From 90bbd06dfb6594cdc41d01929bfcd054a35c0c5a Mon Sep 17 00:00:00 2001 From: trickest-workflows Date: Sat, 19 Feb 2022 21:59:41 +0000 Subject: [PATCH] Update Sat Feb 19 21:59:41 UTC 2022 --- 2009/CVE-2009-2009.md | 17 + 2010/CVE-2010-1240.md | 2 +- 2010/CVE-2010-1256.md | 2 +- 2010/CVE-2010-1899.md | 1 + 2010/CVE-2010-2330.md | 2 +- 2010/CVE-2010-2331.md | 1 + 2010/CVE-2010-2730.md | 1 + 2010/CVE-2010-3333.md | 3 + 2010/CVE-2010-3972.md | 2 +- 2010/CVE-2010-4662.md | 1 + 2011/CVE-2011-0751.md | 1 + 2011/CVE-2011-2461.md | 1 + 2011/CVE-2011-2894.md | 1 + 2011/CVE-2011-3374.md | 2 + 2011/CVE-2011-3389.md | 3 + 2012/CVE-2012-0217.md | 6 + 2012/CVE-2012-0469.md | 1 + 2012/CVE-2012-1182.md | 1 + 2012/CVE-2012-1876.md | 2 +- 2012/CVE-2012-2531.md | 17 + 2012/CVE-2012-2570.md | 1 + 2012/CVE-2012-2574.md | 1 + 2012/CVE-2012-2576.md | 1 + 2012/CVE-2012-2577.md | 1 + 2012/CVE-2012-2589.md | 1 + 2012/CVE-2012-2593.md | 1 + 2012/CVE-2012-2599.md | 1 + 2012/CVE-2012-2661.md | 17 + 2012/CVE-2012-2953.md | 1 + 2012/CVE-2012-2982.md | 2 +- 2012/CVE-2012-3789.md | 17 + 2012/CVE-2012-4683.md | 17 + 2012/CVE-2012-4684.md | 17 + 2012/CVE-2012-4929.md | 2 + 2013/CVE-2013-0169.md | 2 + 2013/CVE-2013-2028.md | 1 + 2013/CVE-2013-2251.md | 11 + 2013/CVE-2013-2293.md | 17 + 2013/CVE-2013-2392.md | 17 + 2013/CVE-2013-2566.md | 2 + 2013/CVE-2013-3006.md | 17 + 2013/CVE-2013-3007.md | 17 + 2013/CVE-2013-3008.md | 17 + 2013/CVE-2013-3009.md | 1 + 2013/CVE-2013-3010.md | 17 + 2013/CVE-2013-3011.md | 17 + 2013/CVE-2013-3012.md | 17 + 2013/CVE-2013-3587.md | 2 + 2013/CVE-2013-4002.md | 2 +- 2013/CVE-2013-4235.md | 3 + 2013/CVE-2013-6632.md | 2 + 2014/CVE-2014-0160.md | 16 + 2014/CVE-2014-0224.md | 2 + 2014/CVE-2014-1705.md | 2 + 2014/CVE-2014-2217.md | 17 + 2014/CVE-2014-3507.md | 1 + 2014/CVE-2014-3566.md | 3 + 2014/CVE-2014-3704.md | 1 + 2014/CVE-2014-4113.md | 6 + 2014/CVE-2014-4162.md | 1 + 2014/CVE-2014-4210.md | 4 + 2014/CVE-2014-5460.md | 2 +- 2014/CVE-2014-6271.md | 15 + 2014/CVE-2014-6321.md | 2 + 2014/CVE-2014-7216.md | 2 +- 2014/CVE-2014-8098.md | 17 + 2014/CVE-2014-9939.md | 1 + 2015/CVE-2015-0204.md | 3 + 2015/CVE-2015-0207.md | 2 +- 2015/CVE-2015-0400.md | 2 +- 2015/CVE-2015-1427.md | 1 + 2015/CVE-2015-1538.md | 1 + 2015/CVE-2015-1641.md | 1 + 2015/CVE-2015-20001.md | 1 + 2015/CVE-2015-2426.md | 1 + 2015/CVE-2015-2808.md | 2 + 2015/CVE-2015-2951.md | 1 + 2015/CVE-2015-3864.md | 1 + 2015/CVE-2015-4000.md | 2 + 2015/CVE-2015-4027.md | 6 + 2015/CVE-2015-4852.md | 3 + 2015/CVE-2015-5156.md | 1 + 2015/CVE-2015-5165.md | 1 + 2015/CVE-2015-5224.md | 1 + 2015/CVE-2015-5254.md | 1 + 2015/CVE-2015-5622.md | 1 + 2015/CVE-2015-5623.md | 1 + 2015/CVE-2015-5714.md | 1 + 2015/CVE-2015-5715.md | 1 + 2015/CVE-2015-5733.md | 1 + 2015/CVE-2015-6161.md | 17 + 2015/CVE-2015-6240.md | 2 +- 2015/CVE-2015-7297.md | 1 + 2015/CVE-2015-7450.md | 11 + 2015/CVE-2015-7501.md | 12 + 2015/CVE-2015-7504.md | 1 + 2015/CVE-2015-7547.md | 1 + 2015/CVE-2015-7857.md | 1 + 2015/CVE-2015-7858.md | 1 + 2015/CVE-2015-8103.md | 11 + 2016/CVE-2016-0634.md | 1 + 2016/CVE-2016-0638.md | 3 + 2016/CVE-2016-0702.md | 2 +- 2016/CVE-2016-0703.md | 4 +- 2016/CVE-2016-0777.md | 1 + 2016/CVE-2016-0778.md | 1 + 2016/CVE-2016-0792.md | 12 + 2016/CVE-2016-0799.md | 2 +- 2016/CVE-2016-0800.md | 3 + 2016/CVE-2016-10033.md | 1 + 2016/CVE-2016-10134.md | 1 + 2016/CVE-2016-10228.md | 3 + 2016/CVE-2016-10403.md | 1 + 2016/CVE-2016-10523.md | 17 + 2016/CVE-2016-10542.md | 17 + 2016/CVE-2016-10544.md | 17 + 2016/CVE-2016-10555.md | 1 + 2016/CVE-2016-10708.md | 1 + 2016/CVE-2016-10931.md | 1 + 2016/CVE-2016-1247.md | 1 + 2016/CVE-2016-1252.md | 2 + 2016/CVE-2016-1960.md | 1 + 2016/CVE-2016-2107.md | 1 + 2016/CVE-2016-2183.md | 2 + 2016/CVE-2016-2383.md | 1 + 2016/CVE-2016-2779.md | 3 + 2016/CVE-2016-2781.md | 4 + 2016/CVE-2016-3093.md | 17 + 2016/CVE-2016-3189.md | 1 + 2016/CVE-2016-3225.md | 1 + 2016/CVE-2016-3309.md | 6 + 2016/CVE-2016-3371.md | 6 + 2016/CVE-2016-3510.md | 14 + 2016/CVE-2016-3720.md | 1 + 2016/CVE-2016-4437.md | 1 + 2016/CVE-2016-4487.md | 1 + 2016/CVE-2016-4557.md | 1 + 2016/CVE-2016-4622.md | 1 + 2016/CVE-2016-4952.md | 1 + 2016/CVE-2016-5003.md | 1 + 2016/CVE-2016-5017.md | 2 +- 2016/CVE-2016-5195.md | 8 + 2016/CVE-2016-5385.md | 1 + 2016/CVE-2016-5397.md | 17 + 2016/CVE-2016-5699.md | 1 + 2016/CVE-2016-6329.md | 2 + 2016/CVE-2016-6811.md | 1 + 2016/CVE-2016-6814.md | 1 + 2016/CVE-2016-6816.md | 1 + 2016/CVE-2016-6817.md | 1 + 2016/CVE-2016-7255.md | 6 + 2016/CVE-2016-7417.md | 2 +- 2016/CVE-2016-7480.md | 17 + 2016/CVE-2016-7543.md | 1 + 2016/CVE-2016-8655.md | 2 + 2016/CVE-2016-8735.md | 1 + 2016/CVE-2016-8745.md | 2 +- 2016/CVE-2016-8869.md | 1 + 2016/CVE-2016-8870.md | 1 + 2016/CVE-2016-8886.md | 2 + 2016/CVE-2016-9066.md | 2 +- 2016/CVE-2016-9079.md | 1 + 2016/CVE-2016-9244.md | 2 + 2016/CVE-2016-9263.md | 2 +- 2016/CVE-2016-9401.md | 1 + 2016/CVE-2016-9878.md | 17 + 2016/CVE-2016-9879.md | 17 + 2017/CVE-2017-0007.md | 17 + 2017/CVE-2017-0143.md | 3 + 2017/CVE-2017-0144.md | 4 + 2017/CVE-2017-0145.md | 3 + 2017/CVE-2017-0146.md | 2 + 2017/CVE-2017-0147.md | 2 + 2017/CVE-2017-0148.md | 2 + 2017/CVE-2017-0199.md | 8 + 2017/CVE-2017-0213.md | 7 + 2017/CVE-2017-0215.md | 17 + 2017/CVE-2017-0218.md | 1 + 2017/CVE-2017-0261.md | 1 + 2017/CVE-2017-0781.md | 2 + 2017/CVE-2017-0785.md | 1 + 2017/CVE-2017-1000010.md | 2 +- 2017/CVE-2017-1000112.md | 3 + 2017/CVE-2017-1002101.md | 2 + 2017/CVE-2017-10271.md | 21 + 2017/CVE-2017-10686.md | 2 +- 2017/CVE-2017-11164.md | 3 + 2017/CVE-2017-11176.md | 2 + 2017/CVE-2017-11317.md | 1 + 2017/CVE-2017-11826.md | 1 + 2017/CVE-2017-11852.md | 17 + 2017/CVE-2017-11882.md | 11 + 2017/CVE-2017-12149.md | 2 + 2017/CVE-2017-12610.md | 17 + 2017/CVE-2017-12611.md | 1 + 2017/CVE-2017-12615.md | 3 + 2017/CVE-2017-12617.md | 14 + 2017/CVE-2017-12945.md | 3 +- 2017/CVE-2017-12982.md | 3 +- 2017/CVE-2017-13716.md | 1 + 2017/CVE-2017-13861.md | 1 + 2017/CVE-2017-14041.md | 1 + 2017/CVE-2017-14151.md | 1 + 2017/CVE-2017-14164.md | 1 + 2017/CVE-2017-14650.md | 17 + 2017/CVE-2017-14930.md | 1 + 2017/CVE-2017-15095.md | 2 + 2017/CVE-2017-15710.md | 1 + 2017/CVE-2017-15715.md | 1 + 2017/CVE-2017-15906.md | 1 + 2017/CVE-2017-15996.md | 18 + 2017/CVE-2017-16026.md | 2 +- 2017/CVE-2017-16031.md | 1 + 2017/CVE-2017-16085.md | 17 + 2017/CVE-2017-16093.md | 17 + 2017/CVE-2017-16095.md | 17 + 2017/CVE-2017-16097.md | 17 + 2017/CVE-2017-16101.md | 17 + 2017/CVE-2017-16102.md | 17 + 2017/CVE-2017-16104.md | 17 + 2017/CVE-2017-16107.md | 2 +- 2017/CVE-2017-16109.md | 17 + 2017/CVE-2017-16123.md | 17 + 2017/CVE-2017-16131.md | 17 + 2017/CVE-2017-16133.md | 17 + 2017/CVE-2017-16135.md | 17 + 2017/CVE-2017-16140.md | 17 + 2017/CVE-2017-16141.md | 17 + 2017/CVE-2017-16142.md | 17 + 2017/CVE-2017-16143.md | 17 + 2017/CVE-2017-16146.md | 17 + 2017/CVE-2017-16149.md | 17 + 2017/CVE-2017-16150.md | 17 + 2017/CVE-2017-16157.md | 17 + 2017/CVE-2017-16158.md | 17 + 2017/CVE-2017-16159.md | 17 + 2017/CVE-2017-16165.md | 17 + 2017/CVE-2017-16169.md | 17 + 2017/CVE-2017-16172.md | 17 + 2017/CVE-2017-16175.md | 17 + 2017/CVE-2017-16176.md | 17 + 2017/CVE-2017-16180.md | 17 + 2017/CVE-2017-16183.md | 17 + 2017/CVE-2017-16185.md | 17 + 2017/CVE-2017-16187.md | 17 + 2017/CVE-2017-16188.md | 17 + 2017/CVE-2017-16189.md | 17 + 2017/CVE-2017-16191.md | 17 + 2017/CVE-2017-16194.md | 17 + 2017/CVE-2017-16195.md | 17 + 2017/CVE-2017-16196.md | 17 + 2017/CVE-2017-16208.md | 17 + 2017/CVE-2017-16211.md | 17 + 2017/CVE-2017-16216.md | 17 + 2017/CVE-2017-16217.md | 17 + 2017/CVE-2017-16219.md | 17 + 2017/CVE-2017-16222.md | 17 + 2017/CVE-2017-16229.md | 17 + 2017/CVE-2017-16763.md | 1 + 2017/CVE-2017-16905.md | 6 + 2017/CVE-2017-16995.md | 5 + 2017/CVE-2017-17405.md | 1 + 2017/CVE-2017-17485.md | 2 + 2017/CVE-2017-18018.md | 1 + 2017/CVE-2017-18362.md | 17 + 2017/CVE-2017-18594.md | 17 + 2017/CVE-2017-20004.md | 1 + 2017/CVE-2017-2536.md | 1 + 2017/CVE-2017-2540.md | 1 + 2017/CVE-2017-2541.md | 1 + 2017/CVE-2017-2547.md | 1 + 2017/CVE-2017-3167.md | 1 + 2017/CVE-2017-3241.md | 1 + 2017/CVE-2017-3248.md | 2 + 2017/CVE-2017-3260.md | 17 + 2017/CVE-2017-3272.md | 18 + 2017/CVE-2017-3289.md | 1 + 2017/CVE-2017-3506.md | 5 + 2017/CVE-2017-3514.md | 17 + 2017/CVE-2017-4901.md | 7 + 2017/CVE-2017-5123.md | 1 + 2017/CVE-2017-5244.md | 6 + 2017/CVE-2017-5375.md | 2 +- 2017/CVE-2017-5638.md | 13 + 2017/CVE-2017-5645.md | 1 + 2017/CVE-2017-5647.md | 17 + 2017/CVE-2017-5648.md | 1 + 2017/CVE-2017-5650.md | 17 + 2017/CVE-2017-5651.md | 17 + 2017/CVE-2017-5664.md | 1 + 2017/CVE-2017-5929.md | 2 + 2017/CVE-2017-5941.md | 2 +- 2017/CVE-2017-6817.md | 2 + 2017/CVE-2017-6836.md | 1 + 2017/CVE-2017-6914.md | 1 + 2017/CVE-2017-6915.md | 1 + 2017/CVE-2017-6916.md | 1 + 2017/CVE-2017-6917.md | 1 + 2017/CVE-2017-6918.md | 1 + 2017/CVE-2017-7199.md | 1 + 2017/CVE-2017-7233.md | 1 + 2017/CVE-2017-7234.md | 1 + 2017/CVE-2017-7269.md | 3 + 2017/CVE-2017-7308.md | 1 + 2017/CVE-2017-7317.md | 2 +- 2017/CVE-2017-7475.md | 1 + 2017/CVE-2017-7494.md | 4 + 2017/CVE-2017-7504.md | 1 + 2017/CVE-2017-7525.md | 4 + 2017/CVE-2017-7529.md | 1 + 2017/CVE-2017-7536.md | 17 + 2017/CVE-2017-7614.md | 1 + 2017/CVE-2017-7657.md | 17 + 2017/CVE-2017-7658.md | 17 + 2017/CVE-2017-7674.md | 17 + 2017/CVE-2017-7675.md | 17 + 2017/CVE-2017-7784.md | 17 + 2017/CVE-2017-7828.md | 20 + 2017/CVE-2017-8046.md | 1 + 2017/CVE-2017-8421.md | 1 + 2017/CVE-2017-8464.md | 6 + 2017/CVE-2017-8514.md | 6 + 2017/CVE-2017-8565.md | 1 + 2017/CVE-2017-8570.md | 6 + 2017/CVE-2017-8625.md | 1 + 2017/CVE-2017-8715.md | 1 + 2017/CVE-2017-8759.md | 7 + 2017/CVE-2017-9224.md | 17 + 2017/CVE-2017-9225.md | 17 + 2017/CVE-2017-9226.md | 17 + 2017/CVE-2017-9227.md | 17 + 2017/CVE-2017-9228.md | 17 + 2017/CVE-2017-9229.md | 17 + 2017/CVE-2017-9304.md | 18 + 2017/CVE-2017-9438.md | 18 + 2017/CVE-2017-9506.md | 2 + 2017/CVE-2017-9791.md | 2 + 2017/CVE-2017-9805.md | 12 + 2017/CVE-2017-9822.md | 1 + 2018/CVE-2018-0114.md | 2 + 2018/CVE-2018-0296.md | 7 + 2018/CVE-2018-0694.md | 17 + 2018/CVE-2018-1000035.md | 1 + 2018/CVE-2018-1000122.md | 1 + 2018/CVE-2018-1000156.md | 1 + 2018/CVE-2018-1000518.md | 17 + 2018/CVE-2018-1000632.md | 17 + 2018/CVE-2018-1000654.md | 3 + 2018/CVE-2018-1000657.md | 1 + 2018/CVE-2018-1000810.md | 1 + 2018/CVE-2018-1000861.md | 2 + 2018/CVE-2018-1000873.md | 1 + 2018/CVE-2018-1000886.md | 3 +- 2018/CVE-2018-1002103.md | 1 + 2018/CVE-2018-1002105.md | 2 + 2018/CVE-2018-10100.md | 17 + 2018/CVE-2018-10101.md | 17 + 2018/CVE-2018-10102.md | 1 + 2018/CVE-2018-10191.md | 2 +- 2018/CVE-2018-10199.md | 17 + 2018/CVE-2018-10237.md | 1 + 2018/CVE-2018-10685.md | 2 +- 2018/CVE-2018-10876.md | 2 +- 2018/CVE-2018-10933.md | 6 + 2018/CVE-2018-1098.md | 1 + 2018/CVE-2018-11019.md | 2 +- 2018/CVE-2018-11039.md | 17 + 2018/CVE-2018-11040.md | 17 + 2018/CVE-2018-11307.md | 18 + 2018/CVE-2018-11416.md | 1 + 2018/CVE-2018-11496.md | 1 + 2018/CVE-2018-11576.md | 1 + 2018/CVE-2018-11687.md | 1 + 2018/CVE-2018-11743.md | 17 + 2018/CVE-2018-11763.md | 1 + 2018/CVE-2018-11776.md | 22 + 2018/CVE-2018-11784.md | 1 + 2018/CVE-2018-1196.md | 17 + 2018/CVE-2018-1199.md | 17 + 2018/CVE-2018-12018.md | 2 +- 2018/CVE-2018-12022.md | 17 + 2018/CVE-2018-12023.md | 17 + 2018/CVE-2018-12247.md | 17 + 2018/CVE-2018-12248.md | 17 + 2018/CVE-2018-12249.md | 17 + 2018/CVE-2018-12364.md | 22 + 2018/CVE-2018-12386.md | 1 + 2018/CVE-2018-12387.md | 1 + 2018/CVE-2018-1257.md | 17 + 2018/CVE-2018-1258.md | 2 + 2018/CVE-2018-12613.md | 3 + 2018/CVE-2018-12641.md | 2 + 2018/CVE-2018-12659.md | 17 + 2018/CVE-2018-12699.md | 3 + 2018/CVE-2018-1270.md | 1 + 2018/CVE-2018-1271.md | 1 + 2018/CVE-2018-1272.md | 17 + 2018/CVE-2018-1273.md | 2 + 2018/CVE-2018-1275.md | 1 + 2018/CVE-2018-12794.md | 1 + 2018/CVE-2018-1281.md | 17 + 2018/CVE-2018-1283.md | 1 + 2018/CVE-2018-12831.md | 1 + 2018/CVE-2018-1288.md | 1 + 2018/CVE-2018-12886.md | 1 + 2018/CVE-2018-12895.md | 1 + 2018/CVE-2018-1301.md | 1 + 2018/CVE-2018-1302.md | 1 + 2018/CVE-2018-1303.md | 1 + 2018/CVE-2018-1304.md | 1 + 2018/CVE-2018-1305.md | 1 + 2018/CVE-2018-1312.md | 1 + 2018/CVE-2018-13137.md | 1 + 2018/CVE-2018-13251.md | 18 + 2018/CVE-2018-1333.md | 1 + 2018/CVE-2018-1335.md | 1 + 2018/CVE-2018-1336.md | 1 + 2018/CVE-2018-1337.md | 17 + 2018/CVE-2018-13379.md | 3 + 2018/CVE-2018-13382.md | 1 + 2018/CVE-2018-14054.md | 1 + 2018/CVE-2018-14404.md | 1 + 2018/CVE-2018-14442.md | 1 + 2018/CVE-2018-14567.md | 1 + 2018/CVE-2018-14618.md | 1 + 2018/CVE-2018-14665.md | 6 + 2018/CVE-2018-14718.md | 2 + 2018/CVE-2018-14719.md | 1 + 2018/CVE-2018-14720.md | 1 + 2018/CVE-2018-14721.md | 1 + 2018/CVE-2018-15133.md | 1 + 2018/CVE-2018-15473.md | 2 + 2018/CVE-2018-15599.md | 2 +- 2018/CVE-2018-15664.md | 1 + 2018/CVE-2018-15686.md | 1 + 2018/CVE-2018-15732.md | 1 + 2018/CVE-2018-15756.md | 17 + 2018/CVE-2018-15805.md | 2 +- 2018/CVE-2018-15919.md | 1 + 2018/CVE-2018-15961.md | 2 + 2018/CVE-2018-15982.md | 1 + 2018/CVE-2018-16487.md | 1 + 2018/CVE-2018-16492.md | 1 + 2018/CVE-2018-16763.md | 1 + 2018/CVE-2018-16839.md | 1 + 2018/CVE-2018-1684.md | 17 + 2018/CVE-2018-16840.md | 1 + 2018/CVE-2018-16842.md | 1 + 2018/CVE-2018-16866.md | 1 + 2018/CVE-2018-16888.md | 1 + 2018/CVE-2018-16890.md | 1 + 2018/CVE-2018-17057.md | 1 + 2018/CVE-2018-17182.md | 6 + 2018/CVE-2018-17189.md | 1 + 2018/CVE-2018-17190.md | 17 + 2018/CVE-2018-17196.md | 17 + 2018/CVE-2018-17199.md | 1 + 2018/CVE-2018-1724.md | 17 + 2018/CVE-2018-17456.md | 1 + 2018/CVE-2018-17552.md | 2 +- 2018/CVE-2018-1782.md | 17 + 2018/CVE-2018-17946.md | 17 + 2018/CVE-2018-17961.md | 6 + 2018/CVE-2018-17985.md | 2 + 2018/CVE-2018-18017.md | 17 + 2018/CVE-2018-18018.md | 17 + 2018/CVE-2018-18019.md | 17 + 2018/CVE-2018-18074.md | 18 + 2018/CVE-2018-18484.md | 2 + 2018/CVE-2018-18492.md | 1 + 2018/CVE-2018-18495.md | 17 + 2018/CVE-2018-18500.md | 1 + 2018/CVE-2018-18649.md | 1 + 2018/CVE-2018-18700.md | 2 + 2018/CVE-2018-18701.md | 2 + 2018/CVE-2018-18925.md | 1 + 2018/CVE-2018-19360.md | 1 + 2018/CVE-2018-19361.md | 1 + 2018/CVE-2018-19362.md | 1 + 2018/CVE-2018-19486.md | 1 + 2018/CVE-2018-19571.md | 2 +- 2018/CVE-2018-19585.md | 2 +- 2018/CVE-2018-19837.md | 18 + 2018/CVE-2018-19876.md | 17 + 2018/CVE-2018-1999004.md | 17 + 2018/CVE-2018-20147.md | 17 + 2018/CVE-2018-20148.md | 2 + 2018/CVE-2018-20149.md | 17 + 2018/CVE-2018-20150.md | 17 + 2018/CVE-2018-20151.md | 17 + 2018/CVE-2018-20152.md | 17 + 2018/CVE-2018-20153.md | 17 + 2018/CVE-2018-20186.md | 3 +- 2018/CVE-2018-20250.md | 7 + 2018/CVE-2018-20303.md | 1 + 2018/CVE-2018-20334.md | 2 +- 2018/CVE-2018-20336.md | 2 +- 2018/CVE-2018-20346.md | 1 + 2018/CVE-2018-20482.md | 1 + 2018/CVE-2018-20505.md | 1 + 2018/CVE-2018-20506.md | 1 + 2018/CVE-2018-20573.md | 3 +- 2018/CVE-2018-20574.md | 3 +- 2018/CVE-2018-20587.md | 17 + 2018/CVE-2018-20623.md | 2 + 2018/CVE-2018-20659.md | 3 +- 2018/CVE-2018-20685.md | 1 + 2018/CVE-2018-20797.md | 18 + 2018/CVE-2018-20821.md | 18 + 2018/CVE-2018-20822.md | 18 + 2018/CVE-2018-20824.md | 1 + 2018/CVE-2018-20839.md | 1 + 2018/CVE-2018-20969.md | 1 + 2018/CVE-2018-20997.md | 1 + 2018/CVE-2018-21035.md | 17 + 2018/CVE-2018-25008.md | 17 + 2018/CVE-2018-2628.md | 5 + 2018/CVE-2018-2893.md | 8 + 2018/CVE-2018-2894.md | 17 + 2018/CVE-2018-3149.md | 2 + 2018/CVE-2018-3191.md | 6 + 2018/CVE-2018-3245.md | 6 + 2018/CVE-2018-3721.md | 2 + 2018/CVE-2018-3741.md | 1 + 2018/CVE-2018-4233.md | 1 + 2018/CVE-2018-4277.md | 17 + 2018/CVE-2018-4407.md | 6 + 2018/CVE-2018-4416.md | 1 + 2018/CVE-2018-4868.md | 2 + 2018/CVE-2018-4878.md | 11 + 2018/CVE-2018-4939.md | 1 + 2018/CVE-2018-4990.md | 2 + 2018/CVE-2018-4993.md | 1 + 2018/CVE-2018-5093.md | 17 + 2018/CVE-2018-5094.md | 17 + 2018/CVE-2018-5097.md | 20 + 2018/CVE-2018-5100.md | 17 + 2018/CVE-2018-5102.md | 20 + 2018/CVE-2018-5104.md | 20 + 2018/CVE-2018-5127.md | 20 + 2018/CVE-2018-5129.md | 1 + 2018/CVE-2018-5230.md | 1 + 2018/CVE-2018-5296.md | 2 + 2018/CVE-2018-5407.md | 1 + 2018/CVE-2018-5709.md | 1 + 2018/CVE-2018-5728.md | 1 + 2018/CVE-2018-5743.md | 2 + 2018/CVE-2018-5744.md | 1 + 2018/CVE-2018-5776.md | 1 + 2018/CVE-2018-5783.md | 2 + 2018/CVE-2018-5968.md | 2 + 2018/CVE-2018-6060.md | 17 + 2018/CVE-2018-6123.md | 17 + 2018/CVE-2018-6389.md | 7 + 2018/CVE-2018-6405.md | 17 + 2018/CVE-2018-6552.md | 1 + 2018/CVE-2018-6622.md | 1 + 2018/CVE-2018-6869.md | 3 +- 2018/CVE-2018-6910.md | 1 + 2018/CVE-2018-6930.md | 17 + 2018/CVE-2018-6952.md | 2 + 2018/CVE-2018-6981.md | 6 + 2018/CVE-2018-6982.md | 6 + 2018/CVE-2018-7489.md | 2 + 2018/CVE-2018-7600.md | 14 + 2018/CVE-2018-7876.md | 3 +- 2018/CVE-2018-8009.md | 1 + 2018/CVE-2018-8014.md | 1 + 2018/CVE-2018-8029.md | 17 + 2018/CVE-2018-8034.md | 1 + 2018/CVE-2018-8037.md | 1 + 2018/CVE-2018-8120.md | 6 + 2018/CVE-2018-8174.md | 6 + 2018/CVE-2018-8212.md | 1 + 2018/CVE-2018-8417.md | 20 + 2018/CVE-2018-8420.md | 6 + 2018/CVE-2018-8421.md | 1 + 2018/CVE-2018-8453.md | 1 + 2018/CVE-2018-8492.md | 20 + 2018/CVE-2018-8581.md | 8 + 2018/CVE-2018-8715.md | 1 + 2018/CVE-2018-8819.md | 1 + 2018/CVE-2018-8897.md | 6 + 2018/CVE-2018-8941.md | 2 +- 2018/CVE-2018-9138.md | 2 + 2018/CVE-2018-9206.md | 6 + 2018/CVE-2018-9251.md | 1 + 2018/CVE-2018-9276.md | 1 + 2018/CVE-2018-9862.md | 17 + 2018/CVE-2018-9995.md | 6 + 2018/CVE-2018-9996.md | 2 + 2019/CVE-2019-0024.md | 17 + 2019/CVE-2019-0053.md | 2 + 2019/CVE-2019-0192.md | 2 + 2019/CVE-2019-0193.md | 5 + 2019/CVE-2019-0196.md | 1 + 2019/CVE-2019-0197.md | 1 + 2019/CVE-2019-0199.md | 1 + 2019/CVE-2019-0205.md | 1 + 2019/CVE-2019-0210.md | 17 + 2019/CVE-2019-0211.md | 2 + 2019/CVE-2019-0217.md | 2 + 2019/CVE-2019-0220.md | 1 + 2019/CVE-2019-0221.md | 1 + 2019/CVE-2019-0227.md | 2 + 2019/CVE-2019-0230.md | 2 + 2019/CVE-2019-0232.md | 3 + 2019/CVE-2019-0539.md | 1 + 2019/CVE-2019-0541.md | 2 +- 2019/CVE-2019-0604.md | 4 + 2019/CVE-2019-0626.md | 18 + 2019/CVE-2019-0666.md | 1 + 2019/CVE-2019-0678.md | 2 + 2019/CVE-2019-0708.md | 48 + 2019/CVE-2019-0785.md | 1 + 2019/CVE-2019-0808.md | 3 + 2019/CVE-2019-0841.md | 3 + 2019/CVE-2019-0859.md | 1 + 2019/CVE-2019-0887.md | 1 + 2019/CVE-2019-0913.md | 21 + 2019/CVE-2019-1002101.md | 2 + 2019/CVE-2019-1003000.md | 1 + 2019/CVE-2019-10072.md | 1 + 2019/CVE-2019-10081.md | 1 + 2019/CVE-2019-10082.md | 1 + 2019/CVE-2019-10092.md | 2 + 2019/CVE-2019-10098.md | 1 + 2019/CVE-2019-1010022.md | 1 + 2019/CVE-2019-1010054.md | 1 + 2019/CVE-2019-1010299.md | 1 + 2019/CVE-2019-10149.md | 4 + 2019/CVE-2019-10173.md | 1 + 2019/CVE-2019-10210.md | 17 + 2019/CVE-2019-10216.md | 1 + 2019/CVE-2019-10392.md | 2 + 2019/CVE-2019-1040.md | 5 + 2019/CVE-2019-10567.md | 1 + 2019/CVE-2019-10708.md | 1 + 2019/CVE-2019-10709.md | 2 +- 2019/CVE-2019-10723.md | 3 +- 2019/CVE-2019-10742.md | 1 + 2019/CVE-2019-10744.md | 3 + 2019/CVE-2019-10746.md | 3 +- 2019/CVE-2019-10747.md | 3 +- 2019/CVE-2019-10758.md | 3 + 2019/CVE-2019-10782.md | 17 + 2019/CVE-2019-1082.md | 1 + 2019/CVE-2019-1083.md | 1 + 2019/CVE-2019-10842.md | 2 +- 2019/CVE-2019-10915.md | 1 + 2019/CVE-2019-1096.md | 1 + 2019/CVE-2019-11043.md | 17 + 2019/CVE-2019-1108.md | 1 + 2019/CVE-2019-11157.md | 1 + 2019/CVE-2019-11242.md | 17 + 2019/CVE-2019-11245.md | 1 + 2019/CVE-2019-11247.md | 1 + 2019/CVE-2019-1125.md | 1 + 2019/CVE-2019-11250.md | 17 + 2019/CVE-2019-11253.md | 1 + 2019/CVE-2019-11254.md | 17 + 2019/CVE-2019-11269.md | 2 +- 2019/CVE-2019-11358.md | 221 ++ 2019/CVE-2019-11371.md | 17 + 2019/CVE-2019-11447.md | 1 + 2019/CVE-2019-11477.md | 1 + 2019/CVE-2019-11507.md | 2 +- 2019/CVE-2019-11508.md | 2 +- 2019/CVE-2019-11510.md | 10 + 2019/CVE-2019-11538.md | 2 +- 2019/CVE-2019-11539.md | 3 + 2019/CVE-2019-11540.md | 3 +- 2019/CVE-2019-11542.md | 2 +- 2019/CVE-2019-11580.md | 3 + 2019/CVE-2019-11581.md | 5 + 2019/CVE-2019-11634.md | 17 + 2019/CVE-2019-11687.md | 2 + 2019/CVE-2019-11707.md | 2 + 2019/CVE-2019-11708.md | 1 + 2019/CVE-2019-11730.md | 2 + 2019/CVE-2019-11932.md | 10 + 2019/CVE-2019-11933.md | 1 + 2019/CVE-2019-12083.md | 1 + 2019/CVE-2019-12086.md | 3 + 2019/CVE-2019-12097.md | 17 + 2019/CVE-2019-12101.md | 17 + 2019/CVE-2019-1218.md | 1 + 2019/CVE-2019-12181.md | 1 + 2019/CVE-2019-12258.md | 1 + 2019/CVE-2019-12272.md | 1 + 2019/CVE-2019-12314.md | 1 + 2019/CVE-2019-12384.md | 3 + 2019/CVE-2019-12453.md | 2 + 2019/CVE-2019-12475.md | 1 + 2019/CVE-2019-12476.md | 1 + 2019/CVE-2019-12491.md | 17 + 2019/CVE-2019-1253.md | 1 + 2019/CVE-2019-12537.md | 17 + 2019/CVE-2019-12539.md | 17 + 2019/CVE-2019-12540.md | 17 + 2019/CVE-2019-12586.md | 2 + 2019/CVE-2019-12587.md | 2 + 2019/CVE-2019-12588.md | 2 + 2019/CVE-2019-12595.md | 17 + 2019/CVE-2019-12596.md | 17 + 2019/CVE-2019-12597.md | 17 + 2019/CVE-2019-12730.md | 2 +- 2019/CVE-2019-12735.md | 1 + 2019/CVE-2019-12750.md | 1 + 2019/CVE-2019-12780.md | 1 + 2019/CVE-2019-12814.md | 3 + 2019/CVE-2019-12815.md | 2 + 2019/CVE-2019-12840.md | 2 + 2019/CVE-2019-12889.md | 1 + 2019/CVE-2019-12890.md | 1 + 2019/CVE-2019-12922.md | 1 + 2019/CVE-2019-12941.md | 20 + 2019/CVE-2019-12999.md | 1 + 2019/CVE-2019-13000.md | 2 + 2019/CVE-2019-13024.md | 2 + 2019/CVE-2019-13027.md | 1 + 2019/CVE-2019-13052.md | 1 + 2019/CVE-2019-13053.md | 1 + 2019/CVE-2019-13054.md | 2 + 2019/CVE-2019-13055.md | 1 + 2019/CVE-2019-13063.md | 1 + 2019/CVE-2019-13086.md | 1 + 2019/CVE-2019-13101.md | 1 + 2019/CVE-2019-13115.md | 2 + 2019/CVE-2019-1322.md | 2 + 2019/CVE-2019-13224.md | 1 + 2019/CVE-2019-13225.md | 1 + 2019/CVE-2019-13272.md | 11 + 2019/CVE-2019-1333.md | 1 + 2019/CVE-2019-13361.md | 1 + 2019/CVE-2019-13403.md | 1 + 2019/CVE-2019-13404.md | 1 + 2019/CVE-2019-13497.md | 1 + 2019/CVE-2019-13503.md | 1 + 2019/CVE-2019-13504.md | 1 + 2019/CVE-2019-13574.md | 1 + 2019/CVE-2019-13604.md | 2 +- 2019/CVE-2019-13636.md | 2 +- 2019/CVE-2019-13638.md | 2 +- 2019/CVE-2019-1367.md | 2 + 2019/CVE-2019-13694.md | 17 + 2019/CVE-2019-13720.md | 2 + 2019/CVE-2019-1385.md | 1 + 2019/CVE-2019-1388.md | 5 + 2019/CVE-2019-13956.md | 1 + 2019/CVE-2019-1402.md | 1 + 2019/CVE-2019-14040.md | 1 + 2019/CVE-2019-14041.md | 1 + 2019/CVE-2019-1405.md | 1 + 2019/CVE-2019-14221.md | 2 +- 2019/CVE-2019-14267.md | 1 + 2019/CVE-2019-14271.md | 3 + 2019/CVE-2019-14277.md | 1 + 2019/CVE-2019-14287.md | 26 + 2019/CVE-2019-14314.md | 1 + 2019/CVE-2019-14319.md | 1 + 2019/CVE-2019-14326.md | 1 + 2019/CVE-2019-14379.md | 3 + 2019/CVE-2019-14439.md | 4 + 2019/CVE-2019-14514.md | 1 + 2019/CVE-2019-14529.md | 1 + 2019/CVE-2019-14530.md | 1 + 2019/CVE-2019-14537.md | 1 + 2019/CVE-2019-14540.md | 2 + 2019/CVE-2019-1458.md | 3 + 2019/CVE-2019-14697.md | 3 + 2019/CVE-2019-14745.md | 1 + 2019/CVE-2019-14751.md | 1 + 2019/CVE-2019-1476.md | 1 + 2019/CVE-2019-14811.md | 1 + 2019/CVE-2019-14812.md | 1 + 2019/CVE-2019-14813.md | 1 + 2019/CVE-2019-14830.md | 1 + 2019/CVE-2019-14838.md | 17 + 2019/CVE-2019-14843.md | 17 + 2019/CVE-2019-14855.md | 1 + 2019/CVE-2019-14865.md | 17 + 2019/CVE-2019-14889.md | 17 + 2019/CVE-2019-14893.md | 1 + 2019/CVE-2019-14899.md | 1 + 2019/CVE-2019-14912.md | 1 + 2019/CVE-2019-14941.md | 17 + 2019/CVE-2019-15029.md | 1 + 2019/CVE-2019-15043.md | 1 + 2019/CVE-2019-15053.md | 1 + 2019/CVE-2019-15081.md | 2 +- 2019/CVE-2019-15107.md | 17 + 2019/CVE-2019-15120.md | 1 + 2019/CVE-2019-15126.md | 2 + 2019/CVE-2019-15224.md | 1 + 2019/CVE-2019-15225.md | 17 + 2019/CVE-2019-15231.md | 1 + 2019/CVE-2019-15233.md | 1 + 2019/CVE-2019-15234.md | 17 + 2019/CVE-2019-1543.md | 8 + 2019/CVE-2019-1547.md | 4 + 2019/CVE-2019-1549.md | 4 + 2019/CVE-2019-1551.md | 2 + 2019/CVE-2019-15511.md | 1 + 2019/CVE-2019-1552.md | 2 +- 2019/CVE-2019-15588.md | 1 + 2019/CVE-2019-1559.md | 1 + 2019/CVE-2019-15605.md | 1 + 2019/CVE-2019-1563.md | 4 + 2019/CVE-2019-15642.md | 1 + 2019/CVE-2019-15745.md | 17 + 2019/CVE-2019-1579.md | 3 + 2019/CVE-2019-15799.md | 17 + 2019/CVE-2019-15801.md | 17 + 2019/CVE-2019-15802.md | 1 + 2019/CVE-2019-15846.md | 1 + 2019/CVE-2019-15910.md | 2 +- 2019/CVE-2019-15911.md | 2 +- 2019/CVE-2019-15912.md | 2 +- 2019/CVE-2019-15913.md | 2 +- 2019/CVE-2019-15914.md | 2 +- 2019/CVE-2019-15915.md | 2 +- 2019/CVE-2019-15949.md | 1 + 2019/CVE-2019-1609.md | 1 + 2019/CVE-2019-16097.md | 7 + 2019/CVE-2019-16113.md | 2 + 2019/CVE-2019-16117.md | 2 +- 2019/CVE-2019-16118.md | 2 +- 2019/CVE-2019-16119.md | 2 +- 2019/CVE-2019-16131.md | 1 + 2019/CVE-2019-16132.md | 1 + 2019/CVE-2019-16163.md | 1 + 2019/CVE-2019-16201.md | 1 + 2019/CVE-2019-16222.md | 1 + 2019/CVE-2019-16278.md | 9 + 2019/CVE-2019-16279.md | 1 + 2019/CVE-2019-16309.md | 1 + 2019/CVE-2019-16313.md | 2 + 2019/CVE-2019-16314.md | 1 + 2019/CVE-2019-16335.md | 2 + 2019/CVE-2019-16394.md | 1 + 2019/CVE-2019-16405.md | 1 + 2019/CVE-2019-16531.md | 2 +- 2019/CVE-2019-16662.md | 3 + 2019/CVE-2019-16663.md | 1 + 2019/CVE-2019-16724.md | 1 + 2019/CVE-2019-16729.md | 17 + 2019/CVE-2019-16759.md | 12 + 2019/CVE-2019-16769.md | 1 + 2019/CVE-2019-16773.md | 1 + 2019/CVE-2019-16780.md | 1 + 2019/CVE-2019-16781.md | 1 + 2019/CVE-2019-16784.md | 1 + 2019/CVE-2019-16788.md | 1 + 2019/CVE-2019-16884.md | 1 + 2019/CVE-2019-16889.md | 2 + 2019/CVE-2019-16902.md | 17 + 2019/CVE-2019-16941.md | 1 + 2019/CVE-2019-16942.md | 3 + 2019/CVE-2019-16943.md | 18 + 2019/CVE-2019-17026.md | 2 + 2019/CVE-2019-17043.md | 17 + 2019/CVE-2019-17044.md | 17 + 2019/CVE-2019-17059.md | 1 + 2019/CVE-2019-17080.md | 2 + 2019/CVE-2019-17124.md | 1 + 2019/CVE-2019-17195.md | 1 + 2019/CVE-2019-17221.md | 1 + 2019/CVE-2019-17234.md | 1 + 2019/CVE-2019-17240.md | 2 + 2019/CVE-2019-17241.md | 17 + 2019/CVE-2019-17242.md | 17 + 2019/CVE-2019-17243.md | 17 + 2019/CVE-2019-17244.md | 17 + 2019/CVE-2019-17245.md | 17 + 2019/CVE-2019-17246.md | 17 + 2019/CVE-2019-17247.md | 17 + 2019/CVE-2019-17248.md | 17 + 2019/CVE-2019-17249.md | 17 + 2019/CVE-2019-17250.md | 17 + 2019/CVE-2019-17251.md | 17 + 2019/CVE-2019-17252.md | 17 + 2019/CVE-2019-17253.md | 17 + 2019/CVE-2019-17254.md | 17 + 2019/CVE-2019-17255.md | 17 + 2019/CVE-2019-17256.md | 17 + 2019/CVE-2019-17257.md | 17 + 2019/CVE-2019-17258.md | 17 + 2019/CVE-2019-17259.md | 17 + 2019/CVE-2019-17260.md | 17 + 2019/CVE-2019-17261.md | 17 + 2019/CVE-2019-17262.md | 17 + 2019/CVE-2019-17267.md | 18 + 2019/CVE-2019-17367.md | 17 + 2019/CVE-2019-17372.md | 2 +- 2019/CVE-2019-17373.md | 2 +- 2019/CVE-2019-17408.md | 2 +- 2019/CVE-2019-17424.md | 1 + 2019/CVE-2019-17427.md | 1 + 2019/CVE-2019-17495.md | 1 + 2019/CVE-2019-17525.md | 1 + 2019/CVE-2019-17531.md | 2 + 2019/CVE-2019-17532.md | 17 + 2019/CVE-2019-17541.md | 2 +- 2019/CVE-2019-17545.md | 17 + 2019/CVE-2019-17549.md | 18 + 2019/CVE-2019-17558.md | 1 + 2019/CVE-2019-17564.md | 8 + 2019/CVE-2019-17567.md | 17 + 2019/CVE-2019-17570.md | 1 + 2019/CVE-2019-17571.md | 2 + 2019/CVE-2019-1759.md | 1 + 2019/CVE-2019-17596.md | 1 + 2019/CVE-2019-17621.md | 2 + 2019/CVE-2019-17626.md | 17 + 2019/CVE-2019-17633.md | 1 + 2019/CVE-2019-17658.md | 1 + 2019/CVE-2019-17662.md | 2 + 2019/CVE-2019-17669.md | 1 + 2019/CVE-2019-17670.md | 1 + 2019/CVE-2019-17671.md | 2 + 2019/CVE-2019-17672.md | 1 + 2019/CVE-2019-17673.md | 1 + 2019/CVE-2019-17674.md | 1 + 2019/CVE-2019-17675.md | 1 + 2019/CVE-2019-18182.md | 17 + 2019/CVE-2019-18183.md | 17 + 2019/CVE-2019-18276.md | 4 + 2019/CVE-2019-18277.md | 1 + 2019/CVE-2019-18370.md | 1 + 2019/CVE-2019-18426.md | 1 + 2019/CVE-2019-1853.md | 17 + 2019/CVE-2019-18634.md | 10 + 2019/CVE-2019-18674.md | 17 + 2019/CVE-2019-18675.md | 1 + 2019/CVE-2019-18683.md | 1 + 2019/CVE-2019-18874.md | 17 + 2019/CVE-2019-18885.md | 1 + 2019/CVE-2019-18888.md | 1 + 2019/CVE-2019-18889.md | 17 + 2019/CVE-2019-18890.md | 2 + 2019/CVE-2019-18935.md | 5 + 2019/CVE-2019-18988.md | 1 + 2019/CVE-2019-18992.md | 17 + 2019/CVE-2019-19012.md | 2 + 2019/CVE-2019-19033.md | 1 + 2019/CVE-2019-19041.md | 17 + 2019/CVE-2019-19118.md | 1 + 2019/CVE-2019-19203.md | 3 + 2019/CVE-2019-19204.md | 3 + 2019/CVE-2019-19231.md | 1 + 2019/CVE-2019-19242.md | 1 + 2019/CVE-2019-19244.md | 1 + 2019/CVE-2019-19246.md | 1 + 2019/CVE-2019-19307.md | 17 + 2019/CVE-2019-19315.md | 1 + 2019/CVE-2019-19356.md | 2 + 2019/CVE-2019-19383.md | 1 + 2019/CVE-2019-19469.md | 2 +- 2019/CVE-2019-19495.md | 2 +- 2019/CVE-2019-19576.md | 1 + 2019/CVE-2019-19596.md | 1 + 2019/CVE-2019-19699.md | 2 + 2019/CVE-2019-19709.md | 17 + 2019/CVE-2019-19732.md | 1 + 2019/CVE-2019-19733.md | 1 + 2019/CVE-2019-19734.md | 1 + 2019/CVE-2019-19735.md | 1 + 2019/CVE-2019-19738.md | 1 + 2019/CVE-2019-19770.md | 17 + 2019/CVE-2019-19781.md | 38 + 2019/CVE-2019-19794.md | 18 + 2019/CVE-2019-19844.md | 4 + 2019/CVE-2019-19846.md | 1 + 2019/CVE-2019-19886.md | 1 + 2019/CVE-2019-19889.md | 1 + 2019/CVE-2019-19890.md | 1 + 2019/CVE-2019-19905.md | 1 + 2019/CVE-2019-19916.md | 1 + 2019/CVE-2019-19945.md | 2 +- 2019/CVE-2019-19985.md | 1 + 2019/CVE-2019-20041.md | 1 + 2019/CVE-2019-20043.md | 1 + 2019/CVE-2019-20057.md | 17 + 2019/CVE-2019-20085.md | 2 + 2019/CVE-2019-20149.md | 1 + 2019/CVE-2019-20197.md | 2 + 2019/CVE-2019-20203.md | 1 + 2019/CVE-2019-20204.md | 1 + 2019/CVE-2019-20215.md | 1 + 2019/CVE-2019-20216.md | 2 +- 2019/CVE-2019-20217.md | 2 +- 2019/CVE-2019-20326.md | 1 + 2019/CVE-2019-20330.md | 17 + 2019/CVE-2019-20444.md | 17 + 2019/CVE-2019-20445.md | 17 + 2019/CVE-2019-20633.md | 3 +- 2019/CVE-2019-20634.md | 17 + 2019/CVE-2019-20838.md | 3 + 2019/CVE-2019-20916.md | 1 + 2019/CVE-2019-20933.md | 1 + 2019/CVE-2019-2107.md | 1 + 2019/CVE-2019-2114.md | 18 + 2019/CVE-2019-2196.md | 1 + 2019/CVE-2019-2198.md | 1 + 2019/CVE-2019-2215.md | 8 + 2019/CVE-2019-2219.md | 17 + 2019/CVE-2019-2494.md | 17 + 2019/CVE-2019-25013.md | 3 + 2019/CVE-2019-2525.md | 3 + 2019/CVE-2019-2548.md | 3 + 2019/CVE-2019-2593.md | 17 + 2019/CVE-2019-2618.md | 2 + 2019/CVE-2019-2725.md | 11 + 2019/CVE-2019-2729.md | 8 + 2019/CVE-2019-2890.md | 4 + 2019/CVE-2019-2891.md | 17 + 2019/CVE-2019-3010.md | 1 + 2019/CVE-2019-3025.md | 2 +- 2019/CVE-2019-3395.md | 1 + 2019/CVE-2019-3396.md | 8 + 2019/CVE-2019-3402.md | 1 + 2019/CVE-2019-3403.md | 1 + 2019/CVE-2019-3420.md | 1 + 2019/CVE-2019-3461.md | 17 + 2019/CVE-2019-3462.md | 2 + 2019/CVE-2019-3498.md | 1 + 2019/CVE-2019-3663.md | 1 + 2019/CVE-2019-3746.md | 19 + 2019/CVE-2019-3778.md | 1 + 2019/CVE-2019-3822.md | 1 + 2019/CVE-2019-3823.md | 1 + 2019/CVE-2019-3855.md | 1 + 2019/CVE-2019-3856.md | 1 + 2019/CVE-2019-3857.md | 1 + 2019/CVE-2019-3858.md | 1 + 2019/CVE-2019-3859.md | 1 + 2019/CVE-2019-3860.md | 1 + 2019/CVE-2019-3861.md | 1 + 2019/CVE-2019-3862.md | 1 + 2019/CVE-2019-3863.md | 1 + 2019/CVE-2019-3929.md | 1 + 2019/CVE-2019-3969.md | 1 + 2019/CVE-2019-3980.md | 1 + 2019/CVE-2019-5007.md | 17 + 2019/CVE-2019-5008.md | 17 + 2019/CVE-2019-5009.md | 2 +- 2019/CVE-2019-5010.md | 1 + 2019/CVE-2019-5021.md | 1 + 2019/CVE-2019-5096.md | 1 + 2019/CVE-2019-5392.md | 2 +- 2019/CVE-2019-5418.md | 2 + 2019/CVE-2019-5420.md | 12 + 2019/CVE-2019-5428.md | 1 + 2019/CVE-2019-5443.md | 1 + 2019/CVE-2019-5449.md | 17 + 2019/CVE-2019-5475.md | 1 + 2019/CVE-2019-5489.md | 1 + 2019/CVE-2019-5544.md | 1 + 2019/CVE-2019-5591.md | 17 + 2019/CVE-2019-5630.md | 1 + 2019/CVE-2019-5678.md | 1 + 2019/CVE-2019-5700.md | 1 + 2019/CVE-2019-5736.md | 20 + 2019/CVE-2019-5765.md | 18 + 2019/CVE-2019-5786.md | 3 + 2019/CVE-2019-5808.md | 17 + 2019/CVE-2019-5822.md | 1 + 2019/CVE-2019-5825.md | 1 + 2019/CVE-2019-5870.md | 1 + 2019/CVE-2019-5877.md | 17 + 2019/CVE-2019-6013.md | 17 + 2019/CVE-2019-6109.md | 1 + 2019/CVE-2019-6111.md | 2 + 2019/CVE-2019-6128.md | 2 +- 2019/CVE-2019-6207.md | 1 + 2019/CVE-2019-6225.md | 2 + 2019/CVE-2019-6285.md | 3 +- 2019/CVE-2019-6290.md | 2 + 2019/CVE-2019-6291.md | 2 + 2019/CVE-2019-6292.md | 2 + 2019/CVE-2019-6293.md | 2 + 2019/CVE-2019-6329.md | 1 + 2019/CVE-2019-6340.md | 5 + 2019/CVE-2019-6439.md | 1 + 2019/CVE-2019-6447.md | 1 + 2019/CVE-2019-6453.md | 1 + 2019/CVE-2019-6455.md | 2 +- 2019/CVE-2019-6461.md | 1 + 2019/CVE-2019-6462.md | 1 + 2019/CVE-2019-6467.md | 1 + 2019/CVE-2019-6471.md | 1 + 2019/CVE-2019-6579.md | 19 + 2019/CVE-2019-6713.md | 26 + 2019/CVE-2019-6715.md | 1 + 2019/CVE-2019-6788.md | 1 + 2019/CVE-2019-6966.md | 3 +- 2019/CVE-2019-6975.md | 2 + 2019/CVE-2019-6988.md | 4 +- 2019/CVE-2019-7125.md | 17 + 2019/CVE-2019-7164.md | 2 +- 2019/CVE-2019-7192.md | 2 + 2019/CVE-2019-7193.md | 1 + 2019/CVE-2019-7194.md | 1 + 2019/CVE-2019-7195.md | 2 + 2019/CVE-2019-7238.md | 3 + 2019/CVE-2019-7314.md | 1 + 2019/CVE-2019-7481.md | 1 + 2019/CVE-2019-7482.md | 1 + 2019/CVE-2019-7483.md | 1 + 2019/CVE-2019-7581.md | 3 +- 2019/CVE-2019-7582.md | 2 + 2019/CVE-2019-7609.md | 4 + 2019/CVE-2019-7616.md | 1 + 2019/CVE-2019-7663.md | 1 + 2019/CVE-2019-7690.md | 1 + 2019/CVE-2019-7698.md | 2 + 2019/CVE-2019-7813.md | 17 + 2019/CVE-2019-8038.md | 17 + 2019/CVE-2019-8039.md | 17 + 2019/CVE-2019-8312.md | 1 + 2019/CVE-2019-8313.md | 1 + 2019/CVE-2019-8314.md | 1 + 2019/CVE-2019-8315.md | 1 + 2019/CVE-2019-8316.md | 1 + 2019/CVE-2019-8317.md | 1 + 2019/CVE-2019-8318.md | 1 + 2019/CVE-2019-8319.md | 1 + 2019/CVE-2019-8331.md | 1 + 2019/CVE-2019-8442.md | 1 + 2019/CVE-2019-8446.md | 1 + 2019/CVE-2019-8449.md | 5 + 2019/CVE-2019-8451.md | 4 + 2019/CVE-2019-8457.md | 2 + 2019/CVE-2019-8513.md | 1 + 2019/CVE-2019-8526.md | 2 + 2019/CVE-2019-8591.md | 2 + 2019/CVE-2019-8601.md | 1 + 2019/CVE-2019-8605.md | 2 + 2019/CVE-2019-8641.md | 1 + 2019/CVE-2019-8646.md | 1 + 2019/CVE-2019-8647.md | 21 + 2019/CVE-2019-8660.md | 23 + 2019/CVE-2019-8662.md | 23 + 2019/CVE-2019-8781.md | 1 + 2019/CVE-2019-8802.md | 17 + 2019/CVE-2019-8805.md | 17 + 2019/CVE-2019-8936.md | 1 + 2019/CVE-2019-8942.md | 1 + 2019/CVE-2019-8943.md | 1 + 2019/CVE-2019-8956.md | 2 + 2019/CVE-2019-8979.md | 1 + 2019/CVE-2019-9004.md | 17 + 2019/CVE-2019-9053.md | 2 + 2019/CVE-2019-9070.md | 18 + 2019/CVE-2019-9071.md | 18 + 2019/CVE-2019-9117.md | 17 + 2019/CVE-2019-9118.md | 17 + 2019/CVE-2019-9119.md | 17 + 2019/CVE-2019-9120.md | 17 + 2019/CVE-2019-9121.md | 17 + 2019/CVE-2019-9153.md | 1 + 2019/CVE-2019-9176.md | 17 + 2019/CVE-2019-9193.md | 1 + 2019/CVE-2019-9195.md | 1 + 2019/CVE-2019-9465.md | 1 + 2019/CVE-2019-9506.md | 1 + 2019/CVE-2019-9512.md | 1 + 2019/CVE-2019-9641.md | 1 + 2019/CVE-2019-9670.md | 2 + 2019/CVE-2019-9704.md | 17 + 2019/CVE-2019-9740.md | 1 + 2019/CVE-2019-9766.md | 1 + 2019/CVE-2019-9787.md | 5 + 2019/CVE-2019-9791.md | 1 + 2019/CVE-2019-9810.md | 4 + 2019/CVE-2019-9813.md | 1 + 2019/CVE-2019-9923.md | 1 + 2019/CVE-2019-9924.md | 1 + 2019/CVE-2019-9946.md | 1 + 2020/CVE-2020-0001.md | 1 + 2020/CVE-2020-0022.md | 1 + 2020/CVE-2020-0108.md | 1 + 2020/CVE-2020-0113.md | 1 + 2020/CVE-2020-0551.md | 2 + 2020/CVE-2020-0554.md | 1 + 2020/CVE-2020-0601.md | 2 + 2020/CVE-2020-0609.md | 1 + 2020/CVE-2020-0618.md | 2 + 2020/CVE-2020-0646.md | 2 + 2020/CVE-2020-0683.md | 1 + 2020/CVE-2020-0688.md | 7 + 2020/CVE-2020-0714.md | 26 + 2020/CVE-2020-0796.md | 8 + 2020/CVE-2020-0932.md | 1 + 2020/CVE-2020-0984.md | 1 + 2020/CVE-2020-10110.md | 2 +- 2020/CVE-2020-10111.md | 2 +- 2020/CVE-2020-10112.md | 2 +- 2020/CVE-2020-10148.md | 4 + 2020/CVE-2020-10189.md | 1 + 2020/CVE-2020-10199.md | 2 + 2020/CVE-2020-10204.md | 2 + 2020/CVE-2020-1054.md | 1 + 2020/CVE-2020-10564.md | 1 + 2020/CVE-2020-10663.md | 1 + 2020/CVE-2020-10672.md | 1 + 2020/CVE-2020-10673.md | 1 + 2020/CVE-2020-10675.md | 18 + 2020/CVE-2020-10713.md | 3 + 2020/CVE-2020-10749.md | 1 + 2020/CVE-2020-10812.md | 1 + 2020/CVE-2020-10878.md | 1 + 2020/CVE-2020-10968.md | 17 + 2020/CVE-2020-10969.md | 1 + 2020/CVE-2020-10977.md | 5 + 2020/CVE-2020-11022.md | 1 + 2020/CVE-2020-11023.md | 1 + 2020/CVE-2020-11025.md | 1 + 2020/CVE-2020-11026.md | 1 + 2020/CVE-2020-11027.md | 1 + 2020/CVE-2020-11028.md | 1 + 2020/CVE-2020-11029.md | 1 + 2020/CVE-2020-11050.md | 17 + 2020/CVE-2020-11111.md | 1 + 2020/CVE-2020-11112.md | 1 + 2020/CVE-2020-11113.md | 1 + 2020/CVE-2020-11444.md | 1 + 2020/CVE-2020-1147.md | 2 + 2020/CVE-2020-11518.md | 1 + 2020/CVE-2020-11619.md | 17 + 2020/CVE-2020-11620.md | 1 + 2020/CVE-2020-11651.md | 4 + 2020/CVE-2020-11652.md | 3 + 2020/CVE-2020-11655.md | 1 + 2020/CVE-2020-11656.md | 1 + 2020/CVE-2020-11710.md | 1 + 2020/CVE-2020-1181.md | 1 + 2020/CVE-2020-11851.md | 1 + 2020/CVE-2020-11974.md | 1 + 2020/CVE-2020-11975.md | 2 + 2020/CVE-2020-11989.md | 1 + 2020/CVE-2020-11993.md | 1 + 2020/CVE-2020-12062.md | 17 + 2020/CVE-2020-12078.md | 1 + 2020/CVE-2020-12351.md | 1 + 2020/CVE-2020-12352.md | 1 + 2020/CVE-2020-12702.md | 1 + 2020/CVE-2020-12812.md | 18 + 2020/CVE-2020-12856.md | 1 + 2020/CVE-2020-12912.md | 17 + 2020/CVE-2020-12928.md | 1 + 2020/CVE-2020-13277.md | 1 + 2020/CVE-2020-13401.md | 1 + 2020/CVE-2020-13449.md | 2 +- 2020/CVE-2020-13450.md | 2 +- 2020/CVE-2020-13451.md | 2 +- 2020/CVE-2020-13452.md | 2 +- 2020/CVE-2020-13487.md | 4 + 2020/CVE-2020-1350.md | 2 + 2020/CVE-2020-13529.md | 1 + 2020/CVE-2020-13777.md | 1 + 2020/CVE-2020-13884.md | 1 + 2020/CVE-2020-13885.md | 1 + 2020/CVE-2020-13921.md | 1 + 2020/CVE-2020-13925.md | 1 + 2020/CVE-2020-13933.md | 1 + 2020/CVE-2020-13935.md | 4 + 2020/CVE-2020-13936.md | 1 + 2020/CVE-2020-13937.md | 2 + 2020/CVE-2020-13942.md | 9 + 2020/CVE-2020-13949.md | 17 + 2020/CVE-2020-13957.md | 2 + 2020/CVE-2020-13998.md | 17 + 2020/CVE-2020-14060.md | 1 + 2020/CVE-2020-14061.md | 17 + 2020/CVE-2020-14062.md | 1 + 2020/CVE-2020-14064.md | 1 + 2020/CVE-2020-14065.md | 1 + 2020/CVE-2020-14145.md | 1 + 2020/CVE-2020-14155.md | 2 + 2020/CVE-2020-14179.md | 2 + 2020/CVE-2020-14181.md | 2 + 2020/CVE-2020-14195.md | 1 + 2020/CVE-2020-14292.md | 1 + 2020/CVE-2020-14295.md | 3 + 2020/CVE-2020-14308.md | 2 + 2020/CVE-2020-14309.md | 2 + 2020/CVE-2020-14310.md | 2 + 2020/CVE-2020-14311.md | 2 + 2020/CVE-2020-14364.md | 1 + 2020/CVE-2020-14372.md | 2 + 2020/CVE-2020-14386.md | 1 + 2020/CVE-2020-14422.md | 17 + 2020/CVE-2020-14645.md | 1 + 2020/CVE-2020-1467.md | 52 + 2020/CVE-2020-1472.md | 13 + 2020/CVE-2020-14750.md | 2 + 2020/CVE-2020-14756.md | 3 + 2020/CVE-2020-14815.md | 1 + 2020/CVE-2020-1488.md | 52 + 2020/CVE-2020-14882.md | 23 + 2020/CVE-2020-14883.md | 2 + 2020/CVE-2020-14966.md | 1 + 2020/CVE-2020-14967.md | 1 + 2020/CVE-2020-14968.md | 1 + 2020/CVE-2020-15133.md | 17 + 2020/CVE-2020-15134.md | 17 + 2020/CVE-2020-15148.md | 1 + 2020/CVE-2020-15168.md | 1 + 2020/CVE-2020-15227.md | 1 + 2020/CVE-2020-15228.md | 2 + 2020/CVE-2020-15257.md | 5 + 2020/CVE-2020-15349.md | 1 + 2020/CVE-2020-15366.md | 17 + 2020/CVE-2020-15394.md | 2 +- 2020/CVE-2020-15506.md | 17 + 2020/CVE-2020-15705.md | 2 + 2020/CVE-2020-15778.md | 2 + 2020/CVE-2020-15779.md | 17 + 2020/CVE-2020-15867.md | 1 + 2020/CVE-2020-15899.md | 1 + 2020/CVE-2020-15907.md | 17 + 2020/CVE-2020-15944.md | 2 +- 2020/CVE-2020-15999.md | 3 + 2020/CVE-2020-16005.md | 17 + 2020/CVE-2020-16012.md | 1 + 2020/CVE-2020-16040.md | 1 + 2020/CVE-2020-1611.md | 1 + 2020/CVE-2020-16126.md | 1 + 2020/CVE-2020-16127.md | 2 +- 2020/CVE-2020-1615.md | 17 + 2020/CVE-2020-16270.md | 1 + 2020/CVE-2020-1664.md | 17 + 2020/CVE-2020-16846.md | 1 + 2020/CVE-2020-16875.md | 2 + 2020/CVE-2020-16898.md | 2 + 2020/CVE-2020-17035.md | 1 + 2020/CVE-2020-17057.md | 1 + 2020/CVE-2020-17083.md | 1 + 2020/CVE-2020-17087.md | 2 + 2020/CVE-2020-17123.md | 22 + 2020/CVE-2020-17143.md | 1 + 2020/CVE-2020-17144.md | 5 + 2020/CVE-2020-17518.md | 3 + 2020/CVE-2020-17519.md | 8 + 2020/CVE-2020-17523.md | 3 + 2020/CVE-2020-17530.md | 13 + 2020/CVE-2020-17531.md | 1 + 2020/CVE-2020-17532.md | 1 + 2020/CVE-2020-1764.md | 1 + 2020/CVE-2020-18568.md | 1 + 2020/CVE-2020-18737.md | 1 + 2020/CVE-2020-1927.md | 1 + 2020/CVE-2020-1934.md | 1 + 2020/CVE-2020-1938.md | 4 + 2020/CVE-2020-1947.md | 1 + 2020/CVE-2020-1948.md | 1 + 2020/CVE-2020-1952.md | 17 + 2020/CVE-2020-1957.md | 1 + 2020/CVE-2020-1967.md | 3 + 2020/CVE-2020-1971.md | 4 + 2020/CVE-2020-2020.md | 2 + 2020/CVE-2020-2021.md | 3 + 2020/CVE-2020-2034.md | 1 + 2020/CVE-2020-21224.md | 2 + 2020/CVE-2020-21378.md | 1 + 2020/CVE-2020-21585.md | 1 + 2020/CVE-2020-2229.md | 1 + 2020/CVE-2020-23342.md | 1 + 2020/CVE-2020-23968.md | 1 + 2020/CVE-2020-24227.md | 1 + 2020/CVE-2020-24579.md | 1 + 2020/CVE-2020-24581.md | 1 + 2020/CVE-2020-24609.md | 1 + 2020/CVE-2020-24616.md | 1 + 2020/CVE-2020-24723.md | 1 + 2020/CVE-2020-24750.md | 1 + 2020/CVE-2020-24807.md | 17 + 2020/CVE-2020-25078.md | 2 + 2020/CVE-2020-2509.md | 20 + 2020/CVE-2020-25211.md | 1 + 2020/CVE-2020-25213.md | 2 + 2020/CVE-2020-25223.md | 2 + 2020/CVE-2020-25273.md | 1 + 2020/CVE-2020-25483.md | 1 + 2020/CVE-2020-25498.md | 1 + 2020/CVE-2020-25506.md | 1 + 2020/CVE-2020-2551.md | 4 + 2020/CVE-2020-2555.md | 3 + 2020/CVE-2020-25632.md | 2 + 2020/CVE-2020-25647.md | 2 + 2020/CVE-2020-25684.md | 1 + 2020/CVE-2020-25685.md | 1 + 2020/CVE-2020-25686.md | 1 + 2020/CVE-2020-25705.md | 1 + 2020/CVE-2020-26088.md | 2 +- 2020/CVE-2020-26137.md | 2 + 2020/CVE-2020-26160.md | 19 + 2020/CVE-2020-26217.md | 3 + 2020/CVE-2020-26233.md | 1 + 2020/CVE-2020-26238.md | 1 + 2020/CVE-2020-26258.md | 3 + 2020/CVE-2020-26259.md | 3 + 2020/CVE-2020-26297.md | 1 + 2020/CVE-2020-26413.md | 1 + 2020/CVE-2020-26870.md | 17 + 2020/CVE-2020-26893.md | 17 + 2020/CVE-2020-26935.md | 1 + 2020/CVE-2020-27131.md | 1 + 2020/CVE-2020-27152.md | 2 +- 2020/CVE-2020-27192.md | 1 + 2020/CVE-2020-27193.md | 17 + 2020/CVE-2020-27194.md | 2 + 2020/CVE-2020-27223.md | 1 + 2020/CVE-2020-27358.md | 1 + 2020/CVE-2020-27372.md | 17 + 2020/CVE-2020-27533.md | 1 + 2020/CVE-2020-27575.md | 1 + 2020/CVE-2020-27600.md | 1 + 2020/CVE-2020-27603.md | 1 + 2020/CVE-2020-27618.md | 2 + 2020/CVE-2020-27749.md | 2 + 2020/CVE-2020-27779.md | 2 + 2020/CVE-2020-27813.md | 2 +- 2020/CVE-2020-27830.md | 17 + 2020/CVE-2020-27905.md | 20 + 2020/CVE-2020-27935.md | 1 + 2020/CVE-2020-27949.md | 1 + 2020/CVE-2020-27950.md | 1 + 2020/CVE-2020-27955.md | 8 + 2020/CVE-2020-27976.md | 1 + 2020/CVE-2020-27986.md | 1 + 2020/CVE-2020-28018.md | 2 + 2020/CVE-2020-28042.md | 1 + 2020/CVE-2020-28054.md | 1 + 2020/CVE-2020-28124.md | 17 + 2020/CVE-2020-28188.md | 2 + 2020/CVE-2020-28243.md | 1 + 2020/CVE-2020-28328.md | 1 + 2020/CVE-2020-28351.md | 1 + 2020/CVE-2020-28500.md | 1 + 2020/CVE-2020-2853.md | 1 + 2020/CVE-2020-28642.md | 1 + 2020/CVE-2020-28653.md | 1 + 2020/CVE-2020-2883.md | 3 + 2020/CVE-2020-28928.md | 2 + 2020/CVE-2020-28948.md | 1 + 2020/CVE-2020-28949.md | 1 + 2020/CVE-2020-29070.md | 1 + 2020/CVE-2020-29133.md | 1 + 2020/CVE-2020-29156.md | 1 + 2020/CVE-2020-29228.md | 17 + 2020/CVE-2020-29230.md | 2 +- 2020/CVE-2020-29231.md | 2 +- 2020/CVE-2020-29233.md | 2 +- 2020/CVE-2020-29254.md | 1 + 2020/CVE-2020-29371.md | 2 +- 2020/CVE-2020-29436.md | 1 + 2020/CVE-2020-29453.md | 1 + 2020/CVE-2020-29469.md | 2 +- 2020/CVE-2020-29470.md | 2 +- 2020/CVE-2020-29471.md | 2 +- 2020/CVE-2020-29475.md | 2 +- 2020/CVE-2020-29477.md | 2 +- 2020/CVE-2020-29562.md | 3 + 2020/CVE-2020-29564.md | 1 + 2020/CVE-2020-29583.md | 3 + 2020/CVE-2020-29621.md | 17 + 2020/CVE-2020-29622.md | 17 + 2020/CVE-2020-29652.md | 17 + 2020/CVE-2020-29669.md | 1 + 2020/CVE-2020-2978.md | 1 + 2020/CVE-2020-3119.md | 1 + 2020/CVE-2020-3120.md | 2 +- 2020/CVE-2020-3125.md | 17 + 2020/CVE-2020-3153.md | 1 + 2020/CVE-2020-3172.md | 17 + 2020/CVE-2020-3187.md | 1 + 2020/CVE-2020-3433.md | 1 + 2020/CVE-2020-3451.md | 1 + 2020/CVE-2020-3452.md | 8 + 2020/CVE-2020-35240.md | 17 + 2020/CVE-2020-35241.md | 2 +- 2020/CVE-2020-35262.md | 1 + 2020/CVE-2020-35381.md | 18 + 2020/CVE-2020-35452.md | 17 + 2020/CVE-2020-35476.md | 1 + 2020/CVE-2020-35489.md | 1 + 2020/CVE-2020-35576.md | 1 + 2020/CVE-2020-35584.md | 17 + 2020/CVE-2020-35585.md | 17 + 2020/CVE-2020-35586.md | 17 + 2020/CVE-2020-35587.md | 17 + 2020/CVE-2020-35590.md | 1 + 2020/CVE-2020-35606.md | 5 + 2020/CVE-2020-35616.md | 1 + 2020/CVE-2020-35660.md | 2 +- 2020/CVE-2020-35693.md | 17 + 2020/CVE-2020-35728.md | 2 + 2020/CVE-2020-3580.md | 1 + 2020/CVE-2020-35846.md | 2 + 2020/CVE-2020-35847.md | 2 + 2020/CVE-2020-36079.md | 1 + 2020/CVE-2020-36179.md | 1 + 2020/CVE-2020-36184.md | 1 + 2020/CVE-2020-36188.md | 1 + 2020/CVE-2020-36197.md | 1 + 2020/CVE-2020-36289.md | 2 + 2020/CVE-2020-36317.md | 18 + 2020/CVE-2020-36318.md | 17 + 2020/CVE-2020-36323.md | 18 + 2020/CVE-2020-36406.md | 17 + 2020/CVE-2020-3762.md | 17 + 2020/CVE-2020-3847.md | 1 + 2020/CVE-2020-3848.md | 1 + 2020/CVE-2020-3855.md | 17 + 2020/CVE-2020-3952.md | 4 + 2020/CVE-2020-3992.md | 1 + 2020/CVE-2020-4006.md | 1 + 2020/CVE-2020-4066.md | 1 + 2020/CVE-2020-4280.md | 1 + 2020/CVE-2020-4463.md | 1 + 2020/CVE-2020-5135.md | 1 + 2020/CVE-2020-5144.md | 17 + 2020/CVE-2020-5310.md | 17 + 2020/CVE-2020-5313.md | 1 + 2020/CVE-2020-5405.md | 1 + 2020/CVE-2020-5410.md | 1 + 2020/CVE-2020-5421.md | 1 + 2020/CVE-2020-5509.md | 1 + 2020/CVE-2020-5639.md | 17 + 2020/CVE-2020-5902.md | 9 + 2020/CVE-2020-6019.md | 1 + 2020/CVE-2020-6096.md | 2 + 2020/CVE-2020-6175.md | 17 + 2020/CVE-2020-6207.md | 2 + 2020/CVE-2020-6287.md | 1 + 2020/CVE-2020-6308.md | 3 + 2020/CVE-2020-6422.md | 17 + 2020/CVE-2020-6463.md | 17 + 2020/CVE-2020-6506.md | 2 + 2020/CVE-2020-6542.md | 2 +- 2020/CVE-2020-7048.md | 1 + 2020/CVE-2020-7200.md | 2 + 2020/CVE-2020-7247.md | 1 + 2020/CVE-2020-7471.md | 1 + 2020/CVE-2020-7473.md | 1 + 2020/CVE-2020-7662.md | 1 + 2020/CVE-2020-7663.md | 2 +- 2020/CVE-2020-7667.md | 2 +- 2020/CVE-2020-7760.md | 1 + 2020/CVE-2020-7799.md | 1 + 2020/CVE-2020-7961.md | 6 + 2020/CVE-2020-7980.md | 1 + 2020/CVE-2020-7997.md | 2 +- 2020/CVE-2020-7998.md | 2 +- 2020/CVE-2020-8152.md | 1 + 2020/CVE-2020-8165.md | 2 + 2020/CVE-2020-8187.md | 17 + 2020/CVE-2020-8190.md | 17 + 2020/CVE-2020-8191.md | 1 + 2020/CVE-2020-8193.md | 2 + 2020/CVE-2020-8194.md | 1 + 2020/CVE-2020-8195.md | 3 + 2020/CVE-2020-8196.md | 3 + 2020/CVE-2020-8197.md | 17 + 2020/CVE-2020-8198.md | 1 + 2020/CVE-2020-8199.md | 17 + 2020/CVE-2020-8200.md | 17 + 2020/CVE-2020-8207.md | 1 + 2020/CVE-2020-8208.md | 17 + 2020/CVE-2020-8209.md | 4 + 2020/CVE-2020-8210.md | 17 + 2020/CVE-2020-8211.md | 17 + 2020/CVE-2020-8212.md | 17 + 2020/CVE-2020-8217.md | 2 +- 2020/CVE-2020-8243.md | 1 + 2020/CVE-2020-8245.md | 17 + 2020/CVE-2020-8246.md | 17 + 2020/CVE-2020-8247.md | 17 + 2020/CVE-2020-8253.md | 17 + 2020/CVE-2020-8255.md | 1 + 2020/CVE-2020-8260.md | 1 + 2020/CVE-2020-8271.md | 17 + 2020/CVE-2020-8272.md | 17 + 2020/CVE-2020-8273.md | 17 + 2020/CVE-2020-8277.md | 2 + 2020/CVE-2020-8394.md | 1 + 2020/CVE-2020-8554.md | 5 + 2020/CVE-2020-8555.md | 1 + 2020/CVE-2020-8558.md | 1 + 2020/CVE-2020-8564.md | 17 + 2020/CVE-2020-8565.md | 17 + 2020/CVE-2020-8595.md | 2 + 2020/CVE-2020-8635.md | 1 + 2020/CVE-2020-8654.md | 1 + 2020/CVE-2020-8656.md | 1 + 2020/CVE-2020-8657.md | 1 + 2020/CVE-2020-8813.md | 1 + 2020/CVE-2020-8816.md | 1 + 2020/CVE-2020-8835.md | 2 + 2020/CVE-2020-8840.md | 2 + 2020/CVE-2020-8871.md | 1 + 2020/CVE-2020-8908.md | 2 +- 2020/CVE-2020-8982.md | 1 + 2020/CVE-2020-8983.md | 1 + 2020/CVE-2020-9273.md | 1 + 2020/CVE-2020-9283.md | 2 + 2020/CVE-2020-9296.md | 17 + 2020/CVE-2020-9465.md | 1 + 2020/CVE-2020-9470.md | 1 + 2020/CVE-2020-9480.md | 1 + 2020/CVE-2020-9483.md | 1 + 2020/CVE-2020-9484.md | 4 + 2020/CVE-2020-9490.md | 1 + 2020/CVE-2020-9496.md | 3 + 2020/CVE-2020-9546.md | 1 + 2020/CVE-2020-9547.md | 1 + 2020/CVE-2020-9548.md | 1 + 2020/CVE-2020-9714.md | 17 + 2020/CVE-2020-9771.md | 1 + 2020/CVE-2020-9794.md | 1 + 2020/CVE-2020-9934.md | 1 + 2020/CVE-2020-9939.md | 17 + 2020/CVE-2020-9964.md | 1 + 2020/CVE-2020-9986.md | 1 + 2021/CVE-2021-0089.md | 1 + 2021/CVE-2021-0186.md | 17 + 2021/CVE-2021-0223.md | 17 + 2021/CVE-2021-0256.md | 17 + 2021/CVE-2021-0313.md | 1 + 2021/CVE-2021-0485.md | 1 + 2021/CVE-2021-1090.md | 17 + 2021/CVE-2021-1095.md | 17 + 2021/CVE-2021-1096.md | 17 + 2021/CVE-2021-1366.md | 17 + 2021/CVE-2021-1472.md | 1 + 2021/CVE-2021-1497.md | 1 + 2021/CVE-2021-1498.md | 1 + 2021/CVE-2021-1499.md | 1 + 2021/CVE-2021-1568.md | 17 + 2021/CVE-2021-1675.md | 65 + 2021/CVE-2021-1732.md | 2 + 2021/CVE-2021-1748.md | 2 + 2021/CVE-2021-1779.md | 17 + 2021/CVE-2021-1782.md | 1 + 2021/CVE-2021-1791.md | 1 + 2021/CVE-2021-20016.md | 17 + 2021/CVE-2021-2021.md | 1 + 2021/CVE-2021-20225.md | 1 + 2021/CVE-2021-20231.md | 1 + 2021/CVE-2021-20232.md | 1 + 2021/CVE-2021-20233.md | 2 + 2021/CVE-2021-20268.md | 17 + 2021/CVE-2021-20270.md | 17 + 2021/CVE-2021-20291.md | 1 + 2021/CVE-2021-20294.md | 17 + 2021/CVE-2021-20572.md | 17 + 2021/CVE-2021-20573.md | 17 + 2021/CVE-2021-20574.md | 17 + 2021/CVE-2021-20655.md | 17 + 2021/CVE-2021-20717.md | 1 + 2021/CVE-2021-20837.md | 4 + 2021/CVE-2021-2086.md | 2 + 2021/CVE-2021-21017.md | 1 + 2021/CVE-2021-21042.md | 1 + 2021/CVE-2021-21087.md | 1 + 2021/CVE-2021-2109.md | 2 + 2021/CVE-2021-21112.md | 17 + 2021/CVE-2021-21122.md | 17 + 2021/CVE-2021-21128.md | 17 + 2021/CVE-2021-21155.md | 17 + 2021/CVE-2021-21159.md | 17 + 2021/CVE-2021-21188.md | 17 + 2021/CVE-2021-21190.md | 17 + 2021/CVE-2021-21198.md | 2 +- 2021/CVE-2021-21202.md | 17 + 2021/CVE-2021-21203.md | 17 + 2021/CVE-2021-21204.md | 17 + 2021/CVE-2021-21207.md | 17 + 2021/CVE-2021-21220.md | 2 + 2021/CVE-2021-21223.md | 17 + 2021/CVE-2021-21224.md | 3 + 2021/CVE-2021-21226.md | 17 + 2021/CVE-2021-21234.md | 1 + 2021/CVE-2021-21240.md | 5 + 2021/CVE-2021-21242.md | 1 + 2021/CVE-2021-21287.md | 2 + 2021/CVE-2021-21300.md | 1 + 2021/CVE-2021-21311.md | 1 + 2021/CVE-2021-21315.md | 9 + 2021/CVE-2021-21334.md | 17 + 2021/CVE-2021-21344.md | 1 + 2021/CVE-2021-2135.md | 1 + 2021/CVE-2021-21351.md | 1 + 2021/CVE-2021-21402.md | 3 + 2021/CVE-2021-21425.md | 2 + 2021/CVE-2021-21514.md | 1 + 2021/CVE-2021-21551.md | 4 + 2021/CVE-2021-21677.md | 17 + 2021/CVE-2021-21680.md | 17 + 2021/CVE-2021-21972.md | 6 + 2021/CVE-2021-21973.md | 2 + 2021/CVE-2021-21975.md | 3 + 2021/CVE-2021-21978.md | 1 + 2021/CVE-2021-21979.md | 1 + 2021/CVE-2021-21985.md | 6 + 2021/CVE-2021-22005.md | 16 + 2021/CVE-2021-22053.md | 2 + 2021/CVE-2021-22119.md | 1 + 2021/CVE-2021-22123.md | 1 + 2021/CVE-2021-22146.md | 3 +- 2021/CVE-2021-22176.md | 1 + 2021/CVE-2021-22178.md | 1 + 2021/CVE-2021-22181.md | 17 + 2021/CVE-2021-22188.md | 1 + 2021/CVE-2021-22192.md | 1 + 2021/CVE-2021-22204.md | 11 + 