,5 +184,36 @@ "watchers": 1, "score": 0, "subscribers_count": 1 + }, + { + "id": 875191702, + "name": "CVE-2024-30088", + "full_name": "l0n3m4n\/CVE-2024-30088", + "owner": { + "login": "l0n3m4n", + "id": 143868630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143868630?v=4", + "html_url": "https:\/\/github.com\/l0n3m4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l0n3m4n\/CVE-2024-30088", + "description": "Windows privilege escalation: Time-of-check Time-of-use (TOCTOU) Race Condition", + "fork": false, + "created_at": "2024-10-19T10:35:04Z", + "updated_at": "2024-10-19T10:36:40Z", + "pushed_at": "2024-10-19T10:36:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2024/CVE-2024-30090.json b/2024/CVE-2024-30090.json index 92bf254cfd..164c4a4ee1 100644 --- a/2024/CVE-2024-30090.json +++ b/2024/CVE-2024-30090.json @@ -14,10 +14,10 @@ "description": "CVE-2024-30090 - LPE PoC", "fork": false, "created_at": "2024-10-17T08:38:47Z", - "updated_at": "2024-10-19T04:53:29Z", + "updated_at": "2024-10-19T11:43:46Z", "pushed_at": "2024-10-17T09:53:33Z", - "stargazers_count": 47, - "watchers_count": 47, + "stargazers_count": 49, + "watchers_count": 49, "has_discussions": false, "forks_count": 15, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 15, - "watchers": 47, + "watchers": 49, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-33231.json b/2024/CVE-2024-33231.json index 161f9e4607..550e002647 100644 --- a/2024/CVE-2024-33231.json +++ b/2024/CVE-2024-33231.json @@ -14,10 +14,10 @@ "description": "XSS Vulnerability via File Upload in Ferozo Webmail Application", "fork": false, "created_at": "2024-10-18T22:09:27Z", - "updated_at": "2024-10-18T22:13:36Z", + "updated_at": "2024-10-19T08:00:13Z", "pushed_at": "2024-10-18T22:13:32Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-34716.json b/2024/CVE-2024-34716.json index 165f1f3db4..507a14baeb 100644 --- a/2024/CVE-2024-34716.json +++ b/2024/CVE-2024-34716.json @@ -14,10 +14,10 @@ "description": null, "fork": false, "created_at": "2024-05-14T18:48:41Z", - "updated_at": "2024-10-13T09:33:27Z", + "updated_at": "2024-10-19T08:32:52Z", "pushed_at": "2024-09-27T10:46:14Z", - "stargazers_count": 8, - "watchers_count": 8, + "stargazers_count": 9, + "watchers_count": 9, "has_discussions": false, "forks_count": 2, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 2, - "watchers": 8, + "watchers": 9, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-35250.json b/2024/CVE-2024-35250.json index 99d8769bd2..2f67341f83 100644 --- a/2024/CVE-2024-35250.json +++ b/2024/CVE-2024-35250.json @@ -14,19 +14,19 @@ "description": "PoC for the Untrusted Pointer Dereference in the ks.sys driver", "fork": false, "created_at": "2024-10-13T19:30:20Z", - "updated_at": "2024-10-18T22:03:19Z", + "updated_at": "2024-10-19T10:20:45Z", "pushed_at": "2024-10-17T18:36:54Z", - "stargazers_count": 160, - "watchers_count": 160, + "stargazers_count": 161, + "watchers_count": 161, "has_discussions": false, - "forks_count": 39, + "forks_count": 40, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 39, - "watchers": 160, + "forks": 40, + "watchers": 161, "score": 0, "subscribers_count": 2 } diff --git a/2024/CVE-2024-38041.json b/2024/CVE-2024-38041.json index ed44e89655..4351861bb2 100644 --- a/2024/CVE-2024-38041.json +++ b/2024/CVE-2024-38041.json @@ -14,19 +14,19 @@ "description": "Kernel pointers copied to output user mode buffer with ioctl 0x22A014 in the appid.sys