2021/CVE-2021-22205.md | 25 + 2021/CVE-2021-22213.md | 17 + 2021/CVE-2021-22214.md | 3 + 2021/CVE-2021-2226.md | 17 + 2021/CVE-2021-22555.md | 10 + 2021/CVE-2021-22893.md | 3 + 2021/CVE-2021-22898.md | 1 + 2021/CVE-2021-22911.md | 2 + 2021/CVE-2021-22922.md | 1 + 2021/CVE-2021-22941.md | 2 + 2021/CVE-2021-22945.md | 1 + 2021/CVE-2021-22946.md | 2 + 2021/CVE-2021-22947.md | 2 + 2021/CVE-2021-22968.md | 17 + 2021/CVE-2021-22986.md | 6 + 2021/CVE-2021-22991.md | 2 + 2021/CVE-2021-22992.md | 1 + 2021/CVE-2021-23008.md | 17 + 2021/CVE-2021-2302.md | 1 + 2021/CVE-2021-2305.md | 17 + 2021/CVE-2021-23132.md | 2 + 2021/CVE-2021-2328.md | 17 + 2021/CVE-2021-2329.md | 17 + 2021/CVE-2021-2330.md | 17 + 2021/CVE-2021-2333.md | 17 + 2021/CVE-2021-23337.md | 2 + 2021/CVE-2021-23338.md | 2 +- 2021/CVE-2021-23358.md | 1 + 2021/CVE-2021-2337.md | 17 + 2021/CVE-2021-23383.md | 1 + 2021/CVE-2021-23424.md | 2 +- 2021/CVE-2021-2351.md | 2 +- 2021/CVE-2021-23839.md | 3 + 2021/CVE-2021-23840.md | 3 + 2021/CVE-2021-23841.md | 3 + 2021/CVE-2021-2394.md | 3 + 2021/CVE-2021-24074.md | 1 + 2021/CVE-2021-24084.md | 2 + 2021/CVE-2021-24086.md | 2 + 2021/CVE-2021-24093.md | 1 + 2021/CVE-2021-24145.md | 1 + 2021/CVE-2021-24155.md | 1 + 2021/CVE-2021-24175.md | 1 + 2021/CVE-2021-24186.md | 1 + 2021/CVE-2021-24209.md | 1 + 2021/CVE-2021-24213.md | 1 + 2021/CVE-2021-24347.md | 1 + 2021/CVE-2021-24379.md | 17 + 2021/CVE-2021-2438.md | 17 + 2021/CVE-2021-24429.md | 17 + 2021/CVE-2021-24443.md | 17 + 2021/CVE-2021-24455.md | 17 + 2021/CVE-2021-24499.md | 2 + 2021/CVE-2021-24545.md | 2 + 2021/CVE-2021-2456.md | 1 + 2021/CVE-2021-24563.md | 2 +- 2021/CVE-2021-2460.md | 17 + 2021/CVE-2021-24610.md | 2 +- 2021/CVE-2021-2471.md | 4 + 2021/CVE-2021-24741.md | 2 +- 2021/CVE-2021-25162.md | 2 +- 2021/CVE-2021-25281.md | 1 + 2021/CVE-2021-25289.md | 1 + 2021/CVE-2021-25290.md | 1 + 2021/CVE-2021-25296.md | 1 + 2021/CVE-2021-25310.md | 1 + 2021/CVE-2021-25641.md | 1 + 2021/CVE-2021-25646.md | 4 + 2021/CVE-2021-25735.md | 2 + 2021/CVE-2021-25737.md | 1 + 2021/CVE-2021-25829.md | 2 +- 2021/CVE-2021-25830.md | 2 +- 2021/CVE-2021-25831.md | 2 +- 2021/CVE-2021-25832.md | 2 +- 2021/CVE-2021-25833.md | 2 +- 2021/CVE-2021-25863.md | 1 + 2021/CVE-2021-26084.md | 37 + 2021/CVE-2021-26085.md | 2 + 2021/CVE-2021-26086.md | 2 + 2021/CVE-2021-26293.md | 1 + 2021/CVE-2021-26294.md | 2 + 2021/CVE-2021-26295.md | 4 + 2021/CVE-2021-26411.md | 2 + 2021/CVE-2021-26412.md | 1 + 2021/CVE-2021-26419.md | 1 + 2021/CVE-2021-26420.md | 19 + 2021/CVE-2021-26431.md | 27 + 2021/CVE-2021-26690.md | 1 + 2021/CVE-2021-26691.md | 1 + 2021/CVE-2021-26700.md | 1 + 2021/CVE-2021-26777.md | 17 + 2021/CVE-2021-26814.md | 2 + 2021/CVE-2021-26827.md | 1 + 2021/CVE-2021-26854.md | 1 + 2021/CVE-2021-26855.md | 12 + 2021/CVE-2021-26857.md | 2 + 2021/CVE-2021-26858.md | 2 + 2021/CVE-2021-26919.md | 1 + 2021/CVE-2021-26920.md | 1 + 2021/CVE-2021-27047.md | 17 + 2021/CVE-2021-27065.md | 5 + 2021/CVE-2021-27076.md | 20 + 2021/CVE-2021-27078.md | 1 + 2021/CVE-2021-27080.md | 17 + 2021/CVE-2021-27101.md | 17 + 2021/CVE-2021-27102.md | 17 + 2021/CVE-2021-27103.md | 17 + 2021/CVE-2021-27104.md | 17 + 2021/CVE-2021-27129.md | 2 +- 2021/CVE-2021-27130.md | 2 +- 2021/CVE-2021-27211.md | 1 + 2021/CVE-2021-27246.md | 1 + 2021/CVE-2021-27249.md | 1 + 2021/CVE-2021-27291.md | 1 + 2021/CVE-2021-27328.md | 2 + 2021/CVE-2021-27365.md | 1 + 2021/CVE-2021-27370.md | 2 +- 2021/CVE-2021-27513.md | 1 + 2021/CVE-2021-27514.md | 1 + 2021/CVE-2021-27550.md | 1 + 2021/CVE-2021-27624.md | 1 + 2021/CVE-2021-27645.md | 2 + 2021/CVE-2021-27651.md | 2 + 2021/CVE-2021-27670.md | 1 + 2021/CVE-2021-27850.md | 3 + 2021/CVE-2021-27890.md | 1 + 2021/CVE-2021-27905.md | 2 + 2021/CVE-2021-27921.md | 17 + 2021/CVE-2021-27941.md | 17 + 2021/CVE-2021-27965.md | 1 + 2021/CVE-2021-28041.md | 17 + 2021/CVE-2021-28079.md | 1 + 2021/CVE-2021-28143.md | 1 + 2021/CVE-2021-28149.md | 1 + 2021/CVE-2021-28162.md | 1 + 2021/CVE-2021-28166.md | 17 + 2021/CVE-2021-28216.md | 17 + 2021/CVE-2021-28313.md | 2 +- 2021/CVE-2021-28321.md | 2 +- 2021/CVE-2021-28322.md | 2 +- 2021/CVE-2021-28323.md | 2 +- 2021/CVE-2021-28363.md | 1 + 2021/CVE-2021-28474.md | 19 + 2021/CVE-2021-28476.md | 2 + 2021/CVE-2021-28482.md | 1 + 2021/CVE-2021-28550.md | 1 + 2021/CVE-2021-28663.md | 1 + 2021/CVE-2021-28797.md | 2 + 2021/CVE-2021-28799.md | 20 + 2021/CVE-2021-28831.md | 17 + 2021/CVE-2021-28875.md | 18 + 2021/CVE-2021-28876.md | 17 + 2021/CVE-2021-28877.md | 17 + 2021/CVE-2021-28878.md | 17 + 2021/CVE-2021-28879.md | 17 + 2021/CVE-2021-28925.md | 1 + 2021/CVE-2021-28958.md | 2 +- 2021/CVE-2021-28966.md | 1 + 2021/CVE-2021-29003.md | 2 +- 2021/CVE-2021-29004.md | 2 +- 2021/CVE-2021-29156.md | 1 + 2021/CVE-2021-29200.md | 1 + 2021/CVE-2021-29302.md | 1 + 2021/CVE-2021-29379.md | 1 + 2021/CVE-2021-29441.md | 1 + 2021/CVE-2021-29447.md | 3 + 2021/CVE-2021-29472.md | 1 + 2021/CVE-2021-29482.md | 18 + 2021/CVE-2021-29505.md | 1 + 2021/CVE-2021-29628.md | 17 + 2021/CVE-2021-29923.md | 17 + 2021/CVE-2021-29996.md | 1 + 2021/CVE-2021-30003.md | 1 + 2021/CVE-2021-3007.md | 1 + 2021/CVE-2021-30109.md | 1 + 2021/CVE-2021-30128.md | 1 + 2021/CVE-2021-30139.md | 1 + 2021/CVE-2021-30146.md | 1 + 2021/CVE-2021-30157.md | 1 + 2021/CVE-2021-30179.md | 1 + 2021/CVE-2021-3019.md | 1 + 2021/CVE-2021-3045.md | 17 + 2021/CVE-2021-30461.md | 2 + 2021/CVE-2021-30465.md | 2 + 2021/CVE-2021-30481.md | 1 + 2021/CVE-2021-30565.md | 17 + 2021/CVE-2021-30573.md | 3 + 2021/CVE-2021-30623.md | 1 + 2021/CVE-2021-30632.md | 3 + 2021/CVE-2021-30655.md | 1 + 2021/CVE-2021-30657.md | 1 + 2021/CVE-2021-30666.md | 17 + 2021/CVE-2021-30682.md | 1 + 2021/CVE-2021-30740.md | 4 + 2021/CVE-2021-30768.md | 4 + 2021/CVE-2021-30769.md | 4 + 2021/CVE-2021-30770.md | 4 + 2021/CVE-2021-30773.md | 4 + 2021/CVE-2021-30800.md | 17 + 2021/CVE-2021-30807.md | 3 + 2021/CVE-2021-30827.md | 18 + 2021/CVE-2021-30828.md | 18 + 2021/CVE-2021-30845.md | 17 + 2021/CVE-2021-30858.md | 5 + 2021/CVE-2021-30860.md | 2 + 2021/CVE-2021-30883.md | 3 + 2021/CVE-2021-30924.md | 17 + 2021/CVE-2021-31159.md | 1 + 2021/CVE-2021-31162.md | 2 +- 2021/CVE-2021-31166.md | 3 + 2021/CVE-2021-31169.md | 1 + 2021/CVE-2021-31178.md | 22 + 2021/CVE-2021-31181.md | 1 + 2021/CVE-2021-31195.md | 2 + 2021/CVE-2021-31196.md | 1 + 2021/CVE-2021-31200.md | 17 + 2021/CVE-2021-31207.md | 8 + 2021/CVE-2021-3121.md | 1 + 2021/CVE-2021-31215.md | 17 + 2021/CVE-2021-3129.md | 7 + 2021/CVE-2021-31440.md | 1 + 2021/CVE-2021-31474.md | 1 + 2021/CVE-2021-31535.md | 2 + 2021/CVE-2021-3156.md | 24 + 2021/CVE-2021-31599.md | 2 +- 2021/CVE-2021-31600.md | 2 +- 2021/CVE-2021-31601.md | 2 +- 2021/CVE-2021-31602.md | 1 + 2021/CVE-2021-31605.md | 2 +- 2021/CVE-2021-31607.md | 1 + 2021/CVE-2021-31630.md | 2 +- 2021/CVE-2021-31698.md | 17 + 2021/CVE-2021-31737.md | 1 + 2021/CVE-2021-31758.md | 1 + 2021/CVE-2021-31760.md | 1 + 2021/CVE-2021-31762.md | 1 + 2021/CVE-2021-31799.md | 1 + 2021/CVE-2021-31802.md | 1 + 2021/CVE-2021-31856.md | 1 + 2021/CVE-2021-31862.md | 1 + 2021/CVE-2021-31879.md | 18 + 2021/CVE-2021-31950.md | 2 +- 2021/CVE-2021-32030.md | 1 + 2021/CVE-2021-32202.md | 1 + 2021/CVE-2021-3223.md | 1 + 2021/CVE-2021-32471.md | 1 + 2021/CVE-2021-32527.md | 17 + 2021/CVE-2021-32588.md | 1 + 2021/CVE-2021-32605.md | 1 + 2021/CVE-2021-32635.md | 18 + 2021/CVE-2021-32640.md | 2 + 2021/CVE-2021-32644.md | 1 + 2021/CVE-2021-3273.md | 1 + 2021/CVE-2021-32760.md | 17 + 2021/CVE-2021-32797.md | 17 + 2021/CVE-2021-32798.md | 17 + 2021/CVE-2021-3281.md | 1 + 2021/CVE-2021-32819.md | 1 + 2021/CVE-2021-32822.md | 2 +- 2021/CVE-2021-32849.md | 2 + 2021/CVE-2021-3291.md | 1 + 2021/CVE-2021-3297.md | 2 + 2021/CVE-2021-33026.md | 1 + 2021/CVE-2021-33044.md | 3 + 2021/CVE-2021-33045.md | 3 + 2021/CVE-2021-33055.md | 2 +- 2021/CVE-2021-33193.md | 3 +- 2021/CVE-2021-3326.md | 2 + 2021/CVE-2021-3336.md | 19 + 2021/CVE-2021-33430.md | 1 + 2021/CVE-2021-33503.md | 1 + 2021/CVE-2021-33505.md | 17 + 2021/CVE-2021-33525.md | 1 + 2021/CVE-2021-3355.md | 1 + 2021/CVE-2021-33560.md | 3 + 2021/CVE-2021-33574.md | 1 + 2021/CVE-2021-33624.md | 1 + 2021/CVE-2021-33677.md | 17 + 2021/CVE-2021-33739.md | 1 + 2021/CVE-2021-33766.md | 5 + 2021/CVE-2021-33767.md | 17 + 2021/CVE-2021-3378.md | 1 + 2021/CVE-2021-33840.md | 2 +- 2021/CVE-2021-33879.md | 1 + 2021/CVE-2021-33880.md | 17 + 2021/CVE-2021-33909.md | 9 + 2021/CVE-2021-3418.md | 2 + 2021/CVE-2021-34280.md | 1 + 2021/CVE-2021-34371.md | 1 + 2021/CVE-2021-3441.md | 1 + 2021/CVE-2021-34423.md | 2 +- 2021/CVE-2021-34429.md | 1 + 2021/CVE-2021-34432.md | 17 + 2021/CVE-2021-34470.md | 2 +- 2021/CVE-2021-34473.md | 14 + 2021/CVE-2021-34481.md | 3 + 2021/CVE-2021-34483.md | 32 + 2021/CVE-2021-34486.md | 2 + 2021/CVE-2021-3449.md | 5 + 2021/CVE-2021-3450.md | 3 + 2021/CVE-2021-34523.md | 7 + 2021/CVE-2021-34527.md | 42 + 2021/CVE-2021-34547.md | 17 + 2021/CVE-2021-34558.md | 1 + 2021/CVE-2021-34621.md | 1 + 2021/CVE-2021-34646.md | 1 + 2021/CVE-2021-34684.md | 2 +- 2021/CVE-2021-34685.md | 2 +- 2021/CVE-2021-3487.md | 17 + 2021/CVE-2021-3490.md | 1 + 2021/CVE-2021-3492.md | 2 + 2021/CVE-2021-3493.md | 6 + 2021/CVE-2021-35042.md | 3 + 2021/CVE-2021-35061.md | 2 +- 2021/CVE-2021-35062.md | 2 +- 2021/CVE-2021-35211.md | 2 + 2021/CVE-2021-35215.md | 1 + 2021/CVE-2021-35296.md | 1 + 2021/CVE-2021-35464.md | 2 + 2021/CVE-2021-35492.md | 2 +- 2021/CVE-2021-35540.md | 1 + 2021/CVE-2021-3560.md | 6 + 2021/CVE-2021-35617.md | 17 + 2021/CVE-2021-35635.md | 17 + 2021/CVE-2021-35645.md | 17 + 2021/CVE-2021-35942.md | 1 + 2021/CVE-2021-35956.md | 3 +- 2021/CVE-2021-3612.md | 2 +- 2021/CVE-2021-36159.md | 1 + 2021/CVE-2021-36198.md | 17 + 2021/CVE-2021-36222.md | 2 + 2021/CVE-2021-3625.md | 1 + 2021/CVE-2021-36260.md | 4 + 2021/CVE-2021-36387.md | 2 +- 2021/CVE-2021-36388.md | 2 +- 2021/CVE-2021-36389.md | 2 +- 2021/CVE-2021-3646.md | 2 +- 2021/CVE-2021-36563.md | 1 + 2021/CVE-2021-36581.md | 1 + 2021/CVE-2021-36582.md | 1 + 2021/CVE-2021-36740.md | 1 + 2021/CVE-2021-36749.md | 4 + 2021/CVE-2021-3679.md | 2 +- 2021/CVE-2021-36798.md | 3 +- 2021/CVE-2021-36799.md | 1 + 2021/CVE-2021-36808.md | 1 + 2021/CVE-2021-36934.md | 33 + 2021/CVE-2021-36936.md | 32 + 2021/CVE-2021-36942.md | 4 + 2021/CVE-2021-36947.md | 32 + 2021/CVE-2021-36949.md | 1 + 2021/CVE-2021-36958.md | 1 + 2021/CVE-2021-3706.md | 2 +- 2021/CVE-2021-3711.md | 1 + 2021/CVE-2021-3712.md | 2 + 2021/CVE-2021-37144.md | 1 + 2021/CVE-2021-37475.md | 17 + 2021/CVE-2021-37580.md | 8 + 2021/CVE-2021-37593.md | 1 + 2021/CVE-2021-37624.md | 1 + 2021/CVE-2021-37678.md | 1 + 2021/CVE-2021-37748.md | 1 + 2021/CVE-2021-37761.md | 2 +- 2021/CVE-2021-37832.md | 1 + 2021/CVE-2021-37833.md | 1 + 2021/CVE-2021-37927.md | 2 +- 2021/CVE-2021-37980.md | 1 + 2021/CVE-2021-38001.md | 2 + 2021/CVE-2021-38114.md | 17 + 2021/CVE-2021-38115.md | 17 + 2021/CVE-2021-38165.md | 17 + 2021/CVE-2021-38171.md | 17 + 2021/CVE-2021-38295.md | 1 + 2021/CVE-2021-38603.md | 2 +- 2021/CVE-2021-38639.md | 1 + 2021/CVE-2021-38645.md | 19 + 2021/CVE-2021-38647.md | 18 + 2021/CVE-2021-38648.md | 3 + 2021/CVE-2021-38649.md | 19 + 2021/CVE-2021-38666.md | 1 + 2021/CVE-2021-38699.md | 4 +- 2021/CVE-2021-38704.md | 1 + 2021/CVE-2021-38705.md | 1 + 2021/CVE-2021-38706.md | 1 + 2021/CVE-2021-38833.md | 2 +- 2021/CVE-2021-39115.md | 1 + 2021/CVE-2021-39137.md | 17 + 2021/CVE-2021-39152.md | 1 + 2021/CVE-2021-39433.md | 1 + 2021/CVE-2021-3945.md | 1 + 2021/CVE-2021-39659.md | 17 + 2021/CVE-2021-40154.md | 1 + 2021/CVE-2021-40239.md | 17 + 2021/CVE-2021-40292.md | 17 + 2021/CVE-2021-4034.md | 5 + 2021/CVE-2021-40346.md | 7 + 2021/CVE-2021-40352.md | 4 +- 2021/CVE-2021-40353.md | 1 + 2021/CVE-2021-40438.md | 8 + 2021/CVE-2021-40444.md | 40 + 2021/CVE-2021-40449.md | 6 + 2021/CVE-2021-40492.md | 1 + 2021/CVE-2021-40528.md | 2 +- 2021/CVE-2021-40531.md | 1 + 2021/CVE-2021-40539.md | 3 + 2021/CVE-2021-40617.md | 17 + 2021/CVE-2021-40618.md | 17 + 2021/CVE-2021-40728.md | 17 + 2021/CVE-2021-40812.md | 17 + 2021/CVE-2021-40845.md | 3 +- 2021/CVE-2021-40847.md | 2 +- 2021/CVE-2021-40865.md | 1 + 2021/CVE-2021-40870.md | 4 + 2021/CVE-2021-40875.md | 1 + 2021/CVE-2021-40978.md | 1 + 2021/CVE-2021-4104.md | 1 + 2021/CVE-2021-41089.md | 1 + 2021/CVE-2021-41157.md | 1 + 2021/CVE-2021-41174.md | 1 + 2021/CVE-2021-41196.md | 17 + 2021/CVE-2021-41197.md | 17 + 2021/CVE-2021-41198.md | 17 + 2021/CVE-2021-41199.md | 17 + 2021/CVE-2021-41200.md | 17 + 2021/CVE-2021-41201.md | 17 + 2021/CVE-2021-41202.md | 17 + 2021/CVE-2021-41203.md | 17 + 2021/CVE-2021-41204.md | 17 + 2021/CVE-2021-41205.md | 17 + 2021/CVE-2021-41207.md | 17 + 2021/CVE-2021-41208.md | 18 + 2021/CVE-2021-41209.md | 17 + 2021/CVE-2021-41210.md | 17 + 2021/CVE-2021-41211.md | 17 + 2021/CVE-2021-41212.md | 17 + 2021/CVE-2021-41213.md | 17 + 2021/CVE-2021-41214.md | 17 + 2021/CVE-2021-41215.md | 17 + 2021/CVE-2021-41216.md | 17 + 2021/CVE-2021-41219.md | 17 + 2021/CVE-2021-41221.md | 17 + 2021/CVE-2021-41223.md | 17 + 2021/CVE-2021-41224.md | 17 + 2021/CVE-2021-41227.md | 17 + 2021/CVE-2021-41277.md | 10 + 2021/CVE-2021-41335.md | 32 + 2021/CVE-2021-41349.md | 1 + 2021/CVE-2021-41351.md | 1 + 2021/CVE-2021-41379.md | 2 + 2021/CVE-2021-41381.md | 1 + 2021/CVE-2021-41382.md | 2 +- 2021/CVE-2021-41495.md | 1 + 2021/CVE-2021-41496.md | 1 + 2021/CVE-2021-41497.md | 1 + 2021/CVE-2021-41498.md | 1 + 2021/CVE-2021-41499.md | 1 + 2021/CVE-2021-41500.md | 1 + 2021/CVE-2021-41511.md | 2 +- 2021/CVE-2021-41560.md | 17 + 2021/CVE-2021-41595.md | 17 + 2021/CVE-2021-41596.md | 17 + 2021/CVE-2021-41597.md | 17 + 2021/CVE-2021-41643.md | 1 + 2021/CVE-2021-41644.md | 1 + 2021/CVE-2021-41645.md | 1 + 2021/CVE-2021-41646.md | 1 + 2021/CVE-2021-41647.md | 2 +- 2021/CVE-2021-41648.md | 1 + 2021/CVE-2021-41649.md | 1 + 2021/CVE-2021-41653.md | 2 + 2021/CVE-2021-41728.md | 1 + 2021/CVE-2021-41773.md | 85 + 2021/CVE-2021-41869.md | 17 + 2021/CVE-2021-41951.md | 1 + 2021/CVE-2021-42013.md | 29 + 2021/CVE-2021-42114.md | 1 + 2021/CVE-2021-42115.md | 17 + 2021/CVE-2021-42116.md | 17 + 2021/CVE-2021-42117.md | 17 + 2021/CVE-2021-42118.md | 17 + 2021/CVE-2021-42119.md | 17 + 2021/CVE-2021-42120.md | 17 + 2021/CVE-2021-42121.md | 17 + 2021/CVE-2021-42122.md | 17 + 2021/CVE-2021-42123.md | 17 + 2021/CVE-2021-42261.md | 1 + 2021/CVE-2021-42278.md | 2 + 2021/CVE-2021-42287.md | 1 + 2021/CVE-2021-42292.md | 1 + 2021/CVE-2021-42321.md | 3 + 2021/CVE-2021-42327.md | 1 + 2021/CVE-2021-42340.md | 17 + 2021/CVE-2021-42342.md | 1 + 2021/CVE-2021-42544.md | 17 + 2021/CVE-2021-42545.md | 17 + 2021/CVE-2021-42574.md | 8 + 2021/CVE-2021-42662.md | 2 + 2021/CVE-2021-42663.md | 1 + 2021/CVE-2021-42664.md | 1 + 2021/CVE-2021-42665.md | 1 + 2021/CVE-2021-42666.md | 1 + 2021/CVE-2021-42667.md | 1 + 2021/CVE-2021-42668.md | 1 + 2021/CVE-2021-42669.md | 1 + 2021/CVE-2021-42670.md | 1 + 2021/CVE-2021-42671.md | 1 + 2021/CVE-2021-42694.md | 3 + 2021/CVE-2021-43032.md | 1 + 2021/CVE-2021-43137.md | 2 +- 2021/CVE-2021-43140.md | 1 + 2021/CVE-2021-43141.md | 1 + 2021/CVE-2021-43267.md | 3 + 2021/CVE-2021-43324.md | 17 + 2021/CVE-2021-43361.md | 1 + 2021/CVE-2021-43405.md | 2 +- 2021/CVE-2021-43451.md | 2 +- 2021/CVE-2021-43469.md | 1 + 2021/CVE-2021-43471.md | 1 + 2021/CVE-2021-43557.md | 2 + 2021/CVE-2021-43616.md | 1 + 2021/CVE-2021-43617.md | 1 + 2021/CVE-2021-43778.md | 1 + 2021/CVE-2021-43798.md | 1 + 2021/CVE-2021-43883.md | 3 + 2021/CVE-2021-44217.md | 1 + 2021/CVE-2021-44223.md | 2 +- 2021/CVE-2021-44228.md | 16 + 2021/CVE-2021-44352.md | 17 + 2021/CVE-2021-44864.md | 17 + 2021/CVE-2021-45046.md | 4 + 2021/CVE-2021-45078.md | 2 +- 2021/CVE-2021-45232.md | 1 + 2021/CVE-2021-45268.md | 1 + 2021/CVE-2021-45901.md | 1 + 2021/CVE-2021-45903.md | 17 + 2021/CVE-2021-46013.md | 2 +- github.txt | 4567 ++++++++++++++++++++++++++++++++++++++ references.txt | 81 + 2257 files changed, 18017 insertions(+), 199 deletions(-) create mode 100644 2009/CVE-2009-2009.md create mode 100644 2012/CVE-2012-2531.md create mode 100644 2012/CVE-2012-2661.md create mode 100644 2012/CVE-2012-3789.md create mode 100644 2012/CVE-2012-4683.md create mode 100644 2012/CVE-2012-4684.md create mode 100644 2013/CVE-2013-2293.md create mode 100644 2013/CVE-2013-2392.md create mode 100644 2013/CVE-2013-3006.md create mode 100644 2013/CVE-2013-3007.md create mode 100644 2013/CVE-2013-3008.md create mode 100644 2013/CVE-2013-3010.md create mode 100644 2013/CVE-2013-3011.md create mode 100644 2013/CVE-2013-3012.md create mode 100644 2014/CVE-2014-2217.md create mode 100644 2014/CVE-2014-8098.md create mode 100644 2015/CVE-2015-6161.md create mode 100644 2016/CVE-2016-10523.md create mode 100644 2016/CVE-2016-10542.md create mode 100644 2016/CVE-2016-10544.md create mode 100644 2016/CVE-2016-3093.md create mode 100644 2016/CVE-2016-5397.md create mode 100644 2016/CVE-2016-7480.md create mode 100644 2016/CVE-2016-9878.md create mode 100644 2016/CVE-2016-9879.md create mode 100644 2017/CVE-2017-0007.md create mode 100644 2017/CVE-2017-0215.md create mode 100644 2017/CVE-2017-11852.md create mode 100644 2017/CVE-2017-12610.md create mode 100644 2017/CVE-2017-14650.md create mode 100644 2017/CVE-2017-15996.md create mode 100644 2017/CVE-2017-16085.md create mode 100644 2017/CVE-2017-16093.md create mode 100644 2017/CVE-2017-16095.md create mode 100644 2017/CVE-2017-16097.md create mode 100644 2017/CVE-2017-16101.md create mode 100644 2017/CVE-2017-16102.md create mode 100644 2017/CVE-2017-16104.md create mode 100644 2017/CVE-2017-16109.md create mode 100644 2017/CVE-2017-16123.md create mode 100644 2017/CVE-2017-16131.md create mode 100644 2017/CVE-2017-16133.md create mode 100644 2017/CVE-2017-16135.md create mode 100644 2017/CVE-2017-16140.md create mode 100644 2017/CVE-2017-16141.md create mode 100644 2017/CVE-2017-16142.md create mode 100644 2017/CVE-2017-16143.md create mode 100644 2017/CVE-2017-16146.md create mode 100644 2017/CVE-2017-16149.md create mode 100644 2017/CVE-2017-16150.md create mode 100644 2017/CVE-2017-16157.md create mode 100644 2017/CVE-2017-16158.md create mode 100644 2017/CVE-2017-16159.md create mode 100644 2017/CVE-2017-16165.md create mode 100644 2017/CVE-2017-16169.md create mode 100644 2017/CVE-2017-16172.md create mode 100644 2017/CVE-2017-16175.md create mode 100644 2017/CVE-2017-16176.md create mode 100644 2017/CVE-2017-16180.md create mode 100644 2017/CVE-2017-16183.md create mode 100644 2017/CVE-2017-16185.md create mode 100644 2017/CVE-2017-16187.md create mode 100644 2017/CVE-2017-16188.md create mode 100644 2017/CVE-2017-16189.md create mode 100644 2017/CVE-2017-16191.md create mode 100644 2017/CVE-2017-16194.md create mode 100644 2017/CVE-2017-16195.md create mode 100644 2017/CVE-2017-16196.md create mode 100644 2017/CVE-2017-16208.md create mode 100644 2017/CVE-2017-16211.md create mode 100644 2017/CVE-2017-16216.md create mode 100644 2017/CVE-2017-16217.md create mode 100644 2017/CVE-2017-16219.md create mode 100644 2017/CVE-2017-16222.md create mode 100644 2017/CVE-2017-16229.md create mode 100644 2017/CVE-2017-18362.md create mode 100644 2017/CVE-2017-18594.md create mode 100644 2017/CVE-2017-3260.md create mode 100644 2017/CVE-2017-3272.md create mode 100644 2017/CVE-2017-3514.md create mode 100644 2017/CVE-2017-5647.md create mode 100644 2017/CVE-2017-5650.md create mode 100644 2017/CVE-2017-5651.md create mode 100644 2017/CVE-2017-7536.md create mode 100644 2017/CVE-2017-7657.md create mode 100644 2017/CVE-2017-7658.md create mode 100644 2017/CVE-2017-7674.md create mode 100644 2017/CVE-2017-7675.md create mode 100644 2017/CVE-2017-7784.md create mode 100644 2017/CVE-2017-7828.md create mode 100644 2017/CVE-2017-9224.md create mode 100644 2017/CVE-2017-9225.md create mode 100644 2017/CVE-2017-9226.md create mode 100644 2017/CVE-2017-9227.md create mode 100644 2017/CVE-2017-9228.md create mode 100644 2017/CVE-2017-9229.md create mode 100644 2017/CVE-2017-9304.md create mode 100644 2017/CVE-2017-9438.md create mode 100644 2018/CVE-2018-0694.md create mode 100644 2018/CVE-2018-1000518.md create mode 100644 2018/CVE-2018-1000632.md create mode 100644 2018/CVE-2018-10100.md create mode 100644 2018/CVE-2018-10101.md create mode 100644 2018/CVE-2018-10199.md create mode 100644 2018/CVE-2018-11039.md create mode 100644 2018/CVE-2018-11040.md create mode 100644 2018/CVE-2018-11307.md create mode 100644 2018/CVE-2018-11743.md create mode 100644 2018/CVE-2018-1196.md create mode 100644 2018/CVE-2018-1199.md create mode 100644 2018/CVE-2018-12022.md create mode 100644 2018/CVE-2018-12023.md create mode 100644 2018/CVE-2018-12247.md create mode 100644 2018/CVE-2018-12248.md create mode 100644 2018/CVE-2018-12249.md create mode 100644 2018/CVE-2018-12364.md create mode 100644 2018/CVE-2018-1257.md create mode 100644 2018/CVE-2018-12659.md create mode 100644 2018/CVE-2018-1272.md create mode 100644 2018/CVE-2018-1281.md create mode 100644 2018/CVE-2018-13251.md create mode 100644 2018/CVE-2018-1337.md create mode 100644 2018/CVE-2018-15756.md create mode 100644 2018/CVE-2018-1684.md create mode 100644 2018/CVE-2018-17190.md create mode 100644 2018/CVE-2018-17196.md create mode 100644 2018/CVE-2018-1724.md create mode 100644 2018/CVE-2018-1782.md create mode 100644 2018/CVE-2018-17946.md create mode 100644 2018/CVE-2018-18017.md create mode 100644 2018/CVE-2018-18018.md create mode 100644 2018/CVE-2018-18019.md create mode 100644 2018/CVE-2018-18074.md create mode 100644 2018/CVE-2018-18495.md create mode 100644 2018/CVE-2018-19837.md create mode 100644 2018/CVE-2018-19876.md create mode 100644 2018/CVE-2018-1999004.md create mode 100644 2018/CVE-2018-20147.md create mode 100644 2018/CVE-2018-20149.md create mode 100644 2018/CVE-2018-20150.md create mode 100644 2018/CVE-2018-20151.md create mode 100644 2018/CVE-2018-20152.md create mode 100644 2018/CVE-2018-20153.md create mode 100644 2018/CVE-2018-20587.md create mode 100644 2018/CVE-2018-20797.md create mode 100644 2018/CVE-2018-20821.md create mode 100644 2018/CVE-2018-20822.md create mode 100644 2018/CVE-2018-21035.md create mode 100644 2018/CVE-2018-25008.md create mode 100644 2018/CVE-2018-4277.md create mode 100644 2018/CVE-2018-5093.md create mode 100644 2018/CVE-2018-5094.md create mode 100644 2018/CVE-2018-5097.md create mode 100644 2018/CVE-2018-5100.md create mode 100644 2018/CVE-2018-5102.md create mode 100644 2018/CVE-2018-5104.md create mode 100644 2018/CVE-2018-5127.md create mode 100644 2018/CVE-2018-6060.md create mode 100644 2018/CVE-2018-6123.md create mode 100644 2018/CVE-2018-6405.md create mode 100644 2018/CVE-2018-6930.md create mode 100644 2018/CVE-2018-8029.md create mode 100644 2018/CVE-2018-8417.md create mode 100644 2018/CVE-2018-8492.md create mode 100644 2018/CVE-2018-9862.md create mode 100644 2019/CVE-2019-0024.md create mode 100644 2019/CVE-2019-0210.md create mode 100644 2019/CVE-2019-0626.md create mode 100644 2019/CVE-2019-0913.md create mode 100644 2019/CVE-2019-10210.md create mode 100644 2019/CVE-2019-10782.md create mode 100644 2019/CVE-2019-11242.md create mode 100644 2019/CVE-2019-11250.md create mode 100644 2019/CVE-2019-11254.md create mode 100644 2019/CVE-2019-11371.md create mode 100644 2019/CVE-2019-11634.md create mode 100644 2019/CVE-2019-12097.md create mode 100644 2019/CVE-2019-12101.md create mode 100644 2019/CVE-2019-12491.md create mode 100644 2019/CVE-2019-12537.md create mode 100644 2019/CVE-2019-12539.md create mode 100644 2019/CVE-2019-12540.md create mode 100644 2019/CVE-2019-12595.md create mode 100644 2019/CVE-2019-12596.md create mode 100644 2019/CVE-2019-12597.md create mode 100644 2019/CVE-2019-12941.md create mode 100644 2019/CVE-2019-13694.md create mode 100644 2019/CVE-2019-14838.md create mode 100644 2019/CVE-2019-14843.md create mode 100644 2019/CVE-2019-14865.md create mode 100644 2019/CVE-2019-14889.md create mode 100644 2019/CVE-2019-14941.md create mode 100644 2019/CVE-2019-15225.md create mode 100644 2019/CVE-2019-15234.md create mode 100644 2019/CVE-2019-15745.md create mode 100644 2019/CVE-2019-15799.md create mode 100644 2019/CVE-2019-15801.md create mode 100644 2019/CVE-2019-16729.md create mode 100644 2019/CVE-2019-16902.md create mode 100644 2019/CVE-2019-16943.md create mode 100644 2019/CVE-2019-17043.md create mode 100644 2019/CVE-2019-17044.md create mode 100644 2019/CVE-2019-17241.md create mode 100644 2019/CVE-2019-17242.md create mode 100644 2019/CVE-2019-17243.md create mode 100644 2019/CVE-2019-17244.md create mode 100644 2019/CVE-2019-17245.md create mode 100644 2019/CVE-2019-17246.md create mode 100644 2019/CVE-2019-17247.md create mode 100644 2019/CVE-2019-17248.md create mode 100644 2019/CVE-2019-17249.md create mode 100644 2019/CVE-2019-17250.md create mode 100644 2019/CVE-2019-17251.md create mode 100644 2019/CVE-2019-17252.md create mode 100644 2019/CVE-2019-17253.md create mode 100644 2019/CVE-2019-17254.md create mode 100644 2019/CVE-2019-17255.md create mode 100644 2019/CVE-2019-17256.md create mode 100644 2019/CVE-2019-17257.md create mode 100644 2019/CVE-2019-17258.md create mode 100644 2019/CVE-2019-17259.md create mode 100644 2019/CVE-2019-17260.md create mode 100644 2019/CVE-2019-17261.md create mode 100644 2019/CVE-2019-17262.md create mode 100644 2019/CVE-2019-17267.md create mode 100644 2019/CVE-2019-17367.md create mode 100644 2019/CVE-2019-17532.md create mode 100644 2019/CVE-2019-17545.md create mode 100644 2019/CVE-2019-17549.md create mode 100644 2019/CVE-2019-17567.md create mode 100644 2019/CVE-2019-17626.md create mode 100644 2019/CVE-2019-18182.md create mode 100644 2019/CVE-2019-18183.md create mode 100644 2019/CVE-2019-1853.md create mode 100644 2019/CVE-2019-18674.md create mode 100644 2019/CVE-2019-18874.md create mode 100644 2019/CVE-2019-18889.md create mode 100644 2019/CVE-2019-18992.md create mode 100644 2019/CVE-2019-19041.md create mode 100644 2019/CVE-2019-19307.md create mode 100644 2019/CVE-2019-19709.md create mode 100644 2019/CVE-2019-19770.md create mode 100644 2019/CVE-2019-19794.md create mode 100644 2019/CVE-2019-20057.md create mode 100644 2019/CVE-2019-20330.md create mode 100644 2019/CVE-2019-20444.md create mode 100644 2019/CVE-2019-20445.md create mode 100644 2019/CVE-2019-20634.md create mode 100644 2019/CVE-2019-2114.md create mode 100644 2019/CVE-2019-2219.md create mode 100644 2019/CVE-2019-2494.md create mode 100644 2019/CVE-2019-2593.md create mode 100644 2019/CVE-2019-2891.md create mode 100644 2019/CVE-2019-3461.md create mode 100644 2019/CVE-2019-3746.md create mode 100644 2019/CVE-2019-5007.md create mode 100644 2019/CVE-2019-5008.md create mode 100644 2019/CVE-2019-5449.md create mode 100644 2019/CVE-2019-5591.md create mode 100644 2019/CVE-2019-5765.md create mode 100644 2019/CVE-2019-5808.md create mode 100644 2019/CVE-2019-5877.md create mode 100644 2019/CVE-2019-6013.md create mode 100644 2019/CVE-2019-6579.md create mode 100644 2019/CVE-2019-7125.md create mode 100644 2019/CVE-2019-7813.md create mode 100644 2019/CVE-2019-8038.md create mode 100644 2019/CVE-2019-8039.md create mode 100644 2019/CVE-2019-8647.md create mode 100644 2019/CVE-2019-8660.md create mode 100644 2019/CVE-2019-8662.md create mode 100644 2019/CVE-2019-8802.md create mode 100644 2019/CVE-2019-8805.md create mode 100644 2019/CVE-2019-9004.md create mode 100644 2019/CVE-2019-9070.md create mode 100644 2019/CVE-2019-9071.md create mode 100644 2019/CVE-2019-9117.md create mode 100644 2019/CVE-2019-9118.md create mode 100644 2019/CVE-2019-9119.md create mode 100644 2019/CVE-2019-9120.md create mode 100644 2019/CVE-2019-9121.md create mode 100644 2019/CVE-2019-9176.md create mode 100644 2019/CVE-2019-9704.md create mode 100644 2020/CVE-2020-0714.md create mode 100644 2020/CVE-2020-10675.md create mode 100644 2020/CVE-2020-10968.md create mode 100644 2020/CVE-2020-11050.md create mode 100644 2020/CVE-2020-11619.md create mode 100644 2020/CVE-2020-12062.md create mode 100644 2020/CVE-2020-12812.md create mode 100644 2020/CVE-2020-12912.md create mode 100644 2020/CVE-2020-13949.md create mode 100644 2020/CVE-2020-13998.md create mode 100644 2020/CVE-2020-14061.md create mode 100644 2020/CVE-2020-14422.md create mode 100644 2020/CVE-2020-1467.md create mode 100644 2020/CVE-2020-1488.md create mode 100644 2020/CVE-2020-15133.md create mode 100644 2020/CVE-2020-15134.md create mode 100644 2020/CVE-2020-15366.md create mode 100644 2020/CVE-2020-15506.md create mode 100644 2020/CVE-2020-15779.md create mode 100644 2020/CVE-2020-15907.md create mode 100644 2020/CVE-2020-16005.md create mode 100644 2020/CVE-2020-1615.md create mode 100644 2020/CVE-2020-1664.md create mode 100644 2020/CVE-2020-17123.md create mode 100644 2020/CVE-2020-1952.md create mode 100644 2020/CVE-2020-24807.md create mode 100644 2020/CVE-2020-2509.md create mode 100644 2020/CVE-2020-26160.md create mode 100644 2020/CVE-2020-26870.md create mode 100644 2020/CVE-2020-26893.md create mode 100644 2020/CVE-2020-27193.md create mode 100644 2020/CVE-2020-27372.md create mode 100644 2020/CVE-2020-27830.md create mode 100644 2020/CVE-2020-27905.md create mode 100644 2020/CVE-2020-28124.md create mode 100644 2020/CVE-2020-29228.md create mode 100644 2020/CVE-2020-29621.md create mode 100644 2020/CVE-2020-29622.md create mode 100644 2020/CVE-2020-29652.md create mode 100644 2020/CVE-2020-3125.md create mode 100644 2020/CVE-2020-3172.md create mode 100644 2020/CVE-2020-35240.md create mode 100644 2020/CVE-2020-35381.md create mode 100644 2020/CVE-2020-35452.md create mode 100644 2020/CVE-2020-35584.md create mode 100644 2020/CVE-2020-35585.md create mode 100644 2020/CVE-2020-35586.md create mode 100644 2020/CVE-2020-35587.md create mode 100644 2020/CVE-2020-35693.md create mode 100644 2020/CVE-2020-36317.md create mode 100644 2020/CVE-2020-36318.md create mode 100644 2020/CVE-2020-36323.md create mode 100644 2020/CVE-2020-36406.md create mode 100644 2020/CVE-2020-3762.md create mode 100644 2020/CVE-2020-3855.md create mode 100644 2020/CVE-2020-5144.md create mode 100644 2020/CVE-2020-5310.md create mode 100644 2020/CVE-2020-5639.md create mode 100644 2020/CVE-2020-6175.md create mode 100644 2020/CVE-2020-6422.md create mode 100644 2020/CVE-2020-6463.md create mode 100644 2020/CVE-2020-8187.md create mode 100644 2020/CVE-2020-8190.md create mode 100644 2020/CVE-2020-8197.md create mode 100644 2020/CVE-2020-8199.md create mode 100644 2020/CVE-2020-8200.md create mode 100644 2020/CVE-2020-8208.md create mode 100644 2020/CVE-2020-8210.md create mode 100644 2020/CVE-2020-8211.md create mode 100644 2020/CVE-2020-8212.md create mode 100644 2020/CVE-2020-8245.md create mode 100644 2020/CVE-2020-8246.md create mode 100644 2020/CVE-2020-8247.md create mode 100644 2020/CVE-2020-8253.md create mode 100644 2020/CVE-2020-8271.md create mode 100644 2020/CVE-2020-8272.md create mode 100644 2020/CVE-2020-8273.md create mode 100644 2020/CVE-2020-8564.md create mode 100644 2020/CVE-2020-8565.md create mode 100644 2020/CVE-2020-9296.md create mode 100644 2020/CVE-2020-9714.md create mode 100644 2020/CVE-2020-9939.md create mode 100644 2021/CVE-2021-0186.md create mode 100644 2021/CVE-2021-0223.md create mode 100644 2021/CVE-2021-0256.md create mode 100644 2021/CVE-2021-1090.md create mode 100644 2021/CVE-2021-1095.md create mode 100644 2021/CVE-2021-1096.md create mode 100644 2021/CVE-2021-1366.md create mode 100644 2021/CVE-2021-1568.md create mode 100644 2021/CVE-2021-1779.md create mode 100644 2021/CVE-2021-20016.md create mode 100644 2021/CVE-2021-20268.md create mode 100644 2021/CVE-2021-20270.md create mode 100644 2021/CVE-2021-20294.md create mode 100644 2021/CVE-2021-20572.md create mode 100644 2021/CVE-2021-20573.md create mode 100644 2021/CVE-2021-20574.md create mode 100644 2021/CVE-2021-20655.md create mode 100644 2021/CVE-2021-21112.md create mode 100644 2021/CVE-2021-21122.md create mode 100644 2021/CVE-2021-21128.md create mode 100644 2021/CVE-2021-21155.md create mode 100644 2021/CVE-2021-21159.md create mode 100644 2021/CVE-2021-21188.md create mode 100644 2021/CVE-2021-21190.md create mode 100644 2021/CVE-2021-21202.md create mode 100644 2021/CVE-2021-21203.md create mode 100644 2021/CVE-2021-21204.md create mode 100644 2021/CVE-2021-21207.md create mode 100644 2021/CVE-2021-21223.md create mode 100644 2021/CVE-2021-21226.md create mode 100644 2021/CVE-2021-21334.md create mode 100644 2021/CVE-2021-21677.md create mode 100644 2021/CVE-2021-21680.md create mode 100644 2021/CVE-2021-22181.md create mode 100644 2021/CVE-2021-22213.md create mode 100644 2021/CVE-2021-2226.md create mode 100644 2021/CVE-2021-22968.md create mode 100644 2021/CVE-2021-23008.md create mode 100644 2021/CVE-2021-2305.md create mode 100644 2021/CVE-2021-2328.md create mode 100644 2021/CVE-2021-2329.md create mode 100644 2021/CVE-2021-2330.md create mode 100644 2021/CVE-2021-2333.md create mode 100644 2021/CVE-2021-2337.md create mode 100644 2021/CVE-2021-24379.md create mode 100644 2021/CVE-2021-2438.md create mode 100644 2021/CVE-2021-24429.md create mode 100644 2021/CVE-2021-24443.md create mode 100644 2021/CVE-2021-24455.md create mode 100644 2021/CVE-2021-2460.md create mode 100644 2021/CVE-2021-26420.md create mode 100644 2021/CVE-2021-26431.md create mode 100644 2021/CVE-2021-26777.md create mode 100644 2021/CVE-2021-27047.md create mode 100644 2021/CVE-2021-27076.md create mode 100644 2021/CVE-2021-27080.md create mode 100644 2021/CVE-2021-27101.md create mode 100644 2021/CVE-2021-27102.md create mode 100644 2021/CVE-2021-27103.md create mode 100644 2021/CVE-2021-27104.md create mode 100644 2021/CVE-2021-27921.md create mode 100644 2021/CVE-2021-27941.md create mode 100644 2021/CVE-2021-28041.md create mode 100644 2021/CVE-2021-28166.md create mode 100644 2021/CVE-2021-28216.md create mode 100644 2021/CVE-2021-28474.md create mode 100644 2021/CVE-2021-28799.md create mode 100644 2021/CVE-2021-28831.md create mode 100644 2021/CVE-2021-28875.md create mode 100644 2021/CVE-2021-28876.md create mode 100644 2021/CVE-2021-28877.md create mode 100644 2021/CVE-2021-28878.md create mode 100644 2021/CVE-2021-28879.md create mode 100644 2021/CVE-2021-29482.md create mode 100644 2021/CVE-2021-29628.md create mode 100644 2021/CVE-2021-29923.md create mode 100644 2021/CVE-2021-3045.md create mode 100644 2021/CVE-2021-30565.md create mode 100644 2021/CVE-2021-30666.md create mode 100644 2021/CVE-2021-30800.md create mode 100644 2021/CVE-2021-30827.md create mode 100644 2021/CVE-2021-30828.md create mode 100644 2021/CVE-2021-30845.md create mode 100644 2021/CVE-2021-30924.md create mode 100644 2021/CVE-2021-31178.md create mode 100644 2021/CVE-2021-31200.md create mode 100644 2021/CVE-2021-31215.md create mode 100644 2021/CVE-2021-31698.md create mode 100644 2021/CVE-2021-31879.md create mode 100644 2021/CVE-2021-32527.md create mode 100644 2021/CVE-2021-32635.md create mode 100644 2021/CVE-2021-32760.md create mode 100644 2021/CVE-2021-32797.md create mode 100644 2021/CVE-2021-32798.md create mode 100644 2021/CVE-2021-3336.md create mode 100644 2021/CVE-2021-33505.md create mode 100644 2021/CVE-2021-33677.md create mode 100644 2021/CVE-2021-33767.md create mode 100644 2021/CVE-2021-33880.md create mode 100644 2021/CVE-2021-34432.md create mode 100644 2021/CVE-2021-34483.md create mode 100644 2021/CVE-2021-34547.md create mode 100644 2021/CVE-2021-3487.md create mode 100644 2021/CVE-2021-35617.md create mode 100644 2021/CVE-2021-35635.md create mode 100644 2021/CVE-2021-35645.md create mode 100644 2021/CVE-2021-36198.md create mode 100644 2021/CVE-2021-36936.md create mode 100644 2021/CVE-2021-36947.md create mode 100644 2021/CVE-2021-37475.md create mode 100644 2021/CVE-2021-38114.md create mode 100644 2021/CVE-2021-38115.md create mode 100644 2021/CVE-2021-38165.md create mode 100644 2021/CVE-2021-38171.md create mode 100644 2021/CVE-2021-38645.md create mode 100644 2021/CVE-2021-38649.md create mode 100644 2021/CVE-2021-39137.md create mode 100644 2021/CVE-2021-39659.md create mode 100644 2021/CVE-2021-40239.md create mode 100644 2021/CVE-2021-40292.md create mode 100644 2021/CVE-2021-40617.md create mode 100644 2021/CVE-2021-40618.md create mode 100644 2021/CVE-2021-40728.md create mode 100644 2021/CVE-2021-40812.md create mode 100644 2021/CVE-2021-41196.md create mode 100644 2021/CVE-2021-41197.md create mode 100644 2021/CVE-2021-41198.md create mode 100644 2021/CVE-2021-41199.md create mode 100644 2021/CVE-2021-41200.md create mode 100644 2021/CVE-2021-41201.md create mode 100644 2021/CVE-2021-41202.md create mode 100644 2021/CVE-2021-41203.md create mode 100644 2021/CVE-2021-41204.md create mode 100644 2021/CVE-2021-41205.md create mode 100644 2021/CVE-2021-41207.md create mode 100644 2021/CVE-2021-41208.md create mode 100644 2021/CVE-2021-41209.md create mode 100644 2021/CVE-2021-41210.md create mode 100644 2021/CVE-2021-41211.md create mode 100644 2021/CVE-2021-41212.md create mode 100644 2021/CVE-2021-41213.md create mode 100644 2021/CVE-2021-41214.md create mode 100644 2021/CVE-2021-41215.md create mode 100644 2021/CVE-2021-41216.md create mode 100644 2021/CVE-2021-41219.md create mode 100644 2021/CVE-2021-41221.md create mode 100644 2021/CVE-2021-41223.md create mode 100644 2021/CVE-2021-41224.md create mode 100644 2021/CVE-2021-41227.md create mode 100644 2021/CVE-2021-41335.md create mode 100644 2021/CVE-2021-41560.md create mode 100644 2021/CVE-2021-41595.md create mode 100644 2021/CVE-2021-41596.md create mode 100644 2021/CVE-2021-41597.md create mode 100644 2021/CVE-2021-41869.md create mode 100644 2021/CVE-2021-42115.md create mode 100644 2021/CVE-2021-42116.md create mode 100644 2021/CVE-2021-42117.md create mode 100644 2021/CVE-2021-42118.md create mode 100644 2021/CVE-2021-42119.md create mode 100644 2021/CVE-2021-42120.md create mode 100644 2021/CVE-2021-42121.md create mode 100644 2021/CVE-2021-42122.md create mode 100644 2021/CVE-2021-42123.md create mode 100644 2021/CVE-2021-42340.md create mode 100644 2021/CVE-2021-42544.md create mode 100644 2021/CVE-2021-42545.md create mode 100644 2021/CVE-2021-43324.md create mode 100644 2021/CVE-2021-44352.md create mode 100644 2021/CVE-2021-44864.md create mode 100644 2021/CVE-2021-45903.md diff --git a/2009/CVE-2009-2009.md b/2009/CVE-2009-2009.md new file mode 100644 index 0000000000..152b04db47 --- /dev/null +++ b/2009/CVE-2009-2009.md @@ -0,0 +1,17 @@ +### [CVE-2009-2009](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2009) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) curdirpath parameter to main/document/slideshow.php and the (2) file parameter to main/exercice/testheaderpage.php. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/wst24365888/get_code_segment + diff --git a/2010/CVE-2010-1240.md b/2010/CVE-2010-1240.md index 4c30f6e216..293db6938d 100644 --- a/2010/CVE-2010-1240.md +++ b/2010/CVE-2010-1240.md @@ -14,5 +14,5 @@ Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and M - http://blog.didierstevens.com/2010/06/29/quickpost-no-escape-from-pdf/ #### Github -No PoCs found on GitHub currently. +- https://github.com/Jasmoon99/Embedded-PDF diff --git a/2010/CVE-2010-1256.md b/2010/CVE-2010-1256.md index 56336b55b2..8969b864dd 100644 --- a/2010/CVE-2010-1256.md +++ b/2010/CVE-2010-1256.md @@ -13,5 +13,5 @@ Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Prot - https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-040 #### Github -No PoCs found on GitHub currently. +- https://github.com/Romulus968/copycat diff --git a/2010/CVE-2010-1899.md b/2010/CVE-2010-1899.md index 47138a2e98..ce38309ec7 100644 --- a/2010/CVE-2010-1899.md +++ b/2010/CVE-2010-1899.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/Al1ex/WindowsElevation +- https://github.com/Romulus968/copycat - https://github.com/fei9747/WindowsElevation diff --git a/2010/CVE-2010-2330.md b/2010/CVE-2010-2330.md index 5df816f43e..ce05e7e820 100644 --- a/2010/CVE-2010-2330.md +++ b/2010/CVE-2010-2330.md @@ -13,5 +13,5 @@ Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 allows remote a - http://www.exploit-db.com/exploits/13876 #### Github -No PoCs found on GitHub currently. +- https://github.com/GihanJ/Structured-Exception-Handling-SEH-Buffer-Overflow diff --git a/2010/CVE-2010-2331.md b/2010/CVE-2010-2331.md index b489372b9d..9027821169 100644 --- a/2010/CVE-2010-2331.md +++ b/2010/CVE-2010-2331.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/0xhuesca/CVE-2019-18655 +- https://github.com/GihanJ/Structured-Exception-Handling-SEH-Buffer-Overflow - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2010/CVE-2010-2730.md b/2010/CVE-2010-2730.md index 5c04c5e849..ca60fa9f92 100644 --- a/2010/CVE-2010-2730.md +++ b/2010/CVE-2010-2730.md @@ -13,5 +13,6 @@ Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastC No PoCs from references. #### Github +- https://github.com/Romulus968/copycat - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2010/CVE-2010-3333.md b/2010/CVE-2010-3333.md index e37f066c59..c6010f26d8 100644 --- a/2010/CVE-2010-3333.md +++ b/2010/CVE-2010-3333.md @@ -14,8 +14,11 @@ No PoCs from references. #### Github - https://github.com/CERT-hr/modified_cve-search +- https://github.com/ZeroRaidStudios/api.notzerotwo.ml - https://github.com/cve-search/cve-search - https://github.com/cve-search/cve-search-ng +- https://github.com/djschleen/ash +- https://github.com/doshyt/cve-monitor - https://github.com/enthought/cve-search - https://github.com/extremenetworks/cve-search-src - https://github.com/miradam/cve-search diff --git a/2010/CVE-2010-3972.md b/2010/CVE-2010-3972.md index f2ed779fc7..c227475e32 100644 --- a/2010/CVE-2010-3972.md +++ b/2010/CVE-2010-3972.md @@ -14,5 +14,5 @@ Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in - http://www.exploit-db.com/exploits/15803 #### Github -No PoCs found on GitHub currently. +- https://github.com/Romulus968/copycat diff --git a/2010/CVE-2010-4662.md b/2010/CVE-2010-4662.md index 7e78791b21..f114fadc65 100644 --- a/2010/CVE-2010-4662.md +++ b/2010/CVE-2010-4662.md @@ -13,5 +13,6 @@ PmWiki before 2.2.21 has XSS. - https://packetstormsecurity.com/files/cve/CVE-2010-4662 #### Github +- https://github.com/0xffee/Layer2HackerDao - https://github.com/plasticuproject/nvd_api diff --git a/2011/CVE-2011-0751.md b/2011/CVE-2011-0751.md index 8c912bdc87..b39bc8c198 100644 --- a/2011/CVE-2011-0751.md +++ b/2011/CVE-2011-0751.md @@ -14,5 +14,6 @@ Directory traversal vulnerability in nhttpd (aka Nostromo webserver) before 1.9. - http://www.redteam-pentesting.de/advisories/rt-sa-2011-001 #### Github +- https://github.com/NHPT/CVE-2019-16278 - https://github.com/jas502n/CVE-2019-16278 diff --git a/2011/CVE-2011-2461.md b/2011/CVE-2011-2461.md index 81d2698109..96511483e4 100644 --- a/2011/CVE-2011-2461.md +++ b/2011/CVE-2011-2461.md @@ -14,6 +14,7 @@ Cross-site scripting (XSS) vulnerability in the Adobe Flex SDK 3.x and 4.x befor - https://threatpost.com/adobe-cve-2011-2461-remains-exploitable-four-years-after-patch/111754 #### Github +- https://github.com/Nieuport/awesome-burp-extensions - https://github.com/awc/bappstore_list - https://github.com/cranelab/webapp-tech - https://github.com/snoopysecurity/awesome-burp-extensions diff --git a/2011/CVE-2011-2894.md b/2011/CVE-2011-2894.md index bd60c5ab8c..c7397753ac 100644 --- a/2011/CVE-2011-2894.md +++ b/2011/CVE-2011-2894.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/galimba/Jackson-deserialization-PoC - https://github.com/kajalNair/OSWE-Prep diff --git a/2011/CVE-2011-3374.md b/2011/CVE-2011-3374.md index 64587d4b3e..cd7f84d250 100644 --- a/2011/CVE-2011-3374.md +++ b/2011/CVE-2011-3374.md @@ -14,7 +14,9 @@ No PoCs from references. #### Github - https://github.com/Azure/container-scan +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/cynalytica/container-scan +- https://github.com/devopstales/trivy-operator - https://github.com/drjhunter/container-scan - https://github.com/flyrev/security-scan-ci-presentation - https://github.com/garethr/findcve diff --git a/2011/CVE-2011-3389.md b/2011/CVE-2011-3389.md index ab615e9a62..c1f67a6e94 100644 --- a/2011/CVE-2011-3389.md +++ b/2011/CVE-2011-3389.md @@ -19,8 +19,11 @@ The SSL protocol, as used in certain configurations in Microsoft Windows and Mic #### Github - https://github.com/Artem-Salnikov/devops-netology - https://github.com/Astrogeorgeonethree/Starred +- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 - https://github.com/WiktorMysz/devops-netology - https://github.com/alexandrburyakov/Rep2 - https://github.com/bysart/devops-netology +- https://github.com/daniel1302/litecoin - https://github.com/garethr/snykout +- https://github.com/yellownine/netology-DevOps diff --git a/2012/CVE-2012-0217.md b/2012/CVE-2012-0217.md index 024d79fce3..a06e1a3ae6 100644 --- a/2012/CVE-2012-0217.md +++ b/2012/CVE-2012-0217.md @@ -15,6 +15,7 @@ The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in - https://www.exploit-db.com/exploits/46508/ #### Github +- https://github.com/Apri1y/Red-Team-links - https://github.com/Ascotbe/Kernelhub - https://github.com/Echocipher/Resource-list - https://github.com/Flerov/WindowsExploitDev @@ -22,5 +23,10 @@ The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in - https://github.com/anoaghost/Localroot_Compile - https://github.com/cranelab/exploit-development - https://github.com/felixlinker/ifc-rv-thesis +- https://github.com/hudunkey/Red-Team-links +- https://github.com/john-80/-007 +- https://github.com/lp008/Hack-readme +- https://github.com/slimdaddy/RedTeam +- https://github.com/xiaoZ-hc/redtool - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2012/CVE-2012-0469.md b/2012/CVE-2012-0469.md index 4cad3b5c05..7a1f2ac503 100644 --- a/2012/CVE-2012-0469.md +++ b/2012/CVE-2012-0469.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/Hwangtaewon/radamsa - https://github.com/StephenHaruna/RADAMSA +- https://github.com/ZihanYe/web-browser-vulnerabilities - https://github.com/benoit-a/radamsa - https://github.com/sunzu94/radamsa-Fuzzer diff --git a/2012/CVE-2012-1182.md b/2012/CVE-2012-1182.md index 1bb2099c48..44cbd2f5bd 100644 --- a/2012/CVE-2012-1182.md +++ b/2012/CVE-2012-1182.md @@ -17,6 +17,7 @@ The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6. - https://github.com/Qftm/Information_Collection_Handbook - https://github.com/amishamunjal-az/Week16-Homework - https://github.com/esteban0477/RedTeamPlaybook +- https://github.com/katgoods/week16 - https://github.com/notsag-dev/htb-blue - https://github.com/notsag-dev/htb-legacy - https://github.com/superhero1/OSCP-Prep diff --git a/2012/CVE-2012-1876.md b/2012/CVE-2012-1876.md index 04a9f9188c..0f9a9d5887 100644 --- a/2012/CVE-2012-1876.md +++ b/2012/CVE-2012-1876.md @@ -13,5 +13,5 @@ Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not prope - https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-037 #### Github -No PoCs found on GitHub currently. +- https://github.com/migraine-sudo/Arsenal diff --git a/2012/CVE-2012-2531.md b/2012/CVE-2012-2531.md new file mode 100644 index 0000000000..3ebfa15302 --- /dev/null +++ b/2012/CVE-2012-2531.md @@ -0,0 +1,17 @@ +### [CVE-2012-2531](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2531) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log, which allows local users to discover credentials by reading this file, aka "Password Disclosure Vulnerability." + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Romulus968/copycat + diff --git a/2012/CVE-2012-2570.md b/2012/CVE-2012-2570.md index 03c5cf4a55..33f76cfeac 100644 --- a/2012/CVE-2012-2570.md +++ b/2012/CVE-2012-2570.md @@ -13,5 +13,6 @@ Cross-site scripting (XSS) vulnerability in products_map.php in X-Cart Gold 4.5 - http://www.exploit-db.com/exploits/20010 #### Github +- https://github.com/mishmashclone/sailay1996-offsec_WE - https://github.com/sailay1996/offsec_WE diff --git a/2012/CVE-2012-2574.md b/2012/CVE-2012-2574.md index 150c39c4f1..4d9b553aa6 100644 --- a/2012/CVE-2012-2574.md +++ b/2012/CVE-2012-2574.md @@ -13,5 +13,6 @@ SQL injection vulnerability in the management console in Symantec Web Gateway 5. No PoCs from references. #### Github +- https://github.com/mishmashclone/sailay1996-offsec_WE - https://github.com/sailay1996/offsec_WE diff --git a/2012/CVE-2012-2576.md b/2012/CVE-2012-2576.md index 55baac08a9..a3eaa65a92 100644 --- a/2012/CVE-2012-2576.md +++ b/2012/CVE-2012-2576.md @@ -13,5 +13,6 @@ SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manag - http://www.exploit-db.com/exploits/18833 #### Github +- https://github.com/mishmashclone/sailay1996-offsec_WE - https://github.com/sailay1996/offsec_WE diff --git a/2012/CVE-2012-2577.md b/2012/CVE-2012-2577.md index f5a830e254..7b479ac41c 100644 --- a/2012/CVE-2012-2577.md +++ b/2012/CVE-2012-2577.md @@ -13,5 +13,6 @@ Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds Orion Network - http://www.kb.cert.org/vuls/id/174119 #### Github +- https://github.com/mishmashclone/sailay1996-offsec_WE - https://github.com/sailay1996/offsec_WE diff --git a/2012/CVE-2012-2589.md b/2012/CVE-2012-2589.md index 4032ca3e02..c8650855ab 100644 --- a/2012/CVE-2012-2589.md +++ b/2012/CVE-2012-2589.md @@ -13,5 +13,6 @@ No PoCs from references. #### Github +- https://github.com/mishmashclone/sailay1996-offsec_WE - https://github.com/sailay1996/offsec_WE diff --git a/2012/CVE-2012-2593.md b/2012/CVE-2012-2593.md index bb4fa6e932..2ab595981f 100644 --- a/2012/CVE-2012-2593.md +++ b/2012/CVE-2012-2593.md @@ -13,6 +13,7 @@ Cross-site scripting (XSS) vulnerability in the administrative interface in Atma No PoCs from references. #### Github +- https://github.com/mishmashclone/sailay1996-offsec_WE - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/sailay1996/offsec_WE - https://github.com/timip/OSWE diff --git a/2012/CVE-2012-2599.md b/2012/CVE-2012-2599.md index aeb472c51b..498dd4d54f 100644 --- a/2012/CVE-2012-2599.md +++ b/2012/CVE-2012-2599.md @@ -13,5 +13,6 @@ No PoCs from references. #### Github +- https://github.com/mishmashclone/sailay1996-offsec_WE - https://github.com/sailay1996/offsec_WE diff --git a/2012/CVE-2012-2661.md b/2012/CVE-2012-2661.md new file mode 100644 index 0000000000..3c528f5353 --- /dev/null +++ b/2012/CVE-2012-2661.md @@ -0,0 +1,17 @@ +### [CVE-2012-2661](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2661) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage unintended recursion, a related issue to CVE-2012-2695. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ehayushpathak/WebApp-Hacking + diff --git a/2012/CVE-2012-2953.md b/2012/CVE-2012-2953.md index 8bcc5afa74..4e27bbdec4 100644 --- a/2012/CVE-2012-2953.md +++ b/2012/CVE-2012-2953.md @@ -13,5 +13,6 @@ The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remo No PoCs from references. #### Github +- https://github.com/mishmashclone/sailay1996-offsec_WE - https://github.com/sailay1996/offsec_WE diff --git a/2012/CVE-2012-2982.md b/2012/CVE-2012-2982.md index 1f3e878f33..e9388aa761 100644 --- a/2012/CVE-2012-2982.md +++ b/2012/CVE-2012-2982.md @@ -13,5 +13,5 @@ file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to e - http://www.kb.cert.org/vuls/id/788478 #### Github -No PoCs found on GitHub currently. +- https://github.com/JohnHammond/CVE-2012-2982 diff --git a/2012/CVE-2012-3789.md b/2012/CVE-2012-3789.md new file mode 100644 index 0000000000..e46d215bf6 --- /dev/null +++ b/2012/CVE-2012-3789.md @@ -0,0 +1,17 @@ +### [CVE-2012-3789](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3789) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.7rc3, 0.5.x before 0.5.6rc3, 0.6.0.x before 0.6.0.9rc1, and 0.6.x before 0.6.3rc1 allows remote attackers to cause a denial of service (process hang) via unknown behavior on a Bitcoin network. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/nachobonilla/awesome-blockchain-security + diff --git a/2012/CVE-2012-4683.md b/2012/CVE-2012-4683.md new file mode 100644 index 0000000000..14b1c255b8 --- /dev/null +++ b/2012/CVE-2012-4683.md @@ -0,0 +1,17 @@ +### [CVE-2012-4683](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4683) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Unspecified vulnerability in bitcoind and Bitcoin-Qt allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-4682. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/nachobonilla/awesome-blockchain-security + diff --git a/2012/CVE-2012-4684.md b/2012/CVE-2012-4684.md new file mode 100644 index 0000000000..c652268d0d --- /dev/null +++ b/2012/CVE-2012-4684.md @@ -0,0 +1,17 @@ +### [CVE-2012-4684](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4684) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The alert functionality in bitcoind and Bitcoin-Qt before 0.7.0 supports different character representations of the same signature data, but relies on a hash of this signature, which allows remote attackers to cause a denial of service (resource consumption) via a valid modified signature for a circulating alert. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/nachobonilla/awesome-blockchain-security + diff --git a/2012/CVE-2012-4929.md b/2012/CVE-2012-4929.md index 8713e84174..b673c88f9d 100644 --- a/2012/CVE-2012-4929.md +++ b/2012/CVE-2012-4929.md @@ -21,6 +21,7 @@ The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, - https://github.com/F4RM0X/script_a2sv - https://github.com/H4CK3RT3CH/a2sv - https://github.com/Mre11i0t/a2sv +- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 - https://github.com/WiktorMysz/devops-netology - https://github.com/alexandrburyakov/Rep2 - https://github.com/bysart/devops-netology @@ -30,4 +31,5 @@ The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, - https://github.com/fireorb/sslscanner - https://github.com/mohitrex7/Wap-Recon - https://github.com/nkiselyov/devops-netology +- https://github.com/yellownine/netology-DevOps diff --git a/2013/CVE-2013-0169.md b/2013/CVE-2013-0169.md index ce48358be4..db86414616 100644 --- a/2013/CVE-2013-0169.md +++ b/2013/CVE-2013-0169.md @@ -15,6 +15,7 @@ The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenS #### Github - https://github.com/Artem-Salnikov/devops-netology - https://github.com/PeterMosmans/security-scripts +- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 - https://github.com/WiktorMysz/devops-netology - https://github.com/alexandrburyakov/Rep2 - https://github.com/bysart/devops-netology @@ -23,4 +24,5 @@ The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenS - https://github.com/sailfishos-mirror/tlslite-ng - https://github.com/tlsfuzzer/tlslite-ng - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/yellownine/netology-DevOps diff --git a/2013/CVE-2013-2028.md b/2013/CVE-2013-2028.md index f9b0c2361c..f9cabe0b9e 100644 --- a/2013/CVE-2013-2028.md +++ b/2013/CVE-2013-2028.md @@ -14,6 +14,7 @@ The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 thro - https://github.com/rapid7/metasploit-framework/pull/1834 #### Github +- https://github.com/camel-clarkson/non-controlflow-hijacking-datasets - https://github.com/mertsarica/hack4career - https://github.com/mudongliang/LinuxFlaw - https://github.com/oneoy/cve- diff --git a/2013/CVE-2013-2251.md b/2013/CVE-2013-2251.md index 9d42477b8a..df54f834c0 100644 --- a/2013/CVE-2013-2251.md +++ b/2013/CVE-2013-2251.md @@ -20,19 +20,30 @@ Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary - https://github.com/3vikram/Application-Vulnerabilities-Payloads - https://github.com/84KaliPleXon3/Payloads_All_The_Things - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Delishsploits/PayloadsAndMethodology - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/GuynnR/Payloads - https://github.com/Muhammd/Awesome-Payloads +- https://github.com/Nieuport/PayloadsAllTheThings - https://github.com/Ra7mo0on/PayloadsAllTheThings - https://github.com/SexyBeast233/SecBooks - https://github.com/XPR1M3/Payloads_All_The_Things - https://github.com/andrysec/PayloadsAllVulnerability - https://github.com/anhtu97/PayloadAllEverything +- https://github.com/apkadmin/PayLoadsAll +- https://github.com/chanchalpatra/payload - https://github.com/eescanilla/Apache-Struts-v3 - https://github.com/fupinglee/Struts2_Bugs - https://github.com/gobysec/Goby +- https://github.com/hellochunqiu/PayloadsAllTheThings +- https://github.com/ksw9722/PayloadsAllTheThings +- https://github.com/mrhacker51/ReverseShellCommands +- https://github.com/nevidimk0/PayloadsAllTheThings - https://github.com/s1kr10s/Apache-Struts-v4 - https://github.com/sobinge/--1 - https://github.com/sobinge/PayloadsAllTheThings +- https://github.com/sobinge/PayloadsAllThesobinge - https://github.com/sobinge/nuclei-templates +- https://github.com/winterwolf32/PayloadsAllTheThings - https://github.com/woods-sega/woodswiki diff --git a/2013/CVE-2013-2293.md b/2013/CVE-2013-2293.md new file mode 100644 index 0000000000..7539861198 --- /dev/null +++ b/2013/CVE-2013-2293.md @@ -0,0 +1,17 @@ +### [CVE-2013-2293](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2293) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The CTransaction::FetchInputs method in bitcoind and Bitcoin-Qt before 0.8.0rc1 copies transactions from disk to memory without incrementally checking for spent prevouts, which allows remote attackers to cause a denial of service (disk I/O consumption) via a Bitcoin transaction with many inputs corresponding to many different parts of the stored block chain. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/nachobonilla/awesome-blockchain-security + diff --git a/2013/CVE-2013-2392.md b/2013/CVE-2013-2392.md new file mode 100644 index 0000000000..5175489fc7 --- /dev/null +++ b/2013/CVE-2013-2392.md @@ -0,0 +1,17 @@ +### [CVE-2013-2392](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2392) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ycamper/censys-scripts + diff --git a/2013/CVE-2013-2566.md b/2013/CVE-2013-2566.md index cd4634b98c..e442f2aa82 100644 --- a/2013/CVE-2013-2566.md +++ b/2013/CVE-2013-2566.md @@ -15,8 +15,10 @@ The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single #### Github - https://github.com/Artem-Salnikov/devops-netology +- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 - https://github.com/WiktorMysz/devops-netology - https://github.com/alexandrburyakov/Rep2 - https://github.com/bysart/devops-netology - https://github.com/mikemackintosh/ruby-qualys +- https://github.com/yellownine/netology-DevOps diff --git a/2013/CVE-2013-3006.md b/2013/CVE-2013-3006.md new file mode 100644 index 0000000000..1e8d7d276e --- /dev/null +++ b/2013/CVE-2013-3006.md @@ -0,0 +1,17 @@ +### [CVE-2013-3006](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3006) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3008. + +### POC + +#### Reference +- http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2013/CVE-2013-3007.md b/2013/CVE-2013-3007.md new file mode 100644 index 0000000000..898e8f93e1 --- /dev/null +++ b/2013/CVE-2013-3007.md @@ -0,0 +1,17 @@ +### [CVE-2013-3007](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3007) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006. + +### POC + +#### Reference +- http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2013/CVE-2013-3008.md b/2013/CVE-2013-3008.md new file mode 100644 index 0000000000..9b646a94f7 --- /dev/null +++ b/2013/CVE-2013-3008.md @@ -0,0 +1,17 @@ +### [CVE-2013-3008](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3008) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006. + +### POC + +#### Reference +- http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2013/CVE-2013-3009.md b/2013/CVE-2013-3009.md index 3a430df6c5..7e42ca0ab8 100644 --- a/2013/CVE-2013-3009.md +++ b/2013/CVE-2013-3009.md @@ -11,6 +11,7 @@ The com.ibm.CORBA.iiop.ClientDelegate class in IBM Java 1.4.2 before 1.4.2 SR13- #### Reference - http://seclists.org/fulldisclosure/2016/Apr/3 +- http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 #### Github No PoCs found on GitHub currently. diff --git a/2013/CVE-2013-3010.md b/2013/CVE-2013-3010.md new file mode 100644 index 0000000000..2b6ace072c --- /dev/null +++ b/2013/CVE-2013-3010.md @@ -0,0 +1,17 @@ +### [CVE-2013-3010](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3010) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3007. + +### POC + +#### Reference +- http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2013/CVE-2013-3011.md b/2013/CVE-2013-3011.md new file mode 100644 index 0000000000..02ae7494dc --- /dev/null +++ b/2013/CVE-2013-3011.md @@ -0,0 +1,17 @@ +### [CVE-2013-3011](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3011) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3012. + +### POC + +#### Reference +- http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2013/CVE-2013-3012.md b/2013/CVE-2013-3012.md new file mode 100644 index 0000000000..c804bbc889 --- /dev/null +++ b/2013/CVE-2013-3012.md @@ -0,0 +1,17 @@ +### [CVE-2013-3012](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3012) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3011. + +### POC + +#### Reference +- http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2013/CVE-2013-3587.md b/2013/CVE-2013-3587.md index b2a92f6d6d..ba95f343ce 100644 --- a/2013/CVE-2013-3587.md +++ b/2013/CVE-2013-3587.md @@ -15,7 +15,9 @@ The HTTPS protocol, as used in unspecified web applications, can encrypt compres #### Github - https://github.com/Artem-Salnikov/devops-netology +- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 - https://github.com/WiktorMysz/devops-netology - https://github.com/alexandrburyakov/Rep2 - https://github.com/bysart/devops-netology +- https://github.com/yellownine/netology-DevOps diff --git a/2013/CVE-2013-4002.md b/2013/CVE-2013-4002.md index 31ca98db19..aa4d9fc846 100644 --- a/2013/CVE-2013-4002.md +++ b/2013/CVE-2013-4002.md @@ -10,7 +10,7 @@ XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java ### POC #### Reference -No PoCs from references. +- http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 #### Github - https://github.com/tafamace/CVE-2013-4002 diff --git a/2013/CVE-2013-4235.md b/2013/CVE-2013-4235.md index 4a79651b3f..de35997956 100644 --- a/2013/CVE-2013-4235.md +++ b/2013/CVE-2013-4235.md @@ -13,7 +13,10 @@ shadow: TOCTOU (time-of-check time-of-use) race condition when copying and remov No PoCs from references. #### Github +- https://github.com/brandoncamenisch/release-the-code-litecoin - https://github.com/dispera/giant-squid +- https://github.com/domyrtille/interview_project +- https://github.com/epequeno/devops-demo - https://github.com/flyrev/security-scan-ci-presentation - https://github.com/garethr/snykout - https://github.com/nedenwalker/spring-boot-app-using-gradle diff --git a/2013/CVE-2013-6632.md b/2013/CVE-2013-6632.md index ff3720bc25..42269e58e9 100644 --- a/2013/CVE-2013-6632.md +++ b/2013/CVE-2013-6632.md @@ -15,6 +15,8 @@ No PoCs from references. #### Github - https://github.com/allpaca/chrome-sbx-db - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/thelostvoice/global-takeover +- https://github.com/thelostvoice/inept-us-military - https://github.com/tunz/js-vuln-db - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2014/CVE-2014-0160.md b/2014/CVE-2014-0160.md index e9d79ba40b..2b482f8c71 100644 --- a/2014/CVE-2014-0160.md +++ b/2014/CVE-2014-0160.md @@ -29,6 +29,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - https://github.com/ByteHackr/HackingTools-2 - https://github.com/ColtSeals/nerdvpn - https://github.com/Cyberleet1337/Payloadswebhack +- https://github.com/Delishsploits/PayloadsAndMethodology - https://github.com/Dor1s/libfuzzer-workshop - https://github.com/El-Palomo/VULNIX - https://github.com/EvilHat/awesome-hacking @@ -39,6 +40,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - https://github.com/Fedex100/awesome-pentest - https://github.com/Fedex100/awesome-security - https://github.com/ForAllSecure/VulnerabilitiesLab +- https://github.com/GuynnR/Payloads - https://github.com/H4CK3RT3CH/Awesome-Pentest-Reference - https://github.com/H4CK3RT3CH/a2sv - https://github.com/H4CK3RT3CH/awesome-pentest @@ -54,6 +56,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - https://github.com/Muhammd/Awesome-Pentest - https://github.com/NCSU-DANCE-Research-Group/CDL - https://github.com/Nieuport/Awesome-Security +- https://github.com/Nieuport/PayloadsAllTheThings - https://github.com/OshekharO/Penetration-Testing - https://github.com/Prodject/Kn0ck - https://github.com/Programming-Fun/awesome-pentest @@ -74,6 +77,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - https://github.com/Trietptm-on-Awesome-Lists/become-a-penetration-tester - https://github.com/Tung0801/Certified-Ethical-Hacker-Exam-CEH-v10 - https://github.com/UroBs17/hacking-tools +- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 - https://github.com/WiktorMysz/devops-netology - https://github.com/XPR1M3/Payloads_All_The_Things - https://github.com/abhinavkakku/Ethical-Hacking-Tutorials @@ -85,6 +89,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - https://github.com/andrysec/PayloadsAllVulnerability - https://github.com/anhtu97/PayloadAllEverything - https://github.com/antoinegoze/learn-web-hacking +- https://github.com/apkadmin/PayLoadsAll - https://github.com/aylincetin/PayloadsAllTheThings - https://github.com/aymankhder/awesome-pentest - https://github.com/barnumbirr/ares @@ -92,6 +97,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - https://github.com/briskinfosec/Tools - https://github.com/bysart/devops-netology - https://github.com/catsecorg/CatSec-TryHackMe-WriteUps +- https://github.com/chanchalpatra/payload - https://github.com/dadglad/aawesome-security - https://github.com/darkcatdark/awesome-pentest - https://github.com/delishen/sslscan @@ -109,6 +115,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - https://github.com/hackerhouse-opensource/exploits - https://github.com/hackingyseguridad/sslscan - https://github.com/halon/changelog +- https://github.com/hellochunqiu/PayloadsAllTheThings - https://github.com/hilal007/E-Tip - https://github.com/huangzhe312/pentest - https://github.com/ibr2/awesome-pentest @@ -122,10 +129,12 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - https://github.com/jweny/pocassistdb - https://github.com/kk98kk0/Payloads - https://github.com/korotkov-dmitry/03-sysadmin-09-security +- https://github.com/ksw9722/PayloadsAllTheThings - https://github.com/lethanhtrung22/Awesome-Hacking - https://github.com/linuxjustin/Pentest - https://github.com/linuxjustin/Tools - https://github.com/lotusirous/vulnwebcollection +- https://github.com/madhavmehndiratta/Google-Code-In-2019 - https://github.com/mahyarx/pentest-tools - https://github.com/majidkalantarii/WebHacking - https://github.com/marrocamp/Impressionante-pentest @@ -136,7 +145,9 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - https://github.com/mikesir87/docker-nginx-patching-demo - https://github.com/minkhant-dotcom/awesome_security - https://github.com/mostakimur/SecurityTesting_web-hacking +- https://github.com/mrhacker51/ReverseShellCommands - https://github.com/nabaratanpatra/CODE-FOR-FUN +- https://github.com/nevidimk0/PayloadsAllTheThings - https://github.com/nikamajinkya/PentestEx - https://github.com/nkiselyov/devops-netology - https://github.com/noname1007/awesome-web-hacking @@ -169,6 +180,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - https://github.com/shayezkarim/pentest - https://github.com/sobinge/--1 - https://github.com/sobinge/PayloadsAllTheThings +- https://github.com/sobinge/PayloadsAllThesobinge - https://github.com/spy86/Security-Awesome - https://github.com/ssc-oscar/HBL - https://github.com/takuzoo3868/laputa @@ -184,9 +196,12 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - https://github.com/vshaliii/Hacklab-Vulnix - https://github.com/vulnersCom/api - https://github.com/vulsio/go-cve-dictionary +- https://github.com/vulsio/go-msfdb +- https://github.com/waako/awesome-stars - https://github.com/wanirauf/pentest - https://github.com/wattson-coder/pablo_rotem_security - https://github.com/whalehub/awesome-stars +- https://github.com/winterwolf32/PayloadsAllTheThings - https://github.com/winterwolf32/Penetration-Testing - https://github.com/winterwolf32/awesome-web-hacking - https://github.com/winterwolf32/awesome-web-hacking-1 @@ -194,6 +209,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - https://github.com/wtsxDev/List-of-web-application-security - https://github.com/wtsxDev/Penetration-Testing - https://github.com/x-o-r-r-o/PHP-Webshells-Collection +- https://github.com/yellownine/netology-DevOps - https://github.com/yige666/awesome-pentest - https://github.com/yllnelaj/awesome-pentest diff --git a/2014/CVE-2014-0224.md b/2014/CVE-2014-0224.md index 815f10b75d..db3ef0494e 100644 --- a/2014/CVE-2014-0224.md +++ b/2014/CVE-2014-0224.md @@ -23,6 +23,7 @@ OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not pr - https://github.com/Mre11i0t/a2sv - https://github.com/SSLyze410-SSLGrader-wCipherSuite-info/ssl-grader - https://github.com/SSLyze410-SSLGrader-wCipherSuite-info/ssl-wrapping-grader +- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 - https://github.com/WiktorMysz/devops-netology - https://github.com/alexandrburyakov/Rep2 - https://github.com/bysart/devops-netology @@ -33,4 +34,5 @@ OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not pr - https://github.com/nkiselyov/devops-netology - https://github.com/takuzoo3868/laputa - https://github.com/vshaliii/Hacklab-Vulnix +- https://github.com/yellownine/netology-DevOps diff --git a/2014/CVE-2014-1705.md b/2014/CVE-2014-1705.md index 8497cbaf92..4c3a3c31f4 100644 --- a/2014/CVE-2014-1705.md +++ b/2014/CVE-2014-1705.md @@ -15,6 +15,8 @@ No PoCs from references. #### Github - https://github.com/BushraAloraini/Android-Vulnerabilities - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/thelostvoice/global-takeover +- https://github.com/thelostvoice/inept-us-military - https://github.com/tunz/js-vuln-db - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2014/CVE-2014-2217.md b/2014/CVE-2014-2217.md new file mode 100644 index 0000000000..45d99d3c0c --- /dev/null +++ b/2014/CVE-2014-2217.md @@ -0,0 +1,17 @@ +### [CVE-2014-2217](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2217) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/mcgyver5/scrap_telerik + diff --git a/2014/CVE-2014-3507.md b/2014/CVE-2014-3507.md index 864eb2f8ff..1229880e65 100644 --- a/2014/CVE-2014-3507.md +++ b/2014/CVE-2014-3507.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/jumanjihouse/oval +- https://github.com/ruan777/MiniProject2019 diff --git a/2014/CVE-2014-3566.md b/2014/CVE-2014-3566.md index d1ecf3dda1..4fd92717b9 100644 --- a/2014/CVE-2014-3566.md +++ b/2014/CVE-2014-3566.md @@ -20,9 +20,11 @@ The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses - https://github.com/F4RM0X/script_a2sv - https://github.com/H4CK3RT3CH/a2sv - https://github.com/Mre11i0t/a2sv +- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 - https://github.com/WiktorMysz/devops-netology - https://github.com/alexandrburyakov/Rep2 - https://github.com/bysart/devops-netology +- https://github.com/camel-clarkson/non-controlflow-hijacking-datasets - https://github.com/cloudpassage/mangy-beast - https://github.com/fireorb/sslscanner - https://github.com/giusepperuggiero96/Network-Security-2021 @@ -31,4 +33,5 @@ The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses - https://github.com/revl-ca/scan-docker-image - https://github.com/shanekeels/harden-ssl-tls-windows - https://github.com/vshaliii/Hacklab-Vulnix +- https://github.com/yellownine/netology-DevOps diff --git a/2014/CVE-2014-3704.md b/2014/CVE-2014-3704.md index defb9f943f..e650b3e3fe 100644 --- a/2014/CVE-2014-3704.md +++ b/2014/CVE-2014-3704.md @@ -29,6 +29,7 @@ The expandArguments function in the database abstraction API in Drupal core 7.x - https://github.com/SexyBeast233/SecBooks - https://github.com/jweny/pocassistdb - https://github.com/koutto/jok3r-pocs +- https://github.com/maya6/-scan- - https://github.com/moradotai/CMS-Scan - https://github.com/superfish9/pt - https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough diff --git a/2014/CVE-2014-4113.md b/2014/CVE-2014-4113.md index 6ed5d38c24..6ea96cd768 100644 --- a/2014/CVE-2014-4113.md +++ b/2014/CVE-2014-4113.md @@ -17,6 +17,7 @@ win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Wind #### Github - https://github.com/0xpetros/windows-privilage-escalation - https://github.com/Al1ex/WindowsElevation +- https://github.com/Apri1y/Red-Team-links - https://github.com/Ascotbe/Kernelhub - https://github.com/ByteHackr/WindowsExploitation - https://github.com/CrackerCat/Kernel-Security-Development @@ -34,7 +35,10 @@ win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Wind - https://github.com/fei9747/WindowsElevation - https://github.com/gaearrow/windows-lpe-lite - https://github.com/howknows/awesome-windows-security-development +- https://github.com/hudunkey/Red-Team-links +- https://github.com/john-80/-007 - https://github.com/liuhe3647/Windows +- https://github.com/lp008/Hack-readme - https://github.com/paulveillard/cybersecurity-windows-exploitation - https://github.com/pr0code/https-github.com-ExpLife0011-awesome-windows-kernel-security-development - https://github.com/pravinsrc/NOTES-windows-kernel-links @@ -42,7 +46,9 @@ win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Wind - https://github.com/rhamaa/Binary-exploit-writeups - https://github.com/sailay1996/awe-win-expx - https://github.com/sathwikch/windows-exploitation +- https://github.com/slimdaddy/RedTeam - https://github.com/timip/OSEE - https://github.com/wateroot/poc-exp +- https://github.com/xiaoZ-hc/redtool - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2014/CVE-2014-4162.md b/2014/CVE-2014-4162.md index 059fba3740..0a7b667760 100644 --- a/2014/CVE-2014-4162.md +++ b/2014/CVE-2014-4162.md @@ -15,6 +15,7 @@ Multiple cross-site request forgery (CSRF) vulnerabilities in the Zyxel P-660HW- #### Github - https://github.com/CERT-hr/modified_cve-search - https://github.com/cve-search/cve-search +- https://github.com/cve-search/cve-search-ng - https://github.com/enthought/cve-search - https://github.com/extremenetworks/cve-search-src - https://github.com/miradam/cve-search diff --git a/2014/CVE-2014-4210.md b/2014/CVE-2014-4210.md index 4bae5061ea..6e5abb427e 100644 --- a/2014/CVE-2014-4210.md +++ b/2014/CVE-2014-4210.md @@ -18,6 +18,7 @@ Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusi - https://github.com/0xn0ne/weblogicScanner - https://github.com/1120362990/vulnerability-list - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Bywalks/WeblogicScan - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/H4ckTh3W0r1d/Goby_POC - https://github.com/ParrotSec-CN/ParrotSecCN_Community_QQbot @@ -29,9 +30,12 @@ Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusi - https://github.com/fengjixuchui/RedTeamer - https://github.com/hanc00l/some_pocsuite - https://github.com/hktalent/myhktools +- https://github.com/hmoytx/weblogicscan - https://github.com/ilmila/J2EEScan - https://github.com/jiangsir404/POC-S - https://github.com/jweny/pocassistdb +- https://github.com/maya6/-scan- +- https://github.com/pwnagelabs/VEF - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/superfish9/pt - https://github.com/veo/vscan diff --git a/2014/CVE-2014-5460.md b/2014/CVE-2014-5460.md index f4cf64ca79..013e3c7527 100644 --- a/2014/CVE-2014-5460.md +++ b/2014/CVE-2014-5460.md @@ -15,5 +15,5 @@ Unrestricted file upload vulnerability in the Tribulant Slideshow Gallery plugin - http://www.exploit-db.com/exploits/34514 #### Github -No PoCs found on GitHub currently. +- https://github.com/El-Palomo/DerpNStink diff --git a/2014/CVE-2014-6271.md b/2014/CVE-2014-6271.md index 2f47705c7c..903575f350 100644 --- a/2014/CVE-2014-6271.md +++ b/2014/CVE-2014-6271.md @@ -38,6 +38,8 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th - https://github.com/BitTheByte/Eagle - https://github.com/ByteHackr/HackingTools-2 - https://github.com/Cyberleet1337/Payloadswebhack +- https://github.com/D3Ext/PentestDictionary +- https://github.com/Delishsploits/PayloadsAndMethodology - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/EvilAnne/Python_Learn - https://github.com/EvilHat/awesome-hacking @@ -46,6 +48,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th - https://github.com/Fa1c0n35/Penetration-Testing02 - https://github.com/Fedex100/awesome-pentest - https://github.com/Fedex100/awesome-security +- https://github.com/GuynnR/Payloads - https://github.com/H0j3n/EzpzCheatSheet - https://github.com/H4CK3RT3CH/Awesome-Pentest-Reference - https://github.com/H4CK3RT3CH/awesome-pentest @@ -65,6 +68,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th - https://github.com/Muhammd/Awesome-Pentest - https://github.com/NCSU-DANCE-Research-Group/CDL - https://github.com/Nieuport/Awesome-Security +- https://github.com/Nieuport/PayloadsAllTheThings - https://github.com/OshekharO/Penetration-Testing - https://github.com/Prodject/Kn0ck - https://github.com/Programming-Fun/awesome-pentest @@ -75,10 +79,12 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th - https://github.com/SARATOGAMarine/Lastest-Web-Hacking-Tools-vol-I - https://github.com/SaltwaterC/sploit-tools - https://github.com/Secop/awesome-security +- https://github.com/Sindayifu/CVE-2019-14287-CVE-2014-6271 - https://github.com/Soldie/Colection-pentest - https://github.com/Soldie/PayloadsAllTheThings - https://github.com/Soldie/Penetration-Testing - https://github.com/Soldie/awesome-pentest-listas +- https://github.com/Swordfish-Security/Pentest-In-Docker - https://github.com/Trietptm-on-Awesome-Lists/become-a-penetration-tester - https://github.com/UroBs17/hacking-tools - https://github.com/Voxer/nagios-plugins @@ -96,12 +102,14 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th - https://github.com/andrysec/PayloadsAllVulnerability - https://github.com/anhtu97/PayloadAllEverything - https://github.com/antoinegoze/learn-web-hacking +- https://github.com/apkadmin/PayLoadsAll - https://github.com/aylincetin/PayloadsAllTheThings - https://github.com/aymankhder/awesome-pentest - https://github.com/blackpars4x4/pentesting - https://github.com/briskinfosec/Tools - https://github.com/capture0x/XSHOCK - https://github.com/catsecorg/CatSec-TryHackMe-WriteUps +- https://github.com/chanchalpatra/payload - https://github.com/chuang76/writ3up - https://github.com/czq945659538/-study - https://github.com/dadglad/aawesome-security @@ -121,6 +129,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th - https://github.com/hacden/vultools - https://github.com/hailan09/Hacker - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hellochunqiu/PayloadsAllTheThings - https://github.com/hilal007/E-Tip - https://github.com/hktalent/myhktools - https://github.com/huangzhe312/pentest @@ -130,10 +139,12 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th - https://github.com/infoslack/awesome-web-hacking - https://github.com/jottama/pentesting - https://github.com/kk98kk0/Payloads +- https://github.com/ksw9722/PayloadsAllTheThings - https://github.com/lethanhtrung22/Awesome-Hacking - https://github.com/linuxjustin/Pentest - https://github.com/linuxjustin/Tools - https://github.com/lotusirous/vulnwebcollection +- https://github.com/lp008/Hack-readme - https://github.com/mahyarx/pentest-tools - https://github.com/majidkalantarii/WebHacking - https://github.com/marrocamp/Impressionante-pentest @@ -142,7 +153,9 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th - https://github.com/meherarfaoui09/meher - https://github.com/minkhant-dotcom/awesome_security - https://github.com/mostakimur/SecurityTesting_web-hacking +- https://github.com/mrhacker51/ReverseShellCommands - https://github.com/nabaratanpatra/CODE-FOR-FUN +- https://github.com/nevidimk0/PayloadsAllTheThings - https://github.com/nikamajinkya/PentestEx - https://github.com/noname1007/awesome-web-hacking - https://github.com/notsag-dev/htb-shocker @@ -176,6 +189,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th - https://github.com/shildenbrand/Exploits - https://github.com/sobinge/--1 - https://github.com/sobinge/PayloadsAllTheThings +- https://github.com/sobinge/PayloadsAllThesobinge - https://github.com/sobinge/nuclei-templates - https://github.com/spy86/Security-Awesome - https://github.com/takuzoo3868/laputa @@ -190,6 +204,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th - https://github.com/vishalrudraraju/Pen-test - https://github.com/wanirauf/pentest - https://github.com/wattson-coder/pablo_rotem_security +- https://github.com/winterwolf32/PayloadsAllTheThings - https://github.com/winterwolf32/Penetration-Testing - https://github.com/winterwolf32/awesome-web-hacking - https://github.com/winterwolf32/awesome-web-hacking-1 diff --git a/2014/CVE-2014-6321.md b/2014/CVE-2014-6321.md index 128038b097..9f00aa9783 100644 --- a/2014/CVE-2014-6321.md +++ b/2014/CVE-2014-6321.md @@ -18,10 +18,12 @@ Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server - https://github.com/Artem-Salnikov/devops-netology - https://github.com/Ascotbe/Kernelhub - https://github.com/Flerov/WindowsExploitDev +- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 - https://github.com/WiktorMysz/devops-netology - https://github.com/alexandrburyakov/Rep2 - https://github.com/bysart/devops-netology - https://github.com/cranelab/exploit-development - https://github.com/fei9747/WindowsElevation - https://github.com/ycdxsb/WindowsPrivilegeEscalation +- https://github.com/yellownine/netology-DevOps diff --git a/2014/CVE-2014-7216.md b/2014/CVE-2014-7216.md index 375fd98087..ca93c9d38a 100644 --- a/2014/CVE-2014-7216.md +++ b/2014/CVE-2014-7216.md @@ -15,5 +15,5 @@ Multiple stack-based buffer overflows in Yahoo! Messenger 11.5.0.228 and earlier - https://www.rcesecurity.com/2015/09/cve-2014-7216-a-journey-through-yahoos-bug-bounty-program/ #### Github -No PoCs found on GitHub currently. +- https://github.com/deadcyph3r/Awesome-Collection diff --git a/2014/CVE-2014-8098.md b/2014/CVE-2014-8098.md new file mode 100644 index 0000000000..5079902e00 --- /dev/null +++ b/2014/CVE-2014-8098.md @@ -0,0 +1,17 @@ +### [CVE-2014-8098](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8098) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) __glXDisp_Render, (2) __glXDisp_RenderLarge, (3) __glXDispSwap_VendorPrivate, (4) __glXDispSwap_VendorPrivateWithReply, (5) set_client_info, (6) __glXDispSwap_SetClientInfoARB, (7) DoSwapInterval, (8) DoGetProgramString, (9) DoGetString, (10) __glXDispSwap_RenderMode, (11) __glXDisp_GetCompressedTexImage, (12) __glXDispSwap_GetCompressedTexImage, (13) __glXDisp_FeedbackBuffer, (14) __glXDispSwap_FeedbackBuffer, (15) __glXDisp_SelectBuffer, (16) __glXDispSwap_SelectBuffer, (17) __glXDisp_Flush, (18) __glXDispSwap_Flush, (19) __glXDisp_Finish, (20) __glXDispSwap_Finish, (21) __glXDisp_ReadPixels, (22) __glXDispSwap_ReadPixels, (23) __glXDisp_GetTexImage, (24) __glXDispSwap_GetTexImage, (25) __glXDisp_GetPolygonStipple, (26) __glXDispSwap_GetPolygonStipple, (27) __glXDisp_GetSeparableFilter, (28) __glXDisp_GetSeparableFilterEXT, (29) __glXDisp_GetConvolutionFilter, (30) __glXDisp_GetConvolutionFilterEXT, (31) __glXDisp_GetHistogram, (32) __glXDisp_GetHistogramEXT, (33) __glXDisp_GetMinmax, (34) __glXDisp_GetMinmaxEXT, (35) __glXDisp_GetColorTable, (36) __glXDisp_GetColorTableSGI, (37) GetSeparableFilter, (38) GetConvolutionFilter, (39) GetHistogram, (40) GetMinmax, or (41) GetColorTable function. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/RedHatProductSecurity/cwe-toolkit + diff --git a/2014/CVE-2014-9939.md b/2014/CVE-2014-9939.md index aca2faeec8..2a432e4a6a 100644 --- a/2014/CVE-2014-9939.md +++ b/2014/CVE-2014-9939.md @@ -13,6 +13,7 @@ ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printin No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers diff --git a/2015/CVE-2015-0204.md b/2015/CVE-2015-0204.md index b5383c8bdf..650c3ea034 100644 --- a/2015/CVE-2015-0204.md +++ b/2015/CVE-2015-0204.md @@ -19,10 +19,13 @@ The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 - https://github.com/H4CK3RT3CH/a2sv - https://github.com/Mre11i0t/a2sv - https://github.com/TopCaver/scz_doc_copy +- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 - https://github.com/WiktorMysz/devops-netology - https://github.com/alexandrburyakov/Rep2 - https://github.com/bysart/devops-netology +- https://github.com/camel-clarkson/non-controlflow-hijacking-datasets - https://github.com/fireorb/sslscanner - https://github.com/javirodriguezzz/Shodan-Browser - https://github.com/thekondrashov/stuff +- https://github.com/yellownine/netology-DevOps diff --git a/2015/CVE-2015-0207.md b/2015/CVE-2015-0207.md index 6c1f69ac24..b64d377ad1 100644 --- a/2015/CVE-2015-0207.md +++ b/2015/CVE-2015-0207.md @@ -13,5 +13,5 @@ The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 before 1.0.2a does not pr - http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html #### Github -No PoCs found on GitHub currently. +- https://github.com/ruan777/MiniProject2019 diff --git a/2015/CVE-2015-0400.md b/2015/CVE-2015-0400.md index 565a565cd6..bd349deb69 100644 --- a/2015/CVE-2015-0400.md +++ b/2015/CVE-2015-0400.md @@ -13,5 +13,5 @@ Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote a - http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html #### Github -No PoCs found on GitHub currently. +- https://github.com/camel-clarkson/non-controlflow-hijacking-datasets diff --git a/2015/CVE-2015-1427.md b/2015/CVE-2015-1427.md index 639c16fb7d..7b388dd105 100644 --- a/2015/CVE-2015-1427.md +++ b/2015/CVE-2015-1427.md @@ -27,6 +27,7 @@ The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 - https://github.com/gitrobtest/Java-Security - https://github.com/hktalent/myhktools - https://github.com/jweny/pocassistdb +- https://github.com/lp008/Hack-readme - https://github.com/marcocesarato/Shell-BotKiller - https://github.com/shildenbrand/Exploits - https://github.com/superfish9/pt diff --git a/2015/CVE-2015-1538.md b/2015/CVE-2015-1538.md index 287516834b..0c4c1b4369 100644 --- a/2015/CVE-2015-1538.md +++ b/2015/CVE-2015-1538.md @@ -14,5 +14,6 @@ Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTa - https://www.exploit-db.com/exploits/38124/ #### Github +- https://github.com/Tharana/vulnerability-exploitation - https://github.com/mrash/afl-cve diff --git a/2015/CVE-2015-1641.md b/2015/CVE-2015-1641.md index a54e5618d2..4f9f836130 100644 --- a/2015/CVE-2015-1641.md +++ b/2015/CVE-2015-1641.md @@ -13,6 +13,7 @@ Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 201 No PoCs from references. #### Github +- https://github.com/CyberSift/CyberSift-Alerts - https://github.com/PWN-Kingdom/Test_Tasks - https://github.com/Panopticon-Project/Panopticon-Patchwork - https://github.com/houjingyi233/office-exploit-case-study diff --git a/2015/CVE-2015-20001.md b/2015/CVE-2015-20001.md index bd684625e0..c0ba556f8f 100644 --- a/2015/CVE-2015-20001.md +++ b/2015/CVE-2015-20001.md @@ -13,5 +13,6 @@ In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The No PoCs from references. #### Github +- https://github.com/Qwaz/rust-cve - https://github.com/xxg1413/rust-security diff --git a/2015/CVE-2015-2426.md b/2015/CVE-2015-2426.md index 0300b1148c..aa24ff31df 100644 --- a/2015/CVE-2015-2426.md +++ b/2015/CVE-2015-2426.md @@ -20,4 +20,5 @@ Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Micro - https://github.com/r3p3r/nixawk-awesome-windows-exploitation - https://github.com/rhamaa/Binary-exploit-writeups - https://github.com/sathwikch/windows-exploitation +- https://github.com/scuechjr/Sec-Box diff --git a/2015/CVE-2015-2808.md b/2015/CVE-2015-2808.md index e8ffe67a5d..c3da0f0747 100644 --- a/2015/CVE-2015-2808.md +++ b/2015/CVE-2015-2808.md @@ -14,8 +14,10 @@ The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not proper #### Github - https://github.com/Artem-Salnikov/devops-netology +- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 - https://github.com/WiktorMysz/devops-netology - https://github.com/alexandrburyakov/Rep2 - https://github.com/bysart/devops-netology - https://github.com/mikemackintosh/ruby-qualys +- https://github.com/yellownine/netology-DevOps diff --git a/2015/CVE-2015-2951.md b/2015/CVE-2015-2951.md index ab69d78186..fa5866fe13 100644 --- a/2015/CVE-2015-2951.md +++ b/2015/CVE-2015-2951.md @@ -16,5 +16,6 @@ No PoCs from references. - https://github.com/The-Cracker-Technology/jwt_tool - https://github.com/aress31/jwtcat - https://github.com/mishmashclone/ticarpi-jwt_tool +- https://github.com/puckiestyle/jwt_tool - https://github.com/ticarpi/jwt_tool diff --git a/2015/CVE-2015-3864.md b/2015/CVE-2015-3864.md index 695607384f..02be5c3096 100644 --- a/2015/CVE-2015-3864.md +++ b/2015/CVE-2015-3864.md @@ -17,5 +17,6 @@ Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.c #### Github - https://github.com/HenryVHuang/CVE-2015-3864 - https://github.com/eudemonics/scaredycat +- https://github.com/hac425xxx/heap-exploitation-in-real-world - https://github.com/pwnaccelerator/stagefright-cve-2015-3864 diff --git a/2015/CVE-2015-4000.md b/2015/CVE-2015-4000.md index e04e1fbf09..7723411d28 100644 --- a/2015/CVE-2015-4000.md +++ b/2015/CVE-2015-4000.md @@ -19,6 +19,7 @@ The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a - https://github.com/F4RM0X/script_a2sv - https://github.com/H4CK3RT3CH/a2sv - https://github.com/Mre11i0t/a2sv +- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 - https://github.com/WiktorMysz/devops-netology - https://github.com/alexandrburyakov/Rep2 - https://github.com/bysart/devops-netology @@ -26,4 +27,5 @@ The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a - https://github.com/giusepperuggiero96/Network-Security-2021 - https://github.com/javirodriguezzz/Shodan-Browser - https://github.com/thekondrashov/stuff +- https://github.com/yellownine/netology-DevOps diff --git a/2015/CVE-2015-4027.md b/2015/CVE-2015-4027.md index 7c00ec48cd..e249794b9c 100644 --- a/2015/CVE-2015-4027.md +++ b/2015/CVE-2015-4027.md @@ -14,5 +14,11 @@ The AcuWVSSchedulerv10 service in Acunetix Web Vulnerability Scanner (WVS) befor - https://www.exploit-db.com/exploits/38847/ #### Github +- https://github.com/Apri1y/Red-Team-links - https://github.com/Echocipher/Resource-list +- https://github.com/hudunkey/Red-Team-links +- https://github.com/john-80/-007 +- https://github.com/lp008/Hack-readme +- https://github.com/slimdaddy/RedTeam +- https://github.com/xiaoZ-hc/redtool diff --git a/2015/CVE-2015-4852.md b/2015/CVE-2015-4852.md index ad4387feaf..594e623608 100644 --- a/2015/CVE-2015-4852.md +++ b/2015/CVE-2015-4852.md @@ -20,6 +20,8 @@ The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3. - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/MrTcsy/Exploit - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/Y4tacker/JavaSec +- https://github.com/asa1997/topgear_test - https://github.com/awsassets/weblogic_exploit - https://github.com/cross2to/betaseclab_tools - https://github.com/fengjixuchui/RedTeamer @@ -28,6 +30,7 @@ The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3. - https://github.com/hashtagcyber/Exp - https://github.com/klausware/Java-Deserialization-Cheat-Sheet - https://github.com/koutto/jok3r-pocs +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/nihaohello/N-MiddlewareScan - https://github.com/sourcery-ai-bot/Deep-Security-Reports diff --git a/2015/CVE-2015-5156.md b/2015/CVE-2015-5156.md index 80281cff99..661f2eaaf8 100644 --- a/2015/CVE-2015-5156.md +++ b/2015/CVE-2015-5156.md @@ -13,5 +13,6 @@ The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel befor No PoCs from references. #### Github +- https://github.com/Resery/Learning_Record - https://github.com/thdusdl1219/CVE-Study diff --git a/2015/CVE-2015-5165.md b/2015/CVE-2015-5165.md index 0b2977e01e..dd6976da5b 100644 --- a/2015/CVE-2015-5165.md +++ b/2015/CVE-2015-5165.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/Resery/Learning_Note - https://github.com/jiayy/android_vuln_poc-exp - https://github.com/ray-cp/Vuln_Analysis +- https://github.com/tina2114/skr_learn_list diff --git a/2015/CVE-2015-5224.md b/2015/CVE-2015-5224.md index cd2cb01a90..d52c25c9f2 100644 --- a/2015/CVE-2015-5224.md +++ b/2015/CVE-2015-5224.md @@ -13,6 +13,7 @@ The mkostemp function in login-utils in util-linux when used incorrectly allows No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/garethr/findcve - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy diff --git a/2015/CVE-2015-5254.md b/2015/CVE-2015-5254.md index af2b60a2b1..f885cf8e35 100644 --- a/2015/CVE-2015-5254.md +++ b/2015/CVE-2015-5254.md @@ -19,6 +19,7 @@ Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be seri - https://github.com/bigblackhat/oFx - https://github.com/fengjixuchui/RedTeamer - https://github.com/guoyu07/AwareIM-resources +- https://github.com/jas502n/CVE-2015-5254 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/qazbnm456/awesome-cve-poc diff --git a/2015/CVE-2015-5622.md b/2015/CVE-2015-5622.md index 1e506b429e..d30567e37f 100644 --- a/2015/CVE-2015-5622.md +++ b/2015/CVE-2015-5622.md @@ -17,6 +17,7 @@ No PoCs from references. - https://github.com/and-aleksandrov/wordpress - https://github.com/bryanvnguyen/WordPress-PT - https://github.com/choyuansu/Week-7-Project +- https://github.com/christiancastro1/Codepath-Week-7-8-Assignement - https://github.com/drsh0x2/WebSec-Week7 - https://github.com/jas5mg/Code-Path-Week7 - https://github.com/jguerrero12/WordPress-Pentesting diff --git a/2015/CVE-2015-5623.md b/2015/CVE-2015-5623.md index f5575504af..7646fbedc3 100644 --- a/2015/CVE-2015-5623.md +++ b/2015/CVE-2015-5623.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/and-aleksandrov/wordpress - https://github.com/choyuansu/Week-7-Project +- https://github.com/christiancastro1/Codepath-Week-7-8-Assignement - https://github.com/jas5mg/Code-Path-Week7 - https://github.com/lihaojin/WordPress-Pentesting - https://github.com/mmehrayin/cybersecurity-week7 diff --git a/2015/CVE-2015-5714.md b/2015/CVE-2015-5714.md index 311a555076..41b0218919 100644 --- a/2015/CVE-2015-5714.md +++ b/2015/CVE-2015-5714.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/RandallLu/codepath_7 - https://github.com/and-aleksandrov/wordpress - https://github.com/choyuansu/Week-7-Project +- https://github.com/christiancastro1/Codepath-Week-7-8-Assignement - https://github.com/kennyhk418/Codepath_project7 - https://github.com/krushang598/Cybersecurity-Week-7-and-8 - https://github.com/mmehrayin/cybersecurity-week7 diff --git a/2015/CVE-2015-5715.md b/2015/CVE-2015-5715.md index f8bf73ed01..984a5b5135 100644 --- a/2015/CVE-2015-5715.md +++ b/2015/CVE-2015-5715.md @@ -16,5 +16,6 @@ No PoCs from references. - https://github.com/LifeBringer/WordPress-Pentesting - https://github.com/and-aleksandrov/wordpress - https://github.com/choyuansu/Week-7-Project +- https://github.com/christiancastro1/Codepath-Week-7-8-Assignement - https://github.com/sammanthp007/WordPress-Pentesting diff --git a/2015/CVE-2015-5733.md b/2015/CVE-2015-5733.md index 868bc1e660..85655eb307 100644 --- a/2015/CVE-2015-5733.md +++ b/2015/CVE-2015-5733.md @@ -13,5 +13,6 @@ Cross-site scripting (XSS) vulnerability in the refreshAdvancedAccessibilityOfIt No PoCs from references. #### Github +- https://github.com/christiancastro1/Codepath-Week-7-8-Assignement - https://github.com/ftruncale/Codepath-Week-7 diff --git a/2015/CVE-2015-6161.md b/2015/CVE-2015-6161.md new file mode 100644 index 0000000000..c5c496fc0e --- /dev/null +++ b/2015/CVE-2015-6161.md @@ -0,0 +1,17 @@ +### [CVE-2015-6161](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6161) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass." + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/jessewolcott/VulnerabilityRemediation + diff --git a/2015/CVE-2015-6240.md b/2015/CVE-2015-6240.md index 39f7beab8e..7162e5be12 100644 --- a/2015/CVE-2015-6240.md +++ b/2015/CVE-2015-6240.md @@ -13,5 +13,5 @@ The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow loca - https://bugzilla.redhat.com/show_bug.cgi?id=1243468 #### Github -No PoCs found on GitHub currently. +- https://github.com/PRISHIta123/Securing_Open_Source_Components_on_Containers diff --git a/2015/CVE-2015-7297.md b/2015/CVE-2015-7297.md index 0460bbeecc..f97412e54c 100644 --- a/2015/CVE-2015-7297.md +++ b/2015/CVE-2015-7297.md @@ -19,6 +19,7 @@ SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers - https://github.com/0ps/pocassistdb - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/areaventuno/exploit-joomla - https://github.com/jweny/pocassistdb - https://github.com/stamparm/maltrail diff --git a/2015/CVE-2015-7450.md b/2015/CVE-2015-7450.md index ceabf8028f..619f50794a 100644 --- a/2015/CVE-2015-7450.md +++ b/2015/CVE-2015-7450.md @@ -17,19 +17,30 @@ Serialized-object interfaces in certain IBM analytics, business solutions, cogni - https://github.com/3vikram/Application-Vulnerabilities-Payloads - https://github.com/84KaliPleXon3/Payloads_All_The_Things - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Delishsploits/PayloadsAndMethodology - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet +- https://github.com/GuynnR/Payloads - https://github.com/Muhammd/Awesome-Payloads +- https://github.com/Nieuport/PayloadsAllTheThings - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/Ra7mo0on/PayloadsAllTheThings - https://github.com/XPR1M3/Payloads_All_The_Things - https://github.com/andrysec/PayloadsAllVulnerability - https://github.com/anhtu97/PayloadAllEverything +- https://github.com/apkadmin/PayLoadsAll +- https://github.com/chanchalpatra/payload +- https://github.com/hellochunqiu/PayloadsAllTheThings - https://github.com/klausware/Java-Deserialization-Cheat-Sheet - https://github.com/koutto/jok3r-pocs +- https://github.com/ksw9722/PayloadsAllTheThings - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +- https://github.com/mrhacker51/ReverseShellCommands +- https://github.com/nevidimk0/PayloadsAllTheThings - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/sobinge/--1 - https://github.com/sobinge/PayloadsAllTheThings +- https://github.com/sobinge/PayloadsAllThesobinge - https://github.com/sourcery-ai-bot/Deep-Security-Reports +- https://github.com/winterwolf32/PayloadsAllTheThings - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2015/CVE-2015-7501.md b/2015/CVE-2015-7501.md index d32b414937..7f22a86afa 100644 --- a/2015/CVE-2015-7501.md +++ b/2015/CVE-2015-7501.md @@ -17,8 +17,11 @@ No PoCs from references. - https://github.com/3vikram/Application-Vulnerabilities-Payloads - https://github.com/84KaliPleXon3/Payloads_All_The_Things - https://github.com/AfvanMoopen/tryhackme- +- https://github.com/Delishsploits/PayloadsAndMethodology - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet +- https://github.com/GuynnR/Payloads - https://github.com/Muhammd/Awesome-Payloads +- https://github.com/Nieuport/PayloadsAllTheThings - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/Ra7mo0on/PayloadsAllTheThings - https://github.com/RedHatOfficial/rhsecapi @@ -27,17 +30,26 @@ No PoCs from references. - https://github.com/XPR1M3/Payloads_All_The_Things - https://github.com/andrysec/PayloadsAllVulnerability - https://github.com/anhtu97/PayloadAllEverything +- https://github.com/apkadmin/PayLoadsAll +- https://github.com/asa1997/topgear_test - https://github.com/catsecorg/CatSec-TryHackMe-WriteUps +- https://github.com/chanchalpatra/payload - https://github.com/fengjixuchui/RedTeamer - https://github.com/fupinglee/JavaTools - https://github.com/gredler/aegis4j +- https://github.com/hellochunqiu/PayloadsAllTheThings - https://github.com/klausware/Java-Deserialization-Cheat-Sheet - https://github.com/koutto/jok3r-pocs +- https://github.com/ksw9722/PayloadsAllTheThings - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +- https://github.com/mrhacker51/ReverseShellCommands +- https://github.com/nevidimk0/PayloadsAllTheThings - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/sobinge/--1 - https://github.com/sobinge/PayloadsAllTheThings +- https://github.com/sobinge/PayloadsAllThesobinge - https://github.com/sourcery-ai-bot/Deep-Security-Reports +- https://github.com/winterwolf32/PayloadsAllTheThings - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/zema1/oracle-vuln-crawler diff --git a/2015/CVE-2015-7504.md b/2015/CVE-2015-7504.md index 3498b159c5..9951de4b59 100644 --- a/2015/CVE-2015-7504.md +++ b/2015/CVE-2015-7504.