driver.", "fork": false, "created_at": "2024-07-21T02:29:18Z", - "updated_at": "2024-10-18T18:36:21Z", + "updated_at": "2024-10-19T12:08:12Z", "pushed_at": "2024-07-21T02:35:59Z", - "stargazers_count": 4, - "watchers_count": 4, + "stargazers_count": 5, + "watchers_count": 5, "has_discussions": false, - "forks_count": 1, + "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 1, - "watchers": 4, + "forks": 2, + "watchers": 5, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-43425.json b/2024/CVE-2024-43425.json index 8fee1cd6e2..03d5110ecd 100644 --- a/2024/CVE-2024-43425.json +++ b/2024/CVE-2024-43425.json @@ -14,10 +14,10 @@ "description": "Scripts for Analysis of a RCE in Moodle Calculated Questions (CVE-2024-43425)", "fork": false, "created_at": "2024-08-23T09:13:03Z", - "updated_at": "2024-09-27T12:54:41Z", + "updated_at": "2024-10-19T09:00:17Z", "pushed_at": "2024-08-23T09:36:55Z", - "stargazers_count": 12, - "watchers_count": 12, + "stargazers_count": 13, + "watchers_count": 13, "has_discussions": false, "forks_count": 4, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 4, - "watchers": 12, + "watchers": 13, "score": 0, "subscribers_count": 0 } diff --git a/2024/CVE-2024-47176.json b/2024/CVE-2024-47176.json index 3c8057526f..2ec1e32e82 100644 --- a/2024/CVE-2024-47176.json +++ b/2024/CVE-2024-47176.json @@ -307,10 +307,10 @@ "description": "A simple scanner for identifying vulnerable cups-browsed instances on your network", "fork": false, "created_at": "2024-10-07T07:25:18Z", - "updated_at": "2024-10-18T07:29:50Z", + "updated_at": "2024-10-19T07:59:37Z", "pushed_at": "2024-10-07T16:59:47Z", - "stargazers_count": 50, - "watchers_count": 50, + "stargazers_count": 51, + "watchers_count": 51, "has_discussions": false, "forks_count": 9, "allow_forking": true, @@ -319,7 +319,7 @@ "topics": [], "visibility": "public", "forks": 9, - "watchers": 50, + "watchers": 51, "score": 0, "subscribers_count": 1 }, @@ -384,5 +384,36 @@ "watchers": 1, "score": 0, "subscribers_count": 1 + }, + { + "id": 875147460, + "name": "CVE-2024-47176", + "full_name": "0x7556\/CVE-2024-47176", + "owner": { + "login": "0x7556", + "id": 50582207, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50582207?v=4", + "html_url": "https:\/\/github.com\/0x7556", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x7556\/CVE-2024-47176", + "description": "Unix CUPS打印系统 远程代码执行漏洞", + "fork": false, + "created_at": "2024-10-19T08:08:02Z", + "updated_at": "2024-10-19T08:20:57Z", + "pushed_at": "2024-10-19T08:23:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2024/CVE-2024-48415.json b/2024/CVE-2024-48415.json new file mode 100644 index 0000000000..4271460a46 --- /dev/null +++ b/2024/CVE-2024-48415.json @@ -0,0 +1,33 @@ +[ + { + "id": 875127580, + "name": "CVE-2024-48415", + "full_name": "khaliquesX\/CVE-2024-48415", + "owner": { + "login": "khaliquesX", + "id": 185584210, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185584210?v=4", + "html_url": "https:\/\/github.com\/khaliquesX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/khaliquesX\/CVE-2024-48415", + "description": null, + "fork": false, + "created_at": "2024-10-19T06:58:56Z", + "updated_at": "2024-10-19T07:08:10Z", + "pushed_at": "2024-10-19T07:08:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48652.json b/2024/CVE-2024-48652.json new file mode 100644 index 0000000000..b5a058ca2d --- /dev/null +++ b/2024/CVE-2024-48652.json @@ -0,0 +1,33 @@ +[ + { + "id": 875183000, + "name": "CVE-2024-48652", + "full_name": "paragbagul111\/CVE-2024-48652", + "owner": { + "login": "paragbagul111", + "id": 