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/Resery/Learning_Note +- https://github.com/Resery/Learning_Record - https://github.com/WinMin/awesome-vm-exploit - https://github.com/jiayy/android_vuln_poc-exp - https://github.com/ray-cp/Vuln_Analysis diff --git a/2015/CVE-2015-7547.md b/2015/CVE-2015-7547.md index 766bbe0f3a..0a5917a781 100644 --- a/2015/CVE-2015-7547.md +++ b/2015/CVE-2015-7547.md @@ -52,6 +52,7 @@ Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functio - https://github.com/pandazheng/LinuxExploit - https://github.com/qiantu88/Linux--exp - https://github.com/rakjong/LinuxElevation +- https://github.com/scuechjr/Sec-Box - https://github.com/xfinest/linux-kernel-exploits - https://github.com/xssfile/linux-kernel-exploits - https://github.com/yige666/linux-kernel-exploits diff --git a/2015/CVE-2015-7857.md b/2015/CVE-2015-7857.md index fc4bb5686c..24dd63bd39 100644 --- a/2015/CVE-2015-7857.md +++ b/2015/CVE-2015-7857.md @@ -16,5 +16,6 @@ SQL injection vulnerability in the getListQuery function in administrator/compon - https://www.trustwave.com/Resources/SpiderLabs-Blog/Joomla-SQL-Injection-Vulnerability-Exploit-Results-in-Full-Administrative-Access/ #### Github +- https://github.com/areaventuno/exploit-joomla - https://github.com/stamparm/maltrail diff --git a/2015/CVE-2015-7858.md b/2015/CVE-2015-7858.md index 8285208416..fda7bad97f 100644 --- a/2015/CVE-2015-7858.md +++ b/2015/CVE-2015-7858.md @@ -16,5 +16,6 @@ SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers - https://www.trustwave.com/Resources/SpiderLabs-Blog/Joomla-SQL-Injection-Vulnerability-Exploit-Results-in-Full-Administrative-Access/ #### Github +- https://github.com/areaventuno/exploit-joomla - https://github.com/stamparm/maltrail diff --git a/2015/CVE-2015-8103.md b/2015/CVE-2015-8103.md index c2d3eb8cb1..ab3da81a16 100644 --- a/2015/CVE-2015-8103.md +++ b/2015/CVE-2015-8103.md @@ -17,20 +17,31 @@ The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows #### Github - https://github.com/3vikram/Application-Vulnerabilities-Payloads - https://github.com/84KaliPleXon3/Payloads_All_The_Things +- https://github.com/Delishsploits/PayloadsAndMethodology - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet +- https://github.com/GuynnR/Payloads - https://github.com/Muhammd/Awesome-Payloads - https://github.com/NCSU-DANCE-Research-Group/CDL +- https://github.com/Nieuport/PayloadsAllTheThings - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/Ra7mo0on/PayloadsAllTheThings - https://github.com/XPR1M3/Payloads_All_The_Things - https://github.com/andrysec/PayloadsAllVulnerability - https://github.com/anhtu97/PayloadAllEverything +- https://github.com/apkadmin/PayLoadsAll +- https://github.com/chanchalpatra/payload - https://github.com/gquere/pwn_jenkins +- https://github.com/hellochunqiu/PayloadsAllTheThings - https://github.com/jiangsir404/POC-S - https://github.com/klausware/Java-Deserialization-Cheat-Sheet - https://github.com/koutto/jok3r-pocs +- https://github.com/ksw9722/PayloadsAllTheThings - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +- https://github.com/mrhacker51/ReverseShellCommands +- https://github.com/nevidimk0/PayloadsAllTheThings - https://github.com/sobinge/--1 - https://github.com/sobinge/PayloadsAllTheThings +- https://github.com/sobinge/PayloadsAllThesobinge - https://github.com/superfish9/pt +- https://github.com/winterwolf32/PayloadsAllTheThings diff --git a/2016/CVE-2016-0634.md b/2016/CVE-2016-0634.md index 07d6cf5d78..6578b3b816 100644 --- a/2016/CVE-2016-0634.md +++ b/2016/CVE-2016-0634.md @@ -13,6 +13,7 @@ The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticat No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers diff --git a/2016/CVE-2016-0638.md b/2016/CVE-2016-0638.md index d1100edace..3caa170d36 100644 --- a/2016/CVE-2016-0638.md +++ b/2016/CVE-2016-0638.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xn0ne/weblogicScanner +- https://github.com/Bywalks/WeblogicScan - https://github.com/ParrotSec-CN/ParrotSecCN_Community_QQbot - https://github.com/awsassets/weblogic_exploit - https://github.com/bigblackhat/oFx @@ -23,9 +24,11 @@ No PoCs from references. - https://github.com/followboy1999/weblogic-deserialization - https://github.com/hanc00l/some_pocsuite - https://github.com/hanc00l/weblogic_unserialize_exploit +- https://github.com/hmoytx/weblogicscan - https://github.com/koutto/jok3r-pocs - https://github.com/nihaohello/N-MiddlewareScan - https://github.com/rabbitmask/WeblogicScanLot +- https://github.com/safe6Sec/wlsEnv - https://github.com/superfish9/pt - https://github.com/whoadmin/pocs - https://github.com/zema1/oracle-vuln-crawler diff --git a/2016/CVE-2016-0702.md b/2016/CVE-2016-0702.md index 980fe45958..9a2d69efae 100644 --- a/2016/CVE-2016-0702.md +++ b/2016/CVE-2016-0702.md @@ -10,7 +10,7 @@ The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0 ### POC #### Reference -No PoCs from references. +- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168 #### Github - https://github.com/rsumnerz/vuls diff --git a/2016/CVE-2016-0703.md b/2016/CVE-2016-0703.md index ef7e106d7d..11c63a4c43 100644 --- a/2016/CVE-2016-0703.md +++ b/2016/CVE-2016-0703.md @@ -10,11 +10,13 @@ The get_client_master_key function in s2_srvr.c in the SSLv2 implementation in O ### POC #### Reference -No PoCs from references. +- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168 #### Github - https://github.com/Artem-Salnikov/devops-netology +- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 - https://github.com/WiktorMysz/devops-netology - https://github.com/alexandrburyakov/Rep2 - https://github.com/bysart/devops-netology +- https://github.com/yellownine/netology-DevOps diff --git a/2016/CVE-2016-0777.md b/2016/CVE-2016-0777.md index 72cc4d1472..b88b7381f5 100644 --- a/2016/CVE-2016-0777.md +++ b/2016/CVE-2016-0777.md @@ -19,6 +19,7 @@ The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, - https://github.com/jcdad3000/GameServer - https://github.com/jcdad3000/gameserverB - https://github.com/phx/cvescan +- https://github.com/project7io/nmap - https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough - https://github.com/zachlatta/sshtron diff --git a/2016/CVE-2016-0778.md b/2016/CVE-2016-0778.md index 9a81eb24e2..eb19bf153e 100644 --- a/2016/CVE-2016-0778.md +++ b/2016/CVE-2016-0778.md @@ -19,6 +19,7 @@ The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the - https://github.com/jcdad3000/GameServer - https://github.com/jcdad3000/gameserverB - https://github.com/phx/cvescan +- https://github.com/project7io/nmap - https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough - https://github.com/zachlatta/sshtron diff --git a/2016/CVE-2016-0792.md b/2016/CVE-2016-0792.md index baefeb2faa..2d18c9cd7a 100644 --- a/2016/CVE-2016-0792.md +++ b/2016/CVE-2016-0792.md @@ -16,16 +16,28 @@ Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642. #### Github - https://github.com/3vikram/Application-Vulnerabilities-Payloads - https://github.com/84KaliPleXon3/Payloads_All_The_Things +- https://github.com/Delishsploits/PayloadsAndMethodology +- https://github.com/GuynnR/Payloads - https://github.com/Muhammd/Awesome-Payloads +- https://github.com/Nieuport/PayloadsAllTheThings - https://github.com/Ra7mo0on/PayloadsAllTheThings - https://github.com/XPR1M3/Payloads_All_The_Things - https://github.com/andrysec/PayloadsAllVulnerability - https://github.com/anhtu97/PayloadAllEverything +- https://github.com/apkadmin/PayLoadsAll +- https://github.com/chanchalpatra/payload +- https://github.com/hellochunqiu/PayloadsAllTheThings - https://github.com/koutto/jok3r-pocs +- https://github.com/ksw9722/PayloadsAllTheThings +- https://github.com/lp008/Hack-readme +- https://github.com/mrhacker51/ReverseShellCommands +- https://github.com/nevidimk0/PayloadsAllTheThings - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/sobinge/--1 - https://github.com/sobinge/PayloadsAllTheThings +- https://github.com/sobinge/PayloadsAllThesobinge - https://github.com/superfish9/pt +- https://github.com/winterwolf32/PayloadsAllTheThings - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2016/CVE-2016-0799.md b/2016/CVE-2016-0799.md index 602b57a64a..a5a2901ae4 100644 --- a/2016/CVE-2016-0799.md +++ b/2016/CVE-2016-0799.md @@ -10,7 +10,7 @@ The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1 ### POC #### Reference -No PoCs from references. +- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168 #### Github - https://github.com/xinali/articles diff --git a/2016/CVE-2016-0800.md b/2016/CVE-2016-0800.md index 39366bb082..79d1d13e77 100644 --- a/2016/CVE-2016-0800.md +++ b/2016/CVE-2016-0800.md @@ -10,6 +10,7 @@ The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and ### POC #### Reference +- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168 - https://www.kb.cert.org/vuls/id/583776 #### Github @@ -18,10 +19,12 @@ The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and - https://github.com/F4RM0X/script_a2sv - https://github.com/H4CK3RT3CH/a2sv - https://github.com/Mre11i0t/a2sv +- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 - https://github.com/WiktorMysz/devops-netology - https://github.com/alexandrburyakov/Rep2 - https://github.com/bysart/devops-netology - https://github.com/fireorb/sslscanner - https://github.com/halon/changelog - https://github.com/notnarb/docker-murmur +- https://github.com/yellownine/netology-DevOps diff --git a/2016/CVE-2016-10033.md b/2016/CVE-2016-10033.md index c5d7717984..148850586f 100644 --- a/2016/CVE-2016-10033.md +++ b/2016/CVE-2016-10033.md @@ -66,6 +66,7 @@ The mailSend function in the isMail transport in PHPMailer before 5.2.18 might a - https://github.com/boy-hack/hack-requests - https://github.com/codersstock/PhpMailer - https://github.com/crackerica/PHPMailer2 +- https://github.com/cyberpacifists/redteam - https://github.com/denniskinyuandege/mailer - https://github.com/devhribeiro/cadweb_aritana - https://github.com/dipak1997/Alumni-M diff --git a/2016/CVE-2016-10134.md b/2016/CVE-2016-10134.md index 7259876673..79784e3857 100644 --- a/2016/CVE-2016-10134.md +++ b/2016/CVE-2016-10134.md @@ -22,5 +22,6 @@ SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows - https://github.com/TesterCC/exp_poc_library - https://github.com/amcai/myscan - https://github.com/jweny/pocassistdb +- https://github.com/maya6/-scan- - https://github.com/woods-sega/woodswiki diff --git a/2016/CVE-2016-10228.md b/2016/CVE-2016-10228.md index b337453e8e..19256f5617 100644 --- a/2016/CVE-2016-10228.md +++ b/2016/CVE-2016-10228.md @@ -15,7 +15,10 @@ No PoCs from references. #### Github - https://github.com/anchore/grype - https://github.com/aymankhder/scanner-for-container +- https://github.com/brandoncamenisch/release-the-code-litecoin - https://github.com/dispera/giant-squid +- https://github.com/domyrtille/interview_project +- https://github.com/epequeno/devops-demo - https://github.com/flyrev/security-scan-ci-presentation - https://github.com/garethr/snykout - https://github.com/nedenwalker/spring-boot-app-using-gradle diff --git a/2016/CVE-2016-10403.md b/2016/CVE-2016-10403.md index b4a78510ca..552dcc3a86 100644 --- a/2016/CVE-2016-10403.md +++ b/2016/CVE-2016-10403.md @@ -13,5 +13,6 @@ Insufficient data validation on image data in PDFium in Google Chrome prior to 5 No PoCs from references. #### Github +- https://github.com/SkyBulk/RealWorldPwn - https://github.com/attackgithub/RealWorldPwn diff --git a/2016/CVE-2016-10523.md b/2016/CVE-2016-10523.md new file mode 100644 index 0000000000..bbb53c4b64 --- /dev/null +++ b/2016/CVE-2016-10523.md @@ -0,0 +1,17 @@ +### [CVE-2016-10523](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10523) +![](https://img.shields.io/static/v1?label=Product&message=mqtt-packet%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service%20(CWE-400)&color=brighgreen) + +### Description + +MQTT before 3.4.6 and 4.0.x before 4.0.5 allows specifically crafted MQTT packets to crash the application, making a DoS attack feasible with very little bandwidth. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ThingzDefense/IoT-Flock + diff --git a/2016/CVE-2016-10542.md b/2016/CVE-2016-10542.md new file mode 100644 index 0000000000..52e01794e0 --- /dev/null +++ b/2016/CVE-2016-10542.md @@ -0,0 +1,17 @@ +### [CVE-2016-10542](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10542) +![](https://img.shields.io/static/v1?label=Product&message=ws%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service%20(CWE-400)&color=brighgreen) + +### Description + +ws is a "simple to use, blazing fast and thoroughly tested websocket client, server and console for node.js, up-to-date against RFC-6455". By sending an overly long websocket payload to a `ws` server, it is possible to crash the node process. This affects ws 1.1.0 and earlier. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/PalindromeLabs/awesome-websocket-security + diff --git a/2016/CVE-2016-10544.md b/2016/CVE-2016-10544.md new file mode 100644 index 0000000000..04a72b072d --- /dev/null +++ b/2016/CVE-2016-10544.md @@ -0,0 +1,17 @@ +### [CVE-2016-10544](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10544) +![](https://img.shields.io/static/v1?label=Product&message=uws%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service%20(CWE-400)&color=brighgreen) + +### Description + +uws is a WebSocket server library. By sending a 256mb websocket message to a uws server instance with permessage-deflate enabled, there is a possibility used compression will shrink said 256mb down to less than 16mb of websocket payload which passes the length check of 16mb payload. This data will then inflate up to 256mb and crash the node process by exceeding V8's maximum string size. This affects uws >=0.10.0 <=0.10.8. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/PalindromeLabs/awesome-websocket-security + diff --git a/2016/CVE-2016-10555.md b/2016/CVE-2016-10555.md index ccb9ffffe3..7a15e5d62e 100644 --- a/2016/CVE-2016-10555.md +++ b/2016/CVE-2016-10555.md @@ -16,5 +16,6 @@ No PoCs from references. - https://github.com/The-Cracker-Technology/jwt_tool - https://github.com/mishmashclone/ticarpi-jwt_tool - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/puckiestyle/jwt_tool - https://github.com/ticarpi/jwt_tool diff --git a/2016/CVE-2016-10708.md b/2016/CVE-2016-10708.md index 94526162bf..496690077b 100644 --- a/2016/CVE-2016-10708.md +++ b/2016/CVE-2016-10708.md @@ -14,6 +14,7 @@ sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service #### Github - https://github.com/phx/cvescan +- https://github.com/project7io/nmap - https://github.com/syadg123/pigat - https://github.com/teamssix/pigat - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough diff --git a/2016/CVE-2016-10931.md b/2016/CVE-2016-10931.md index 0f0aa34015..ee0d932827 100644 --- a/2016/CVE-2016-10931.md +++ b/2016/CVE-2016-10931.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/Artisan-Lab/Rust-memory-safety-bugs +- https://github.com/MaineK00n/go-osv - https://github.com/xxg1413/rust-security diff --git a/2016/CVE-2016-1247.md b/2016/CVE-2016-1247.md index c2bb333c65..bbbb1a8104 100644 --- a/2016/CVE-2016-1247.md +++ b/2016/CVE-2016-1247.md @@ -17,6 +17,7 @@ The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages bef #### Github - https://github.com/SexyBeast233/SecBooks +- https://github.com/TCM-Course-Resources/Linux-Privilege-Escalation-Resources - https://github.com/lukeber4/usn-search - https://github.com/superfish9/pt - https://github.com/woods-sega/woodswiki diff --git a/2016/CVE-2016-1252.md b/2016/CVE-2016-1252.md index be8999639b..e68fa677ba 100644 --- a/2016/CVE-2016-1252.md +++ b/2016/CVE-2016-1252.md @@ -15,6 +15,8 @@ The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable before 1.4 - https://www.exploit-db.com/exploits/40916/ #### Github +- https://github.com/KorayAgaya/TrivyWeb +- https://github.com/Tufin/securecloud-image-analysis-action - https://github.com/jaweesh/Packet-Injection-in-Sudan-Analysis - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy diff --git a/2016/CVE-2016-1960.md b/2016/CVE-2016-1960.md index 5246f917cb..8052e02952 100644 --- a/2016/CVE-2016-1960.md +++ b/2016/CVE-2016-1960.md @@ -14,5 +14,6 @@ Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in - https://www.exploit-db.com/exploits/44294/ #### Github +- https://github.com/ZihanYe/web-browser-vulnerabilities - https://github.com/i0gan/cve diff --git a/2016/CVE-2016-2107.md b/2016/CVE-2016-2107.md index 9dc72965c0..ff9b4ea340 100644 --- a/2016/CVE-2016-2107.md +++ b/2016/CVE-2016-2107.md @@ -22,5 +22,6 @@ The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does - https://github.com/hackstoic/hacker-tools-projects - https://github.com/hannob/tls-what-can-go-wrong - https://github.com/krabelize/openbsd-httpd-tls-perfect-ssllabs-score +- https://github.com/scuechjr/Sec-Box - https://github.com/tomwillfixit/alpine-cvecheck diff --git a/2016/CVE-2016-2183.md b/2016/CVE-2016-2183.md index 07a322e2d4..e1b35f1344 100644 --- a/2016/CVE-2016-2183.md +++ b/2016/CVE-2016-2183.md @@ -22,10 +22,12 @@ The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and #### Github - https://github.com/Artem-Salnikov/devops-netology +- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 - https://github.com/WiktorMysz/devops-netology - https://github.com/alexandrburyakov/Rep2 - https://github.com/biswajitde/dsm_ips - https://github.com/bysart/devops-netology - https://github.com/gabrieljcs/ips-assessment-reports - https://github.com/mikemackintosh/ruby-qualys +- https://github.com/yellownine/netology-DevOps diff --git a/2016/CVE-2016-2383.md b/2016/CVE-2016-2383.md index b24f52f892..cd9eed01f7 100644 --- a/2016/CVE-2016-2383.md +++ b/2016/CVE-2016-2383.md @@ -13,5 +13,6 @@ The adjust_branches function in kernel/bpf/verifier.c in the Linux kernel before No PoCs from references. #### Github +- https://github.com/dylandreimerink/gobpfld - https://github.com/thdusdl1219/CVE-Study diff --git a/2016/CVE-2016-2779.md b/2016/CVE-2016-2779.md index 15edab7674..09b0bf5451 100644 --- a/2016/CVE-2016-2779.md +++ b/2016/CVE-2016-2779.md @@ -13,10 +13,13 @@ runuser in util-linux allows local users to escape to the parent session via a c No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/aquasecurity/starboard-aqua-csp-webhook +- https://github.com/broadinstitute/dsp-appsec-trivy-cicd - https://github.com/flyrev/security-scan-ci-presentation - https://github.com/garethr/findcve - https://github.com/hilbix/suid +- https://github.com/lucky-sideburn/secpod_wrap - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers diff --git a/2016/CVE-2016-2781.md b/2016/CVE-2016-2781.md index 3871ed2ea8..b881d92a16 100644 --- a/2016/CVE-2016-2781.md +++ b/2016/CVE-2016-2781.md @@ -15,7 +15,11 @@ No PoCs from references. #### Github - https://github.com/anchore/grype - https://github.com/aymankhder/scanner-for-container +- https://github.com/brandoncamenisch/release-the-code-litecoin +- https://github.com/devopstales/trivy-operator - https://github.com/dispera/giant-squid +- https://github.com/domyrtille/interview_project +- https://github.com/epequeno/devops-demo - https://github.com/equinor/radix-image-scanner - https://github.com/flyrev/security-scan-ci-presentation - https://github.com/garethr/findcve diff --git a/2016/CVE-2016-3093.md b/2016/CVE-2016-3093.md new file mode 100644 index 0000000000..91a65662e2 --- /dev/null +++ b/2016/CVE-2016-3093.md @@ -0,0 +1,17 @@ +### [CVE-2016-3093](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3093) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Apache Struts 2.0.0 through 2.3.24.1 does not properly cache method references when used with OGNL before 3.0.12, which allows remote attackers to cause a denial of service (block access to a web site) via unspecified vectors. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2016/CVE-2016-3189.md b/2016/CVE-2016-3189.md index 94cfd9a7b2..1cd378177d 100644 --- a/2016/CVE-2016-3189.md +++ b/2016/CVE-2016-3189.md @@ -19,6 +19,7 @@ Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attack - https://github.com/ngkz/my-lfs-setup - https://github.com/phonito/phonito-scanner-action - https://github.com/phonito/phonito-vulnerable-container +- https://github.com/strongcourage/uafbench - https://github.com/tomwillfixit/alpine-cvecheck - https://github.com/yfoelling/yair diff --git a/2016/CVE-2016-3225.md b/2016/CVE-2016-3225.md index 099160d798..c75f437a62 100644 --- a/2016/CVE-2016-3225.md +++ b/2016/CVE-2016-3225.md @@ -17,5 +17,6 @@ The SMB server component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 - https://github.com/Ascotbe/Kernelhub - https://github.com/SexyBeast233/SecBooks - https://github.com/fei9747/WindowsElevation +- https://github.com/lp008/Hack-readme - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2016/CVE-2016-3309.md b/2016/CVE-2016-3309.md index 41ce9bbf0f..f328b2e2ee 100644 --- a/2016/CVE-2016-3309.md +++ b/2016/CVE-2016-3309.md @@ -13,17 +13,23 @@ The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 - https://www.exploit-db.com/exploits/42960/ #### Github +- https://github.com/Apri1y/Red-Team-links - https://github.com/Ascotbe/Kernelhub - https://github.com/CrackerCat/Kernel-Security-Development - https://github.com/Echocipher/Resource-list - https://github.com/ExpLife0011/awesome-windows-kernel-security-development - https://github.com/Ondrik8/exploit +- https://github.com/hudunkey/Red-Team-links - https://github.com/jenriquezv/OSCP-Cheat-Sheets-Windows +- https://github.com/john-80/-007 +- https://github.com/lp008/Hack-readme - https://github.com/ly4k/CallbackHell - https://github.com/pravinsrc/NOTES-windows-kernel-links - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/sensepost/ms16-098 +- https://github.com/slimdaddy/RedTeam - https://github.com/whiteHat001/Kernel-Security - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2016/CVE-2016-3371.md b/2016/CVE-2016-3371.md index 984da61c0b..5eb40d3689 100644 --- a/2016/CVE-2016-3371.md +++ b/2016/CVE-2016-3371.md @@ -13,9 +13,15 @@ The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP - https://www.exploit-db.com/exploits/40429/ #### Github +- https://github.com/Apri1y/Red-Team-links - https://github.com/Ascotbe/Kernelhub - https://github.com/Echocipher/Resource-list +- https://github.com/hudunkey/Red-Team-links +- https://github.com/john-80/-007 +- https://github.com/lp008/Hack-readme - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/slimdaddy/RedTeam - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2016/CVE-2016-3510.md b/2016/CVE-2016-3510.md index d4b7db6e98..09ff89a5f6 100644 --- a/2016/CVE-2016-3510.md +++ b/2016/CVE-2016-3510.md @@ -16,27 +16,41 @@ Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusi - https://github.com/0xn0ne/weblogicScanner - https://github.com/3vikram/Application-Vulnerabilities-Payloads - https://github.com/84KaliPleXon3/Payloads_All_The_Things +- https://github.com/Bywalks/WeblogicScan +- https://github.com/Delishsploits/PayloadsAndMethodology +- https://github.com/GuynnR/Payloads - https://github.com/Muhammd/Awesome-Payloads +- https://github.com/Nieuport/PayloadsAllTheThings - https://github.com/ParrotSec-CN/ParrotSecCN_Community_QQbot - https://github.com/Ra7mo0on/PayloadsAllTheThings - https://github.com/SexyBeast233/SecBooks - https://github.com/XPR1M3/Payloads_All_The_Things - https://github.com/andrysec/PayloadsAllVulnerability - https://github.com/anhtu97/PayloadAllEverything +- https://github.com/apkadmin/PayLoadsAll - https://github.com/awsassets/weblogic_exploit +- https://github.com/chanchalpatra/payload - https://github.com/cross2to/betaseclab_tools - https://github.com/dr0op/WeblogicScan - https://github.com/fengjixuchui/RedTeamer - https://github.com/followboy1999/weblogic-deserialization - https://github.com/hanc00l/some_pocsuite - https://github.com/hanc00l/weblogic_unserialize_exploit +- https://github.com/hellochunqiu/PayloadsAllTheThings +- https://github.com/hmoytx/weblogicscan - https://github.com/koutto/jok3r-pocs +- https://github.com/ksw9722/PayloadsAllTheThings +- https://github.com/mrhacker51/ReverseShellCommands +- https://github.com/nevidimk0/PayloadsAllTheThings - https://github.com/nihaohello/N-MiddlewareScan - https://github.com/rabbitmask/WeblogicScanLot +- https://github.com/safe6Sec/wlsEnv - https://github.com/sobinge/--1 - https://github.com/sobinge/PayloadsAllTheThings +- https://github.com/sobinge/PayloadsAllThesobinge - https://github.com/superfish9/pt - https://github.com/whoadmin/pocs +- https://github.com/winterwolf32/PayloadsAllTheThings - https://github.com/zema1/oracle-vuln-crawler - https://github.com/zhzhdoai/Weblogic_Vuln diff --git a/2016/CVE-2016-3720.md b/2016/CVE-2016-3720.md index 6481fc305c..74db10f4e8 100644 --- a/2016/CVE-2016-3720.md +++ b/2016/CVE-2016-3720.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/gitrobtest/Java-Security - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/scrumfox/Secapp diff --git a/2016/CVE-2016-4437.md b/2016/CVE-2016-4437.md index 5d8cb0abc5..9de8a5fd6a 100644 --- a/2016/CVE-2016-4437.md +++ b/2016/CVE-2016-4437.md @@ -19,6 +19,7 @@ Apache Shiro before 1.2.5, when a cipher key has not been configured for the "re - https://github.com/HackJava/Shiro - https://github.com/SexyBeast233/SecBooks - https://github.com/gobysec/Goby +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/ltfafei/my_POC - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/tdtc7/qps diff --git a/2016/CVE-2016-4487.md b/2016/CVE-2016-4487.md index 9f1b37353a..c5bf4b53e7 100644 --- a/2016/CVE-2016-4487.md +++ b/2016/CVE-2016-4487.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/mrash/afl-cve +- https://github.com/strongcourage/uafbench diff --git a/2016/CVE-2016-4557.md b/2016/CVE-2016-4557.md index 846fbc2435..3321057bf1 100644 --- a/2016/CVE-2016-4557.md +++ b/2016/CVE-2016-4557.md @@ -13,6 +13,7 @@ The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux k - https://www.exploit-db.com/exploits/40759/ #### Github +- https://github.com/dylandreimerink/gobpfld - https://github.com/mudongliang/LinuxFlaw - https://github.com/oneoy/cve- - https://github.com/thdusdl1219/CVE-Study diff --git a/2016/CVE-2016-4622.md b/2016/CVE-2016-4622.md index 80aa61a326..c3cbf8d320 100644 --- a/2016/CVE-2016-4622.md +++ b/2016/CVE-2016-4622.md @@ -17,6 +17,7 @@ WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 all - https://github.com/7o8v/Browser - https://github.com/De4dCr0w/Browser-pwn - https://github.com/Muhammd/awesome-web-security +- https://github.com/SkyBulk/RealWorldPwn - https://github.com/a0viedo/demystifying-js-engines - https://github.com/cyberheartmi9/awesome-web-security - https://github.com/gipi/cve-cemetery diff --git a/2016/CVE-2016-4952.md b/2016/CVE-2016-4952.md index 54bb04c081..d0107332d9 100644 --- a/2016/CVE-2016-4952.md +++ b/2016/CVE-2016-4952.md @@ -13,5 +13,6 @@ QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus em No PoCs from references. #### Github +- https://github.com/Resery/Learning_Record - https://github.com/SexyBeast233/SecBooks diff --git a/2016/CVE-2016-5003.md b/2016/CVE-2016-5003.md index 4e4de0a158..59087f98a9 100644 --- a/2016/CVE-2016-5003.md +++ b/2016/CVE-2016-5003.md @@ -15,4 +15,5 @@ The Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, all #### Github - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/fbeasts/xmlrpc-common-deserialization +- https://github.com/gteissier/xmlrpc-common-deserialization diff --git a/2016/CVE-2016-5017.md b/2016/CVE-2016-5017.md index 6b877a13c4..827222a8a0 100644 --- a/2016/CVE-2016-5017.md +++ b/2016/CVE-2016-5017.md @@ -13,5 +13,5 @@ Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x be - http://packetstormsecurity.com/files/138755/ZooKeeper-3.4.8-3.5.2-Buffer-Overflow.html #### Github -No PoCs found on GitHub currently. +- https://github.com/yahoo/cubed diff --git a/2016/CVE-2016-5195.md b/2016/CVE-2016-5195.md index 0dfb6fb400..31cc415afd 100644 --- a/2016/CVE-2016-5195.md +++ b/2016/CVE-2016-5195.md @@ -48,6 +48,8 @@ Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allo - https://github.com/JoyChou93/sks - https://github.com/MLGBSec/os-survival - https://github.com/Metarget/awesome-cloud-native-security +- https://github.com/Metarget/cloud-native-security-book +- https://github.com/Metarget/k0otkit - https://github.com/Metarget/metarget - https://github.com/Micr067/linux-kernel-exploits - https://github.com/Mr-e5908de784a1e38197/PenetrationTestCheatSheet @@ -58,6 +60,7 @@ Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allo - https://github.com/R0B1NL1N/Linux-Kernel-Exploites - https://github.com/R0B1NL1N/linux-kernel-exploitation - https://github.com/Raavan353/Pentest-notes +- https://github.com/RoqueNight/Linux-Privilege-Escalation-Basics - https://github.com/Satya42/OSCP-Guide - https://github.com/SecWiki/linux-kernel-exploits - https://github.com/SenpaiX00/OSCP-Survival @@ -73,6 +76,7 @@ Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allo - https://github.com/amane312/Linux_menthor - https://github.com/ambynotcoder/C-libraries - https://github.com/anoaghost/Localroot_Compile +- https://github.com/arttnba3/XDU-SCE_OS-Experiment_2021 - https://github.com/arya07071992/oscp_guide - https://github.com/bitdefender/vbh_sample - https://github.com/codeage/root-honda @@ -95,6 +99,7 @@ Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allo - https://github.com/gaahrdner/starred - https://github.com/gipi/cve-cemetery - https://github.com/h4x0r-dz/local-root-exploit- +- https://github.com/hj-hsu/avar2019_frida - https://github.com/iantal/The-Security-Handbook - https://github.com/ismailvc1111/Linux_Privilege - https://github.com/jamiechap/oscp @@ -105,6 +110,7 @@ Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allo - https://github.com/kai5263499/awesome-container-security - https://github.com/kcgthb/RHEL6.x-COW - https://github.com/kumardineshwar/linux-kernel-exploits +- https://github.com/lp008/Hack-readme - https://github.com/luizmlo/ctf-writeups - https://github.com/m0mkris/linux-kernel-exploits - https://github.com/m0nad/awesome-privilege-escalation @@ -126,6 +132,7 @@ Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allo - https://github.com/r0ug3/The-Security-Handbook - https://github.com/rakjong/LinuxElevation - https://github.com/redteampa1/my-learning +- https://github.com/reni2study/Cloud-Native-Security2 - https://github.com/reybango/The-Security-Handbook - https://github.com/samknp/killcow - https://github.com/samknp/realcow @@ -140,6 +147,7 @@ Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allo - https://github.com/thdusdl1219/CVE-Study - https://github.com/timwr/CVE-2016-5195 - https://github.com/uhub/awesome-c +- https://github.com/vapvin/OSCP - https://github.com/whackmanic/OSCP_Found - https://github.com/xairy/linux-kernel-exploitation - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2016/CVE-2016-5385.md b/2016/CVE-2016-5385.md index 39e86fc70f..aaaf266c61 100644 --- a/2016/CVE-2016-5385.md +++ b/2016/CVE-2016-5385.md @@ -14,6 +14,7 @@ PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace - https://httpoxy.org/ #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/Tdjgss/nginx-pro - https://github.com/jwaghetti/docker-nginx-proxy - https://github.com/mostafanewir47/Containerized-Proxy diff --git a/2016/CVE-2016-5397.md b/2016/CVE-2016-5397.md new file mode 100644 index 0000000000..5b692a1276 --- /dev/null +++ b/2016/CVE-2016-5397.md @@ -0,0 +1,17 @@ +### [CVE-2016-5397](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5397) +![](https://img.shields.io/static/v1?label=Product&message=Apache%20Thrift&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Command%20Injection&color=brighgreen) + +### Description + +The Apache Thrift Go client library exposed the potential during code generation for command injection due to using an external formatting tool. Affected Apache Thrift 0.9.3 and older, Fixed in Apache Thrift 0.10.0. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/yahoo/cubed + diff --git a/2016/CVE-2016-5699.md b/2016/CVE-2016-5699.md index da4dc9c85c..3c9dc0181a 100644 --- a/2016/CVE-2016-5699.md +++ b/2016/CVE-2016-5699.md @@ -13,6 +13,7 @@ CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 No PoCs from references. #### Github +- https://github.com/Tiaonmmn/swpuctf_2016_web_web7 - https://github.com/bunseokbot/CVE-2016-5699-poc - https://github.com/shajinzheng/cve-2016-5699-jinzheng-sha diff --git a/2016/CVE-2016-6329.md b/2016/CVE-2016-6329.md index 029adc0397..543941953b 100644 --- a/2016/CVE-2016-6329.md +++ b/2016/CVE-2016-6329.md @@ -14,7 +14,9 @@ OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers #### Github - https://github.com/Artem-Salnikov/devops-netology +- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 - https://github.com/WiktorMysz/devops-netology - https://github.com/alexandrburyakov/Rep2 - https://github.com/bysart/devops-netology +- https://github.com/yellownine/netology-DevOps diff --git a/2016/CVE-2016-6811.md b/2016/CVE-2016-6811.md index d336a79b71..269b074777 100644 --- a/2016/CVE-2016-6811.md +++ b/2016/CVE-2016-6811.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/andir/nixos-issue-db-example +- https://github.com/yahoo/cubed diff --git a/2016/CVE-2016-6814.md b/2016/CVE-2016-6814.md index f554e16678..5016a3df4c 100644 --- a/2016/CVE-2016-6814.md +++ b/2016/CVE-2016-6814.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/ilmari666/cybsec diff --git a/2016/CVE-2016-6816.md b/2016/CVE-2016-6816.md index ac70a4c8af..228c6ec1d0 100644 --- a/2016/CVE-2016-6816.md +++ b/2016/CVE-2016-6816.md @@ -15,4 +15,5 @@ The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8. #### Github - https://github.com/hktalent/myhktools +- https://github.com/ilmari666/cybsec diff --git a/2016/CVE-2016-6817.md b/2016/CVE-2016-6817.md index c6a7414387..00c24c0551 100644 --- a/2016/CVE-2016-6817.md +++ b/2016/CVE-2016-6817.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/RedHatOfficial/rhsecapi - https://github.com/RedHatProductSecurity/cve-pylib +- https://github.com/ilmari666/cybsec diff --git a/2016/CVE-2016-7255.md b/2016/CVE-2016-7255.md index 5767a8fd29..084dc5f971 100644 --- a/2016/CVE-2016-7255.md +++ b/2016/CVE-2016-7255.md @@ -18,6 +18,7 @@ The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 #### Github - https://github.com/0xpetros/windows-privilage-escalation +- https://github.com/Apri1y/Red-Team-links - https://github.com/Ascotbe/Kernelhub - https://github.com/CrackerCat/Kernel-Security-Development - https://github.com/Echocipher/Resource-list @@ -34,10 +35,15 @@ The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 - https://github.com/cranelab/exploit-development - https://github.com/homjxi0e/CVE-2016-7255 - https://github.com/howknows/awesome-windows-security-development +- https://github.com/hudunkey/Red-Team-links +- https://github.com/john-80/-007 - https://github.com/liuhe3647/Windows +- https://github.com/lp008/Hack-readme - https://github.com/pr0code/https-github.com-ExpLife0011-awesome-windows-kernel-security-development - https://github.com/pravinsrc/NOTES-windows-kernel-links - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/slimdaddy/RedTeam - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2016/CVE-2016-7417.md b/2016/CVE-2016-7417.md index aabf45b8cb..e02f8c965d 100644 --- a/2016/CVE-2016-7417.md +++ b/2016/CVE-2016-7417.md @@ -13,5 +13,5 @@ ext/spl/spl_array.c in PHP before 5.6.26 and 7.x before 7.0.11 proceeds with Spl - https://www.tenable.com/security/tns-2016-19 #### Github -No PoCs found on GitHub currently. +- https://github.com/ycamper/censys-scripts diff --git a/2016/CVE-2016-7480.md b/2016/CVE-2016-7480.md new file mode 100644 index 0000000000..6d8f1ec3b3 --- /dev/null +++ b/2016/CVE-2016-7480.md @@ -0,0 +1,17 @@ +### [CVE-2016-7480](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7480) +![](https://img.shields.io/static/v1?label=Product&message=PHP%20before%207.0.12&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=missing%20data-type%20validation&color=brighgreen) + +### Description + +The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ycamper/censys-scripts + diff --git a/2016/CVE-2016-7543.md b/2016/CVE-2016-7543.md index 8980813705..521a64532d 100644 --- a/2016/CVE-2016-7543.md +++ b/2016/CVE-2016-7543.md @@ -13,6 +13,7 @@ Bash before 4.4 allows local users to execute arbitrary commands with root privi No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/andrewwebber/kate - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy diff --git a/2016/CVE-2016-8655.md b/2016/CVE-2016-8655.md index fa21cc277a..3e618bd670 100644 --- a/2016/CVE-2016-8655.md +++ b/2016/CVE-2016-8655.md @@ -15,6 +15,7 @@ Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allo - https://www.exploit-db.com/exploits/44696/ #### Github +- https://github.com/84KaliPleXon3/linux-exploit-suggester - https://github.com/Metarget/metarget - https://github.com/R0B1NL1N/linux-kernel-exploitation - https://github.com/SeaJae/exploitPlayground @@ -32,6 +33,7 @@ Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allo - https://github.com/n3t1nv4d3/kernel-exploits - https://github.com/oneoy/cve- - https://github.com/skbasava/Linux-Kernel-exploit +- https://github.com/stefanocutelle/linux-exploit-suggester - https://github.com/thdusdl1219/CVE-Study - https://github.com/xairy/linux-kernel-exploitation - https://github.com/xyongcn/exploit diff --git a/2016/CVE-2016-8735.md b/2016/CVE-2016-8735.md index 8776612c04..4ef1ab2868 100644 --- a/2016/CVE-2016-8735.md +++ b/2016/CVE-2016-8735.md @@ -19,6 +19,7 @@ Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7 - https://github.com/bibortone/Jexboss - https://github.com/c002/Java-Application-Exploits - https://github.com/fengjixuchui/RedTeamer +- https://github.com/ilmari666/cybsec - https://github.com/joaomatosf/jexboss - https://github.com/klausware/Java-Deserialization-Cheat-Sheet - https://github.com/milkdevil/jexboss diff --git a/2016/CVE-2016-8745.md b/2016/CVE-2016-8745.md index b9b0efffeb..d38e5e580d 100644 --- a/2016/CVE-2016-8745.md +++ b/2016/CVE-2016-8745.md @@ -13,5 +13,5 @@ A bug in the error handling of the send file code for the NIO HTTP connector in - http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html #### Github -No PoCs found on GitHub currently. +- https://github.com/ilmari666/cybsec diff --git a/2016/CVE-2016-8869.md b/2016/CVE-2016-8869.md index 94c19fa1b9..3be6e79e43 100644 --- a/2016/CVE-2016-8869.md +++ b/2016/CVE-2016-8869.md @@ -19,5 +19,6 @@ The register method in the UsersModelRegistration class in controllers/user.php - https://github.com/XiphosResearch/exploits - https://github.com/binfed/cms-exp - https://github.com/copperfieldd/CMS-Hunter +- https://github.com/dhniroshan/offensive_hacking - https://github.com/shildenbrand/Exploits diff --git a/2016/CVE-2016-8870.md b/2016/CVE-2016-8870.md index 5906a20843..6cfb4a3113 100644 --- a/2016/CVE-2016-8870.md +++ b/2016/CVE-2016-8870.md @@ -15,6 +15,7 @@ The register method in the UsersModelRegistration class in controllers/user.php #### Github - https://github.com/R0B1NL1N/E-x-p-l-o-i-t-s - https://github.com/XiphosResearch/exploits +- https://github.com/dhniroshan/offensive_hacking - https://github.com/paralelo14/google_explorer - https://github.com/shildenbrand/Exploits diff --git a/2016/CVE-2016-8886.md b/2016/CVE-2016-8886.md index 7ce6cf8858..3b6ea64e89 100644 --- a/2016/CVE-2016-8886.md +++ b/2016/CVE-2016-8886.md @@ -13,5 +13,7 @@ The jas_malloc function in libjasper/base/jas_malloc.c in JasPer before 1.900.11 No PoCs from references. #### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark - https://github.com/mrash/afl-cve +- https://github.com/tzf-key/MemLock_Benchmark diff --git a/2016/CVE-2016-9066.md b/2016/CVE-2016-9066.md index b70cb07cc0..eec116f494 100644 --- a/2016/CVE-2016-9066.md +++ b/2016/CVE-2016-9066.md @@ -16,5 +16,5 @@ A buffer overflow resulting in a potentially exploitable crash due to memory all - https://bugzilla.mozilla.org/show_bug.cgi?id=1299686 #### Github -No PoCs found on GitHub currently. +- https://github.com/ZihanYe/web-browser-vulnerabilities diff --git a/2016/CVE-2016-9079.md b/2016/CVE-2016-9079.md index c9ec1e358a..87fe789e07 100644 --- a/2016/CVE-2016-9079.md +++ b/2016/CVE-2016-9079.md @@ -21,5 +21,6 @@ A use-after-free vulnerability in SVG Animation has been discovered. An exploit - https://github.com/LyleMi/dom-vuln-db - https://github.com/RedHatOfficial/rhsecapi - https://github.com/RedHatProductSecurity/cve-pylib +- https://github.com/ZihanYe/web-browser-vulnerabilities - https://github.com/i0gan/cve diff --git a/2016/CVE-2016-9244.md b/2016/CVE-2016-9244.md index b11a8a21df..a1b7b740d2 100644 --- a/2016/CVE-2016-9244.md +++ b/2016/CVE-2016-9244.md @@ -17,9 +17,11 @@ A BIG-IP virtual server configured with a Client SSL profile that has the non-de #### Github - https://github.com/5l1v3r1/0rion-Framework - https://github.com/Artem-Salnikov/devops-netology +- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 - https://github.com/WiktorMysz/devops-netology - https://github.com/alexandrburyakov/Rep2 - https://github.com/bysart/devops-netology - https://github.com/korotkov-dmitry/03-sysadmin-09-security - https://github.com/nkiselyov/devops-netology +- https://github.com/yellownine/netology-DevOps diff --git a/2016/CVE-2016-9263.md b/2016/CVE-2016-9263.md index 02bcf73a29..5e67e95a49 100644 --- a/2016/CVE-2016-9263.md +++ b/2016/CVE-2016-9263.md @@ -13,5 +13,5 @@ WordPress through 4.8.2, when domain-based flashmediaelement.swf sandboxing is n - https://opnsec.com/2017/10/cve-2016-9263-unpatched-xsf-vulnerability-in-wordpress/ #### Github -No PoCs found on GitHub currently. +- https://github.com/El-Palomo/DerpNStink diff --git a/2016/CVE-2016-9401.md b/2016/CVE-2016-9401.md index aab02568c2..964548964d 100644 --- a/2016/CVE-2016-9401.md +++ b/2016/CVE-2016-9401.md @@ -13,6 +13,7 @@ popd in bash might allow local users to bypass the restricted shell and cause a No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/RedHatOfficial/rhsecapi - https://github.com/RedHatProductSecurity/cve-pylib - https://github.com/garethr/findcve diff --git a/2016/CVE-2016-9878.md b/2016/CVE-2016-9878.md new file mode 100644 index 0000000000..ab7c80a457 --- /dev/null +++ b/2016/CVE-2016-9878.md @@ -0,0 +1,17 @@ +### [CVE-2016-9878](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9878) +![](https://img.shields.io/static/v1?label=Product&message=Pivotal%20Spring%20Framework%20before%203.2.18%2C%204.2.x%20before%204.2.9%2C%20and%204.3.x%20before%204.3.5&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Directory%20Traversal&color=brighgreen) + +### Description + +An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Paths provided to the ResourceServlet were not properly sanitized and as a result exposed to directory traversal attacks. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2016/CVE-2016-9879.md b/2016/CVE-2016-9879.md new file mode 100644 index 0000000000..fed941792b --- /dev/null +++ b/2016/CVE-2016-9879.md @@ -0,0 +1,17 @@ +### [CVE-2016-9879](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9879) +![](https://img.shields.io/static/v1?label=Product&message=Pivotal%20Spring%20Security%20before%203.2.10%2C%204.1.x%20before%204.1.4%2C%20and%204.2.x%20before%204.2.1&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Encoded%20%22%2F%22%20in%20path%20variables&color=brighgreen) + +### Description + +An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x before 4.1.4, and 4.2.x before 4.2.1. Spring Security does not consider URL path parameters when processing security constraints. By adding a URL path parameter with an encoded "/" to a request, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification. Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. The unexpected presence of path parameters can cause a constraint to be bypassed. Users of Apache Tomcat (all current versions) are not affected by this vulnerability since Tomcat follows the guidance previously provided by the Servlet Expert group and strips path parameters from the value returned by getContextPath(), getServletPath(), and getPathInfo(). Users of other Servlet containers based on Apache Tomcat may or may not be affected depending on whether or not the handling of path parameters has been modified. Users of IBM WebSphere Application Server 8.5.x are known to be affected. Users of other containers that implement the Servlet specification may be affected. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2017/CVE-2017-0007.md b/2017/CVE-2017-0007.md new file mode 100644 index 0000000000..08fc0e9262 --- /dev/null +++ b/2017/CVE-2017-0007.md @@ -0,0 +1,17 @@ +### [CVE-2017-0007](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0007) +![](https://img.shields.io/static/v1?label=Product&message=Device%20Guard&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brighgreen) + +### Description + +Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to modify PowerShell script without invalidating associated signatures, aka "PowerShell Security Feature Bypass Vulnerability." + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/bohops/UltimateWDACBypassList + diff --git a/2017/CVE-2017-0143.md b/2017/CVE-2017-0143.md index 5f4b8d4fc5..57cb18142c 100644 --- a/2017/CVE-2017-0143.md +++ b/2017/CVE-2017-0143.md @@ -17,6 +17,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://www.exploit-db.com/exploits/43970/ #### Github +- https://github.com/4n0nym0u5dk/MS17-010_CVE-2017-0143 - https://github.com/Al1ex/WindowsElevation - https://github.com/ArcadeHustle/X3_USB_softmod - https://github.com/Ascotbe/Kernelhub @@ -24,6 +25,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/ErdemOzgen/ActiveDirectoryAttacks - https://github.com/HacTF/poc--exp - https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups +- https://github.com/Kiz619ao630/StepwisePolicy3 - https://github.com/Nieuport/Active-Directory-Kill-Chain-Attack-Defense - https://github.com/PWN-Kingdom/Test_Tasks - https://github.com/R-Vision/ms17-010 @@ -33,6 +35,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/androidkey/MS17-011 - https://github.com/cb4cb4/EternalBlue-EK-Auto-Mode - https://github.com/cb4cb4/EternalBlue-EK-Manual-Mode +- https://github.com/ceskillets/DCV-Predefined-Log-Filter-of-Specific-CVE-of-EternalBlue-and-BlueKeep-with-Auto-Tag- - https://github.com/chaao195/EBEKv2.0 - https://github.com/czq945659538/-study - https://github.com/ericjiang97/SecScripts diff --git a/2017/CVE-2017-0144.md b/2017/CVE-2017-0144.md index 6635aa7b51..9a7103c4a9 100644 --- a/2017/CVE-2017-0144.md +++ b/2017/CVE-2017-0144.md @@ -23,6 +23,8 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/Cyberwatch/cyberwatch_api_powershell - https://github.com/EEsshq/CVE-2017-0144---EtneralBlue-MS17-010-Remote-Code-Execution - https://github.com/ErdemOzgen/ActiveDirectoryAttacks +- https://github.com/JeffEmrys/termux- +- https://github.com/Kiz619ao630/StepwisePolicy3 - https://github.com/Nieuport/Active-Directory-Kill-Chain-Attack-Defense - https://github.com/PWN-Kingdom/Test_Tasks - https://github.com/Project-WARMIND/Exploit-Modules @@ -33,8 +35,10 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/androidkey/MS17-011 - https://github.com/cb4cb4/EternalBlue-EK-Auto-Mode - https://github.com/cb4cb4/EternalBlue-EK-Manual-Mode +- https://github.com/ceskillets/DCV-Predefined-Log-Filter-of-Specific-CVE-of-EternalBlue-and-BlueKeep-with-Auto-Tag- - https://github.com/chaao195/EBEKv2.0 - https://github.com/ericjiang97/SecScripts +- https://github.com/fernandopaezmartin/SAD_2021--Metasploit - https://github.com/geeksniper/active-directory-pentest - https://github.com/infosecn1nja/AD-Attack-Defense - https://github.com/mishmashclone/infosecn1nja-AD-Attack-Defense diff --git a/2017/CVE-2017-0145.md b/2017/CVE-2017-0145.md index f14d2d6d45..cd593e5a21 100644 --- a/2017/CVE-2017-0145.md +++ b/2017/CVE-2017-0145.md @@ -19,6 +19,8 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/Astrogeorgeonethree/Starred - https://github.com/Cyberwatch/cyberwatch_api_powershell - https://github.com/ErdemOzgen/ActiveDirectoryAttacks +- https://github.com/JeffEmrys/termux- +- https://github.com/Kiz619ao630/StepwisePolicy3 - https://github.com/MelonSmasher/chef_tissues - https://github.com/Nieuport/Active-Directory-Kill-Chain-Attack-Defense - https://github.com/R-Vision/ms17-010 @@ -27,6 +29,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/androidkey/MS17-011 - https://github.com/cb4cb4/EternalBlue-EK-Auto-Mode - https://github.com/cb4cb4/EternalBlue-EK-Manual-Mode +- https://github.com/ceskillets/DCV-Predefined-Log-Filter-of-Specific-CVE-of-EternalBlue-and-BlueKeep-with-Auto-Tag- - https://github.com/chaao195/EBEKv2.0 - https://github.com/ericjiang97/SecScripts - https://github.com/geeksniper/active-directory-pentest diff --git a/2017/CVE-2017-0146.md b/2017/CVE-2017-0146.md index aed1176da2..61e74f0920 100644 --- a/2017/CVE-2017-0146.md +++ b/2017/CVE-2017-0146.md @@ -19,6 +19,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 #### Github - https://github.com/Cyberwatch/cyberwatch_api_powershell - https://github.com/ErdemOzgen/ActiveDirectoryAttacks +- https://github.com/Kiz619ao630/StepwisePolicy3 - https://github.com/Nieuport/Active-Directory-Kill-Chain-Attack-Defense - https://github.com/R-Vision/ms17-010 - https://github.com/R0B1NL1N/AD-Attack-Defense @@ -27,6 +28,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/androidkey/MS17-011 - https://github.com/cb4cb4/EternalBlue-EK-Auto-Mode - https://github.com/cb4cb4/EternalBlue-EK-Manual-Mode +- https://github.com/ceskillets/DCV-Predefined-Log-Filter-of-Specific-CVE-of-EternalBlue-and-BlueKeep-with-Auto-Tag- - https://github.com/chaao195/EBEKv2.0 - https://github.com/ericjiang97/SecScripts - https://github.com/geeksniper/active-directory-pentest diff --git a/2017/CVE-2017-0147.md b/2017/CVE-2017-0147.md index 1299023a22..d1b39ab76a 100644 --- a/2017/CVE-2017-0147.md +++ b/2017/CVE-2017-0147.md @@ -17,12 +17,14 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://www.exploit-db.com/exploits/43970/ #### Github +- https://github.com/Kiz619ao630/StepwisePolicy3 - https://github.com/R-Vision/ms17-010 - https://github.com/RodrigoVarasLopez/Download-Scanners-from-Nessus-8.7-using-the-API - https://github.com/Urahara3389/SmbtouchBatchScan - https://github.com/androidkey/MS17-011 - https://github.com/cb4cb4/EternalBlue-EK-Auto-Mode - https://github.com/cb4cb4/EternalBlue-EK-Manual-Mode +- https://github.com/ceskillets/DCV-Predefined-Log-Filter-of-Specific-CVE-of-EternalBlue-and-BlueKeep-with-Auto-Tag- - https://github.com/chaao195/EBEKv2.0 - https://github.com/ericjiang97/SecScripts - https://github.com/qazbnm456/awesome-cve-poc diff --git a/2017/CVE-2017-0148.md b/2017/CVE-2017-0148.md index affaac45f6..1c03ccfe19 100644 --- a/2017/CVE-2017-0148.md +++ b/2017/CVE-2017-0148.md @@ -18,6 +18,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 #### Github - https://github.com/Cyberwatch/cyberwatch_api_powershell - https://github.com/ErdemOzgen/ActiveDirectoryAttacks +- https://github.com/Kiz619ao630/StepwisePolicy3 - https://github.com/Nieuport/Active-Directory-Kill-Chain-Attack-Defense - https://github.com/R-Vision/ms17-010 - https://github.com/R0B1NL1N/AD-Attack-Defense @@ -25,6 +26,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/androidkey/MS17-011 - https://github.com/cb4cb4/EternalBlue-EK-Auto-Mode - https://github.com/cb4cb4/EternalBlue-EK-Manual-Mode +- https://github.com/ceskillets/DCV-Predefined-Log-Filter-of-Specific-CVE-of-EternalBlue-and-BlueKeep-with-Auto-Tag- - https://github.com/chaao195/EBEKv2.0 - https://github.com/ericjiang97/SecScripts - https://github.com/geeksniper/active-directory-pentest diff --git a/2017/CVE-2017-0199.md b/2017/CVE-2017-0199.md index 9674bb5780..f7410d44c9 100644 --- a/2017/CVE-2017-0199.md +++ b/2017/CVE-2017-0199.md @@ -18,6 +18,7 @@ Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, #### Github - https://github.com/0xsyr0/OSCP - https://github.com/AnonVulc/Pentest-Tools +- https://github.com/Apri1y/Red-Team-links - https://github.com/DrVilepis/cyber-apocalypse-drvilepis - https://github.com/Echocipher/Resource-list - https://github.com/Exploit-install/CVE-2017-0199 @@ -39,12 +40,15 @@ Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, - https://github.com/haibara3839/CVE-2017-0199-master - https://github.com/highmeh/cvesearch - https://github.com/houjingyi233/office-exploit-case-study +- https://github.com/hudunkey/Red-Team-links - https://github.com/jacobsoo/RTF-Cleaner +- https://github.com/john-80/-007 - https://github.com/kbandla/APTnotes - https://github.com/kn0wm4d/htattack - https://github.com/likescam/CVE-2017-0199 - https://github.com/likescam/Red-Teaming-Toolkit - https://github.com/likescam/Red-Teaming-Toolkit_all_pentests +- https://github.com/lp008/Hack-readme - https://github.com/mucahittopal/Pentesting-Pratic-Notes - https://github.com/mzakyz666/PoC-CVE-2017-0199 - https://github.com/n1shant-sinha/CVE-2017-0199 @@ -57,16 +61,20 @@ Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, - https://github.com/papa-anniekey/CustomSignatures - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qiantu88/office-cve +- https://github.com/r0eXpeR/supplier - https://github.com/r3p3r/yeyintminthuhtut-Awesome-Red-Teaming - https://github.com/rosetscmite/logsender - https://github.com/ryhanson/CVE-2017-0199 - https://github.com/sUbc0ol/Microsoft-Word-CVE-2017-0199- - https://github.com/seclib/oletools +- https://github.com/severnake/Pentest-Tools - https://github.com/shr3ddersec/Shr3dKit +- https://github.com/slimdaddy/RedTeam - https://github.com/theyoge/AD-Pentesting-Tools - https://github.com/viethdgit/CVE-2017-0199 - https://github.com/vysecurity/RedTips - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool - https://github.com/xiaoy-sec/Pentest_Note - https://github.com/zhang040723/web diff --git a/2017/CVE-2017-0213.md b/2017/CVE-2017-0213.md index c108a42611..c05bcb57c3 100644 --- a/2017/CVE-2017-0213.md +++ b/2017/CVE-2017-0213.md @@ -17,6 +17,7 @@ Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, - https://github.com/Al1ex/WindowsElevation - https://github.com/AndreaOm/awesome-stars - https://github.com/Anonymous-Family/CVE-2017-0213 +- https://github.com/Apri1y/Red-Team-links - https://github.com/Ascotbe/Kernelhub - https://github.com/Echocipher/Resource-list - https://github.com/Itachl/windows_kenel_exploit @@ -42,13 +43,17 @@ Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, - https://github.com/gaearrow/windows-lpe-lite - https://github.com/gclu0212/windows-kernel-exploits - https://github.com/geeksniper/windows-privilege-escalation +- https://github.com/hudunkey/Red-Team-links - https://github.com/jbooz1/CVE-2017-0213 +- https://github.com/john-80/-007 - https://github.com/klsfct/getshell - https://github.com/lollelink/test +- https://github.com/lp008/Hack-readme - https://github.com/m0mkris/windows-kernel-exploits - https://github.com/mishmashclone/SecWiki-windows-kernel-exploits - https://github.com/n8v79a/exploit - https://github.com/n8v79a/win-exploit +- https://github.com/nickswink/Retro-Writeup - https://github.com/nicolas-gagnon/windows-kernel-exploits - https://github.com/njahrckstr/Windows_Kernel_Sploit_List - https://github.com/paramint/windows-kernel-exploits @@ -60,10 +65,12 @@ Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, - https://github.com/root26/bug - https://github.com/safesword/WindowsExp - https://github.com/shaheemirza/CVE-2017-0213- +- https://github.com/slimdaddy/RedTeam - https://github.com/valentinoJones/Windows-Kernel-Exploits - https://github.com/welove88888/cve - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/xfinest/windows-kernel-exploits +- https://github.com/xiaoZ-hc/redtool - https://github.com/xiaoy-sec/Pentest_Note - https://github.com/xssfile/windows-kernel-exploits - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2017/CVE-2017-0215.md b/2017/CVE-2017-0215.md new file mode 100644 index 0000000000..5242eedb12 --- /dev/null +++ b/2017/CVE-2017-0215.md @@ -0,0 +1,17 @@ +### [CVE-2017-0215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0215) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Windows&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brighgreen) + +### Description + +Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This CVE ID is unique from CVE-2017-0173, CVE-2017-0216, CVE-2017-0218, and CVE-2017-0219. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/bohops/UltimateWDACBypassList + diff --git a/2017/CVE-2017-0218.md b/2017/CVE-2017-0218.md index 2e216e7f9f..bb0d51b9eb 100644 --- a/2017/CVE-2017-0218.md +++ b/2017/CVE-2017-0218.md @@ -25,6 +25,7 @@ No PoCs from references. - https://github.com/aymankhder/PENTESTING-BIBLE2 - https://github.com/bjknbrrr/PENTESTING-BIBLE - https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE +- https://github.com/bohops/UltimateWDACBypassList - https://github.com/codereveryday/Programming-Hacking-Resources - https://github.com/erSubhashThapa/pentest-bible - https://github.com/gacontuyenchien1/Security diff --git a/2017/CVE-2017-0261.md b/2017/CVE-2017-0261.md index 7e9787f56b..18387ddc45 100644 --- a/2017/CVE-2017-0261.md +++ b/2017/CVE-2017-0261.md @@ -13,6 +13,7 @@ Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code No PoCs from references. #### Github +- https://github.com/CyberSift/CyberSift-Alerts - https://github.com/Panopticon-Project/Panopticon-Patchwork - https://github.com/cyberk1w1/CVE-2017-7529 - https://github.com/erfze/CVE-2017-0261 diff --git a/2017/CVE-2017-0781.md b/2017/CVE-2017-0781.md index aeab36d919..7002df0096 100644 --- a/2017/CVE-2017-0781.md +++ b/2017/CVE-2017-0781.md @@ -23,8 +23,10 @@ A remote code execution vulnerability in the Android system (bluetooth). Product - https://github.com/XsafeAdmin/BlueBorne - https://github.com/coh7eiqu8thaBu/BookMark - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/hac425xxx/heap-exploitation-in-real-world - https://github.com/hook-s3c/blueborne-scanner - https://github.com/hw5773/blueborne +- https://github.com/lp008/Hack-readme - https://github.com/mailinneberg/BlueBorne - https://github.com/marcinguy/android712-blueborne - https://github.com/ojasookert/CVE-2017-0781 diff --git a/2017/CVE-2017-0785.md b/2017/CVE-2017-0785.md index 291112cc40..14902c867b 100644 --- a/2017/CVE-2017-0785.md +++ b/2017/CVE-2017-0785.md @@ -36,6 +36,7 @@ No PoCs from references. - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/raviwithu/Bluetooth - https://github.com/rootabeta/shellfish +- https://github.com/severnake/Pentest-Tools - https://github.com/sigbitsadmin/diff - https://github.com/theyoge/AD-Pentesting-Tools - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2017/CVE-2017-1000010.md b/2017/CVE-2017-1000010.md index 7dfd460f10..1c90280949 100644 --- a/2017/CVE-2017-1000010.md +++ b/2017/CVE-2017-1000010.md @@ -13,5 +13,5 @@ Audacity 2.1.2 through 2.3.2 is vulnerable to Dll HIjacking in the avformat-55.d - https://packetstormsecurity.com/files/140365/Audacity-2.1.2-DLL-Hijacking.html #### Github -No PoCs found on GitHub currently. +- https://github.com/GitHubAssessments/CVE_Assessments_10_2019 diff --git a/2017/CVE-2017-1000112.md b/2017/CVE-2017-1000112.md index 5c37820621..c5a712a7a4 100644 --- a/2017/CVE-2017-1000112.md +++ b/2017/CVE-2017-1000112.md @@ -14,6 +14,7 @@ Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. W - https://www.exploit-db.com/exploits/45147/ #### Github +- https://github.com/84KaliPleXon3/linux-exploit-suggester - https://github.com/Al1ex/LinuxEelvation - https://github.com/C0dak/linux-kernel-exploits - https://github.com/De4dCr0w/Linux-kernel-EoP-exp @@ -45,6 +46,7 @@ Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. W - https://github.com/jiayy/android_vuln_poc-exp - https://github.com/kumardineshwar/linux-kernel-exploits - https://github.com/m0mkris/linux-kernel-exploits +- https://github.com/milabs/lkrg-bypass - https://github.com/mzet-/linux-exploit-suggester - https://github.com/n3t1nv4d3/kernel-exploits - https://github.com/ozkanbilge/Linux-Kernel-Exploits @@ -53,6 +55,7 @@ Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. W - https://github.com/rakjong/LinuxElevation - https://github.com/santoshankr/smep_detector - https://github.com/spencerdodd/kernelpop +- https://github.com/stefanocutelle/linux-exploit-suggester - https://github.com/xairy/kernel-exploits - https://github.com/xairy/linux-kernel-exploitation - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2017/CVE-2017-1002101.md b/2017/CVE-2017-1002101.md index 395f71e34a..5f156bda35 100644 --- a/2017/CVE-2017-1002101.md +++ b/2017/CVE-2017-1002101.md @@ -14,11 +14,13 @@ No PoCs from references. #### Github - https://github.com/Metarget/awesome-cloud-native-security +- https://github.com/Metarget/cloud-native-security-book - https://github.com/Metarget/metarget - https://github.com/Pray3r/cloud-native-security - https://github.com/bgeesaman/subpath-exploit - https://github.com/h34dless/kubernetes-pocs - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/reni2study/Cloud-Native-Security2 - https://github.com/ssst0n3/docker_archive - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2017/CVE-2017-10271.md b/2017/CVE-2017-10271.md index fc7a167ee5..19dfb989bc 100644 --- a/2017/CVE-2017-10271.md +++ b/2017/CVE-2017-10271.md @@ -24,17 +24,21 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/84KaliPleXon3/Payloads_All_The_Things - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/AnonVulc/Pentest-Tools +- https://github.com/Bywalks/WeblogicScan - https://github.com/Cymmetria/weblogic_honeypot +- https://github.com/Delishsploits/PayloadsAndMethodology - https://github.com/DynamicDesignz/Alien-Framework - https://github.com/ETOCheney/JavaDeserialization - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/Flerov/WindowsExploitDev - https://github.com/FoolMitAh/WeblogicScan - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet +- https://github.com/GuynnR/Payloads - https://github.com/JackyTsuuuy/weblogic_wls_rce_poc-exp - https://github.com/Jean-Francois-C/Windows-Penetration-Testing - https://github.com/Luffin/CVE-2017-10271 - https://github.com/Muhammd/Awesome-Payloads +- https://github.com/Nieuport/PayloadsAllTheThings - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/ParrotSec-CN/ParrotSecCN_Community_QQbot - https://github.com/Prodject/Kn0ck @@ -52,18 +56,23 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/amcai/myscan - https://github.com/andrysec/PayloadsAllVulnerability - https://github.com/anhtu97/PayloadAllEverything +- https://github.com/apkadmin/PayLoadsAll - https://github.com/awsassets/weblogic_exploit - https://github.com/bigblackhat/oFx - https://github.com/bigsizeme/weblogic-XMLDecoder - https://github.com/bmcculley/CVE-2017-10271 - https://github.com/c0mmand3rOpSec/CVE-2017-10271 +- https://github.com/chanchalpatra/payload - https://github.com/cjjduck/weblogic_wls_wsat_rce - https://github.com/cranelab/exploit-development - https://github.com/cross2to/betaseclab_tools +- https://github.com/diggid4ever/Weblogic-XMLDecoder-POC - https://github.com/dr0op/WeblogicScan - https://github.com/fengjixuchui/RedTeamer - https://github.com/hanc00l/some_pocsuite +- https://github.com/hellochunqiu/PayloadsAllTheThings - https://github.com/hktalent/myhktools +- https://github.com/hmoytx/weblogicscan - https://github.com/jas502n/CNVD-C-2019-48814 - https://github.com/jas502n/cve-2019-2618 - https://github.com/jiangsir404/POC-S @@ -73,8 +82,14 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/kkirsche/CVE-2017-10271 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet - https://github.com/koutto/jok3r-pocs +- https://github.com/ksw9722/PayloadsAllTheThings - https://github.com/lonehand/Oracle-WebLogic-CVE-2017-10271-master +- https://github.com/lp008/Hack-readme +- https://github.com/m1dsummer/AD-2021 +- https://github.com/maya6/-scan- - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +- https://github.com/mrhacker51/ReverseShellCommands +- https://github.com/nevidimk0/PayloadsAllTheThings - https://github.com/nihaohello/N-MiddlewareScan - https://github.com/oneplus-x/Sn1per - https://github.com/papa-anniekey/CustomSignatures @@ -82,20 +97,26 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/peterpeter228/Oracle-WebLogic-CVE-2017-10271 - https://github.com/pimps/CVE-2019-2725 - https://github.com/pssss/CVE-2017-10271 +- https://github.com/pwnagelabs/VEF - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/r0eXpeR/redteam_vul - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/s3xy/CVE-2017-10271 +- https://github.com/safe6Sec/wlsEnv - https://github.com/seruling/weblogic-wsat-scan +- https://github.com/severnake/Pentest-Tools - https://github.com/shack2/javaserializetools - https://github.com/skytina/CNVD-C-2019-48814-COMMON - https://github.com/sobinge/--1 - https://github.com/sobinge/PayloadsAllTheThings +- https://github.com/sobinge/PayloadsAllThesobinge - https://github.com/sobinge/nuclei-templates - https://github.com/superfish9/pt +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/theyoge/AD-Pentesting-Tools - https://github.com/unusualwork/Sn1per - https://github.com/veo/vscan +- https://github.com/winterwolf32/PayloadsAllTheThings - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/zema1/oracle-vuln-crawler diff --git a/2017/CVE-2017-10686.md b/2017/CVE-2017-10686.md index 3e2e46da0d..1f06fe49b6 100644 --- a/2017/CVE-2017-10686.md +++ b/2017/CVE-2017-10686.md @@ -13,5 +13,5 @@ In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vuln - https://bugzilla.nasm.us/show_bug.cgi?id=3392414 #### Github -No PoCs found on GitHub currently. +- https://github.com/strongcourage/uafbench diff --git a/2017/CVE-2017-11164.md b/2017/CVE-2017-11164.md index 3325e0524c..fe2301b8af 100644 --- a/2017/CVE-2017-11164.md +++ b/2017/CVE-2017-11164.md @@ -14,7 +14,10 @@ In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows #### Github - https://github.com/andir/nixos-issue-db-example +- https://github.com/brandoncamenisch/release-the-code-litecoin - https://github.com/dispera/giant-squid +- https://github.com/domyrtille/interview_project +- https://github.com/epequeno/devops-demo - https://github.com/flyrev/security-scan-ci-presentation - https://github.com/garethr/snykout - https://github.com/nedenwalker/spring-boot-app-using-gradle diff --git a/2017/CVE-2017-11176.md b/2017/CVE-2017-11176.md index b1ca46efc5..ba26bdb8fc 100644 --- a/2017/CVE-2017-11176.md +++ b/2017/CVE-2017-11176.md @@ -16,11 +16,13 @@ The mq_notify function in the Linux kernel through 4.11.9 does not set the sock #### Github - https://github.com/Al1ex/LinuxEelvation - https://github.com/Flerov/WindowsExploitDev +- https://github.com/ahpaleus/ahp_cheatsheet - https://github.com/anoaghost/Localroot_Compile - https://github.com/bsauce/kernel-exploit-factory - https://github.com/bsauce/kernel-security-learning - https://github.com/cranelab/exploit-development - https://github.com/gladiopeace/awesome-stars +- https://github.com/klecko/exploits - https://github.com/thdusdl1219/CVE-Study - https://github.com/xairy/linux-kernel-exploitation diff --git a/2017/CVE-2017-11317.md b/2017/CVE-2017-11317.md index 65b9919492..58f4eec2ec 100644 --- a/2017/CVE-2017-11317.md +++ b/2017/CVE-2017-11317.md @@ -20,6 +20,7 @@ Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 bef - https://github.com/bao7uo/dp_crypto - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/mcgyver5/scrap_telerik - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2017/CVE-2017-11826.md b/2017/CVE-2017-11826.md index 60cd2559f7..ebc0c452f7 100644 --- a/2017/CVE-2017-11826.md +++ b/2017/CVE-2017-11826.md @@ -15,6 +15,7 @@ Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010 #### Github - https://github.com/9aylas/DDE-MS_WORD-Exploit_Detector +- https://github.com/JoeyZzZzZz/JoeyZzZzZz.github.io - https://github.com/abhishek283/AmexCodeChallange - https://github.com/houjingyi233/office-exploit-case-study - https://github.com/pandazheng/Threat-Intelligence-Analyst diff --git a/2017/CVE-2017-11852.md b/2017/CVE-2017-11852.md new file mode 100644 index 0000000000..5aa76c2abf --- /dev/null +++ b/2017/CVE-2017-11852.md @@ -0,0 +1,17 @@ +### [CVE-2017-11852](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11852) +![](https://img.shields.io/static/v1?label=Product&message=GDI&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) + +### Description + +Microsoft GDI Component in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an attacker to log on to an affected system and run a specially crafted application to compromise the user's system, due improperly disclosing kernel memory addresses, aka "Windows GDI Information Disclosure Vulnerability". + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ksyang-hj/ksyang-hj + diff --git a/2017/CVE-2017-11882.md b/2017/CVE-2017-11882.md index 0806258b32..9a293f2bd3 100644 --- a/2017/CVE-2017-11882.md +++ b/2017/CVE-2017-11882.md @@ -24,10 +24,13 @@ Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Micr - https://github.com/0x09AL/CVE-2017-11882-metasploit - https://github.com/0xT11/CVE-POC - https://github.com/404notf0und/Security-Data-Analysis-and-Visualization +- https://github.com/Apri1y/Red-Team-links +- https://github.com/BENARBIAfiras/SophosLabs-Intelix - https://github.com/BlackMathIT/2017-11882_Generator - https://github.com/CSC-pentest/cve-2017-11882 - https://github.com/ChaitanyaHaritash/CVE-2017-11882 - https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections +- https://github.com/CyberSift/CyberSift-Alerts - https://github.com/Echocipher/Resource-list - https://github.com/FlatL1neAPT/MS-Office - https://github.com/Flerov/WindowsExploitDev @@ -51,6 +54,7 @@ Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Micr - https://github.com/dactoankmapydev/crawler0121 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/edeca/rtfraptor +- https://github.com/ekgg/Overflow-Demo-CVE-2017-11882 - https://github.com/emaan122/Note2 - https://github.com/embedi/CVE-2017-11882 - https://github.com/eric-erki/APT_CyberCriminal_Campagin_Collections @@ -58,7 +62,10 @@ Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Micr - https://github.com/gold1029/Red-Teaming-Toolkit - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/houjingyi233/office-exploit-case-study +- https://github.com/hudunkey/Red-Team-links - https://github.com/iwarsong/apt +- https://github.com/jaychouzzk/- +- https://github.com/john-80/-007 - https://github.com/jstrosch/malware-samples - https://github.com/jvdroit/APT_CyberCriminal_Campagin_Collections - https://github.com/likescam/APT_CyberCriminal_Campagin_Collections @@ -69,13 +76,16 @@ Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Micr - https://github.com/likescam/Red-Teaming-Toolkit_all_pentests - https://github.com/lisinan988/CVE-2017-11882-exp - https://github.com/littlebin404/CVE-2017-11882 +- https://github.com/lp008/Hack-readme - https://github.com/mucahittopal/Pentesting-Pratic-Notes - https://github.com/nitishbadole/pentesting_Notes - https://github.com/pandazheng/Threat-Intelligence-Analyst - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qiantu88/office-cve +- https://github.com/r0eXpeR/supplier - https://github.com/rxwx/CVE-2018-0802 - https://github.com/shr3ddersec/Shr3dKit +- https://github.com/slimdaddy/RedTeam - https://github.com/starnightcyber/CVE-2017-11882 - https://github.com/sumas/APT_CyberCriminal_Campagin_Collections - https://github.com/tingsama/hacking-p2 @@ -84,6 +94,7 @@ Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Micr - https://github.com/wrlu/Vulnerabilities - https://github.com/wzxmt/CVE-2017 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool - https://github.com/xiaoy-sec/Pentest_Note - https://github.com/zhang040723/web - https://github.com/zhouat/cve-2017-11882 diff --git a/2017/CVE-2017-12149.md b/2017/CVE-2017-12149.md index 95fac5e1e9..6532581694 100644 --- a/2017/CVE-2017-12149.md +++ b/2017/CVE-2017-12149.md @@ -28,6 +28,7 @@ In Jboss Application Server as shipped with Red Hat Enterprise Application Platf - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/SexyBeast233/SecBooks - https://github.com/YIXINSHUWU/Penetration_Testing_POC +- https://github.com/chalern/Pentest-Tools - https://github.com/fengjixuchui/RedTeamer - https://github.com/fupinglee/JavaTools - https://github.com/hasee2018/Penetration_Testing_POC @@ -49,6 +50,7 @@ In Jboss Application Server as shipped with Red Hat Enterprise Application Platf - https://github.com/sevck/CVE-2017-12149 - https://github.com/superfish9/pt - https://github.com/taielab/awesome-hacking-lists +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/veo/vscan - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/x-f1v3/Vulnerability_Environment diff --git a/2017/CVE-2017-12610.md b/2017/CVE-2017-12610.md new file mode 100644 index 0000000000..35121a2b8f --- /dev/null +++ b/2017/CVE-2017-12610.md @@ -0,0 +1,17 @@ +### [CVE-2017-12610](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12610) +![](https://img.shields.io/static/v1?label=Product&message=Apache%20Kafka&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) + +### Description + +In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/isxbot/software-assurance + diff --git a/2017/CVE-2017-12611.md b/2017/CVE-2017-12611.md index df0a0100b8..7c8f9746ef 100644 --- a/2017/CVE-2017-12611.md +++ b/2017/CVE-2017-12611.md @@ -23,6 +23,7 @@ No PoCs from references. - https://github.com/brianwrf/S2-053-CVE-2017-12611 - https://github.com/khodges42/Etrata - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/whoadmin/pocs - https://github.com/woods-sega/woodswiki - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2017/CVE-2017-12615.md b/2017/CVE-2017-12615.md index c645b91b0d..20f5b179ea 100644 --- a/2017/CVE-2017-12615.md +++ b/2017/CVE-2017-12615.md @@ -35,6 +35,8 @@ When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e. - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc - https://github.com/jweny/pocassistdb +- https://github.com/lp008/Hack-readme +- https://github.com/maya6/-scan- - https://github.com/mefulton/cve-2017-12615 - https://github.com/nixawk/labs - https://github.com/oneplus-x/MS17-010 @@ -43,6 +45,7 @@ When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e. - https://github.com/safe6Sec/PentestNote - https://github.com/sobinge/nuclei-templates - https://github.com/superfish9/pt +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/underattack-today/underattack-py - https://github.com/veo/vscan - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2017/CVE-2017-12617.md b/2017/CVE-2017-12617.md index 7537dc2208..641bd460d1 100644 --- a/2017/CVE-2017-12617.md +++ b/2017/CVE-2017-12617.md @@ -18,9 +18,12 @@ When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC - https://github.com/3vikram/Application-Vulnerabilities-Payloads - https://github.com/84KaliPleXon3/Payloads_All_The_Things - https://github.com/Cyberleet1337/Payloadswebhack +- https://github.com/Delishsploits/PayloadsAndMethodology - https://github.com/DynamicDesignz/Alien-Framework +- https://github.com/GuynnR/Payloads - https://github.com/Kaizhe/attacker - https://github.com/Muhammd/Awesome-Payloads +- https://github.com/Nieuport/PayloadsAllTheThings - https://github.com/Prodject/Kn0ck - https://github.com/Ra7mo0on/PayloadsAllTheThings - https://github.com/SexyBeast233/SecBooks @@ -28,18 +31,29 @@ When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC - https://github.com/XPR1M3/Payloads_All_The_Things - https://github.com/andrysec/PayloadsAllVulnerability - https://github.com/anhtu97/PayloadAllEverything +- https://github.com/apkadmin/PayLoadsAll - https://github.com/aylincetin/PayloadsAllTheThings +- https://github.com/chanchalpatra/payload - https://github.com/cyberheartmi9/CVE-2017-12617 - https://github.com/devcoinfet/CVE-2017-12617 +- https://github.com/hellochunqiu/PayloadsAllTheThings - https://github.com/hktalent/myhktools +- https://github.com/ilmari666/cybsec - https://github.com/kk98kk0/Payloads - https://github.com/koutto/jok3r-pocs +- https://github.com/ksw9722/PayloadsAllTheThings +- https://github.com/maya6/-scan- +- https://github.com/mrhacker51/ReverseShellCommands +- https://github.com/nevidimk0/PayloadsAllTheThings - https://github.com/oneplus-x/Sn1per - https://github.com/ozkanbilge/Payloads - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/scxiaotan1/Docker - https://github.com/sobinge/--1 - https://github.com/sobinge/PayloadsAllTheThings +- https://github.com/sobinge/PayloadsAllThesobinge - https://github.com/unusualwork/Sn1per +- https://github.com/winterwolf32/PayloadsAllTheThings - https://github.com/woods-sega/woodswiki - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/ycdxsb/Exploits diff --git a/2017/CVE-2017-12945.md b/2017/CVE-2017-12945.md index ca897e3818..8325be4385 100644 --- a/2017/CVE-2017-12945.md +++ b/2017/CVE-2017-12945.md @@ -14,5 +14,6 @@ Insufficient validation of user-supplied input for the Solstice Pod before 2.8.4 - https://www.exploit-db.com/exploits/47722 #### Github -No PoCs found on GitHub currently. +- https://github.com/aress31/cve-2017-12945 +- https://github.com/aress31/solstice-pod-cves diff --git a/2017/CVE-2017-12982.md b/2017/CVE-2017-12982.md index 436de6b774..d6b022dc86 100644 --- a/2017/CVE-2017-12982.md +++ b/2017/CVE-2017-12982.md @@ -14,5 +14,6 @@ The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG 2.2.0 does - https://github.com/uclouvain/openjpeg/issues/983 #### Github -No PoCs found on GitHub currently. +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark diff --git a/2017/CVE-2017-13716.md b/2017/CVE-2017-13716.md index 0ceeb44200..6ce7393432 100644 --- a/2017/CVE-2017-13716.md +++ b/2017/CVE-2017-13716.md @@ -13,6 +13,7 @@ The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers diff --git a/2017/CVE-2017-13861.md b/2017/CVE-2017-13861.md index c27c5eae6a..d07a8934e4 100644 --- a/2017/CVE-2017-13861.md +++ b/2017/CVE-2017-13861.md @@ -15,6 +15,7 @@ An issue was discovered in certain Apple products. iOS before 11.2 is affected. #### Github - https://github.com/Jailbreaks/async_wake_ios +- https://github.com/WRFan/jailbreak10.3.3 - https://github.com/blacktop/async_wake - https://github.com/houjingyi233/macOS-iOS-system-security diff --git a/2017/CVE-2017-14041.md b/2017/CVE-2017-14041.md index 8b7a788e6e..31dfca5d9f 100644 --- a/2017/CVE-2017-14041.md +++ b/2017/CVE-2017-14041.md @@ -11,6 +11,7 @@ A stack-based buffer overflow was discovered in the pgxtoimage function in bin/j #### Reference - https://blogs.gentoo.org/ago/2017/08/28/openjpeg-stack-based-buffer-overflow-write-in-pgxtoimage-convert-c/ +- https://github.com/uclouvain/openjpeg/issues/997 #### Github No PoCs found on GitHub currently. diff --git a/2017/CVE-2017-14151.md b/2017/CVE-2017-14151.md index 3c039a748f..d70fce7c09 100644 --- a/2017/CVE-2017-14151.md +++ b/2017/CVE-2017-14151.md @@ -11,6 +11,7 @@ An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_data in li #### Reference - https://blogs.gentoo.org/ago/2017/08/16/openjpeg-heap-based-buffer-overflow-in-opj_mqc_flush-mqc-c/ +- https://github.com/uclouvain/openjpeg/issues/982 #### Github No PoCs found on GitHub currently. diff --git a/2017/CVE-2017-14164.md b/2017/CVE-2017-14164.md index eed362489b..b92991bf31 100644 --- a/2017/CVE-2017-14164.md +++ b/2017/CVE-2017-14164.md @@ -11,6 +11,7 @@ A size-validation issue was discovered in opj_j2k_write_sot in lib/openjp2/j2k.c #### Reference - https://blogs.gentoo.org/ago/2017/09/06/heap-based-buffer-overflow-in-opj_write_bytes_le-cio-c-incomplete-fix-for-cve-2017-14152/ +- https://github.com/uclouvain/openjpeg/issues/991 #### Github - https://github.com/cacad-ntu/CZ4062-assignment diff --git a/2017/CVE-2017-14650.md b/2017/CVE-2017-14650.md new file mode 100644 index 0000000000..4e511149af --- /dev/null +++ b/2017/CVE-2017-14650.md @@ -0,0 +1,17 @@ +### [CVE-2017-14650](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14650) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A Remote Code Execution vulnerability has been found in the Horde_Image library when using the "Im" backend that utilizes ImageMagick's "convert" utility. It's not exploitable through any Horde application, because the code path to the vulnerability is not used by any Horde code. Custom applications using the Horde_Image library might be affected. This vulnerability affects all versions of Horde_Image from 2.0.0 to 2.5.1, and is fixed in 2.5.2. The problem is missing input validation of the index field in _raw() during construction of an ImageMagick command line. + +### POC + +#### Reference +- https://github.com/horde/horde/commit/eb3afd14c22c77ae0d29e2848f5ac726ef6e7c5b + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-14930.md b/2017/CVE-2017-14930.md index b740286928..f419c8a834 100644 --- a/2017/CVE-2017-14930.md +++ b/2017/CVE-2017-14930.md @@ -13,6 +13,7 @@ Memory leak in decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) - https://sourceware.org/bugzilla/show_bug.cgi?id=22191 #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers diff --git a/2017/CVE-2017-15095.md b/2017/CVE-2017-15095.md index 6e4930ff0d..f41cf7ff54 100644 --- a/2017/CVE-2017-15095.md +++ b/2017/CVE-2017-15095.md @@ -17,7 +17,9 @@ No PoCs from references. - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/SecureSkyTechnology/study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095 +- https://github.com/ilmari666/cybsec - https://github.com/klausware/Java-Deserialization-Cheat-Sheet - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/taielab/awesome-hacking-lists +- https://github.com/yahoo/cubed diff --git a/2017/CVE-2017-15710.md b/2017/CVE-2017-15710.md index a1b49d389c..5240a25fdb 100644 --- a/2017/CVE-2017-15710.md +++ b/2017/CVE-2017-15710.md @@ -13,6 +13,7 @@ In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_auth No PoCs from references. #### Github +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/rackerlabs/insightvm_slackbot - https://github.com/rnbochsr/yr_of_the_jellyfish - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough diff --git a/2017/CVE-2017-15715.md b/2017/CVE-2017-15715.md index 28a454f26f..37e9e9ea49 100644 --- a/2017/CVE-2017-15715.md +++ b/2017/CVE-2017-15715.md @@ -18,6 +18,7 @@ In Apache httpd 2.4.0 to 2.4.29, the expression specified in could - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/Fa1c0n35/Web-CTF-Cheatshee - https://github.com/SexyBeast233/SecBooks +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/duckstroms/Web-CTF-Cheatsheet - https://github.com/hacden/vultools - https://github.com/hailan09/Hacker diff --git a/2017/CVE-2017-15906.md b/2017/CVE-2017-15906.md index 24624947dd..9ae7ae9621 100644 --- a/2017/CVE-2017-15906.md +++ b/2017/CVE-2017-15906.md @@ -13,6 +13,7 @@ The process_open function in sftp-server.c in OpenSSH before 7.6 does not proper No PoCs from references. #### Github +- https://github.com/project7io/nmap - https://github.com/syadg123/pigat - https://github.com/teamssix/pigat - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough diff --git a/2017/CVE-2017-15996.md b/2017/CVE-2017-15996.md new file mode 100644 index 0000000000..93fff25a35 --- /dev/null +++ b/2017/CVE-2017-15996.md @@ -0,0 +1,18 @@ +### [CVE-2017-15996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15996) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper conditional jump, and the get_archive_member_name, process_archive_index_and_symbols, and setup_archive functions. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark + diff --git a/2017/CVE-2017-16026.md b/2017/CVE-2017-16026.md index af6e3e9b5c..6829c98143 100644 --- a/2017/CVE-2017-16026.md +++ b/2017/CVE-2017-16026.md @@ -10,7 +10,7 @@ Request is an http client. If a request is made using ```multipart```, and the b ### POC #### Reference -No PoCs from references. +- https://github.com/request/request/issues/1904 #### Github - https://github.com/ossf-cve-benchmark/CVE-2017-16026 diff --git a/2017/CVE-2017-16031.md b/2017/CVE-2017-16031.md index 81a536c7f8..8998cda1ac 100644 --- a/2017/CVE-2017-16031.md +++ b/2017/CVE-2017-16031.md @@ -13,5 +13,6 @@ Socket.io is a realtime application framework that provides communication via we No PoCs from references. #### Github +- https://github.com/PalindromeLabs/awesome-websocket-security - https://github.com/ossf-cve-benchmark/CVE-2017-16031 diff --git a/2017/CVE-2017-16085.md b/2017/CVE-2017-16085.md new file mode 100644 index 0000000000..b806b047d8 --- /dev/null +++ b/2017/CVE-2017-16085.md @@ -0,0 +1,17 @@ +### [CVE-2017-16085](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16085) +![](https://img.shields.io/static/v1?label=Product&message=tinyserver2%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +tinyserver2 is a webserver for static files. tinyserver2 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/tinyserver2 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16093.md b/2017/CVE-2017-16093.md new file mode 100644 index 0000000000..cf5bc73525 --- /dev/null +++ b/2017/CVE-2017-16093.md @@ -0,0 +1,17 @@ +### [CVE-2017-16093](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16093) +![](https://img.shields.io/static/v1?label=Product&message=cyber-js%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +cyber-js is a simple http server. A cyberjs server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/cyber-js + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16095.md b/2017/CVE-2017-16095.md new file mode 100644 index 0000000000..e62d27a6c0 --- /dev/null +++ b/2017/CVE-2017-16095.md @@ -0,0 +1,17 @@ +### [CVE-2017-16095](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16095) +![](https://img.shields.io/static/v1?label=Product&message=serverliujiayi1%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +serverliujiayi1 is a simple http server. serverliujiayi1 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/serverliujiayi1 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16097.md b/2017/CVE-2017-16097.md new file mode 100644 index 0000000000..a367c67b3e --- /dev/null +++ b/2017/CVE-2017-16097.md @@ -0,0 +1,17 @@ +### [CVE-2017-16097](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16097) +![](https://img.shields.io/static/v1?label=Product&message=tiny-http%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +tiny-http is a simple http server. tiny-http is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/tiny-http + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16101.md b/2017/CVE-2017-16101.md new file mode 100644 index 0000000000..2d5c895f0f --- /dev/null +++ b/2017/CVE-2017-16101.md @@ -0,0 +1,17 @@ +### [CVE-2017-16101](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16101) +![](https://img.shields.io/static/v1?label=Product&message=serverwg%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +serverwg is a simple http server. serverwg is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/serverwg + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16102.md b/2017/CVE-2017-16102.md new file mode 100644 index 0000000000..754197d316 --- /dev/null +++ b/2017/CVE-2017-16102.md @@ -0,0 +1,17 @@ +### [CVE-2017-16102](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16102) +![](https://img.shields.io/static/v1?label=Product&message=serverhuwenhui%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +serverhuwenhui is a simple http server. serverhuwenhui is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/serverhuwenhui + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16104.md b/2017/CVE-2017-16104.md new file mode 100644 index 0000000000..b9eb5df029 --- /dev/null +++ b/2017/CVE-2017-16104.md @@ -0,0 +1,17 @@ +### [CVE-2017-16104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16104) +![](https://img.shields.io/static/v1?label=Product&message=citypredict.whauwiller%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +citypredict.whauwiller is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/citypredict.whauwiller + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16107.md b/2017/CVE-2017-16107.md index e223c4810b..2948d7d2c1 100644 --- a/2017/CVE-2017-16107.md +++ b/2017/CVE-2017-16107.md @@ -10,7 +10,7 @@ pooledwebsocket is vulnerable to a directory traversal issue, giving an attacker ### POC #### Reference -No PoCs from references. +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/pooledwebsocket #### Github - https://github.com/ossf-cve-benchmark/CVE-2017-16107 diff --git a/2017/CVE-2017-16109.md b/2017/CVE-2017-16109.md new file mode 100644 index 0000000000..cf9ecf5763 --- /dev/null +++ b/2017/CVE-2017-16109.md @@ -0,0 +1,17 @@ +### [CVE-2017-16109](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16109) +![](https://img.shields.io/static/v1?label=Product&message=easyquick%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +easyquick is a simple web server. easyquick is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Access is constrained, however, to supported file types. Requesting a file such as /etc/passwd returns a "not supported" error. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/easyquick + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16123.md b/2017/CVE-2017-16123.md new file mode 100644 index 0000000000..1a1ec37571 --- /dev/null +++ b/2017/CVE-2017-16123.md @@ -0,0 +1,17 @@ +### [CVE-2017-16123](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16123) +![](https://img.shields.io/static/v1?label=Product&message=welcomyzt%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +welcomyzt is a simple file server. welcomyzt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/pooledwebsocket + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16131.md b/2017/CVE-2017-16131.md new file mode 100644 index 0000000000..ac5bcfbeae --- /dev/null +++ b/2017/CVE-2017-16131.md @@ -0,0 +1,17 @@ +### [CVE-2017-16131](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16131) +![](https://img.shields.io/static/v1?label=Product&message=unicorn-list%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +unicorn-list is a web framework. unicorn-list is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/unicorn-list + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16133.md b/2017/CVE-2017-16133.md new file mode 100644 index 0000000000..4145589ce5 --- /dev/null +++ b/2017/CVE-2017-16133.md @@ -0,0 +1,17 @@ +### [CVE-2017-16133](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16133) +![](https://img.shields.io/static/v1?label=Product&message=goserv%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +goserv is an http server. goserv is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/goserv + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16135.md b/2017/CVE-2017-16135.md new file mode 100644 index 0000000000..d33f8cd423 --- /dev/null +++ b/2017/CVE-2017-16135.md @@ -0,0 +1,17 @@ +### [CVE-2017-16135](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16135) +![](https://img.shields.io/static/v1?label=Product&message=serverzyy%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +serverzyy is a static file server. serverzyy is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/serverzyy + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16140.md b/2017/CVE-2017-16140.md new file mode 100644 index 0000000000..34afd4e31e --- /dev/null +++ b/2017/CVE-2017-16140.md @@ -0,0 +1,17 @@ +### [CVE-2017-16140](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16140) +![](https://img.shields.io/static/v1?label=Product&message=lab6.brit95%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +lab6.brit95 is a file server. lab6.brit95 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/lab6.brit95 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16141.md b/2017/CVE-2017-16141.md new file mode 100644 index 0000000000..afe355787c --- /dev/null +++ b/2017/CVE-2017-16141.md @@ -0,0 +1,17 @@ +### [CVE-2017-16141](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16141) +![](https://img.shields.io/static/v1?label=Product&message=lab6drewfusbyu%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +lab6drewfusbyu is an http server. lab6drewfusbyu is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/lab6drewfusbyu + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16142.md b/2017/CVE-2017-16142.md new file mode 100644 index 0000000000..14c154ae49 --- /dev/null +++ b/2017/CVE-2017-16142.md @@ -0,0 +1,17 @@ +### [CVE-2017-16142](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16142) +![](https://img.shields.io/static/v1?label=Product&message=infraserver%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +infraserver is a RESTful server. infraserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/infraserver + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16143.md b/2017/CVE-2017-16143.md new file mode 100644 index 0000000000..05639ab063 --- /dev/null +++ b/2017/CVE-2017-16143.md @@ -0,0 +1,17 @@ +### [CVE-2017-16143](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16143) +![](https://img.shields.io/static/v1?label=Product&message=commentapp.stetsonwood%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +commentapp.stetsonwood is an http server. commentapp.stetsonwood is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/commentapp.stetsonwood + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16146.md b/2017/CVE-2017-16146.md new file mode 100644 index 0000000000..d97ff2a844 --- /dev/null +++ b/2017/CVE-2017-16146.md @@ -0,0 +1,17 @@ +### [CVE-2017-16146](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16146) +![](https://img.shields.io/static/v1?label=Product&message=mockserve%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +mockserve is a file server. mockserve is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/mockserve + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16149.md b/2017/CVE-2017-16149.md new file mode 100644 index 0000000000..6917a49988 --- /dev/null +++ b/2017/CVE-2017-16149.md @@ -0,0 +1,17 @@ +### [CVE-2017-16149](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16149) +![](https://img.shields.io/static/v1?label=Product&message=zwserver%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +zwserver is a weather web server. zwserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/zwserver + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16150.md b/2017/CVE-2017-16150.md new file mode 100644 index 0000000000..5c489fcab6 --- /dev/null +++ b/2017/CVE-2017-16150.md @@ -0,0 +1,17 @@ +### [CVE-2017-16150](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16150) +![](https://img.shields.io/static/v1?label=Product&message=wangguojing123%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +wanggoujing123 is a simple webserver. wanggoujing123 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/wangguojing123 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16157.md b/2017/CVE-2017-16157.md new file mode 100644 index 0000000000..858b219ebc --- /dev/null +++ b/2017/CVE-2017-16157.md @@ -0,0 +1,17 @@ +### [CVE-2017-16157](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16157) +![](https://img.shields.io/static/v1?label=Product&message=censorify.tanisjr%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +censorify.tanisjr is a simple web server and API RESTful service. censorify.tanisjr is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/censorify.tanisjr + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16158.md b/2017/CVE-2017-16158.md new file mode 100644 index 0000000000..6de2f34386 --- /dev/null +++ b/2017/CVE-2017-16158.md @@ -0,0 +1,17 @@ +### [CVE-2017-16158](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16158) +![](https://img.shields.io/static/v1?label=Product&message=dcserver%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +dcserver is a static file server. dcserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/tiny-http + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16159.md b/2017/CVE-2017-16159.md new file mode 100644 index 0000000000..8bf4413bdc --- /dev/null +++ b/2017/CVE-2017-16159.md @@ -0,0 +1,17 @@ +### [CVE-2017-16159](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16159) +![](https://img.shields.io/static/v1?label=Product&message=caolilinode%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +caolilinode is a simple file server. caolilinode is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/caolilinode + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16165.md b/2017/CVE-2017-16165.md new file mode 100644 index 0000000000..b44a1e6fed --- /dev/null +++ b/2017/CVE-2017-16165.md @@ -0,0 +1,17 @@ +### [CVE-2017-16165](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16165) +![](https://img.shields.io/static/v1?label=Product&message=calmquist.static-server%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +calmquist.static-server is a static file server. calmquist.static-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/calmquist.static-server + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16169.md b/2017/CVE-2017-16169.md new file mode 100644 index 0000000000..22b1ec6875 --- /dev/null +++ b/2017/CVE-2017-16169.md @@ -0,0 +1,17 @@ +### [CVE-2017-16169](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16169) +![](https://img.shields.io/static/v1?label=Product&message=looppake%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +looppake is a simple http server. looppake is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/looppake + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16172.md b/2017/CVE-2017-16172.md new file mode 100644 index 0000000000..1ca4729348 --- /dev/null +++ b/2017/CVE-2017-16172.md @@ -0,0 +1,17 @@ +### [CVE-2017-16172](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16172) +![](https://img.shields.io/static/v1?label=Product&message=section2.madisonjbrooks12%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +section2.madisonjbrooks12 is a simple web server. section2.madisonjbrooks12 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/section2.madisonjbrooks12 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16175.md b/2017/CVE-2017-16175.md new file mode 100644 index 0000000000..06f7cc6b58 --- /dev/null +++ b/2017/CVE-2017-16175.md @@ -0,0 +1,17 @@ +### [CVE-2017-16175](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16175) +![](https://img.shields.io/static/v1?label=Product&message=ewgaddis.lab6%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +ewgaddis.lab6 is a file