68190427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68190427?v=4", + "html_url": "https:\/\/github.com\/paragbagul111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paragbagul111\/CVE-2024-48652", + "description": "Cross Site Scripting vulnerability in camaleon-cms v.2.7.5 allows remote attacker to execute arbitrary code via the content group name field", + "fork": false, + "created_at": "2024-10-19T10:06:58Z", + "updated_at": "2024-10-19T10:21:13Z", + "pushed_at": "2024-10-19T10:21:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6387.json b/2024/CVE-2024-6387.json index 2c50c56db5..0cc12cef2f 100644 --- a/2024/CVE-2024-6387.json +++ b/2024/CVE-2024-6387.json @@ -2278,13 +2278,13 @@ "stargazers_count": 35, "watchers_count": 35, "has_discussions": false, - "forks_count": 12, + "forks_count": 13, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 12, + "forks": 13, "watchers": 35, "score": 0, "subscribers_count": 2 diff --git a/2024/CVE-2024-6778.json b/2024/CVE-2024-6778.json index a6e764ad16..6dc5b62d94 100644 --- a/2024/CVE-2024-6778.json +++ b/2024/CVE-2024-6778.json @@ -14,10 +14,10 @@ "description": "A POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension. ", "fork": false, "created_at": "2024-09-10T06:27:59Z", - "updated_at": "2024-10-18T04:17:54Z", + "updated_at": "2024-10-19T07:41:30Z", "pushed_at": "2024-10-17T05:12:29Z", - "stargazers_count": 22, - "watchers_count": 22, + "stargazers_count": 23, + "watchers_count": 23, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 22, + "watchers": 23, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-9466.json b/2024/CVE-2024-9466.json new file mode 100644 index 0000000000..81ea7c6286 --- /dev/null +++ b/2024/CVE-2024-9466.json @@ -0,0 +1,33 @@ +[ + { + "id": 875151386, + "name": "CVE-2024-9466", + "full_name": "holypryx\/CVE-2024-9466", + "owner": { + "login": "holypryx", + "id": 182792867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/182792867?v=4", + "html_url": "https:\/\/github.com\/holypryx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/holypryx\/CVE-2024-9466", + "description": "CVE-2024-9466 poc", + "fork": false, + "created_at": "2024-10-19T08:22:13Z", + "updated_at": "2024-10-19T08:25:48Z", + "pushed_at": "2024-10-19T08:25:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/README.md b/README.md index 268272b0b2..3be47e015e 100644 --- a/README.md +++ b/README.md @@ -1623,6 +1623,9 @@ - [horizon3ai/CVE-2024-9465](https://github.com/horizon3ai/CVE-2024-9465) - [mustafaakalin/CVE-2024-9465](https://github.com/mustafaakalin/CVE-2024-9465) +### CVE-2024-9466 +- [holypryx/CVE-2024-9466](https://github.com/holypryx/CVE-2024-9466) + ### CVE-2024-9570 - [dylvie/CVE-2024-9570_D-Link-DIR-619L-bof](https://github.com/dylvie/CVE-2024-9570_D-Link-DIR-619L-bof) @@ -3609,6 +3612,7 @@ - [exploits-forsale/collateral-damage](https://github.com/exploits-forsale/collateral-damage) - [Admin9961/CVE-2024-30088](https://github.com/Admin9961/CVE-2024-30088) - [Justintroup85/exploits-forsale-collateral-damage](https://github.com/Justintroup85/exploits-forsale-collateral-damage) +- [l0n3m4n/CVE-2024-30088](https://github.com/l0n3m4n/CVE-2024-30088) ### CVE-2024-30090 (2024-06-11) @@ -5496,13 +5500,20 @@ - [MalwareTech/CVE-2024-47176-Scanner](https://github.com/MalwareTech/CVE-2024-47176-Scanner) - [AxthonyV/CVE-2024-47176](https://github.com/AxthonyV/CVE-2024-47176) - [gianlu111/CUPS-CVE-2024-47176](https://github.com/gianlu111/CUPS-CVE-2024-47176) +- [0x7556/CVE-2024-47176](https://github.com/0x7556/CVE-2024-47176) ### CVE-2024-47177 - [referefref/cupspot-2024-47177](https://github.com/referefref/cupspot-2024-47177) +### CVE-2024-48415 +- [khaliquesX/CVE-2024-48415](https://github.com/khaliquesX/CVE-2024-48415) + ### CVE-2024-48644 - [rosembergpro/CVE-2024-48644](https://github.com/rosembergpro/CVE-2024-48644) +### CVE-2024-48652 +- [paragbagul111/CVE-2024-48652](https://github.com/paragbagul111/CVE-2024-48652) + ### CVE-2024-1642470 - [Symbolexe/CVE-2024-1642470](https://github.com/Symbolexe/CVE-2024-1642470) @@ -22487,12 +22498,20 @@ - [EkamSinghWalia/Detection-script-for-cve-2021-23358](https://github.com/EkamSinghWalia/Detection-script-for-cve-2021-23358) - [MehdiBoukhobza/SandBox_CVE-2021-23358](https://github.com/MehdiBoukhobza/SandBox_CVE-2021-23358) +### CVE-2021-23369 (2021-04-12) + +The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source. + + +- [fazilbaig1/CVE-2021-23369](https://github.com/fazilbaig1/CVE-2021-23369) + ### CVE-2021-23383 (2021-05-04) The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source. - [dn9uy3n/Check-CVE-2021-23383](https://github.com/dn9uy3n/Check-CVE-2021-23383) +- [fazilbaig1/CVE-2021-23383](https://github.com/fazilbaig1/CVE-2021-23383) ### CVE-2021-23410 - [azu/msgpack-CVE-2021-23410-test](https://github.com/azu/msgpack-CVE-2021-23410-test) @@ -25569,7 +25588,6 @@ - [robotsense1337/CVE-2021-42013](https://github.com/robotsense1337/CVE-2021-42013) - [xMohamed0/CVE-2021-42013-ApacheRCE](https://github.com/xMohamed0/CVE-2021-42013-ApacheRCE) - [asaotomo/CVE-2021-42013-Apache-RCE-Poc-Exp](https://github.com/asaotomo/CVE-2021-42013-Apache-RCE-Poc-Exp) -- [rnsss/CVE-2021-42013](https://github.com/rnsss/CVE-2021-42013) - [jas9reet/CVE-2021-42013-LAB](https://github.com/jas9reet/CVE-2021-42013-LAB) - [mauricelambert/CVE-2021-42013](https://github.com/mauricelambert/CVE-2021-42013) - [honypot/CVE-2021-42013](https://github.com/honypot/CVE-2021-42013) @@ -26119,7 +26137,6 @@ - [gps1949/CVE-2021-43798](https://github.com/gps1949/CVE-2021-43798) - [halencarjunior/grafana-CVE-2021-43798](https://github.com/halencarjunior/grafana-CVE-2021-43798) - [light-Life/CVE-2021-43798](https://github.com/light-Life/CVE-2021-43798) -- [rnsss/CVE-2021-43798-poc](https://github.com/rnsss/CVE-2021-43798-poc) - [rodpwn/CVE-2021-43798-mass_scanner](https://github.com/rodpwn/CVE-2021-43798-mass_scanner) - [aymenbouferroum/CVE-2021-43798_exploit](https://github.com/aymenbouferroum/CVE-2021-43798_exploit) - [Jroo1053/GrafanaDirInclusion](https://github.com/Jroo1053/GrafanaDirInclusion) @@ -32074,6 +32091,13 @@ - [jet-pentest/CVE-2020-28415](https://github.com/jet-pentest/CVE-2020-28415) +### CVE-2020-28458 (2020-12-16) + +All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806. + + +- [fazilbaig1/CVE-2020-28458](https://github.com/fazilbaig1/CVE-2020-28458) + ### CVE-2020-28478 (2021-01-19) This affects the package gsap before 3.6.0. @@ -36393,6 +36417,13 @@ - [dpmdpm2/CVE-2019-19905](https://github.com/dpmdpm2/CVE-2019-19905) +### CVE-2019-19919 (2019-12-20) + +Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads. + + +- [fazilbaig1/CVE-2019-19919](https://github.com/fazilbaig1/CVE-2019-19919) + ### CVE-2019-19945 (2020-03-16) uhttpd in OpenWrt through 18.06.5 and 19.x through 19.07.0-rc2 has an integer signedness error. This leads to out-of-bounds access to a heap buffer and a subsequent crash. It can be triggered with an HTTP POST request to a CGI script, specifying both "Transfer-Encoding: chunked" and a large negative Content-Length value.