server. ewgaddis.lab6 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/ewgaddis.lab6 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16176.md b/2017/CVE-2017-16176.md new file mode 100644 index 0000000000..5c62583b65 --- /dev/null +++ b/2017/CVE-2017-16176.md @@ -0,0 +1,17 @@ +### [CVE-2017-16176](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16176) +![](https://img.shields.io/static/v1?label=Product&message=jansenstuffpleasework%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +jansenstuffpleasework is a file server. jansenstuffpleasework is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/jansenstuffpleasework + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16180.md b/2017/CVE-2017-16180.md new file mode 100644 index 0000000000..5bee0029ed --- /dev/null +++ b/2017/CVE-2017-16180.md @@ -0,0 +1,17 @@ +### [CVE-2017-16180](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16180) +![](https://img.shields.io/static/v1?label=Product&message=serverabc%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +serverabc is a static file server. serverabc is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/serverabc + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16183.md b/2017/CVE-2017-16183.md new file mode 100644 index 0000000000..f5fe59c04f --- /dev/null +++ b/2017/CVE-2017-16183.md @@ -0,0 +1,17 @@ +### [CVE-2017-16183](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16183) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +iter-server is a static file server. iter-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/iter-server + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16185.md b/2017/CVE-2017-16185.md new file mode 100644 index 0000000000..15fac61f80 --- /dev/null +++ b/2017/CVE-2017-16185.md @@ -0,0 +1,17 @@ +### [CVE-2017-16185](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16185) +![](https://img.shields.io/static/v1?label=Product&message=uekw1511server%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +uekw1511server is a static file server. uekw1511server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/uekw1511server + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16187.md b/2017/CVE-2017-16187.md new file mode 100644 index 0000000000..e7ff86db11 --- /dev/null +++ b/2017/CVE-2017-16187.md @@ -0,0 +1,17 @@ +### [CVE-2017-16187](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16187) +![](https://img.shields.io/static/v1?label=Product&message=open-device%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +open-device creates a web interface for any device. open-device is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/open-device + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16188.md b/2017/CVE-2017-16188.md new file mode 100644 index 0000000000..4313eccd71 --- /dev/null +++ b/2017/CVE-2017-16188.md @@ -0,0 +1,17 @@ +### [CVE-2017-16188](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16188) +![](https://img.shields.io/static/v1?label=Product&message=reecerver%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +reecerver is a web server. reecerver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/reecerver + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16189.md b/2017/CVE-2017-16189.md new file mode 100644 index 0000000000..42dfdd40ee --- /dev/null +++ b/2017/CVE-2017-16189.md @@ -0,0 +1,17 @@ +### [CVE-2017-16189](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16189) +![](https://img.shields.io/static/v1?label=Product&message=sly07%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +sly07 is an API for censoring text. sly07 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/sly07 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16191.md b/2017/CVE-2017-16191.md new file mode 100644 index 0000000000..f77da325b1 --- /dev/null +++ b/2017/CVE-2017-16191.md @@ -0,0 +1,17 @@ +### [CVE-2017-16191](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16191) +![](https://img.shields.io/static/v1?label=Product&message=cypserver%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +cypserver is a static file server. cypserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/cypserver + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16194.md b/2017/CVE-2017-16194.md new file mode 100644 index 0000000000..e18d62c288 --- /dev/null +++ b/2017/CVE-2017-16194.md @@ -0,0 +1,17 @@ +### [CVE-2017-16194](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16194) +![](https://img.shields.io/static/v1?label=Product&message=picard%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +picard is a micro framework. picard is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/picard + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16195.md b/2017/CVE-2017-16195.md new file mode 100644 index 0000000000..d4a540962b --- /dev/null +++ b/2017/CVE-2017-16195.md @@ -0,0 +1,17 @@ +### [CVE-2017-16195](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16195) +![](https://img.shields.io/static/v1?label=Product&message=pytservce%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +pytservce is a static file server. pytservce is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/pytservce + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16196.md b/2017/CVE-2017-16196.md new file mode 100644 index 0000000000..fba6aea660 --- /dev/null +++ b/2017/CVE-2017-16196.md @@ -0,0 +1,17 @@ +### [CVE-2017-16196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16196) +![](https://img.shields.io/static/v1?label=Product&message=quickserver%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +quickserver is a simple static file server. quickserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/quickserver + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16208.md b/2017/CVE-2017-16208.md new file mode 100644 index 0000000000..0cf8aee763 --- /dev/null +++ b/2017/CVE-2017-16208.md @@ -0,0 +1,17 @@ +### [CVE-2017-16208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16208) +![](https://img.shields.io/static/v1?label=Product&message=dmmcquay.lab6%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +dmmcquay.lab6 is a REST server. dmmcquay.lab6 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/dmmcquay.lab6 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16211.md b/2017/CVE-2017-16211.md new file mode 100644 index 0000000000..8280301fef --- /dev/null +++ b/2017/CVE-2017-16211.md @@ -0,0 +1,17 @@ +### [CVE-2017-16211](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16211) +![](https://img.shields.io/static/v1?label=Product&message=lessindex%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +lessindex is a static file server. lessindex is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/lessindex + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16216.md b/2017/CVE-2017-16216.md new file mode 100644 index 0000000000..6108d72913 --- /dev/null +++ b/2017/CVE-2017-16216.md @@ -0,0 +1,17 @@ +### [CVE-2017-16216](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16216) +![](https://img.shields.io/static/v1?label=Product&message=tencent-server%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +tencent-server is a simple web server. tencent-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/tencent-server + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16217.md b/2017/CVE-2017-16217.md new file mode 100644 index 0000000000..9f24c4230b --- /dev/null +++ b/2017/CVE-2017-16217.md @@ -0,0 +1,17 @@ +### [CVE-2017-16217](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16217) +![](https://img.shields.io/static/v1?label=Product&message=fbr-client%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +fbr-client sends files through sockets via socket.io and webRTC. fbr-client is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/fbr-client + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16219.md b/2017/CVE-2017-16219.md new file mode 100644 index 0000000000..2ea75a3cdc --- /dev/null +++ b/2017/CVE-2017-16219.md @@ -0,0 +1,17 @@ +### [CVE-2017-16219](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16219) +![](https://img.shields.io/static/v1?label=Product&message=yttivy%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +yttivy is a static file server. yttivy is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/yttivy + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16222.md b/2017/CVE-2017-16222.md new file mode 100644 index 0000000000..379d72aae8 --- /dev/null +++ b/2017/CVE-2017-16222.md @@ -0,0 +1,17 @@ +### [CVE-2017-16222](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16222) +![](https://img.shields.io/static/v1?label=Product&message=elding%20node%20module&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20Traversal%20(CWE-22)&color=brighgreen) + +### Description + +elding is a simple web server. elding is vulnerable to a directory traversal issue, allowing an attacker to access the filesystem by placing "../" in the url. The files accessible, however, are limited to files with a file extension. Sending a GET request to /../../../etc/passwd, for example, will return a 404 on etc/passwd/index.js. + +### POC + +#### Reference +- https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/elding + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16229.md b/2017/CVE-2017-16229.md new file mode 100644 index 0000000000..a3647c3f5b --- /dev/null +++ b/2017/CVE-2017-16229.md @@ -0,0 +1,17 @@ +### [CVE-2017-16229](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16229) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In the Ox gem 2.8.1 for Ruby, the process crashes with a stack-based buffer over-read in the read_from_str function in sax_buf.c when a crafted input is supplied to sax_parse. + +### POC + +#### Reference +- https://github.com/ohler55/ox/issues/195 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-16763.md b/2017/CVE-2017-16763.md index a21d1b3a6f..69f6e114f2 100644 --- a/2017/CVE-2017-16763.md +++ b/2017/CVE-2017-16763.md @@ -10,6 +10,7 @@ An exploitable vulnerability exists in the YAML parsing functionality in config. ### POC #### Reference +- https://github.com/bbengfort/confire/issues/24 - https://joel-malwarebenchmark.github.io/blog/2017/11/12/cve-2017-16763-configure-loaded-through-confire/ #### Github diff --git a/2017/CVE-2017-16905.md b/2017/CVE-2017-16905.md index 7bff8ebda6..03a0ff2eff 100644 --- a/2017/CVE-2017-16905.md +++ b/2017/CVE-2017-16905.md @@ -13,6 +13,12 @@ The DuoLingo TinyCards application before 1.0 for Android has one use of unencry No PoCs from references. #### Github +- https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups +- https://github.com/Saidul-M-Khan/Awesome-Bugbounty-Writeups +- https://github.com/ajino2k/Awesome-Bugbounty-Writeups +- https://github.com/blitz-cmd/Bugbounty-writeups +- https://github.com/bot8080/awesomeBugbounty +- https://github.com/deadcyph3r/Awesome-Collection - https://github.com/devanshbatham/Awesome-Bugbounty-Writeups - https://github.com/kyawthiha7/Mobile-App-Pentest diff --git a/2017/CVE-2017-16995.md b/2017/CVE-2017-16995.md index 8c23a9d12b..6d5d8a78ec 100644 --- a/2017/CVE-2017-16995.md +++ b/2017/CVE-2017-16995.md @@ -16,6 +16,7 @@ The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4 - https://www.exploit-db.com/exploits/45058/ #### Github +- https://github.com/84KaliPleXon3/linux-exploit-suggester - https://github.com/AfvanMoopen/tryhackme- - https://github.com/Al1ex/CVE-2017-16995 - https://github.com/Al1ex/LinuxEelvation @@ -42,6 +43,7 @@ The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4 - https://github.com/distance-vector/linux-kernel-exploits - https://github.com/fei9747/LinuxEelvation - https://github.com/fengjixuchui/RedTeamer +- https://github.com/holmes-py/King-of-the-hill - https://github.com/integeruser/on-pwning - https://github.com/jas502n/Ubuntu-0day - https://github.com/kumardineshwar/linux-kernel-exploits @@ -53,6 +55,9 @@ The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4 - https://github.com/rakjong/LinuxElevation - https://github.com/ret2p4nda/kernel-pwn - https://github.com/rootclay/Ubuntu-16.04-0Day +- https://github.com/stefanocutelle/linux-exploit-suggester +- https://github.com/thelostvoice/global-takeover +- https://github.com/thelostvoice/inept-us-military - https://github.com/xairy/linux-kernel-exploitation - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/xfinest/linux-kernel-exploits diff --git a/2017/CVE-2017-17405.md b/2017/CVE-2017-17405.md index ac30e29608..ccaa478f3b 100644 --- a/2017/CVE-2017-17405.md +++ b/2017/CVE-2017-17405.md @@ -18,6 +18,7 @@ Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, getbinaryfile - https://github.com/duckstroms/Web-CTF-Cheatsheet - https://github.com/mengdaya/Web-CTF-Cheatsheet - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/scumdestroy/pentest-scripts-for-dangerous-boys - https://github.com/w181496/Web-CTF-Cheatsheet - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2017/CVE-2017-17485.md b/2017/CVE-2017-17485.md index 6efba79a70..bdc2d34b49 100644 --- a/2017/CVE-2017-17485.md +++ b/2017/CVE-2017-17485.md @@ -17,6 +17,7 @@ FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthe - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/SugarP1g/LearningSecurity - https://github.com/hktalent/myhktools +- https://github.com/ilmari666/cybsec - https://github.com/irsl/jackson-rce-via-spel - https://github.com/klarna/kco_rest_java - https://github.com/klausware/Java-Deserialization-Cheat-Sheet @@ -24,4 +25,5 @@ FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthe - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/mymortal/expcode - https://github.com/shadowsock5/jackson-databind-POC +- https://github.com/yahoo/cubed diff --git a/2017/CVE-2017-18018.md b/2017/CVE-2017-18018.md index 7fca904361..0b069414ed 100644 --- a/2017/CVE-2017-18018.md +++ b/2017/CVE-2017-18018.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/andir/nixos-issue-db-example +- https://github.com/devopstales/trivy-operator - https://github.com/flyrev/security-scan-ci-presentation - https://github.com/garethr/snykout - https://github.com/phonito/phonito-scanner-action diff --git a/2017/CVE-2017-18362.md b/2017/CVE-2017-18362.md new file mode 100644 index 0000000000..dc108ad463 --- /dev/null +++ b/2017/CVE-2017-18362.md @@ -0,0 +1,17 @@ +### [CVE-2017-18362](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18362) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database. In February 2019, attackers have actively exploited this in the wild to download and execute ransomware payloads on all endpoints managed by the VSA server. If the ManagedIT.asmx page is available via the Kaseya VSA web interface, anyone with access to the page is able to run arbitrary SQL queries, both read and write, without authentication. + +### POC + +#### Reference +- https://github.com/kbni/owlky + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-18594.md b/2017/CVE-2017-18594.md new file mode 100644 index 0000000000..cb62f5be3b --- /dev/null +++ b/2017/CVE-2017-18594.md @@ -0,0 +1,17 @@ +### [CVE-2017-18594](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18594) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \n character to ssh-brute.nse or ssh-auth-methods.nse. + +### POC + +#### Reference +- https://github.com/AMatchandaHaystack/Research/blob/master/Nmap%26libsshDF + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-20004.md b/2017/CVE-2017-20004.md index 66391e649b..9d12c0624b 100644 --- a/2017/CVE-2017-20004.md +++ b/2017/CVE-2017-20004.md @@ -13,5 +13,6 @@ In the standard library in Rust before 1.19.0, there is a synchronization proble No PoCs from references. #### Github +- https://github.com/Qwaz/rust-cve - https://github.com/xxg1413/rust-security diff --git a/2017/CVE-2017-2536.md b/2017/CVE-2017-2536.md index 107e0b86dd..7482165489 100644 --- a/2017/CVE-2017-2536.md +++ b/2017/CVE-2017-2536.md @@ -13,6 +13,7 @@ An issue was discovered in certain Apple products. iOS before 10.3.2 is affected - https://www.exploit-db.com/exploits/42125/ #### Github +- https://github.com/SkyBulk/RealWorldPwn - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/tunz/js-vuln-db - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2017/CVE-2017-2540.md b/2017/CVE-2017-2540.md index 0021665164..5937a9e603 100644 --- a/2017/CVE-2017-2540.md +++ b/2017/CVE-2017-2540.md @@ -13,6 +13,7 @@ An issue was discovered in certain Apple products. macOS before 10.12.5 is affec No PoCs from references. #### Github +- https://github.com/SkyBulk/RealWorldPwn - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/theori-io/zer0con2018_singi - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2017/CVE-2017-2541.md b/2017/CVE-2017-2541.md index 3a8b58ef15..7f1261e0cf 100644 --- a/2017/CVE-2017-2541.md +++ b/2017/CVE-2017-2541.md @@ -13,6 +13,7 @@ An issue was discovered in certain Apple products. macOS before 10.12.5 is affec No PoCs from references. #### Github +- https://github.com/SkyBulk/RealWorldPwn - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/theori-io/zer0con2018_singi - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2017/CVE-2017-2547.md b/2017/CVE-2017-2547.md index d22afa44c8..07a8e0af16 100644 --- a/2017/CVE-2017-2547.md +++ b/2017/CVE-2017-2547.md @@ -14,6 +14,7 @@ An issue was discovered in certain Apple products. iOS before 10.3.2 is affected #### Github - https://github.com/SeaJae/exploitPlayground +- https://github.com/SkyBulk/RealWorldPwn - https://github.com/externalist/exploit_playground - https://github.com/likescam/exploit_playground_lists_androidCVE - https://github.com/qazbnm456/awesome-cve-poc diff --git a/2017/CVE-2017-3167.md b/2017/CVE-2017-3167.md index 6c169e7fe8..3db1271704 100644 --- a/2017/CVE-2017-3167.md +++ b/2017/CVE-2017-3167.md @@ -14,6 +14,7 @@ In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_b #### Github - https://github.com/gyoisamurai/GyoiThon +- https://github.com/jklinges14/Cyber-Security-Final-Project - https://github.com/syadg123/pigat - https://github.com/teamssix/pigat - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough diff --git a/2017/CVE-2017-3241.md b/2017/CVE-2017-3241.md index ae37c273cf..c4d62233cb 100644 --- a/2017/CVE-2017-3241.md +++ b/2017/CVE-2017-3241.md @@ -20,4 +20,5 @@ Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java - https://github.com/gitrobtest/Java-Security - https://github.com/superfish9/pt - https://github.com/xfei3/CVE-2017-3241-POC +- https://github.com/yahoo/cubed diff --git a/2017/CVE-2017-3248.md b/2017/CVE-2017-3248.md index db2d9f744d..c6219ad395 100644 --- a/2017/CVE-2017-3248.md +++ b/2017/CVE-2017-3248.md @@ -16,6 +16,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar #### Github - https://github.com/0xn0ne/weblogicScanner +- https://github.com/Bywalks/WeblogicScan - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/ParrotSec-CN/ParrotSecCN_Community_QQbot @@ -27,6 +28,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/followboy1999/weblogic-deserialization - https://github.com/hanc00l/some_pocsuite - https://github.com/hanc00l/weblogic_unserialize_exploit +- https://github.com/hmoytx/weblogicscan - https://github.com/klausware/Java-Deserialization-Cheat-Sheet - https://github.com/koutto/jok3r-pocs - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet diff --git a/2017/CVE-2017-3260.md b/2017/CVE-2017-3260.md new file mode 100644 index 0000000000..2939cad334 --- /dev/null +++ b/2017/CVE-2017-3260.md @@ -0,0 +1,17 @@ +### [CVE-2017-3260](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3260) +![](https://img.shields.io/static/v1?label=Product&message=Java%20SE&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CVSS%3A3.0%2FAV%3AN%2FAC%3AH%2FPR%3AN%2FUI%3AR%2FS%3AC%2FC%3AH%2FI%3AH%2FA%3AH&color=brighgreen) + +### Description + +Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/yahoo/cubed + diff --git a/2017/CVE-2017-3272.md b/2017/CVE-2017-3272.md new file mode 100644 index 0000000000..2f0b819d84 --- /dev/null +++ b/2017/CVE-2017-3272.md @@ -0,0 +1,18 @@ +### [CVE-2017-3272](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3272) +![](https://img.shields.io/static/v1?label=Product&message=Java%20SE%20Embedded&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Java%20SE&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CVSS%3A3.0%2FAV%3AN%2FAC%3AL%2FPR%3AN%2FUI%3AR%2FS%3AC%2FC%3AH%2FI%3AH%2FA%3AH&color=brighgreen) + +### Description + +Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/yahoo/cubed + diff --git a/2017/CVE-2017-3289.md b/2017/CVE-2017-3289.md index cf0cc86da6..4e95aed223 100644 --- a/2017/CVE-2017-3289.md +++ b/2017/CVE-2017-3289.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/Alexandre-Bartel/jvm-musti +- https://github.com/yahoo/cubed diff --git a/2017/CVE-2017-3506.md b/2017/CVE-2017-3506.md index 22faead8b0..347c8295d6 100644 --- a/2017/CVE-2017-3506.md +++ b/2017/CVE-2017-3506.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/0day666/Vulnerability-verification - https://github.com/0xn0ne/weblogicScanner - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Bywalks/WeblogicScan - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/PalindromeLabs/Java-Deserialization-CVEs @@ -26,8 +27,10 @@ No PoCs from references. - https://github.com/bigblackhat/oFx - https://github.com/bmcculley/CVE-2017-10271 - https://github.com/cross2to/betaseclab_tools +- https://github.com/diggid4ever/Weblogic-XMLDecoder-POC - https://github.com/dr0op/WeblogicScan - https://github.com/fengjixuchui/RedTeamer +- https://github.com/hmoytx/weblogicscan - https://github.com/klausware/Java-Deserialization-Cheat-Sheet - https://github.com/koutto/jok3r-pocs - https://github.com/lonehand/Oracle-WebLogic-CVE-2017-10271-master @@ -35,8 +38,10 @@ No PoCs from references. - https://github.com/nihaohello/N-MiddlewareScan - https://github.com/peterpeter228/Oracle-WebLogic-CVE-2017-10271 - https://github.com/pimps/CVE-2019-2725 +- https://github.com/pwnagelabs/VEF - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/rabbitmask/WeblogicScanLot +- https://github.com/safe6Sec/wlsEnv - https://github.com/superfish9/pt - https://github.com/veo/vscan - https://github.com/whoadmin/pocs diff --git a/2017/CVE-2017-3514.md b/2017/CVE-2017-3514.md new file mode 100644 index 0000000000..2bc7b5c639 --- /dev/null +++ b/2017/CVE-2017-3514.md @@ -0,0 +1,17 @@ +### [CVE-2017-3514](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3514) +![](https://img.shields.io/static/v1?label=Product&message=Java&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20Java%20SE%3A%206u141%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Difficult%20to%20exploit%20vulnerability%20allows%20unauthenticated%20attacker%20with%20network%20access%20via%20multiple%20protocols%20to%20compromise%20Java%20SE.%20%20Successful%20attacks%20require%20human%20interaction%20from%20a%20person%20other%20than%20the%20attacker%20and%20while%20the%20vulnerability%20is%20in%20Java%20SE%2C%20attacks%20may%20significantly%20impact%20additional%20products.%20Successful%20attacks%20of%20this%20vulnerability%20can%20result%20in%20takeover%20of%20Java%20SE.&color=brighgreen) + +### Description + +Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/yahoo/cubed + diff --git a/2017/CVE-2017-4901.md b/2017/CVE-2017-4901.md index 9a0afc045f..220ecb6d8c 100644 --- a/2017/CVE-2017-4901.md +++ b/2017/CVE-2017-4901.md @@ -14,11 +14,18 @@ The drag-and-drop (DnD) function in VMware Workstation 12.x before version 12.5. No PoCs from references. #### Github +- https://github.com/Apri1y/Red-Team-links - https://github.com/BLACKHAT-SSG/Vmware-Exploitation - https://github.com/Echocipher/Resource-list - https://github.com/WinMin/awesome-vm-exploit - https://github.com/hookmaster/frida-all-in-one +- https://github.com/hudunkey/Red-Team-links +- https://github.com/john-80/-007 +- https://github.com/lp008/Hack-readme - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/slimdaddy/RedTeam +- https://github.com/wangsheng123168/123 - https://github.com/xairy/vmware-exploitation - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool diff --git a/2017/CVE-2017-5123.md b/2017/CVE-2017-5123.md index e1c0cc2d18..8391fce242 100644 --- a/2017/CVE-2017-5123.md +++ b/2017/CVE-2017-5123.md @@ -49,6 +49,7 @@ No PoCs from references. - https://github.com/qiantu88/Linux--exp - https://github.com/r0ysue/OSG-TranslationTeam - https://github.com/rakjong/LinuxElevation +- https://github.com/reni2study/Cloud-Native-Security2 - https://github.com/spencerdodd/kernelpop - https://github.com/teawater/CVE-2017-5123 - https://github.com/whiteHat001/Kernel-Security diff --git a/2017/CVE-2017-5244.md b/2017/CVE-2017-5244.md index f51766d521..e3df32d91d 100644 --- a/2017/CVE-2017-5244.md +++ b/2017/CVE-2017-5244.md @@ -13,5 +13,11 @@ Routes used to stop running Metasploit tasks (either particular ones or all task - https://www.seekurity.com/blog/general/metasploit-web-project-kill-all-running-tasks-csrf-CVE-2017-5244/ #### Github +- https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups +- https://github.com/Saidul-M-Khan/Awesome-Bugbounty-Writeups +- https://github.com/ajino2k/Awesome-Bugbounty-Writeups +- https://github.com/blitz-cmd/Bugbounty-writeups +- https://github.com/bot8080/awesomeBugbounty +- https://github.com/deadcyph3r/Awesome-Collection - https://github.com/devanshbatham/Awesome-Bugbounty-Writeups diff --git a/2017/CVE-2017-5375.md b/2017/CVE-2017-5375.md index 6e7c459417..482deb6093 100644 --- a/2017/CVE-2017-5375.md +++ b/2017/CVE-2017-5375.md @@ -19,5 +19,5 @@ JIT code allocation can allow for a bypass of ASLR and DEP protections leading t - https://www.exploit-db.com/exploits/44294/ #### Github -No PoCs found on GitHub currently. +- https://github.com/ZihanYe/web-browser-vulnerabilities diff --git a/2017/CVE-2017-5638.md b/2017/CVE-2017-5638.md index 199b398f8f..171503fa0a 100644 --- a/2017/CVE-2017-5638.md +++ b/2017/CVE-2017-5638.md @@ -26,10 +26,12 @@ The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x be - https://github.com/AndreaOm/awesome-stars - https://github.com/AndreasKl/CVE-2017-5638 - https://github.com/Cyberleet1337/Payloadswebhack +- https://github.com/Delishsploits/PayloadsAndMethodology - https://github.com/DynamicDesignz/Alien-Framework - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/Flyteas/Struts2-045-Exp - https://github.com/Greynad/struts2-jakarta-inject +- https://github.com/GuynnR/Payloads - https://github.com/H0j3n/EzpzCheatSheet - https://github.com/Iletee/struts2-rce - https://github.com/Kaizhe/attacker @@ -37,9 +39,11 @@ The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x be - https://github.com/Masahiro-Yamada/OgnlContentTypeRejectorValve - https://github.com/Muhammd/Awesome-Payloads - https://github.com/NCSU-DANCE-Research-Group/CDL +- https://github.com/Nieuport/PayloadsAllTheThings - https://github.com/PWN-Kingdom/Test_Tasks - https://github.com/PolarisLab/S2-045 - https://github.com/Prodject/Kn0ck +- https://github.com/Pwera/Anchore-Notes - https://github.com/R4v3nBl4ck/Apache-Struts-2-CVE-2017-5638-Exploit- - https://github.com/Ra7mo0on/PayloadsAllTheThings - https://github.com/SexyBeast233/SecBooks @@ -54,6 +58,7 @@ The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x be - https://github.com/andrewkroh/auditbeat-apache-struts-demo - https://github.com/andrysec/PayloadsAllVulnerability - https://github.com/anhtu97/PayloadAllEverything +- https://github.com/apkadmin/PayLoadsAll - https://github.com/aylincetin/PayloadsAllTheThings - https://github.com/bhagdave/CVE-2017-5638 - https://github.com/bibortone/Jexboss @@ -61,6 +66,7 @@ The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x be - https://github.com/c002/Apache-Struts - https://github.com/c002/Java-Application-Exploits - https://github.com/cafnet/apache-struts-v2-CVE-2017-5638 +- https://github.com/chanchalpatra/payload - https://github.com/donaldashdown/Common-Vulnerability-and-Exploit - https://github.com/eeehit/CVE-2017-5638 - https://github.com/eescanilla/Apache-Struts-v3 @@ -71,6 +77,7 @@ The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x be - https://github.com/gmu-swe/rivulet - https://github.com/gobysec/Goby - https://github.com/gsfish/S2-Reaper +- https://github.com/hellochunqiu/PayloadsAllTheThings - https://github.com/hktalent/myhktools - https://github.com/homjxi0e/CVE-2017-5638 - https://github.com/hook-s3c/CVE-2018-11776-Python-PoC @@ -84,6 +91,7 @@ The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x be - https://github.com/jrrdev/cve-2017-5638 - https://github.com/jrrombaldo/CVE-2017-5638 - https://github.com/kk98kk0/Payloads +- https://github.com/ksw9722/PayloadsAllTheThings - https://github.com/kyawthiha7/pentest-methodology - https://github.com/leandrocamposcardoso/CVE-2017-5638-Mass-Exploit - https://github.com/lizhi16/CVE-2017-5638 @@ -93,7 +101,9 @@ The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x be - https://github.com/mcassano/cve-2017-5638 - https://github.com/mike-williams/Struts2Vuln - https://github.com/milkdevil/jexboss +- https://github.com/mrhacker51/ReverseShellCommands - https://github.com/mthbernardes/strutszeiro +- https://github.com/nevidimk0/PayloadsAllTheThings - https://github.com/nightfallai/pii-leak-prevention-guide - https://github.com/nixawk/labs - https://github.com/oktavianto/CVE-2017-5638-Apache-Struts2 @@ -122,14 +132,17 @@ The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x be - https://github.com/sjitech/test_struts2_vulnerability_CVE-2017-5638 - https://github.com/sobinge/--1 - https://github.com/sobinge/PayloadsAllTheThings +- https://github.com/sobinge/PayloadsAllThesobinge - https://github.com/sobinge/nuclei-templates - https://github.com/tahmed11/strutsy +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/trapp3rhat/CVE-shellshock - https://github.com/tsheth/JavaStruts-App-Terraform - https://github.com/unusualwork/Sn1per - https://github.com/wangeradd1/MyPyExploit - https://github.com/whoadmin/pocs - https://github.com/win3zz/CVE-2017-5638 +- https://github.com/winterwolf32/PayloadsAllTheThings - https://github.com/woods-sega/woodswiki - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/xsscx/cve-2017-5638 diff --git a/2017/CVE-2017-5645.md b/2017/CVE-2017-5645.md index 060c61febd..1cc3cc8072 100644 --- a/2017/CVE-2017-5645.md +++ b/2017/CVE-2017-5645.md @@ -25,6 +25,7 @@ No PoCs from references. - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/pimps/CVE-2017-5645 +- https://github.com/shadow-horse/CVE-2019-17571 - https://github.com/thl-cmk/CVE-log4j-check_mk-plugin - https://github.com/woods-sega/woodswiki - https://github.com/zema1/oracle-vuln-crawler diff --git a/2017/CVE-2017-5647.md b/2017/CVE-2017-5647.md new file mode 100644 index 0000000000..97dcc96cde --- /dev/null +++ b/2017/CVE-2017-5647.md @@ -0,0 +1,17 @@ +### [CVE-2017-5647](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647) +![](https://img.shields.io/static/v1?label=Product&message=Apache%20Tomcat&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=unspecified&color=brighgreen) + +### Description + +A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lost when send file processing of the previous request completed. This could result in responses appearing to be sent for the wrong request. For example, a user agent that sent requests A, B and C could see the correct response for request A, the response for request C for request B and no response for request C. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2017/CVE-2017-5648.md b/2017/CVE-2017-5648.md index 46bf1c5ccf..11d30295ec 100644 --- a/2017/CVE-2017-5648.md +++ b/2017/CVE-2017-5648.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/dkiser/vulners-yum-scanner +- https://github.com/ilmari666/cybsec diff --git a/2017/CVE-2017-5650.md b/2017/CVE-2017-5650.md new file mode 100644 index 0000000000..2992b9bf2b --- /dev/null +++ b/2017/CVE-2017-5650.md @@ -0,0 +1,17 @@ +### [CVE-2017-5650](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5650) +![](https://img.shields.io/static/v1?label=Product&message=Apache%20Tomcat&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) + +### Description + +In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handling of an HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection that were currently waiting for a WINDOW_UPDATE before allowing the application to write more data. These waiting streams each consumed a thread. A malicious client could therefore construct a series of HTTP/2 requests that would consume all available processing threads. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2017/CVE-2017-5651.md b/2017/CVE-2017-5651.md new file mode 100644 index 0000000000..0081cfda02 --- /dev/null +++ b/2017/CVE-2017-5651.md @@ -0,0 +1,17 @@ +### [CVE-2017-5651](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5651) +![](https://img.shields.io/static/v1?label=Product&message=Apache%20Tomcat&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) + +### Description + +In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in the same Processor being used for multiple requests which in turn could lead to unexpected errors and/or response mix-up. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2017/CVE-2017-5664.md b/2017/CVE-2017-5664.md index 5f2f1d104a..2aca2191cb 100644 --- a/2017/CVE-2017-5664.md +++ b/2017/CVE-2017-5664.md @@ -14,4 +14,5 @@ The error page mechanism of the Java Servlet Specification requires that, when a #### Github - https://github.com/dkiser/vulners-yum-scanner +- https://github.com/ilmari666/cybsec diff --git a/2017/CVE-2017-5929.md b/2017/CVE-2017-5929.md index 382ed53518..373d3967e4 100644 --- a/2017/CVE-2017-5929.md +++ b/2017/CVE-2017-5929.md @@ -15,4 +15,6 @@ No PoCs from references. #### Github - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/fergarrui/exploits +- https://github.com/ilmari666/cybsec +- https://github.com/yahoo/cubed diff --git a/2017/CVE-2017-5941.md b/2017/CVE-2017-5941.md index 33aa5e8e7c..bdcf77d1b2 100644 --- a/2017/CVE-2017-5941.md +++ b/2017/CVE-2017-5941.md @@ -14,5 +14,5 @@ An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrust - http://packetstormsecurity.com/files/163222/Node.JS-Remote-Code-Execution.html #### Github -No PoCs found on GitHub currently. +- https://github.com/gitaalekhyapaul/vuln-app diff --git a/2017/CVE-2017-6817.md b/2017/CVE-2017-6817.md index c4f583b372..b9e9b85d92 100644 --- a/2017/CVE-2017-6817.md +++ b/2017/CVE-2017-6817.md @@ -19,6 +19,7 @@ No PoCs from references. - https://github.com/alexanderkoz/Web-Security-Week-7-Project-WordPress-vs.-Kali - https://github.com/and-aleksandrov/wordpress - https://github.com/breindy/Week7-WordPress-Pentesting +- https://github.com/christiancastro1/Codepath-Week-7-8-Assignement - https://github.com/drsh0x2/WebSec-Week7 - https://github.com/ftruncale/Codepath-Week-7 - https://github.com/hughiednguyen/cybersec_kali_vs_old_wp_p7 @@ -27,6 +28,7 @@ No PoCs from references. - https://github.com/krushang598/Cybersecurity-Week-7-and-8 - https://github.com/natlarks/Week7-WordPressPentesting - https://github.com/oleksandrbi/CodePathweek7 +- https://github.com/pshrest001/Week-7-and-8-Codepath - https://github.com/sammanthp007/WordPress-Pentesting - https://github.com/smfils1/Cybersecurity-WordPress-Pentesting - https://github.com/zyeri/wordpress-pentesting diff --git a/2017/CVE-2017-6836.md b/2017/CVE-2017-6836.md index 8485730bd1..69caa0c1cd 100644 --- a/2017/CVE-2017-6836.md +++ b/2017/CVE-2017-6836.md @@ -11,6 +11,7 @@ Heap-based buffer overflow in the Expand3To4Module::run function in libaudiofile #### Reference - https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-expand3to4modulerun-simplemodule-h/ +- https://github.com/mpruett/audiofile/issues/40 #### Github - https://github.com/andir/nixos-issue-db-example diff --git a/2017/CVE-2017-6914.md b/2017/CVE-2017-6914.md index 52c57ae4b4..0a09914d4c 100644 --- a/2017/CVE-2017-6914.md +++ b/2017/CVE-2017-6914.md @@ -10,6 +10,7 @@ CSRF exists in BigTree CMS 4.1.18 and 4.2.16 with the id parameter to the admin/ ### POC #### Reference +- https://github.com/bigtreecms/BigTree-CMS/files/843734/BigTree.-.Multiple.Issue.of.CSRF.that.could.Illegally.Few.Data.Changes.v02.pdf - https://github.com/bigtreecms/BigTree-CMS/issues/275 #### Github diff --git a/2017/CVE-2017-6915.md b/2017/CVE-2017-6915.md index 2fbe6d3fa3..f695786813 100644 --- a/2017/CVE-2017-6915.md +++ b/2017/CVE-2017-6915.md @@ -10,6 +10,7 @@ CSRF exists in BigTree CMS 4.1.18 with the colophon parameter to the admin/setti ### POC #### Reference +- https://github.com/bigtreecms/BigTree-CMS/files/843734/BigTree.-.Multiple.Issue.of.CSRF.that.could.Illegally.Few.Data.Changes.v02.pdf - https://github.com/bigtreecms/BigTree-CMS/issues/275 #### Github diff --git a/2017/CVE-2017-6916.md b/2017/CVE-2017-6916.md index 12593514e5..6f51243b92 100644 --- a/2017/CVE-2017-6916.md +++ b/2017/CVE-2017-6916.md @@ -10,6 +10,7 @@ CSRF exists in BigTree CMS 4.1.18 with the nav-social[#] parameter to the admin/ ### POC #### Reference +- https://github.com/bigtreecms/BigTree-CMS/files/843734/BigTree.-.Multiple.Issue.of.CSRF.that.could.Illegally.Few.Data.Changes.v02.pdf - https://github.com/bigtreecms/BigTree-CMS/issues/275 #### Github diff --git a/2017/CVE-2017-6917.md b/2017/CVE-2017-6917.md index 38edadc80d..928ff09b3b 100644 --- a/2017/CVE-2017-6917.md +++ b/2017/CVE-2017-6917.md @@ -10,6 +10,7 @@ CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admin/settings ### POC #### Reference +- https://github.com/bigtreecms/BigTree-CMS/files/843734/BigTree.-.Multiple.Issue.of.CSRF.that.could.Illegally.Few.Data.Changes.v02.pdf - https://github.com/bigtreecms/BigTree-CMS/issues/275 #### Github diff --git a/2017/CVE-2017-6918.md b/2017/CVE-2017-6918.md index aa1f73ea8a..cb3950e4ca 100644 --- a/2017/CVE-2017-6918.md +++ b/2017/CVE-2017-6918.md @@ -10,6 +10,7 @@ CSRF exists in BigTree CMS 4.2.16 with the value[#][*] parameter to the admin/se ### POC #### Reference +- https://github.com/bigtreecms/BigTree-CMS/files/843734/BigTree.-.Multiple.Issue.of.CSRF.that.could.Illegally.Few.Data.Changes.v02.pdf - https://github.com/bigtreecms/BigTree-CMS/issues/275 #### Github diff --git a/2017/CVE-2017-7199.md b/2017/CVE-2017-7199.md index 5c6ef0503b..9c0acc126a 100644 --- a/2017/CVE-2017-7199.md +++ b/2017/CVE-2017-7199.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/rasta-mouse/Sherlock +- https://github.com/x3419/Penrose diff --git a/2017/CVE-2017-7233.md b/2017/CVE-2017-7233.md index 07ea7b72a1..bc8e3b3cad 100644 --- a/2017/CVE-2017-7233.md +++ b/2017/CVE-2017-7233.md @@ -13,5 +13,6 @@ Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on us No PoCs from references. #### Github +- https://github.com/Crossroadsman/treehouse-techdegree-python-project9 - https://github.com/leoChristofoli/CRUD-170406 diff --git a/2017/CVE-2017-7234.md b/2017/CVE-2017-7234.md index 1d01491f00..8ddfef57b6 100644 --- a/2017/CVE-2017-7234.md +++ b/2017/CVE-2017-7234.md @@ -13,5 +13,6 @@ A maliciously crafted URL to a Django (1.10 before 1.10.7, 1.9 before 1.9.13, an No PoCs from references. #### Github +- https://github.com/Crossroadsman/treehouse-techdegree-python-project9 - https://github.com/leoChristofoli/CRUD-170406 diff --git a/2017/CVE-2017-7269.md b/2017/CVE-2017-7269.md index 90c0c338b7..0b709da40e 100644 --- a/2017/CVE-2017-7269.md +++ b/2017/CVE-2017-7269.md @@ -22,6 +22,7 @@ Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in In - https://github.com/CnHack3r/Penetration_PoC - https://github.com/DynamicDesignz/Alien-Framework - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/FDlucifer/firece-fish - https://github.com/H0j3n/EzpzCheatSheet - https://github.com/HacTF/poc--exp - https://github.com/Mr-xn/Penetration_Testing_POC @@ -31,6 +32,7 @@ Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in In - https://github.com/admintony/CollectionOfExp - https://github.com/amcai/myscan - https://github.com/caicai1355/CVE-2017-7269-exploit +- https://github.com/chalern/Pentest-Tools - https://github.com/danigargu/explodingcan - https://github.com/dayaramb/dayaramb.github.io - https://github.com/dmmcoco/explodingcan-checker @@ -42,6 +44,7 @@ Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in In - https://github.com/homjxi0e/cve-2017-7269 - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/jaychouzzk/- - https://github.com/jrrombaldo/CVE-2017-7269 - https://github.com/lcatro/CVE-2017-7269-Echo-PoC - https://github.com/morkin1792/security-tests diff --git a/2017/CVE-2017-7308.md b/2017/CVE-2017-7308.md index 0c0db421f6..881eda4a2d 100644 --- a/2017/CVE-2017-7308.md +++ b/2017/CVE-2017-7308.md @@ -25,6 +25,7 @@ The packet_set_ring function in net/packet/af_packet.c in the Linux kernel throu - https://github.com/R0B1NL1N/Linux-Kernal-Exploits-m- - https://github.com/R0B1NL1N/Linux-Kernel-Exploites - https://github.com/R0B1NL1N/linux-kernel-exploitation +- https://github.com/RLee063/RLee063 - https://github.com/SecWiki/linux-kernel-exploits - https://github.com/Shadowshusky/linux-kernel-exploits - https://github.com/Singlea-lyh/linux-kernel-exploits diff --git a/2017/CVE-2017-7317.md b/2017/CVE-2017-7317.md index f56f0fc9ea..95cffaf75c 100644 --- a/2017/CVE-2017-7317.md +++ b/2017/CVE-2017-7317.md @@ -13,5 +13,5 @@ An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can f - http://seclists.org/fulldisclosure/2017/Jun/45 #### Github -No PoCs found on GitHub currently. +- https://github.com/V1n1v131r4/HGB10R-2 diff --git a/2017/CVE-2017-7475.md b/2017/CVE-2017-7475.md index ba4a87996d..dcfaaf96e8 100644 --- a/2017/CVE-2017-7475.md +++ b/2017/CVE-2017-7475.md @@ -13,5 +13,6 @@ Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the - https://bugs.freedesktop.org/show_bug.cgi?id=100763 #### Github +- https://github.com/facebookincubator/meta-fbvuln - https://github.com/mrash/afl-cve diff --git a/2017/CVE-2017-7494.md b/2017/CVE-2017-7494.md index fcd0c05df4..8e602ab5ac 100644 --- a/2017/CVE-2017-7494.md +++ b/2017/CVE-2017-7494.md @@ -36,6 +36,7 @@ Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to r - https://github.com/QChiLan/linux-exp - https://github.com/R0B1NL1N/Linux-Kernal-Exploits-m- - https://github.com/R0B1NL1N/Linux-Kernel-Exploites +- https://github.com/RyanNgCT/EH-Assignment - https://github.com/S3cur3Th1sSh1t/Pentest-Tools - https://github.com/SecWiki/linux-kernel-exploits - https://github.com/Sep0lkit/el5-ELS @@ -75,6 +76,7 @@ Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to r - https://github.com/incredible1yu/CVE-2017-7494 - https://github.com/infosecmahi/AWeSome_Pentest - https://github.com/infosecmahi/awesome-pentest +- https://github.com/jklinges14/Cyber-Security-Final-Project - https://github.com/joxeankoret/CVE-2017-7494 - https://github.com/kumardineshwar/linux-kernel-exploits - https://github.com/lolici123/ScriptsAndCommands @@ -96,11 +98,13 @@ Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to r - https://github.com/rikosintie/nmap-python - https://github.com/roninAPT/pentest-kit - https://github.com/seaunderwater/MHN-Honeypots +- https://github.com/severnake/Pentest-Tools - https://github.com/severnake/awesome-pentest - https://github.com/sgxguru/awesome-pentest - https://github.com/shayezkarim/pentest - https://github.com/taielab/awesome-hacking-lists - https://github.com/thanshurc/awesome-pentest +- https://github.com/the-aerospace-corporation/counter-reconnaissance-program - https://github.com/theyoge/AD-Pentesting-Tools - https://github.com/val922/cyb3r53cur1ty - https://github.com/valarauco/wannafind diff --git a/2017/CVE-2017-7504.md b/2017/CVE-2017-7504.md index 51cb74d8d8..7a390b9e37 100644 --- a/2017/CVE-2017-7504.md +++ b/2017/CVE-2017-7504.md @@ -25,5 +25,6 @@ No PoCs from references. - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/r0eXpeR/redteam_vul +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2017/CVE-2017-7525.md b/2017/CVE-2017-7525.md index 9f86cb53ce..f17716819b 100644 --- a/2017/CVE-2017-7525.md +++ b/2017/CVE-2017-7525.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/CatalanCabbage/king-of-pop - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/GrrrDog/ZeroNights-WebVillage-2017 - https://github.com/Nazicc/S2-055 @@ -23,8 +24,10 @@ No PoCs from references. - https://github.com/SexyBeast233/SecBooks - https://github.com/SugarP1g/LearningSecurity - https://github.com/dotanuki-labs/android-oss-cves-research +- https://github.com/galimba/Jackson-deserialization-PoC - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/hktalent/myhktools +- https://github.com/ilmari666/cybsec - https://github.com/ilmila/J2EEScan - https://github.com/irsl/jackson-rce-via-spel - https://github.com/klarna/kco_rest_java @@ -38,5 +41,6 @@ No PoCs from references. - https://github.com/taielab/awesome-hacking-lists - https://github.com/woods-sega/woodswiki - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/yahoo/cubed - https://github.com/zema1/oracle-vuln-crawler diff --git a/2017/CVE-2017-7529.md b/2017/CVE-2017-7529.md index 4f1b36d365..7011fbf798 100644 --- a/2017/CVE-2017-7529.md +++ b/2017/CVE-2017-7529.md @@ -29,6 +29,7 @@ No PoCs from references. - https://github.com/nihaohello/N-MiddlewareScan - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/woods-sega/woodswiki - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/y1ng1996/w8scan diff --git a/2017/CVE-2017-7536.md b/2017/CVE-2017-7536.md new file mode 100644 index 0000000000..5da65c365d --- /dev/null +++ b/2017/CVE-2017-7536.md @@ -0,0 +1,17 @@ +### [CVE-2017-7536](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7536) +![](https://img.shields.io/static/v1?label=Product&message=hibernate-validator&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-592&color=brighgreen) + +### Description + +In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2017/CVE-2017-7614.md b/2017/CVE-2017-7614.md index 5638205009..69bba528af 100644 --- a/2017/CVE-2017-7614.md +++ b/2017/CVE-2017-7614.md @@ -13,6 +13,7 @@ elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distribut No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers diff --git a/2017/CVE-2017-7657.md b/2017/CVE-2017-7657.md new file mode 100644 index 0000000000..2184fb66b9 --- /dev/null +++ b/2017/CVE-2017-7657.md @@ -0,0 +1,17 @@ +### [CVE-2017-7657](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7657) +![](https://img.shields.io/static/v1?label=Product&message=Eclipse%20Jetty&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%209.2.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-444%3A%20Inconsistent%20Interpretation%20of%20HTTP%20Requests%20('HTTP%20Request%20Smuggling')&color=brighgreen) + +### Description + +In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/yahoo/cubed + diff --git a/2017/CVE-2017-7658.md b/2017/CVE-2017-7658.md new file mode 100644 index 0000000000..dcce0857ef --- /dev/null +++ b/2017/CVE-2017-7658.md @@ -0,0 +1,17 @@ +### [CVE-2017-7658](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658) +![](https://img.shields.io/static/v1?label=Product&message=Eclipse%20Jetty&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%209.2.25%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-444%3A%20Inconsistent%20Interpretation%20of%20HTTP%20Requests%20('HTTP%20Request%20Smuggling')&color=brighgreen) + +### Description + +In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/yahoo/cubed + diff --git a/2017/CVE-2017-7674.md b/2017/CVE-2017-7674.md new file mode 100644 index 0000000000..f03ce52e6d --- /dev/null +++ b/2017/CVE-2017-7674.md @@ -0,0 +1,17 @@ +### [CVE-2017-7674](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674) +![](https://img.shields.io/static/v1?label=Product&message=Apache%20Tomcat&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Cache%20Poisoning&color=brighgreen) + +### Description + +The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2017/CVE-2017-7675.md b/2017/CVE-2017-7675.md new file mode 100644 index 0000000000..7dc6a6fb28 --- /dev/null +++ b/2017/CVE-2017-7675.md @@ -0,0 +1,17 @@ +### [CVE-2017-7675](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7675) +![](https://img.shields.io/static/v1?label=Product&message=Apache%20Tomcat&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) + +### Description + +The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and 8.5.0 to 8.5.15 bypassed a number of security checks that prevented directory traversal attacks. It was therefore possible to bypass security constraints using a specially crafted URL. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2017/CVE-2017-7784.md b/2017/CVE-2017-7784.md new file mode 100644 index 0000000000..2151b078ae --- /dev/null +++ b/2017/CVE-2017-7784.md @@ -0,0 +1,17 @@ +### [CVE-2017-7784](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ZihanYe/web-browser-vulnerabilities + diff --git a/2017/CVE-2017-7828.md b/2017/CVE-2017-7828.md new file mode 100644 index 0000000000..74002876f8 --- /dev/null +++ b/2017/CVE-2017-7828.md @@ -0,0 +1,20 @@ +### [CVE-2017-7828](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7828) +![](https://img.shields.io/static/v1?label=Product&message=Firefox%20ESR&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Firefox&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Thunderbird&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2052.5%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2057%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use-after-free%20of%20PressShell%20while%20restyling%20layout&color=brighgreen) + +### Description + +A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in use. This results in a potentially exploitable crash during these operations. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ZihanYe/web-browser-vulnerabilities + diff --git a/2017/CVE-2017-8046.md b/2017/CVE-2017-8046.md index 8b647e9bd0..2f34911c0b 100644 --- a/2017/CVE-2017-8046.md +++ b/2017/CVE-2017-8046.md @@ -19,6 +19,7 @@ Malicious PATCH requests submitted to servers using Spring Data REST versions pr - https://github.com/SexyBeast233/SecBooks - https://github.com/Soontao/CVE-2017-8046-DEMO - https://github.com/holisticon/hack-yourself +- https://github.com/ilmari666/cybsec - https://github.com/ilmila/J2EEScan - https://github.com/jkutner/spring-break-cve-2017-8046 - https://github.com/m3ssap0/SpringBreakVulnerableApp diff --git a/2017/CVE-2017-8421.md b/2017/CVE-2017-8421.md index 8552644e3d..5300cc7e8f 100644 --- a/2017/CVE-2017-8421.md +++ b/2017/CVE-2017-8421.md @@ -13,6 +13,7 @@ The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BF No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers diff --git a/2017/CVE-2017-8464.md b/2017/CVE-2017-8464.md index 37db0128cc..e6780b5333 100644 --- a/2017/CVE-2017-8464.md +++ b/2017/CVE-2017-8464.md @@ -16,6 +16,7 @@ Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Wi #### Github - https://github.com/3gstudent/CVE-2017-8464-EXP - https://github.com/Al1ex/WindowsElevation +- https://github.com/Apri1y/Red-Team-links - https://github.com/Ascotbe/Kernelhub - https://github.com/B-coder-code/Bill - https://github.com/Echocipher/Resource-list @@ -43,8 +44,11 @@ Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Wi - https://github.com/fei9747/WindowsElevation - https://github.com/fortify24x7/FuzzySecurity-PowerShell-Suite - https://github.com/geeksniper/windows-privilege-escalation +- https://github.com/hudunkey/Red-Team-links +- https://github.com/john-80/-007 - https://github.com/klsfct/getshell - https://github.com/likescam/Red-Teaming-Toolkit_all_pentests +- https://github.com/lp008/Hack-readme - https://github.com/m0mkris/windows-kernel-exploits - https://github.com/mishmashclone/SecWiki-windows-kernel-exploits - https://github.com/n8v79a/exploit @@ -62,10 +66,12 @@ Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Wi - https://github.com/safesword/WindowsExp - https://github.com/securifybv/ShellLink - https://github.com/shakenetwork/PowerShell-Suite +- https://github.com/slimdaddy/RedTeam - https://github.com/valentinoJones/Windows-Kernel-Exploits - https://github.com/welove88888/cve - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/xfinest/windows-kernel-exploits +- https://github.com/xiaoZ-hc/redtool - https://github.com/xiaoy-sec/Pentest_Note - https://github.com/xssfile/CVE-2017-8464-EXP - https://github.com/xssfile/windows-kernel-exploits diff --git a/2017/CVE-2017-8514.md b/2017/CVE-2017-8514.md index 89e70db016..35c9f7a2d3 100644 --- a/2017/CVE-2017-8514.md +++ b/2017/CVE-2017-8514.md @@ -13,6 +13,12 @@ An information disclosure vulnerability exists when Microsoft SharePoint softwar No PoCs from references. #### Github +- https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups +- https://github.com/Saidul-M-Khan/Awesome-Bugbounty-Writeups +- https://github.com/ajino2k/Awesome-Bugbounty-Writeups +- https://github.com/blitz-cmd/Bugbounty-writeups +- https://github.com/bot8080/awesomeBugbounty +- https://github.com/deadcyph3r/Awesome-Collection - https://github.com/devanshbatham/Awesome-Bugbounty-Writeups - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2017/CVE-2017-8565.md b/2017/CVE-2017-8565.md index ebc05c5d8b..69937e7ba5 100644 --- a/2017/CVE-2017-8565.md +++ b/2017/CVE-2017-8565.md @@ -13,6 +13,7 @@ Windows PowerShell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows No PoCs from references. #### Github +- https://github.com/NHPT/ysoserial.net - https://github.com/cyberheartmi9/ysoserial.net - https://github.com/incredibleindishell/ysoserial.net-complied - https://github.com/pwntester/ysoserial.net diff --git a/2017/CVE-2017-8570.md b/2017/CVE-2017-8570.md index 18e9293e96..915b672f1b 100644 --- a/2017/CVE-2017-8570.md +++ b/2017/CVE-2017-8570.md @@ -13,6 +13,7 @@ Microsoft Office allows a remote code execution vulnerability due to the way tha No PoCs from references. #### Github +- https://github.com/Apri1y/Red-Team-links - https://github.com/CrackerCat/Kernel-Security-Development - https://github.com/Echocipher/Resource-list - https://github.com/ExpLife0011/awesome-windows-kernel-security-development @@ -26,9 +27,12 @@ No PoCs from references. - https://github.com/gold1029/Red-Teaming-Toolkit - https://github.com/houjingyi233/office-exploit-case-study - https://github.com/howknows/awesome-windows-security-development +- https://github.com/hudunkey/Red-Team-links +- https://github.com/john-80/-007 - https://github.com/likescam/Red-Teaming-Toolkit - https://github.com/likescam/Red-Teaming-Toolkit_all_pentests - https://github.com/liuhe3647/Windows +- https://github.com/lp008/Hack-readme - https://github.com/mucahittopal/Pentesting-Pratic-Notes - https://github.com/nccgroup/CVE-2017-8759 - https://github.com/nitishbadole/pentesting_Notes @@ -38,7 +42,9 @@ No PoCs from references. - https://github.com/qiantu88/office-cve - https://github.com/rxwx/CVE-2017-8570 - https://github.com/shr3ddersec/Shr3dKit +- https://github.com/slimdaddy/RedTeam - https://github.com/temesgeny/ppsx-file-generator - https://github.com/tezukanice/Office8570 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool diff --git a/2017/CVE-2017-8625.md b/2017/CVE-2017-8625.md index 1c41dada2b..409c5f4452 100644 --- a/2017/CVE-2017-8625.md +++ b/2017/CVE-2017-8625.md @@ -34,6 +34,7 @@ Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 - https://github.com/aymankhder/PENTESTING-BIBLE2 - https://github.com/bjknbrrr/PENTESTING-BIBLE - https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE +- https://github.com/bohops/UltimateWDACBypassList - https://github.com/codereveryday/Programming-Hacking-Resources - https://github.com/erSubhashThapa/pentest-bible - https://github.com/gacontuyenchien1/Security diff --git a/2017/CVE-2017-8715.md b/2017/CVE-2017-8715.md index 475ed321b5..d7ba2ac7bf 100644 --- a/2017/CVE-2017-8715.md +++ b/2017/CVE-2017-8715.md @@ -25,6 +25,7 @@ No PoCs from references. - https://github.com/aymankhder/PENTESTING-BIBLE2 - https://github.com/bjknbrrr/PENTESTING-BIBLE - https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE +- https://github.com/bohops/UltimateWDACBypassList - https://github.com/codereveryday/Programming-Hacking-Resources - https://github.com/erSubhashThapa/pentest-bible - https://github.com/gacontuyenchien1/Security diff --git a/2017/CVE-2017-8759.md b/2017/CVE-2017-8759.md index 398d38f05e..6698add55f 100644 --- a/2017/CVE-2017-8759.md +++ b/2017/CVE-2017-8759.md @@ -13,8 +13,10 @@ Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow - https://www.exploit-db.com/exploits/42711/ #### Github +- https://github.com/Apri1y/Red-Team-links - https://github.com/BasuCert/CVE-2017-8759 - https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections +- https://github.com/CyberSift/CyberSift-Alerts - https://github.com/Echocipher/Resource-list - https://github.com/FlatL1neAPT/MS-Office - https://github.com/GitHubAssessments/CVE_Assessments_01_2020 @@ -30,8 +32,10 @@ Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow - https://github.com/gold1029/Red-Teaming-Toolkit - https://github.com/homjxi0e/CVE-2017-8759_-SOAP_WSDL - https://github.com/houjingyi233/office-exploit-case-study +- https://github.com/hudunkey/Red-Team-links - https://github.com/iwarsong/apt - https://github.com/jacobsoo/RTF-Cleaner +- https://github.com/john-80/-007 - https://github.com/jvdroit/APT_CyberCriminal_Campagin_Collections - https://github.com/kbandla/APTnotes - https://github.com/l0n3rs/CVE-2017-8759 @@ -39,6 +43,7 @@ Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow - https://github.com/likescam/CyberMonitor-APT_CyberCriminal_Campagin_Collections - https://github.com/likescam/Red-Teaming-Toolkit - https://github.com/likescam/Red-Teaming-Toolkit_all_pentests +- https://github.com/lp008/Hack-readme - https://github.com/mucahittopal/Pentesting-Pratic-Notes - https://github.com/nccgroup/CVE-2017-8759 - https://github.com/nitishbadole/pentesting_Notes @@ -47,8 +52,10 @@ Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow - https://github.com/qiantu88/office-cve - https://github.com/r3p3r/yeyintminthuhtut-Awesome-Red-Teaming - https://github.com/shr3ddersec/Shr3dKit +- https://github.com/slimdaddy/RedTeam - https://github.com/sumas/APT_CyberCriminal_Campagin_Collections - https://github.com/vysecurity/CVE-2017-8759 - https://github.com/willyb321/willyb321-stars - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool diff --git a/2017/CVE-2017-9224.md b/2017/CVE-2017-9224.md new file mode 100644 index 0000000000..786309c526 --- /dev/null +++ b/2017/CVE-2017-9224.md @@ -0,0 +1,17 @@ +### [CVE-2017-9224](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9224) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error involving order of validation and access in match_at() could result in an out-of-bounds read from a stack buffer. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/onivim/esy-oniguruma + diff --git a/2017/CVE-2017-9225.md b/2017/CVE-2017-9225.md new file mode 100644 index 0000000000..2efe7a0f19 --- /dev/null +++ b/2017/CVE-2017-9225.md @@ -0,0 +1,17 @@ +### [CVE-2017-9225](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9225) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds write in onigenc_unicode_get_case_fold_codes_by_str() occurs during regular expression compilation. Code point 0xFFFFFFFF is not properly handled in unicode_unfold_key(). A malformed regular expression could result in 4 bytes being written off the end of a stack buffer of expand_case_fold_string() during the call to onigenc_unicode_get_case_fold_codes_by_str(), a typical stack buffer overflow. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/onivim/esy-oniguruma + diff --git a/2017/CVE-2017-9226.md b/2017/CVE-2017-9226.md new file mode 100644 index 0000000000..7a043484b6 --- /dev/null +++ b/2017/CVE-2017-9226.md @@ -0,0 +1,17 @@ +### [CVE-2017-9226](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9226) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of '\700' would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/onivim/esy-oniguruma + diff --git a/2017/CVE-2017-9227.md b/2017/CVE-2017-9227.md new file mode 100644 index 0000000000..4be3429447 --- /dev/null +++ b/2017/CVE-2017-9227.md @@ -0,0 +1,17 @@ +### [CVE-2017-9227](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9227) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching. Invalid handling of reg->dmin in forward_search_range() could result in an invalid pointer dereference, as an out-of-bounds read from a stack buffer. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/onivim/esy-oniguruma + diff --git a/2017/CVE-2017-9228.md b/2017/CVE-2017-9228.md new file mode 100644 index 0000000000..cce930cbf4 --- /dev/null +++ b/2017/CVE-2017-9228.md @@ -0,0 +1,17 @@ +### [CVE-2017-9228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9228) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitset_set_range() during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect state transition in parse_char_class() could create an execution path that leaves a critical local variable uninitialized until it's used as an index, resulting in an out-of-bounds write memory corruption. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/onivim/esy-oniguruma + diff --git a/2017/CVE-2017-9229.md b/2017/CVE-2017-9229.md new file mode 100644 index 0000000000..cd80932b5f --- /dev/null +++ b/2017/CVE-2017-9229.md @@ -0,0 +1,17 @@ +### [CVE-2017-9229](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9229) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg->dmax in forward_search_range() could result in an invalid pointer dereference, normally as an immediate denial-of-service condition. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/onivim/esy-oniguruma + diff --git a/2017/CVE-2017-9304.md b/2017/CVE-2017-9304.md new file mode 100644 index 0000000000..91d146fbe4 --- /dev/null +++ b/2017/CVE-2017-9304.md @@ -0,0 +1,18 @@ +### [CVE-2017-9304](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9304) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule that is mishandled in the _yr_re_emit function. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark + diff --git a/2017/CVE-2017-9438.md b/2017/CVE-2017-9438.md new file mode 100644 index 0000000000..b57c875edc --- /dev/null +++ b/2017/CVE-2017-9438.md @@ -0,0 +1,18 @@ +### [CVE-2017-9438](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9438) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule (involving hex strings) that is mishandled in the _yr_re_emit function, a different vulnerability than CVE-2017-9304. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark + diff --git a/2017/CVE-2017-9506.md b/2017/CVE-2017-9506.md index fc3b3b2b92..74d95df1b6 100644 --- a/2017/CVE-2017-9506.md +++ b/2017/CVE-2017-9506.md @@ -13,9 +13,11 @@ The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before versi - https://ecosystem.atlassian.net/browse/OAUTH-344 #### Github +- https://github.com/0x48piraj/Jiraffe - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/assetnote/blind-ssrf-chains - https://github.com/random-robbie/Jira-Scan - https://github.com/sobinge/nuclei-templates +- https://github.com/sushantdhopat/JIRA_testing diff --git a/2017/CVE-2017-9791.md b/2017/CVE-2017-9791.md index 0a24a4ef7b..39e20cb3d1 100644 --- a/2017/CVE-2017-9791.md +++ b/2017/CVE-2017-9791.md @@ -24,6 +24,7 @@ The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code exe - https://github.com/atdpa4sw0rd/Experience-library - https://github.com/binfed/cms-exp - https://github.com/copperfieldd/CMS-Hunter +- https://github.com/djschleen/ash - https://github.com/dragoneeg/Struts2-048 - https://github.com/hktalent/myhktools - https://github.com/jas502n/st2-048 @@ -32,6 +33,7 @@ The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code exe - https://github.com/oneplus-x/MS17-010 - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/shuanx/vulnerability +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/woods-sega/woodswiki - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/xfer0/CVE-2017-9791 diff --git a/2017/CVE-2017-9805.md b/2017/CVE-2017-9805.md index ed9fedcc53..f28b25def5 100644 --- a/2017/CVE-2017-9805.md +++ b/2017/CVE-2017-9805.md @@ -20,14 +20,17 @@ The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x bef - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/BeyondCy/S2-052 - https://github.com/Cyberleet1337/Payloadswebhack +- https://github.com/Delishsploits/PayloadsAndMethodology - https://github.com/DynamicDesignz/Alien-Framework - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet +- https://github.com/GuynnR/Payloads - https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups - https://github.com/Jean-Francois-C/Windows-Penetration-Testing - https://github.com/LearnGolang/LearnGolang - https://github.com/Lone-Ranger/apache-struts-pwn_CVE-2017-9805 - https://github.com/Muhammd/Awesome-Payloads +- https://github.com/Nieuport/PayloadsAllTheThings - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/Prodject/Kn0ck - https://github.com/Ra7mo0on/PayloadsAllTheThings @@ -39,20 +42,26 @@ The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x bef - https://github.com/albinowax/ActiveScanPlusPlus - https://github.com/andrysec/PayloadsAllVulnerability - https://github.com/anhtu97/PayloadAllEverything +- https://github.com/apkadmin/PayLoadsAll - https://github.com/aylincetin/PayloadsAllTheThings +- https://github.com/chanchalpatra/payload - https://github.com/chrisjd20/cve-2017-9805.py - https://github.com/cyjaysun/S2-052 - https://github.com/digitalencoding/HHC2017 - https://github.com/freddyfernando/News - https://github.com/hahwul/struts2-rce-cve-2017-9805-ruby +- https://github.com/hellochunqiu/PayloadsAllTheThings - https://github.com/hktalent/myhktools - https://github.com/khodges42/Etrata - https://github.com/kk98kk0/Payloads - https://github.com/klausware/Java-Deserialization-Cheat-Sheet - https://github.com/koutto/jok3r-pocs +- https://github.com/ksw9722/PayloadsAllTheThings - https://github.com/luc10/struts-rce-cve-2017-9805 - https://github.com/mazen160/struts-pwn_CVE-2017-9805 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +- https://github.com/mrhacker51/ReverseShellCommands +- https://github.com/nevidimk0/PayloadsAllTheThings - https://github.com/oneplus-x/Sn1per - https://github.com/ozkanbilge/Payloads - https://github.com/qazbnm456/awesome-cve-poc @@ -60,9 +69,12 @@ The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x bef - https://github.com/samba234/Sniper - https://github.com/sobinge/--1 - https://github.com/sobinge/PayloadsAllTheThings +- https://github.com/sobinge/PayloadsAllThesobinge +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/unusualwork/Sn1per - https://github.com/vitapluvia/hhc-writeup-2017 - https://github.com/whoadmin/pocs +- https://github.com/winterwolf32/PayloadsAllTheThings - https://github.com/woods-sega/woodswiki - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2017/CVE-2017-9822.md b/2017/CVE-2017-9822.md index f74c350586..88696d9173 100644 --- a/2017/CVE-2017-9822.md +++ b/2017/CVE-2017-9822.md @@ -16,6 +16,7 @@ DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2 #### Github - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Jean-Francois-C/Windows-Penetration-Testing +- https://github.com/NHPT/ysoserial.net - https://github.com/incredibleindishell/ysoserial.net-complied - https://github.com/murataydemir/CVE-2017-9822 - https://github.com/pwntester/ysoserial.net diff --git a/2018/CVE-2018-0114.md b/2018/CVE-2018-0114.md index 136b47a671..ceb5fc1338 100644 --- a/2018/CVE-2018-0114.md +++ b/2018/CVE-2018-0114.md @@ -20,7 +20,9 @@ A vulnerability in the Cisco node-jose open source library before 0.11.0 could a - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/mishmashclone/ticarpi-jwt_tool - https://github.com/pinnace/burp-jwt-fuzzhelper-extension +- https://github.com/puckiestyle/jwt_tool - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/scumdestroy/pentest-scripts-for-dangerous-boys - https://github.com/ticarpi/jwt_tool - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/zi0Black/POC-CVE-2018-0114 diff --git a/2018/CVE-2018-0296.md b/2018/CVE-2018-0296.md index 4b0832298a..80afa24f11 100644 --- a/2018/CVE-2018-0296.md +++ b/2018/CVE-2018-0296.md @@ -17,18 +17,25 @@ A vulnerability in the web interface of the Cisco Adaptive Security Appliance (A - https://github.com/0xT11/CVE-POC - https://github.com/3ndG4me/CVE-2020-3452-Exploit - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Apri1y/Red-Team-links - https://github.com/Echocipher/Resource-list - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/GarnetSunset/CiscoIOSSNMPToolkit - https://github.com/bhenner1/CVE-2018-0296 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hudunkey/Red-Team-links - https://github.com/jacobsoo/HardwareWiki +- https://github.com/john-80/-007 +- https://github.com/lp008/Hack-readme - https://github.com/milo2012/CVE-2018-0296 - https://github.com/moli1369/cisco-user - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/r0eXpeR/supplier - https://github.com/rudinyu/KB +- https://github.com/slimdaddy/RedTeam - https://github.com/sobinge/nuclei-templates - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool - https://github.com/yassineaboukir/CVE-2018-0296 diff --git a/2018/CVE-2018-0694.md b/2018/CVE-2018-0694.md new file mode 100644 index 0000000000..41521d826f --- /dev/null +++ b/2018/CVE-2018-0694.md @@ -0,0 +1,17 @@ +### [CVE-2018-0694](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0694) +![](https://img.shields.io/static/v1?label=Product&message=FileZen&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=OS%20Command%20Injection&color=brighgreen) + +### Description + +FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2018/CVE-2018-1000035.md b/2018/CVE-2018-1000035.md index cbe0cc1d7f..806952a38c 100644 --- a/2018/CVE-2018-1000035.md +++ b/2018/CVE-2018-1000035.md @@ -13,6 +13,7 @@ A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the pro No PoCs from references. #### Github +- https://github.com/FritzJo/pacheck - https://github.com/phonito/phonito-vulnerable-container - https://github.com/ronomon/zip diff --git a/2018/CVE-2018-1000122.md b/2018/CVE-2018-1000122.md index 120c65d748..5d4cb826e3 100644 --- a/2018/CVE-2018-1000122.md +++ b/2018/CVE-2018-1000122.md @@ -13,5 +13,6 @@ A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTS No PoCs from references. #### Github +- https://github.com/belcebus/clair-architecture-poc - https://github.com/facebookincubator/nvdtools diff --git a/2018/CVE-2018-1000156.md b/2018/CVE-2018-1000156.md index b03b5129a3..f1fbd5e22a 100644 --- a/2018/CVE-2018-1000156.md +++ b/2018/CVE-2018-1000156.md @@ -18,5 +18,6 @@ GNU Patch version 2.7.6 contains an input validation vulnerability when processi #### Github - https://github.com/andir/nixos-issue-db-example +- https://github.com/irsl/gnu-patch-vulnerabilities - https://github.com/phonito/phonito-vulnerable-container diff --git a/2018/CVE-2018-1000518.md b/2018/CVE-2018-1000518.md new file mode 100644 index 0000000000..e55fcb6361 --- /dev/null +++ b/2018/CVE-2018-1000518.md @@ -0,0 +1,17 @@ +### [CVE-2018-1000518](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000518) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +aaugustin websockets version 4 contains a CWE-409: Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in Servers and clients, unless configured with compression=None that can result in Denial of Service by memory exhaustion. This attack appear to be exploitable via Sending a specially crafted frame on an established connection. This vulnerability appears to have been fixed in 5. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/PalindromeLabs/awesome-websocket-security + diff --git a/2018/CVE-2018-1000632.md b/2018/CVE-2018-1000632.md new file mode 100644 index 0000000000..7e39da8f8b --- /dev/null +++ b/2018/CVE-2018-1000632.md @@ -0,0 +1,17 @@ +### [CVE-2018-1000632](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000632) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2018/CVE-2018-1000654.md b/2018/CVE-2018-1000654.md index 1d547f341a..7112c34a19 100644 --- a/2018/CVE-2018-1000654.md +++ b/2018/CVE-2018-1000654.md @@ -13,7 +13,10 @@ GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a - https://gitlab.com/gnutls/libtasn1/issues/4 #### Github +- https://github.com/brandoncamenisch/release-the-code-litecoin - https://github.com/dispera/giant-squid +- https://github.com/domyrtille/interview_project +- https://github.com/epequeno/devops-demo - https://github.com/garethr/snykout - https://github.com/nedenwalker/spring-boot-app-using-gradle - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln diff --git a/2018/CVE-2018-1000657.md b/2018/CVE-2018-1000657.md index 3890c96df3..9c8fb990b0 100644 --- a/2018/CVE-2018-1000657.md +++ b/2018/CVE-2018-1000657.md @@ -14,5 +14,6 @@ Rust Programming Language Rust standard library version Commit bfa0e1f58acf1c28d #### Github - https://github.com/Artisan-Lab/Rust-memory-safety-bugs +- https://github.com/Qwaz/rust-cve - https://github.com/xxg1413/rust-security diff --git a/2018/CVE-2018-1000810.md b/2018/CVE-2018-1000810.md index 0f7842b441..728bff1f4d 100644 --- a/2018/CVE-2018-1000810.md +++ b/2018/CVE-2018-1000810.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/Artisan-Lab/Rust-memory-safety-bugs +- https://github.com/Qwaz/rust-cve - https://github.com/saaramar/Publications - https://github.com/xxg1413/rust-security diff --git a/2018/CVE-2018-1000861.md b/2018/CVE-2018-1000861.md index 2b2e183693..2571d3c16e 100644 --- a/2018/CVE-2018-1000861.md +++ b/2018/CVE-2018-1000861.md @@ -26,6 +26,8 @@ No PoCs from references. - https://github.com/Zompire/cc_talk_2021 - https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc - https://github.com/alphaSeclab/sec-daily-2019 +- https://github.com/deadbits/yara-rules +- https://github.com/glithc/yara-detection - https://github.com/gobysec/Goby - https://github.com/gquere/pwn_jenkins - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2018/CVE-2018-1000873.md b/2018/CVE-2018-1000873.md index 841708d76f..24b8590832 100644 --- a/2018/CVE-2018-1000873.md +++ b/2018/CVE-2018-1000873.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/ilmari666/cybsec diff --git a/2018/CVE-2018-1000886.md b/2018/CVE-2018-1000886.md index c3fc66f35a..fcd3186872 100644 --- a/2018/CVE-2018-1000886.md +++ b/2018/CVE-2018-1000886.md @@ -13,5 +13,6 @@ nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability in asm/st - https://bugzilla.nasm.us/show_bug.cgi?id=3392514 #### Github -No PoCs found on GitHub currently. +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark diff --git a/2018/CVE-2018-1002103.md b/2018/CVE-2018-1002103.md index ffe061b1f7..7672c95224 100644 --- a/2018/CVE-2018-1002103.md +++ b/2018/CVE-2018-1002103.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/Metarget/awesome-cloud-native-security +- https://github.com/Metarget/cloud-native-security-book diff --git a/2018/CVE-2018-1002105.md b/2018/CVE-2018-1002105.md index 47f28d87e1..705d3a68cb 100644 --- a/2018/CVE-2018-1002105.md +++ b/2018/CVE-2018-1002105.md @@ -19,6 +19,7 @@ In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect ha - https://github.com/Lee-SungYoung/Delicious-Hot-Six - https://github.com/Lee-SungYoung/Kube-Six - https://github.com/Metarget/awesome-cloud-native-security +- https://github.com/Metarget/cloud-native-security-book - https://github.com/Metarget/metarget - https://github.com/Ondrik8/exploit - https://github.com/PaloAltoNetworks/research-notes @@ -32,6 +33,7 @@ In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect ha - https://github.com/owen800q/Awesome-Stars - https://github.com/pravinsrc/NOTES-windows-kernel-links - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/reni2study/Cloud-Native-Security2 - https://github.com/rsingh1611/Docker-SimpliVity - https://github.com/superfish9/pt - https://github.com/warmchang/KubeCon-CloudNativeCon-Europe-2019 diff --git a/2018/CVE-2018-10100.md b/2018/CVE-2018-10100.md new file mode 100644 index 0000000000..e2a814de7d --- /dev/null +++ b/2018/CVE-2018-10100.md @@ -0,0 +1,17 @@ +### [CVE-2018-10100](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10100) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/El-Palomo/DerpNStink + diff --git a/2018/CVE-2018-10101.md b/2018/CVE-2018-10101.md new file mode 100644 index 0000000000..a63eaed2a3 --- /dev/null +++ b/2018/CVE-2018-10101.md @@ -0,0 +1,17 @@ +### [CVE-2018-10101](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10101) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Before WordPress 4.9.5, the URL validator assumed URLs with the hostname localhost were on the same host as the WordPress server. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/El-Palomo/DerpNStink + diff --git a/2018/CVE-2018-10102.md b/2018/CVE-2018-10102.md index 53d2fcbe99..5db6cfedd0 100644 --- a/2018/CVE-2018-10102.md +++ b/2018/CVE-2018-10102.md @@ -15,5 +15,6 @@ No PoCs from references. #### Github - https://github.com/CeCe2018/Codepath - https://github.com/CeCe2018/Codepath-Week-7-Alternative-Assignment-Essay +- https://github.com/El-Palomo/DerpNStink - https://github.com/Tanvi20/Week-7-Alternative-Assignment-wp-cve diff --git a/2018/CVE-2018-10191.md b/2018/CVE-2018-10191.md index e29a1bf7cc..cd416072f3 100644 --- a/2018/CVE-2018-10191.md +++ b/2018/CVE-2018-10191.md @@ -13,5 +13,5 @@ In versions of mruby up to and including 1.4.0, an integer overflow exists in sr - https://github.com/mruby/mruby/issues/3995 #### Github -No PoCs found on GitHub currently. +- https://github.com/nautilus-fuzz/nautilus diff --git a/2018/CVE-2018-10199.md b/2018/CVE-2018-10199.md new file mode 100644 index 0000000000..f82eb5756b --- /dev/null +++ b/2018/CVE-2018-10199.md @@ -0,0 +1,17 @@ +### [CVE-2018-10199](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10199) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In versions of mruby up to and including 1.4.0, a use-after-free vulnerability exists in src/io.c::File#initilialize_copy(). An attacker that can cause Ruby code to be run can possibly use this to execute arbitrary code. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/nautilus-fuzz/nautilus + diff --git a/2018/CVE-2018-10237.md b/2018/CVE-2018-10237.md index 97a4fbd9d1..2b3264b7ad 100644 --- a/2018/CVE-2018-10237.md +++ b/2018/CVE-2018-10237.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/diakogiannis/moviebook - https://github.com/dotanuki-labs/android-oss-cves-research diff --git a/2018/CVE-2018-10685.md b/2018/CVE-2018-10685.md index d91fb16c53..6ebc171f3f 100644 --- a/2018/CVE-2018-10685.md +++ b/2018/CVE-2018-10685.md @@ -13,5 +13,5 @@ In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decom - https://github.com/ckolivas/lrzip/issues/95 #### Github -No PoCs found on GitHub currently. +- https://github.com/strongcourage/uafbench diff --git a/2018/CVE-2018-10876.md b/2018/CVE-2018-10876.md index f69fe96662..2dd721bcd0 100644 --- a/2018/CVE-2018-10876.md +++ b/2018/CVE-2018-10876.md @@ -13,5 +13,5 @@ A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free i - https://bugzilla.kernel.org/show_bug.cgi?id=199403 #### Github -No PoCs found on GitHub currently. +- https://github.com/rm511130/BBL diff --git a/2018/CVE-2018-10933.md b/2018/CVE-2018-10933.md index 6e14e7f91d..a155d7f5b4 100644 --- a/2018/CVE-2018-10933.md +++ b/2018/CVE-2018-10933.md @@ -15,6 +15,7 @@ A vulnerability was found in libssh's server-side state machine before versions #### Github - https://github.com/0xT11/CVE-POC - https://github.com/915425297/CVES +- https://github.com/Apri1y/Red-Team-links - https://github.com/DynamicDesignz/Alien-Framework - https://github.com/Echocipher/Resource-list - https://github.com/MarkBuffalo/exploits @@ -25,16 +26,21 @@ A vulnerability was found in libssh's server-side state machine before versions - https://github.com/angristan/awesome-stars - https://github.com/blacknbunny/CVE-2018-10933 - https://github.com/hackerhouse-opensource/cve-2018-10933 +- https://github.com/hudunkey/Red-Team-links - https://github.com/jas502n/CVE-2018-10933 +- https://github.com/john-80/-007 - https://github.com/kn6869610/CVE-2018-10933 - https://github.com/leapsecurity/libssh-scanner +- https://github.com/lp008/Hack-readme - https://github.com/marco-lancini/hunt-for-cve-2018-10933 - https://github.com/nikhil1232/LibSSH-Authentication-Bypass - https://github.com/pghook/CVE-2018-10933_Scanner - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/r3dxpl0it/CVE-2018-10933 - https://github.com/shifa123/pythonprojects-CVE-2018-10933 +- https://github.com/slimdaddy/RedTeam - https://github.com/trbpnd/bpnd-libssh - https://github.com/xFreed0m/CVE-2018-10933 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool diff --git a/2018/CVE-2018-1098.md b/2018/CVE-2018-1098.md index 6eca13e1d3..df93edcfa8 100644 --- a/2018/CVE-2018-1098.md +++ b/2018/CVE-2018-1098.md @@ -14,5 +14,6 @@ A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. An attack #### Github - https://github.com/andir/nixos-issue-db-example +- https://github.com/asa1997/topgear_test - https://github.com/sonatype-nexus-community/nancy diff --git a/2018/CVE-2018-11019.md b/2018/CVE-2018-11019.md index 27cf53a1af..ee5d914484 100644 --- a/2018/CVE-2018-11019.md +++ b/2018/CVE-2018-11019.md @@ -10,7 +10,7 @@ kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Ki ### POC #### Reference -No PoCs from references. +- https://github.com/datadancer/HIAFuzz/blob/master/CVE-2018-11019.md #### Github - https://github.com/SexyBeast233/SecBooks diff --git a/2018/CVE-2018-11039.md b/2018/CVE-2018-11039.md new file mode 100644 index 0000000000..dd01ae8b41 --- /dev/null +++ b/2018/CVE-2018-11039.md @@ -0,0 +1,17 @@ +### [CVE-2018-11039](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11039) +![](https://img.shields.io/static/v1?label=Product&message=Spring%20Framework&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=5.0.x5.0.7%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Cross%20Site%20Tracing&color=brighgreen) + +### Description + +Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring MVC. If an application has a pre-existing XSS vulnerability, a malicious user (or attacker) can use this filter to escalate to an XST (Cross Site Tracing) attack. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2018/CVE-2018-11040.md b/2018/CVE-2018-11040.md new file mode 100644 index 0000000000..2781919aa7 --- /dev/null +++ b/2018/CVE-2018-11040.md @@ -0,0 +1,17 @@ +### [CVE-2018-11040](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11040) +![](https://img.shields.io/static/v1?label=Product&message=Spring%20Framework&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=5.0.x5.0.7%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=JSONP%20enabled%20by%20default%20in%20MappingJackson2JsonView&color=brighgreen) + +### Description + +Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controllers and MappingJackson2JsonView for browser requests. Both are not enabled by default in Spring Framework nor Spring Boot, however, when MappingJackson2JsonView is configured in an application, JSONP support is automatically ready to use through the "jsonp" and "callback" JSONP parameters, enabling cross-domain requests. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2018/CVE-2018-11307.md b/2018/CVE-2018-11307.md new file mode 100644 index 0000000000..c262727d00 --- /dev/null +++ b/2018/CVE-2018-11307.md @@ -0,0 +1,18 @@ +### [CVE-2018-11307](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec +- https://github.com/yahoo/cubed + diff --git a/2018/CVE-2018-11416.md b/2018/CVE-2018-11416.md index def7f77e52..30124d124f 100644 --- a/2018/CVE-2018-11416.md +++ b/2018/CVE-2018-11416.md @@ -13,5 +13,6 @@ jpegoptim.c in jpegoptim 1.4.5 (fixed in 1.4.6) has an invalid use of realloc() No PoCs from references. #### Github +- https://github.com/strongcourage/uafbench - https://github.com/wcventure/UAF-Fuzzer-TestSuite diff --git a/2018/CVE-2018-11496.md b/2018/CVE-2018-11496.md index bbc0bbc2df..82d22c3139 100644 --- a/2018/CVE-2018-11496.md +++ b/2018/CVE-2018-11496.md @@ -14,5 +14,6 @@ In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in #### Github - https://github.com/andir/nixos-issue-db-example +- https://github.com/strongcourage/uafbench - https://github.com/wcventure/UAF-Fuzzer-TestSuite diff --git a/2018/CVE-2018-11576.md b/2018/CVE-2018-11576.md index a9cede7c69..0249351241 100644 --- a/2018/CVE-2018-11576.md +++ b/2018/CVE-2018-11576.md @@ -11,6 +11,7 @@ ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexT #### Reference - https://github.com/Edward-L/fuzzing-pocs/tree/master/ngiflib +- https://github.com/miniupnp/ngiflib/issues/6 #### Github - https://github.com/Edward-L/my-cve-list diff --git a/2018/CVE-2018-11687.md b/2018/CVE-2018-11687.md index db61be6f54..0615a69c59 100644 --- a/2018/CVE-2018-11687.md +++ b/2018/CVE-2018-11687.md @@ -13,5 +13,6 @@ An integer overflow in the distributeBTR function of a smart contract implementa No PoCs from references. #### Github +- https://github.com/rjhorniii/DICOM-YARA-rules - https://github.com/sec-bit/awesome-buggy-erc20-tokens diff --git a/2018/CVE-2018-11743.md b/2018/CVE-2018-11743.md new file mode 100644 index 0000000000..21282a2607 --- /dev/null +++ b/2018/CVE-2018-11743.md @@ -0,0 +1,17 @@ +### [CVE-2018-11743](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11743) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS objects, which allows attackers to cause a denial of service (mrb_hash_keys uninitialized pointer and application crash) or possibly have unspecified other impact. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/nautilus-fuzz/nautilus + diff --git a/2018/CVE-2018-11763.md b/2018/CVE-2018-11763.md index 6eb6a9e27f..616939e0d9 100644 --- a/2018/CVE-2018-11763.md +++ b/2018/CVE-2018-11763.md @@ -13,6 +13,7 @@ In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS fr No PoCs from references. #### Github +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough - https://github.com/vshaliii/Funbox2-rookie diff --git a/2018/CVE-2018-11776.md b/2018/CVE-2018-11776.md index 3d936b1a6c..c65f409cfb 100644 --- a/2018/CVE-2018-11776.md +++ b/2018/CVE-2018-11776.md @@ -11,6 +11,7 @@ Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remo #### Reference - https://cwiki.apache.org/confluence/display/WW/S2-057 +- https://github.com/hook-s3c/CVE-2018-11776-Python-PoC - https://www.exploit-db.com/exploits/45260/ - https://www.exploit-db.com/exploits/45262/ - https://www.exploit-db.com/exploits/45367/ @@ -22,14 +23,19 @@ Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remo - https://github.com/649/Apache-Struts-Shodan-Exploit - https://github.com/84KaliPleXon3/Payloads_All_The_Things - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Apri1y/Red-Team-links - https://github.com/BitTheByte/Domainker - https://github.com/BitTheByte/Eagle +- https://github.com/Delishsploits/PayloadsAndMethodology - https://github.com/Echocipher/Resource-list - https://github.com/Ekultek/Strutter - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/Fnzer0/S2-057-poc +- https://github.com/GuynnR/Payloads +- https://github.com/HxDDD/CVE-PoC - https://github.com/Ivan1ee/struts2-057-exp - https://github.com/Muhammd/Awesome-Payloads +- https://github.com/Nieuport/PayloadsAllTheThings - https://github.com/PEAKWEI/WsylibBookRS - https://github.com/Prodject/Kn0ck - https://github.com/Ra7mo0on/PayloadsAllTheThings @@ -42,33 +48,49 @@ Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remo - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/andrysec/PayloadsAllVulnerability - https://github.com/anhtu97/PayloadAllEverything +- https://github.com/apkadmin/PayLoadsAll - https://github.com/bhdresh/CVE-2018-11776 - https://github.com/brianwrf/S2-057-CVE-2018-11776 +- https://github.com/byteofjoshua/CVE-2021-26084 +- https://github.com/chanchalpatra/payload - https://github.com/cved-sources/cve-2018-11776 +- https://github.com/djschleen/ash - https://github.com/eescanilla/Apache-Struts-v3 - https://github.com/foreseeti/securicad-enterprise-sdk - https://github.com/foreseeti/securicad-vanguard-sdk - https://github.com/github/securitylab +- https://github.com/hellochunqiu/PayloadsAllTheThings - https://github.com/hktalent/myhktools - https://github.com/hook-s3c/CVE-2018-11776-Python-PoC +- https://github.com/hudunkey/Red-Team-links - https://github.com/jas502n/St2-057 - https://github.com/jiguangsdf/CVE-2018-11776 +- https://github.com/john-80/-007 - https://github.com/khodges42/Etrata - https://github.com/knqyf263/CVE-2018-11776 - https://github.com/koutto/jok3r-pocs +- https://github.com/ksw9722/PayloadsAllTheThings +- https://github.com/lp008/Hack-readme - https://github.com/mazen160/struts-pwn_CVE-2018-11776 +- https://github.com/mrhacker51/ReverseShellCommands +- https://github.com/nevidimk0/PayloadsAllTheThings - https://github.com/ninoseki/mitaka - https://github.com/oneplus-x/Sn1per - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/s1kr10s/Apache-Struts-v4 +- https://github.com/slimdaddy/RedTeam - https://github.com/sobinge/--1 - https://github.com/sobinge/PayloadsAllTheThings +- https://github.com/sobinge/PayloadsAllThesobinge - https://github.com/sourcery-ai-bot/Deep-Security-Reports +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/tuxotron/cve-2018-11776-docker - https://github.com/unusualwork/Sn1per - https://github.com/we1h0/awesome-java-security-checklist - https://github.com/whoadmin/pocs +- https://github.com/winterwolf32/PayloadsAllTheThings - https://github.com/woods-sega/woodswiki - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/xfox64x/CVE-2018-11776 +- https://github.com/xiaoZ-hc/redtool diff --git a/2018/CVE-2018-11784.md b/2018/CVE-2018-11784.md index 27978ed7c6..f40b5d0e3a 100644 --- a/2018/CVE-2018-11784.md +++ b/2018/CVE-2018-11784.md @@ -16,6 +16,7 @@ When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to #### Github - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/ilmari666/cybsec - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2018/CVE-2018-1196.md b/2018/CVE-2018-1196.md new file mode 100644 index 0000000000..3726dd8a89 --- /dev/null +++ b/2018/CVE-2018-1196.md @@ -0,0 +1,17 @@ +### [CVE-2018-1196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1196) +![](https://img.shields.io/static/v1?label=Product&message=Spring%20Boot&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=privilege%20escalation&color=brighgreen) + +### Description + +Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and earlier and 2.0.0.M1 through 2.0.0.M7 is susceptible to a symlink attack which allows the "run_user" to overwrite and take ownership of any file on the same system. In order to instigate the attack, the application must be installed as a service and the "run_user" requires shell access to the server. Spring Boot application that are not installed as a service, or are not using the embedded launch script are not susceptible. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2018/CVE-2018-1199.md b/2018/CVE-2018-1199.md new file mode 100644 index 0000000000..9e3358c305 --- /dev/null +++ b/2018/CVE-2018-1199.md @@ -0,0 +1,17 @@ +### [CVE-2018-1199](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1199) +![](https://img.shields.io/static/v1?label=Product&message=Spring%20by%20Pivotal&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20bypass%20with%20static&color=brighgreen) + +### Description + +Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification. Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. In this particular attack, different character encodings used in path parameters allows secured Spring MVC static resource URLs to be bypassed. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2018/CVE-2018-12018.md b/2018/CVE-2018-12018.md index 9bc0e29d8f..4b6ce2af25 100644 --- a/2018/CVE-2018-12018.md +++ b/2018/CVE-2018-12018.md @@ -10,7 +10,7 @@ The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum ### POC #### Reference -No PoCs from references. +- https://github.com/ethereum/go-ethereum/pull/16891 #### Github - https://github.com/0xT11/CVE-POC diff --git a/2018/CVE-2018-12022.md b/2018/CVE-2018-12022.md new file mode 100644 index 0000000000..308e349661 --- /dev/null +++ b/2018/CVE-2018-12022.md @@ -0,0 +1,17 @@ +### [CVE-2018-12022](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2018/CVE-2018-12023.md b/2018/CVE-2018-12023.md new file mode 100644 index 0000000000..9c6ec57aad --- /dev/null +++ b/2018/CVE-2018-12023.md @@ -0,0 +1,17 @@ +### [CVE-2018-12023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2018/CVE-2018-12247.md b/2018/CVE-2018-12247.md new file mode 100644 index 0000000000..f21e08c14b --- /dev/null +++ b/2018/CVE-2018-12247.md @@ -0,0 +1,17 @@ +### [CVE-2018-12247](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12247) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class, related to certain .clone usage, because mrb_obj_clone in kernel.c copies flags other than the MRB_FLAG_IS_FROZEN flag (e.g., the embedded flag). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/nautilus-fuzz/nautilus + diff --git a/2018/CVE-2018-12248.md b/2018/CVE-2018-12248.md new file mode 100644 index 0000000000..671bae447f --- /dev/null +++ b/2018/CVE-2018-12248.md @@ -0,0 +1,17 @@ +### [CVE-2018-12248](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12248) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in mruby 1.4.1. There is a heap-based buffer over-read associated with OP_ENTER because mrbgems/mruby-fiber/src/fiber.c does not extend the stack in cases of many arguments to fiber. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/nautilus-fuzz/nautilus + diff --git a/2018/CVE-2018-12249.md b/2018/CVE-2018-12249.md new file mode 100644 index 0000000000..2c737bfad2 --- /dev/null +++ b/2018/CVE-2018-12249.md @@ -0,0 +1,17 @@ +### [CVE-2018-12249](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12249) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class_real because "class BasicObject" is not properly supported in class.c. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/nautilus-fuzz/nautilus + diff --git a/2018/CVE-2018-12364.md b/2018/CVE-2018-12364.md new file mode 100644 index 0000000000..4cd48161f5 --- /dev/null +++ b/2018/CVE-2018-12364.md @@ -0,0 +1,22 @@ +### [CVE-2018-12364](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364) +![](https://img.shields.io/static/v1?label=Product&message=Firefox%20ESR&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Firefox&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Thunderbird&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2060%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2060.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2061%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CSRF%20attacks%20through%20307%20redirects%20and%20NPAPI%20plugins&color=brighgreen) + +### Description + +NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for a malicious site to engage in cross-site request forgery (CSRF) attacks. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/jeetgit/json_csrf +- https://github.com/mobx26/test + diff --git a/2018/CVE-2018-12386.md b/2018/CVE-2018-12386.md index d47cff5398..51e92963b0 100644 --- a/2018/CVE-2018-12386.md +++ b/2018/CVE-2018-12386.md @@ -16,6 +16,7 @@ A vulnerability in register allocation in JavaScript can lead to type confusion, #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/ZihanYe/web-browser-vulnerabilities - https://github.com/googleprojectzero/fuzzilli - https://github.com/m00zh33/sploits - https://github.com/niklasb/sploits diff --git a/2018/CVE-2018-12387.md b/2018/CVE-2018-12387.md index fc02d6da94..0944ec362c 100644 --- a/2018/CVE-2018-12387.md +++ b/2018/CVE-2018-12387.md @@ -15,6 +15,7 @@ A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push w No PoCs from references. #### Github +- https://github.com/ZihanYe/web-browser-vulnerabilities - https://github.com/m00zh33/sploits - https://github.com/niklasb/sploits - https://github.com/qazbnm456/awesome-cve-poc diff --git a/2018/CVE-2018-1257.md b/2018/CVE-2018-1257.md new file mode 100644 index 0000000000..2b7df706ee --- /dev/null +++ b/2018/CVE-2018-1257.md @@ -0,0 +1,17 @@ +### [CVE-2018-1257](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1257) +![](https://img.shields.io/static/v1?label=Product&message=Spring%20Framework&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=ReDoS&color=brighgreen) + +### Description + +Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a regular expression, denial of service attack. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2018/CVE-2018-1258.md b/2018/CVE-2018-1258.md index 3cc2b3d594..5b65eea7c3 100644 --- a/2018/CVE-2018-1258.md +++ b/2018/CVE-2018-1258.md @@ -14,4 +14,6 @@ No PoCs from references. #### Github - https://github.com/abhav/nvd_scrapper +- https://github.com/diakogiannis/moviebook +- https://github.com/ilmari666/cybsec diff --git a/2018/CVE-2018-12613.md b/2018/CVE-2018-12613.md index 49eb4d2d02..4db078419c 100644 --- a/2018/CVE-2018-12613.md +++ b/2018/CVE-2018-12613.md @@ -22,11 +22,14 @@ An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker c - https://github.com/0xT11/CVE-POC - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/NS-Sp4ce/2019-Ciscn-Southern-China-Web - https://github.com/SexyBeast233/SecBooks - https://github.com/duckstroms/Web-CTF-Cheatsheet - https://github.com/eastmountyxz/CSDNBlog-Security-Based - https://github.com/eastmountyxz/NetworkSecuritySelf-study +- https://github.com/fix-you/unc1e_web_note - https://github.com/jweny/pocassistdb - https://github.com/kyawthiha7/pentest-methodology +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/w181496/Web-CTF-Cheatsheet diff --git a/2018/CVE-2018-12641.md b/2018/CVE-2018-12641.md index 4095fe715c..3057ac1866 100644 --- a/2018/CVE-2018-12641.md +++ b/2018/CVE-2018-12641.md @@ -13,6 +13,8 @@ An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as distribute No PoCs from references. #### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark - https://github.com/RUB-SysSec/redqueen - https://github.com/revl-ca/scan-docker-image +- https://github.com/tzf-key/MemLock_Benchmark diff --git a/2018/CVE-2018-12659.md b/2018/CVE-2018-12659.md new file mode 100644 index 0000000000..467ba5f9a1 --- /dev/null +++ b/2018/CVE-2018-12659.md @@ -0,0 +1,17 @@ +### [CVE-2018-12659](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12659) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +SLiMS 8 Akasia 8.3.1 allows remote attackers to bypass the CSRF protection mechanism and obtain admin access by omitting the csrf_token parameter. + +### POC + +#### Reference +- https://github.com/slims/slims8_akasia/issues/103 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2018/CVE-2018-12699.md b/2018/CVE-2018-12699.md index e8affd1d94..90f1602aaf 100644 --- a/2018/CVE-2018-12699.md +++ b/2018/CVE-2018-12699.md @@ -13,7 +13,10 @@ finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial o No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/RUB-SysSec/redqueen +- https://github.com/colonelmeow/appsecctf +- https://github.com/jrak1204/overstock_test - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers diff --git a/2018/CVE-2018-1270.md b/2018/CVE-2018-1270.md index 4680570b51..b34e48fc86 100644 --- a/2018/CVE-2018-1270.md +++ b/2018/CVE-2018-1270.md @@ -23,6 +23,7 @@ Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 a - https://github.com/genxor/CVE-2018-1270_EXP - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/hktalent/myhktools +- https://github.com/ilmari666/cybsec - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/src-kun/map - https://github.com/superfish9/pt diff --git a/2018/CVE-2018-1271.md b/2018/CVE-2018-1271.md index f5b0d124be..53a58d91b4 100644 --- a/2018/CVE-2018-1271.md +++ b/2018/CVE-2018-1271.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/ilmari666/cybsec - https://github.com/sobinge/nuclei-templates - https://github.com/superfish9/pt - https://github.com/x-f1v3/Vulnerability_Environment diff --git a/2018/CVE-2018-1272.md b/2018/CVE-2018-1272.md new file mode 100644 index 0000000000..0c2b885ccb --- /dev/null +++ b/2018/CVE-2018-1272.md @@ -0,0 +1,17 @@ +### [CVE-2018-1272](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1272) +![](https://img.shields.io/static/v1?label=Product&message=Spring%20Framework&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CAPEC-233%20-%20Privilege%20Escalation&color=brighgreen) + +### Description + +Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests. When Spring MVC or Spring WebFlux server application (server A) receives input from a remote client, and then uses that input to make a multipart request to another server (server B), it can be exposed to an attack, where an extra multipart is inserted in the content of the request from server A, causing server B to use the wrong value for a part it expects. This could to lead privilege escalation, for example, if the part content represents a username or user roles. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2018/CVE-2018-1273.md b/2018/CVE-2018-1273.md index e74625f894..d3a3315924 100644 --- a/2018/CVE-2018-1273.md +++ b/2018/CVE-2018-1273.md @@ -19,8 +19,10 @@ No PoCs from references. - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/SexyBeast233/SecBooks - https://github.com/SugarP1g/LearningSecurity +- https://github.com/asa1997/topgear_test - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/ilmari666/cybsec - https://github.com/ilmila/J2EEScan - https://github.com/jas502n/cve-2018-1273 - https://github.com/jiangsir404/POC-S diff --git a/2018/CVE-2018-1275.md b/2018/CVE-2018-1275.md index 996287d541..09dfc5d36b 100644 --- a/2018/CVE-2018-1275.md +++ b/2018/CVE-2018-1275.md @@ -13,6 +13,7 @@ Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 a No PoCs from references. #### Github +- https://github.com/ilmari666/cybsec - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2018/CVE-2018-12794.md b/2018/CVE-2018-12794.md index 70f5f685f7..c9926e4e41 100644 --- a/2018/CVE-2018-12794.md +++ b/2018/CVE-2018-12794.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/HackOvert/awesome-bugs +- https://github.com/SkyBulk/RealWorldPwn - https://github.com/attackgithub/RealWorldPwn diff --git a/2018/CVE-2018-1281.md b/2018/CVE-2018-1281.md new file mode 100644 index 0000000000..75235cd118 --- /dev/null +++ b/2018/CVE-2018-1281.md @@ -0,0 +1,17 @@ +### [CVE-2018-1281](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1281) +![](https://img.shields.io/static/v1?label=Product&message=Apache%20MXNet&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Allows%20unauthorized%20access&color=brighgreen) + +### Description + +The clustered setup of Apache MXNet allows users to specify which IP address and port the scheduler will listen on via the DMLC_PS_ROOT_URI and DMLC_PS_ROOT_PORT env variables. In versions older than 1.0.0, however, the MXNet framework will listen on 0.0.0.0 rather than user specified DMLC_PS_ROOT_URI once a scheduler node is initialized. This exposes the instance running MXNet to any attackers reachable via the interface they didn't expect to be listening on. For example: If a user wants to run a clustered setup locally, they may specify to run on 127.0.0.1. But since MXNet will listen on 0.0.0.0, it makes the port accessible on all network interfaces. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/PRISHIta123/Securing_Open_Source_Components_on_Containers + diff --git a/2018/CVE-2018-1283.md b/2018/CVE-2018-1283.md index 441cccda30..b93889146d 100644 --- a/2018/CVE-2018-1283.md +++ b/2018/CVE-2018-1283.md @@ -13,6 +13,7 @@ In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its s No PoCs from references. #### Github +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/benoitsevres/north-dakota - https://github.com/rnbochsr/yr_of_the_jellyfish - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough diff --git a/2018/CVE-2018-12831.md b/2018/CVE-2018-12831.md index de05a56b4a..8610e99702 100644 --- a/2018/CVE-2018-12831.md +++ b/2018/CVE-2018-12831.md @@ -13,5 +13,6 @@ Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and No PoCs from references. #### Github +- https://github.com/SkyBulk/RealWorldPwn - https://github.com/attackgithub/RealWorldPwn diff --git a/2018/CVE-2018-1288.md b/2018/CVE-2018-1288.md index f763022bf0..50663bf8a5 100644 --- a/2018/CVE-2018-1288.md +++ b/2018/CVE-2018-1288.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/isxbot/software-assurance diff --git a/2018/CVE-2018-12886.md b/2018/CVE-2018-12886.md index 89834b0fd8..b89ff1c47c 100644 --- a/2018/CVE-2018-12886.md +++ b/2018/CVE-2018-12886.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/Azure/publish-security-assessments - https://github.com/drjhunter/container-scan - https://github.com/garethr/snykout +- https://github.com/lucky-sideburn/secpod_wrap diff --git a/2018/CVE-2018-12895.md b/2018/CVE-2018-12895.md index b923856211..2f6d6302f4 100644 --- a/2018/CVE-2018-12895.md +++ b/2018/CVE-2018-12895.md @@ -14,6 +14,7 @@ WordPress through 4.9.6 allows Author users to execute arbitrary code by leverag #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/El-Palomo/DerpNStink - https://github.com/bloom-ux/cve-2018-12895-hotfix - https://github.com/harrystaley/CSCI4349_Week9_Honeypot - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough diff --git a/2018/CVE-2018-1301.md b/2018/CVE-2018-1301.md index 19de20836a..eb6c955db1 100644 --- a/2018/CVE-2018-1301.md +++ b/2018/CVE-2018-1301.md @@ -13,6 +13,7 @@ A specially crafted request could have crashed the Apache HTTP Server prior to v No PoCs from references. #### Github +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/google/honggfuzz - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough diff --git a/2018/CVE-2018-1302.md b/2018/CVE-2018-1302.md index 8f4fd88ba9..cc6704161f 100644 --- a/2018/CVE-2018-1302.md +++ b/2018/CVE-2018-1302.md @@ -13,6 +13,7 @@ When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server No PoCs from references. #### Github +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/google/honggfuzz - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough diff --git a/2018/CVE-2018-1303.md b/2018/CVE-2018-1303.md index 11ba783368..9a92c7848f 100644 --- a/2018/CVE-2018-1303.md +++ b/2018/CVE-2018-1303.md @@ -13,6 +13,7 @@ A specially crafted HTTP request header could have crashed the Apache HTTP Serve No PoCs from references. #### Github +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/google/honggfuzz - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough diff --git a/2018/CVE-2018-1304.md b/2018/CVE-2018-1304.md index 28f56c14f3..91ea118705 100644 --- a/2018/CVE-2018-1304.md +++ b/2018/CVE-2018-1304.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/ilmari666/cybsec - https://github.com/knqyf263/CVE-2018-1304 - https://github.com/thariyarox/tomcat_CVE-2018-1304_testing diff --git a/2018/CVE-2018-1305.md b/2018/CVE-2018-1305.md index f729cfba26..8d6263934a 100644 --- a/2018/CVE-2018-1305.md +++ b/2018/CVE-2018-1305.md @@ -18,5 +18,6 @@ No PoCs from references. - https://github.com/SexyBeast233/SecBooks - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/ilmari666/cybsec - https://github.com/woods-sega/woodswiki diff --git a/2018/CVE-2018-1312.md b/2018/CVE-2018-1312.md index 6238d13c43..0adc522a3e 100644 --- a/2018/CVE-2018-1312.md +++ b/2018/CVE-2018-1312.md @@ -13,6 +13,7 @@ In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication c No PoCs from references. #### Github +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/intrigueio/intrigue-ident - https://github.com/rnbochsr/yr_of_the_jellyfish - https://github.com/syadg123/pigat diff --git a/2018/CVE-2018-13137.md b/2018/CVE-2018-13137.md index 73883d8b35..6d74322b67 100644 --- a/2018/CVE-2018-13137.md +++ b/2018/CVE-2018-13137.md @@ -11,6 +11,7 @@ The Events Manager plugin 5.9.4 for WordPress has XSS via the dbem_event_reappro #### Reference - https://ansawaf.blogspot.com/2019/04/cve-2018-13137-xss-in-events-manager.html +- https://gist.github.com/ansarisec/12737c207c0851d52865ed60c08891b7 #### Github No PoCs found on GitHub currently. diff --git a/2018/CVE-2018-13251.md b/2018/CVE-2018-13251.md new file mode 100644 index 0000000000..4c4658cac1 --- /dev/null +++ b/2018/CVE-2018-13251.md @@ -0,0 +1,18 @@ +### [CVE-2018-13251](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13251) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In libming 0.4.8, there is an excessive memory allocation attempt in the readBytes function of the util/read.c file, related to parseSWF_DEFINEBITSJPEG2. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark + diff --git a/2018/CVE-2018-1333.md b/2018/CVE-2018-1333.md index 6496692c5f..0b4985227d 100644 --- a/2018/CVE-2018-1333.md +++ b/2018/CVE-2018-1333.md @@ -13,6 +13,7 @@ By specially crafting HTTP/2 requests, workers would be allocated 60 seconds lon No PoCs from references. #### Github +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough - https://github.com/vshaliii/Funbox2-rookie diff --git a/2018/CVE-2018-1335.md b/2018/CVE-2018-1335.md index 91e7dc644c..4f0e210bfc 100644 --- a/2018/CVE-2018-1335.md +++ b/2018/CVE-2018-1335.md @@ -21,6 +21,7 @@ From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted head - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/RhinoSecurityLabs/CVEs - https://github.com/SkyBlueEternal/CVE-2018-1335-EXP-GUI +- https://github.com/ThePirateWhoSmellsOfSunflowers/TheHackerLinks - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2018/CVE-2018-1336.md b/2018/CVE-2018-1336.md index 04fb5e11fb..bcf298080a 100644 --- a/2018/CVE-2018-1336.md +++ b/2018/CVE-2018-1336.md @@ -13,5 +13,6 @@ An improper handing of overflow in the UTF-8 decoder with supplementary characte No PoCs from references. #### Github +- https://github.com/ilmari666/cybsec - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough diff --git a/2018/CVE-2018-1337.md b/2018/CVE-2018-1337.md new file mode 100644 index 0000000000..e5b5d50a53 --- /dev/null +++ b/2018/CVE-2018-1337.md @@ -0,0 +1,17 @@ +### [CVE-2018-1337](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1337) +![](https://img.shields.io/static/v1?label=Product&message=Apache%20Directory&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Plaintext%20Password%20Disclosure%20in%20Secured%20Channel&color=brighgreen) + +### Description + +In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any information contained in this request (including the credentials when sending a BIND request). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/yahoo/cubed + diff --git a/2018/CVE-2018-13379.md b/2018/CVE-2018-13379.md index 6bae43396d..20b230b660 100644 --- a/2018/CVE-2018-13379.md +++ b/2018/CVE-2018-13379.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/0ps/pocassistdb - https://github.com/0xT11/CVE-POC +- https://github.com/7Elements/Fortigate - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/SexyBeast233/SecBooks @@ -25,8 +26,10 @@ No PoCs from references. - https://github.com/gobysec/Goby - https://github.com/iGotRootSRC/Dorkers - https://github.com/jam620/forti-vpn +- https://github.com/jpiechowka/at-doom-fortigate - https://github.com/jweny/pocassistdb - https://github.com/milo2012/CVE-2018-13379 - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/r0eXpeR/supplier - https://github.com/sobinge/nuclei-templates diff --git a/2018/CVE-2018-13382.md b/2018/CVE-2018-13382.md index 0c848801d5..2e9604061d 100644 --- a/2018/CVE-2018-13382.md +++ b/2018/CVE-2018-13382.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/dhn/exploits - https://github.com/jam620/forti-vpn - https://github.com/milo2012/CVE-2018-13382 +- https://github.com/ugur-ercan/exploit-collection diff --git a/2018/CVE-2018-14054.md b/2018/CVE-2018-14054.md index f3dfa1899e..8e26815aad 100644 --- a/2018/CVE-2018-14054.md +++ b/2018/CVE-2018-14054.md @@ -13,5 +13,6 @@ A double free exists in the MP4StringProperty class in mp4property.cpp in MP4v2 - http://www.openwall.com/lists/oss-security/2018/07/13/1 #### Github +- https://github.com/FritzJo/pacheck - https://github.com/sergiomb2/libmp4v2 diff --git a/2018/CVE-2018-14404.md b/2018/CVE-2018-14404.md index 00d647bd32..6446b584e7 100644 --- a/2018/CVE-2018-14404.md +++ b/2018/CVE-2018-14404.md @@ -13,6 +13,7 @@ A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEva No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/googleprojectzero/winafl - https://github.com/hardik05/winafl-powermopt - https://github.com/laws-africa/slaw diff --git a/2018/CVE-2018-14442.md b/2018/CVE-2018-14442.md index 0ca7b5f7c1..14ea3f462f 100644 --- a/2018/CVE-2018-14442.md +++ b/2018/CVE-2018-14442.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/SkyBulk/RealWorldPwn - https://github.com/attackgithub/RealWorldPwn - https://github.com/payatu/CVE-2018-14442 diff --git a/2018/CVE-2018-14567.md b/2018/CVE-2018-14567.md index d9d0c133a4..71b2b3af61 100644 --- a/2018/CVE-2018-14567.md +++ b/2018/CVE-2018-14567.md @@ -13,6 +13,7 @@ libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/RUB-SysSec/redqueen - https://github.com/revl-ca/scan-docker-image - https://github.com/siddharthraopotukuchi/trivy diff --git a/2018/CVE-2018-14618.md b/2018/CVE-2018-14618.md index e7a0a204a9..e9e2ec490e 100644 --- a/2018/CVE-2018-14618.md +++ b/2018/CVE-2018-14618.md @@ -14,6 +14,7 @@ curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authent No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/revl-ca/scan-docker-image - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy diff --git a/2018/CVE-2018-14665.md b/2018/CVE-2018-14665.md index 80171b183d..54a7744a87 100644 --- a/2018/CVE-2018-14665.md +++ b/2018/CVE-2018-14665.md @@ -23,11 +23,17 @@ A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check #### Github - https://github.com/0xT11/CVE-POC - https://github.com/0xdea/exploits +- https://github.com/Apri1y/Red-Team-links - https://github.com/Echocipher/Resource-list - https://github.com/anoaghost/Localroot_Compile - https://github.com/hackerhouse-opensource/exploits +- https://github.com/hudunkey/Red-Team-links - https://github.com/jas502n/CVE-2018-14665 +- https://github.com/john-80/-007 - https://github.com/jondonas/linux-exploit-suggester-2 +- https://github.com/lp008/Hack-readme - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/slimdaddy/RedTeam - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool diff --git a/2018/CVE-2018-14718.md b/2018/CVE-2018-14718.md index 9556304dd0..9c8a5ad3fd 100644 --- a/2018/CVE-2018-14718.md +++ b/2018/CVE-2018-14718.md @@ -14,4 +14,6 @@ No PoCs from references. #### Github - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/ilmari666/cybsec +- https://github.com/yahoo/cubed diff --git a/2018/CVE-2018-14719.md b/2018/CVE-2018-14719.md index d5715953c7..7b768be4ef 100644 --- a/2018/CVE-2018-14719.md +++ b/2018/CVE-2018-14719.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/ilmari666/cybsec diff --git a/2018/CVE-2018-14720.md b/2018/CVE-2018-14720.md index f8a3c95ca7..98d5dd29ab 100644 --- a/2018/CVE-2018-14720.md +++ b/2018/CVE-2018-14720.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/ilmari666/cybsec diff --git a/2018/CVE-2018-14721.md b/2018/CVE-2018-14721.md index 26c540f5bb..7217b2268e 100644 --- a/2018/CVE-2018-14721.md +++ b/2018/CVE-2018-14721.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/ilmari666/cybsec diff --git a/2018/CVE-2018-15133.md b/2018/CVE-2018-15133.md index 85e45d3e7d..bdd0e4df13 100644 --- a/2018/CVE-2018-15133.md +++ b/2018/CVE-2018-15133.md @@ -18,6 +18,7 @@ In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execut - https://github.com/SexyBeast233/SecBooks - https://github.com/carlosevieira/larasploit - https://github.com/enlightn/security-checker +- https://github.com/karimmuya/laravel-exploit-tricks - https://github.com/kozmic/laravel-poc-CVE-2018-15133 - https://github.com/owen800q/Awesome-Stars - https://github.com/u1f383/Web-CTF-CheatSheet-And-Learning diff --git a/2018/CVE-2018-15473.md b/2018/CVE-2018-15473.md index ed97be99a7..68edb069ab 100644 --- a/2018/CVE-2018-15473.md +++ b/2018/CVE-2018-15473.md @@ -28,8 +28,10 @@ OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not dela - https://github.com/angry-bender/SUOPE - https://github.com/epi052/cve-2018-15473 - https://github.com/gbonacini/opensshenum +- https://github.com/jtesta/ga-test - https://github.com/jtesta/ssh-audit - https://github.com/kaio6fellipe/ssh-enum +- https://github.com/lp008/Hack-readme - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/r3dxpl0it/CVE-2018-15473 diff --git a/2018/CVE-2018-15599.md b/2018/CVE-2018-15599.md index 48e8316000..1d2e565e2f 100644 --- a/2018/CVE-2018-15599.md +++ b/2018/CVE-2018-15599.md @@ -14,5 +14,5 @@ The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 - https://old.reddit.com/r/blackhat/comments/97ywnm/openssh_username_enumeration/e4e05n2/ #### Github -No PoCs found on GitHub currently. +- https://github.com/xtaran/dist-detect diff --git a/2018/CVE-2018-15664.md b/2018/CVE-2018-15664.md index 8d2b729c1d..359f2b2756 100644 --- a/2018/CVE-2018-15664.md +++ b/2018/CVE-2018-15664.md @@ -13,5 +13,6 @@ In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' comma No PoCs from references. #### Github +- https://github.com/Metarget/cloud-native-security-book - https://github.com/Metarget/metarget diff --git a/2018/CVE-2018-15686.md b/2018/CVE-2018-15686.md index ed37681d4c..7906c9004a 100644 --- a/2018/CVE-2018-15686.md +++ b/2018/CVE-2018-15686.md @@ -15,6 +15,7 @@ A vulnerability in unit_deserialize of systemd allows an attacker to supply arbi #### Github - https://github.com/0xT11/CVE-POC - https://github.com/flyrev/security-scan-ci-presentation +- https://github.com/hpcprofessional/remediate_cesa_2019_2091 - https://github.com/kiseru-io/clair-sec-scanner - https://github.com/revl-ca/scan-docker-image diff --git a/2018/CVE-2018-15732.md b/2018/CVE-2018-15732.md index f2afade467..18dd690593 100644 --- a/2018/CVE-2018-15732.md +++ b/2018/CVE-2018-15732.md @@ -14,4 +14,5 @@ An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg6 #### Github - https://github.com/geeksniper/windows-privilege-escalation +- https://github.com/gtworek/Priv2Admin diff --git a/2018/CVE-2018-15756.md b/2018/CVE-2018-15756.md new file mode 100644 index 0000000000..faa1075833 --- /dev/null +++ b/2018/CVE-2018-15756.md @@ -0,0 +1,17 @@ +### [CVE-2018-15756](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15756) +![](https://img.shields.io/static/v1?label=Product&message=Spring%20framework&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=5.15.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Numeric%20Range%20Comparison%20Without%20Minimum%20Check&color=brighgreen) + +### Description + +Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controller returns an org.springframework.core.io.Resource. A malicious user (or attacker) can add a range header with a high number of ranges, or with wide ranges that overlap, or both, for a denial of service attack. This vulnerability affects applications that depend on either spring-webmvc or spring-webflux. Such applications must also have a registration for serving static resources (e.g. JS, CSS, images, and others), or have an annotated controller that returns an org.springframework.core.io.Resource. Spring Boot applications that depend on spring-boot-starter-web or spring-boot-starter-webflux are ready to serve static resources out of the box and are therefore vulnerable. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec + diff --git a/2018/CVE-2018-15805.md b/2018/CVE-2018-15805.md index 796920548c..b77c0da7a6 100644 --- a/2018/CVE-2018-15805.md +++ b/2018/CVE-2018-15805.md @@ -13,5 +13,5 @@ Accusoft PrizmDoc HTML5 Document Viewer before 13.5 contains an XML external ent - https://medium.com/@mrnikhilsri/oob-xxe-in-prizmdoc-cve-2018-15805-dfb1e474345c #### Github -No PoCs found on GitHub currently. +- https://github.com/deadcyph3r/Awesome-Collection diff --git a/2018/CVE-2018-15919.md b/2018/CVE-2018-15919.md index 9582789cab..451428d918 100644 --- a/2018/CVE-2018-15919.md +++ b/2018/CVE-2018-15919.md @@ -14,6 +14,7 @@ Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be use #### Github - https://github.com/averna-syd/Shodan +- https://github.com/project7io/nmap - https://github.com/revl-ca/scan-docker-image - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough diff --git a/2018/CVE-2018-15961.md b/2018/CVE-2018-15961.md index b714b14eb7..2f7ba96646 100644 --- a/2018/CVE-2018-15961.md +++ b/2018/CVE-2018-15961.md @@ -15,6 +15,8 @@ Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlie #### Github - https://github.com/0xT11/CVE-POC - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/byteofjoshua/CVE-2018-15961 +- https://github.com/dudacgf/ovr_convert - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/vah13/CVE-2018-15961 diff --git a/2018/CVE-2018-15982.md b/2018/CVE-2018-15982.md index 442a902ee5..d76e61db92 100644 --- a/2018/CVE-2018-15982.md +++ b/2018/CVE-2018-15982.md @@ -27,6 +27,7 @@ Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a - https://github.com/kphongagsorn/adobe-flash-cve2018-15982 - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/scanfsec/CVE-2018-15982 +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/wateroot/poc-exp - https://github.com/wrlu/Vulnerabilities - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2018/CVE-2018-16487.md b/2018/CVE-2018-16487.md index 30fd36ec34..90c01414fc 100644 --- a/2018/CVE-2018-16487.md +++ b/2018/CVE-2018-16487.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/Kirill89/prototype-pollution-explained +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/chkp-dhouari/CloudGuard-ShiftLeft-CICD - https://github.com/duckstroms/Web-CTF-Cheatsheet diff --git a/2018/CVE-2018-16492.md b/2018/CVE-2018-16492.md index 2086daa69f..0b07c3b9f6 100644 --- a/2018/CVE-2018-16492.md +++ b/2018/CVE-2018-16492.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/dsp-testing/CVE-2018-16492 - https://github.com/ossf-cve-benchmark/CVE-2018-16492 +- https://github.com/ossf-cve-benchmark/ossf-cve-benchmark diff --git a/2018/CVE-2018-16763.md b/2018/CVE-2018-16763.md index 45b423097c..b955b7640e 100644 --- a/2018/CVE-2018-16763.md +++ b/2018/CVE-2018-16763.md @@ -20,5 +20,6 @@ FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter - https://github.com/0xT11/CVE-POC - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/jtaubs1/Fuel-1.4.1-RCE-Updated - https://github.com/sobinge/nuclei-templates diff --git a/2018/CVE-2018-16839.md b/2018/CVE-2018-16839.md index 590de8755c..8208cba53c 100644 --- a/2018/CVE-2018-16839.md +++ b/2018/CVE-2018-16839.md @@ -14,6 +14,7 @@ Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SA - https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16839 #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers diff --git a/2018/CVE-2018-1684.md b/2018/CVE-2018-1684.md new file mode 100644 index 0000000000..ba24e574c7 --- /dev/null +++ b/2018/CVE-2018-1684.md @@ -0,0 +1,17 @@ +### [CVE-2018-1684](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1684) +![](https://img.shields.io/static/v1?label=Product&message=MQ&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) + +### Description + +IBM WebSphere MQ 8.0 through 9.1 is vulnerable to a error with MQTT topic string publishing that can cause a denial of service attack. IBM X-Force ID: 145456. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ThingzDefense/IoT-Flock + diff --git a/2018/CVE-2018-16840.md b/2018/CVE-2018-16840.md index 0ea8de52aa..f97174b68e 100644 --- a/2018/CVE-2018-16840.md +++ b/2018/CVE-2018-16840.md @@ -13,6 +13,7 @@ A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers diff --git a/2018/CVE-2018-16842.md b/2018/CVE-2018-16842.md index 422c3fa905..69e677ed53 100644 --- a/2018/CVE-2018-16842.md +++ b/2018/CVE-2018-16842.md @@ -13,6 +13,7 @@ Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-r No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/revl-ca/scan-docker-image - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy diff --git a/2018/CVE-2018-16866.md b/2018/CVE-2018-16866.md index c28e1e5069..08be5070df 100644 --- a/2018/CVE-2018-16866.md +++ b/2018/CVE-2018-16866.md @@ -15,5 +15,6 @@ An out of bounds read was discovered in systemd-journald in the way it parses lo - https://www.qualys.com/2019/01/09/system-down/system-down.txt #### Github +- https://github.com/hpcprofessional/remediate_cesa_2019_2091 - https://github.com/revl-ca/scan-docker-image diff --git a/2018/CVE-2018-16888.md b/2018/CVE-2018-16888.md index 2eed71c532..c27395acd8 100644 --- a/2018/CVE-2018-16888.md +++ b/2018/CVE-2018-16888.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/flyrev/security-scan-ci-presentation +- https://github.com/hpcprofessional/remediate_cesa_2019_2091 diff --git a/2018/CVE-2018-16890.md b/2018/CVE-2018-16890.md index 55e8fa9de2..84cef1729e 100644 --- a/2018/CVE-2018-16890.md +++ b/2018/CVE-2018-16890.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers diff --git a/2018/CVE-2018-17057.md b/2018/CVE-2018-17057.md index c98174f553..ade2452f73 100644 --- a/2018/CVE-2018-17057.md +++ b/2018/CVE-2018-17057.md @@ -17,6 +17,7 @@ An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserializ #### Github - https://github.com/AfvanMoopen/tryhackme- +- https://github.com/Tiaonmmn/ccc_2019_web_pdfcreator - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/catsecorg/CatSec-TryHackMe-WriteUps - https://github.com/electronforce/py2to3 diff --git a/2018/CVE-2018-17182.md b/2018/CVE-2018-17182.md index 8d2a4ad29c..799753c275 100644 --- a/2018/CVE-2018-17182.md +++ b/2018/CVE-2018-17182.md @@ -15,13 +15,19 @@ An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_a #### Github - https://github.com/0xT11/CVE-POC - https://github.com/Al1ex/LinuxEelvation +- https://github.com/Apri1y/Red-Team-links - https://github.com/Echocipher/Resource-list - https://github.com/fei9747/LinuxEelvation +- https://github.com/hudunkey/Red-Team-links - https://github.com/jas502n/CVE-2018-17182 - https://github.com/jiayy/android_vuln_poc-exp +- https://github.com/john-80/-007 - https://github.com/likescam/CVE-2018-17182 +- https://github.com/lp008/Hack-readme - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/rakjong/LinuxElevation +- https://github.com/slimdaddy/RedTeam - https://github.com/xairy/linux-kernel-exploitation - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool diff --git a/2018/CVE-2018-17189.md b/2018/CVE-2018-17189.md index a8a3d742fd..a552aa8771 100644 --- a/2018/CVE-2018-17189.md +++ b/2018/CVE-2018-17189.md @@ -13,6 +13,7 @@ In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a No PoCs from references. #### Github +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough diff --git a/2018/CVE-2018-17190.md b/2018/CVE-2018-17190.md new file mode 100644 index 0000000000..2df1539e1c --- /dev/null +++ b/2018/CVE-2018-17190.md @@ -0,0 +1,17 @@ +### [CVE-2018-17190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17190) +![](https://img.shields.io/static/v1?label=Product&message=Apache%20Spark&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Arbitrary%20Code%20Execution&color=brighgreen) + +### Description + +In all versions of Apache Spark, its standalone resource manager accepts code to execute on a 'master' host, that then runs that code on 'worker' hosts. The master itself does not, by design, execute user code. A specially-crafted request to the master can, however, cause the master to execute code too. Note that this does not affect standalone clusters with authentication enabled. While the master host typically has less outbound access to other resources than a worker, the execution of code on the master is nevertheless unexpected. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/yahoo/cubed + diff --git a/2018/CVE-2018-17196.md b/2018/CVE-2018-17196.md new file mode 100644 index 0000000000..6324947878 --- /dev/null +++ b/2018/CVE-2018-17196.md @@ -0,0 +1,17 @@ +### [CVE-2018-17196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17196) +![](https://img.shields.io/static/v1?label=Product&message=Kafka&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) + +### Description + +In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually craft a Produce request which bypasses transaction/idempotent ACL validation. Only authenticated clients with Write permission on the respective topics are able to exploit this vulnerability. Users should upgrade to 2.1.1 or later where this vulnerability has been fixed. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/isxbot/software-assurance + diff --git a/2018/CVE-2018-17199.md b/2018/CVE-2018-17199.md index a7bb5f9c3c..d02343440c 100644 --- a/2018/CVE-2018-17199.md +++ b/2018/CVE-2018-17199.md @@ -13,6 +13,7 @@ In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the sessi No PoCs from references. #### Github +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough diff --git a/2018/CVE-2018-1724.md b/2018/CVE-2018-1724.md new file mode 100644 index 0000000000..7ef5a095b5 --- /dev/null +++ b/2018/CVE-2018-1724.md @@ -0,0 +1,17 @@ +### [CVE-2018-1724](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1724) +![](https://img.shields.io/static/v1?label=Product&message=Spectrum%20LSF&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Gain%20Privileges&color=brighgreen) + +### Description + +IBM Spectrum LSF 9.1.1 9.1.2, 9.1.3, and 10.1 could allow a local user to change their job user at job submission time due to improper file permission settings. IBM X-Force ID: 147439. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/rmadamson/rmadamson + diff --git a/2018/CVE-2018-17456.md b/2018/CVE-2018-17456.md index de2080f3c8..c8dd01f8a2 100644 --- a/2018/CVE-2018-17456.md +++ b/2018/CVE-2018-17456.md @@ -18,6 +18,7 @@ Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.1 - https://github.com/0xT11/CVE-POC - https://github.com/AnonymKing/CVE-2017-1000117 - https://github.com/AnonymKing/CVE-2018-17456 +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/back2zero/GIT_CVE_2018_17456 - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy diff --git a/2018/CVE-2018-17552.md b/2018/CVE-2018-17552.md index 09c83b1f98..fae87324b7 100644 --- a/2018/CVE-2018-17552.md +++ b/2018/CVE-2018-17552.md @@ -13,5 +13,5 @@ SQL Injection in login.php in Naviwebs Navigate CMS 2.8 allows remote attackers - https://www.exploit-db.com/exploits/45561/ #### Github -No PoCs found on GitHub currently. +- https://github.com/anhquan99/DetectSQLInjectionPyshark diff --git a/2018/CVE-2018-1782.md b/2018/CVE-2018-1782.md new file mode 100644 index 0000000000..88b734ac9d --- /dev/null +++ b/2018/CVE-2018-1782.md @@ -0,0 +1,17 @@ +### [CVE-2018-1782](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1782) +![](https://img.shields.io/static/v1?label=Product&message=Spectrum%20Scale&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) + +### Description + +IBM GPFS (IBM Spectrum Scale 5.0.1.0 and 5.0.1.1) allows a local, unprivileged user to cause a kernel panic on a node running GPFS by accessing a file that is stored on a GPFS file system with mmap, or by executing a crafted file stored on a GPFS file system. IBM X-Force ID: 148805. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/rmadamson/rmadamson + diff --git a/2018/CVE-2018-17946.md b/2018/CVE-2018-17946.md new file mode 100644 index 0000000000..ef5cb7347e --- /dev/null +++ b/2018/CVE-2018-17946.md @@ -0,0 +1,17 @@ +### [CVE-2018-17946](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17946) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The Tribulant Slideshow Gallery plugin before 1.6.6.1 for WordPress has XSS via the id, method, Gallerymessage, Galleryerror, or Galleryupdated parameter. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/El-Palomo/DerpNStink + diff --git a/2018/CVE-2018-17961.md b/2018/CVE-2018-17961.md index 2c8499c46a..3e580a2d25 100644 --- a/2018/CVE-2018-17961.md +++ b/2018/CVE-2018-17961.md @@ -14,6 +14,12 @@ Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protec #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/Apri1y/Red-Team-links - https://github.com/Echocipher/Resource-list +- https://github.com/hudunkey/Red-Team-links +- https://github.com/john-80/-007 +- https://github.com/lp008/Hack-readme +- https://github.com/slimdaddy/RedTeam - https://github.com/superfish9/pt +- https://github.com/xiaoZ-hc/redtool diff --git a/2018/CVE-2018-17985.md b/2018/CVE-2018-17985.md index 249e777858..894f19256d 100644 --- a/2018/CVE-2018-17985.md +++ b/2018/CVE-2018-17985.md @@ -13,5 +13,7 @@ An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU - https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335 #### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark - https://github.com/wcventure/MemLock-Fuzz diff --git a/2018/CVE-2018-18017.md b/2018/CVE-2018-18017.md new file mode 100644 index 0000000000..44f979a027 --- /dev/null +++ b/2018/CVE-2018-18017.md @@ -0,0 +1,17 @@ +### [CVE-2018-18017](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18017) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-galleries&method=save Gallery[id] or Gallery[title] parameter. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/El-Palomo/DerpNStink + diff --git a/2018/CVE-2018-18018.md b/2018/CVE-2018-18018.md new file mode 100644 index 0000000000..f0d90feb07 --- /dev/null +++ b/2018/CVE-2018-18018.md @@ -0,0 +1,17 @@ +### [CVE-2018-18018](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18018) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +SQL Injection exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-galleries&method=save Gallery[id] or Gallery[title] parameter. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/El-Palomo/DerpNStink + diff --git a/2018/CVE-2018-18019.md b/2018/CVE-2018-18019.md new file mode 100644 index 0000000000..247b70bfb2 --- /dev/null +++ b/2018/CVE-2018-18019.md @@ -0,0 +1,17 @@ +### [CVE-2018-18019](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18019) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-slides&method=save Slide[title], Slide[media_file], or Slide[image_url] parameter. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/El-Palomo/DerpNStink + diff --git a/2018/CVE-2018-18074.md b/2018/CVE-2018-18074.md new file mode 100644 index 0000000000..1d91350333 --- /dev/null +++ b/2018/CVE-2018-18074.md @@ -0,0 +1,18 @@ +### [CVE-2018-18074](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18074) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/colonelmeow/appsecctf +- https://github.com/jrak1204/overstock_test + diff --git a/2018/CVE-2018-18484.md b/2018/CVE-2018-18484.md index 41046ca2a1..de16348124 100644 --- a/2018/CVE-2018-18484.md +++ b/2018/CVE-2018-18484.md @@ -13,5 +13,7 @@ An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU - https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87636 #### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark - https://github.com/wcventure/MemLock-Fuzz diff --git a/2018/CVE-2018-18492.md b/2018/CVE-2018-18492.md index 4dae1dfecb..c2e9a80f0b 100644 --- a/2018/CVE-2018-18492.md +++ b/2018/CVE-2018-18492.md @@ -16,5 +16,6 @@ A use-after-free vulnerability can occur after deleting a selection element due No PoCs from references. #### Github +- https://github.com/ZihanYe/web-browser-vulnerabilities - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2018/CVE-2018-18495.md b/2018/CVE-2018-18495.md new file mode 100644 index 0000000000..bfda7e3858 --- /dev/null +++ b/2018/CVE-2018-18495.md @@ -0,0 +1,17 @@ +### [CVE-2018-18495](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18495) +![](https://img.shields.io/static/v1?label=Product&message=Firefox&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2064%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=WebExtension%20content%20scripts%20can%20be%20loaded%20in%20about%3A%20pages&color=brighgreen) + +### Description + +WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions. This vulnerability affects Firefox < 64. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/RedHatProductSecurity/cwe-toolkit + diff --git a/2018/CVE-2018-18500.md b/2018/CVE-2018-18500.md index 01abb67fd2..11945acca6 100644 --- a/2018/CVE-2018-18500.md +++ b/2018/CVE-2018-18500.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/ZihanYe/web-browser-vulnerabilities - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/sophoslabs/CVE-2018-18500 diff --git a/2018/CVE-2018-18649.md b/2018/CVE-2018-18649.md index 2e5476c2ac..76d74a06bc 100644 --- a/2018/CVE-2018-18649.md +++ b/2018/CVE-2018-18649.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/deadcyph3r/Awesome-Collection - https://github.com/izj007/wechat diff --git a/2018/CVE-2018-18700.md b/2018/CVE-2018-18700.md index 120a3937db..2030daa255 100644 --- a/2018/CVE-2018-18700.md +++ b/2018/CVE-2018-18700.md @@ -13,5 +13,7 @@ An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU - https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681 #### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark - https://github.com/wcventure/MemLock-Fuzz diff --git a/2018/CVE-2018-18701.md b/2018/CVE-2018-18701.md index e304fc2e55..6e34daa579 100644 --- a/2018/CVE-2018-18701.md +++ b/2018/CVE-2018-18701.md @@ -13,5 +13,7 @@ An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU - https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675 #### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark - https://github.com/wcventure/MemLock-Fuzz diff --git a/2018/CVE-2018-18925.md b/2018/CVE-2018-18925.md index 36c74be7d6..076cba1106 100644 --- a/2018/CVE-2018-18925.md +++ b/2018/CVE-2018-18925.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/SexyBeast233/SecBooks +- https://github.com/Timirepo/CVE_Exploits - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/sonatype-nexus-community/nancy diff --git a/2018/CVE-2018-19360.md b/2018/CVE-2018-19360.md index 93ba6def27..ad4da06e4e 100644 --- a/2018/CVE-2018-19360.md +++ b/2018/CVE-2018-19360.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/ilmari666/cybsec diff --git a/2018/CVE-2018-19361.md b/2018/CVE-2018-19361.md index d16e534777..8a47a9b206 100644 --- a/2018/CVE-2018-19361.md +++ b/2018/CVE-2018-19361.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/ilmari666/cybsec diff --git a/2018/CVE-2018-19362.md b/2018/CVE-2018-19362.md index 58bc831ab0..bc31a08a3b 100644 --- a/2018/CVE-2018-19362.md +++ b/2018/CVE-2018-19362.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/ilmari666/cybsec diff --git a/2018/CVE-2018-19486.md b/2018/CVE-2018-19486.md index adcb2aded4..ce7beb05d3 100644 --- a/2018/CVE-2018-19486.md +++ b/2018/CVE-2018-19486.md @@ -13,6 +13,7 @@ Git before 2.19.2 on Linux and UNIX executes commands from the current working d No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers diff --git a/2018/CVE-2018-19571.md b/2018/CVE-2018-19571.md index 3a64a9e943..b590917548 100644 --- a/2018/CVE-2018-19571.md +++ b/2018/CVE-2018-19571.md @@ -14,5 +14,5 @@ GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 1 - http://packetstormsecurity.com/files/160699/GitLab-11.4.7-Remote-Code-Execution.html #### Github -No PoCs found on GitHub currently. +- https://github.com/dotPY-hax/gitlab_RCE diff --git a/2018/CVE-2018-19585.md b/2018/CVE-2018-19585.md index 85a10664b2..d377e87596 100644 --- a/2018/CVE-2018-19585.md +++ b/2018/CVE-2018-19585.md @@ -14,5 +14,5 @@ GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and - http://packetstormsecurity.com/files/160699/GitLab-11.4.7-Remote-Code-Execution.html #### Github -No PoCs found on GitHub currently. +- https://github.com/dotPY-hax/gitlab_RCE diff --git a/2018/CVE-2018-19837.md b/2018/CVE-2018-19837.md new file mode 100644 index 0000000000..738068fec3 --- /dev/null +++ b/2018/CVE-2018-19837.md @@ -0,0 +1,18 @@ +### [CVE-2018-19837](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19837) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In LibSass prior to 3.5.5, Sass::Eval::operator()(Sass::Binary_Expression*) inside eval.cpp allows attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, because of certain incorrect parsing of '%' as a modulo operator in parser.cpp. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark + diff --git a/2018/CVE-2018-19876.md b/2018/CVE-2018-19876.md new file mode 100644 index 0000000000..dd24205b75 --- /dev/null +++ b/2018/CVE-2018-19876.md @@ -0,0 +1,17 @@ +### [CVE-2018-19876](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19876) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free(): invalid pointer" error. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/facebookincubator/meta-fbvuln + diff --git a/2018/CVE-2018-1999004.md b/2018/CVE-2018-1999004.md new file mode 100644 index 0000000000..545b89410a --- /dev/null +++ b/2018/CVE-2018-1999004.md @@ -0,0 +1,17 @@ +### [CVE-2018-1999004](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999004) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A Improper authorization vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in SlaveComputer.java that allows attackers with Overall/Read permission to initiate agent launches, and abort in-progress agent launches. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/SNTSVV/SMRL_EclipsePlugin + diff --git a/2018/CVE-2018-20147.md b/2018/CVE-2018-20147.md new file mode 100644 index 0000000000..fead0ed3c3 --- /dev/null +++ b/2018/CVE-2018-20147.md @@ -0,0 +1,17 @@ +### [CVE-2018-20147](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20147) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In WordPress before 4.9.9 and 5.x before 5.0.1, authors could modify metadata to bypass intended restrictions on deleting files. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/El-Palomo/DerpNStink + diff --git a/2018/CVE-2018-20148.md b/2018/CVE-2018-20148.md index 73f807d804..5b70514fed 100644 --- a/2018/CVE-2018-20148.md +++ b/2018/CVE-2018-20148.md @@ -13,5 +13,7 @@ In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP o No PoCs from references. #### Github +- https://github.com/El-Palomo/DerpNStink - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/tthseus/WooCommerce-CVEs diff --git a/2018/CVE-2018-20149.md b/2018/CVE-2018-20149.md new file mode 100644 index 0000000000..2115cfcb9c --- /dev/null +++ b/2018/CVE-2018-20149.md @@ -0,0 +1,17 @@ +### [CVE-2018-20149](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20149) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In WordPress before 4.9.9 and 5.x before 5.0.1, when the Apache HTTP Server is used, authors could upload crafted files that bypass intended MIME type restrictions, leading to XSS, as demonstrated by a .jpg file without JPEG data. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/El-Palomo/DerpNStink + diff --git a/2018/CVE-2018-20150.md b/2018/CVE-2018-20150.md new file mode 100644 index 0000000000..0ab23b451f --- /dev/null +++ b/2018/CVE-2018-20150.md @@ -0,0 +1,17 @@ +### [CVE-2018-20150](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20150) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In WordPress before 4.9.9 and 5.x before 5.0.1, crafted URLs could trigger XSS for certain use cases involving plugins. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/El-Palomo/DerpNStink + diff --git a/2018/CVE-2018-20151.md b/2018/CVE-2018-20151.md new file mode 100644 index 0000000000..7e4a78c608 --- /dev/null +++ b/2018/CVE-2018-20151.md @@ -0,0 +1,17 @@ +### [CVE-2018-20151](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20151) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In WordPress before 4.9.9 and 5.x before 5.0.1, the user-activation page could be read by a search engine's web crawler if an unusual configuration were chosen. The search engine could then index and display a user's e-mail address and (rarely) the password that was generated by default. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/El-Palomo/DerpNStink + diff --git a/2018/CVE-2018-20152.md b/2018/CVE-2018-20152.md new file mode 100644 index 0000000000..4f36550f18 --- /dev/null +++ b/2018/CVE-2018-20152.md @@ -0,0 +1,17 @@ +### [CVE-2018-20152](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20152) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass intended restrictions on post types via crafted input. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/El-Palomo/DerpNStink + diff --git a/2018/CVE-2018-20153.md b/2018/CVE-2018-20153.md new file mode 100644 index 0000000000..eaea767226 --- /dev/null +++ b/2018/CVE-2018-20153.md @@ -0,0 +1,17 @@ +### [CVE-2018-20153](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20153) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/El-Palomo/DerpNStink + diff --git a/2018/CVE-2018-20186.md b/2018/CVE-2018-20186.md index b0eebbe17b..1ff59f3d33 100644 --- a/2018/CVE-2018-20186.md +++ b/2018/CVE-2018-20186.md @@ -13,5 +13,6 @@ An issue was discovered in Bento4 1.5.1-627. AP4_Sample::ReadData in Core/Ap4Sam - https://github.com/axiomatic-systems/Bento4/issues/342 #### Github -No PoCs found on GitHub currently. +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark diff --git a/2018/CVE-2018-20250.md b/2018/CVE-2018-20250.md index 6254b74b5f..7b76eada36 100644 --- a/2018/CVE-2018-20250.md +++ b/2018/CVE-2018-20250.md @@ -17,6 +17,7 @@ In WinRAR versions prior to and including 5.61, There is path traversal vulnerab #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/Apri1y/Red-Team-links - https://github.com/CnHack3r/Penetration_PoC - https://github.com/DANIELVISPOBLOG/WinRar_ACE_exploit_CVE-2018-20250 - https://github.com/Echocipher/Resource-list @@ -35,22 +36,28 @@ In WinRAR versions prior to and including 5.61, There is path traversal vulnerab - https://github.com/eastmountyxz/CSDNBlog-Security-Based - https://github.com/eastmountyxz/CVE-2018-20250-WinRAR - https://github.com/eastmountyxz/NetworkSecuritySelf-study +- https://github.com/eastmountyxz/SystemSecurity-ReverseAnalysis - https://github.com/googleprojectzero/winafl - https://github.com/hardik05/winafl-powermopt - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hudunkey/Red-Team-links - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/john-80/-007 +- https://github.com/lp008/Hack-readme - https://github.com/manulqwerty/Evil-WinRAR-Gen - https://github.com/nmweizi/CVE-2018-20250-poc-winrar - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/ray-cp/Vuln_Analysis +- https://github.com/slimdaddy/RedTeam - https://github.com/technicaldada/hack-winrar - https://github.com/wateroot/poc-exp - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/wrlu/Vulnerabilities - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool - https://github.com/ycdxsb/Exploits - https://github.com/yedada-wei/- - https://github.com/yedada-wei/gongkaishouji diff --git a/2018/CVE-2018-20303.md b/2018/CVE-2018-20303.md index a8b2ce082f..d5201cc3e1 100644 --- a/2018/CVE-2018-20303.md +++ b/2018/CVE-2018-20303.md @@ -13,6 +13,7 @@ In pkg/tool/path.go in Gogs before 0.11.82.1218, a directory traversal in the fi No PoCs from references. #### Github +- https://github.com/Timirepo/CVE_Exploits - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/sonatype-nexus-community/ahab - https://github.com/sonatype-nexus-community/nancy diff --git a/2018/CVE-2018-20334.md b/2018/CVE-2018-20334.md index d99bd1175c..b57ee5deca 100644 --- a/2018/CVE-2018-20334.md +++ b/2018/CVE-2018-20334.md @@ -13,5 +13,5 @@ An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start - https://starlabs.sg/advisories/18-20334/ #### Github -No PoCs found on GitHub currently. +- https://github.com/JustPlay/pce-ac88_linuxdriver diff --git a/2018/CVE-2018-20336.md b/2018/CVE-2018-20336.md index 2f5f4094aa..49cc8485e0 100644 --- a/2018/CVE-2018-20336.md +++ b/2018/CVE-2018-20336.md @@ -13,5 +13,5 @@ An issue was discovered in ASUSWRT 3.0.0.4.384.20308. There is a stack-based buf - https://starlabs.sg/advisories/18-20336/ #### Github -No PoCs found on GitHub currently. +- https://github.com/JustPlay/pce-ac88_linuxdriver diff --git a/2018/CVE-2018-20346.md b/2018/CVE-2018-20346.md index 77b6b21f04..fe7171f5d9 100644 --- a/2018/CVE-2018-20346.md +++ b/2018/CVE-2018-20346.md @@ -14,6 +14,7 @@ SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer - https://worthdoingbadly.com/sqlitebug/ #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/righettod/log-requests-to-sqlite - https://github.com/saiyuki1919/BlackHat2019 - https://github.com/siddharthraopotukuchi/trivy diff --git a/2018/CVE-2018-20482.md b/2018/CVE-2018-20482.md index 2a58469b1d..1baaec2bdd 100644 --- a/2018/CVE-2018-20482.md +++ b/2018/CVE-2018-20482.md @@ -13,6 +13,7 @@ GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during re No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/flyrev/security-scan-ci-presentation - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy diff --git a/2018/CVE-2018-20505.md b/2018/CVE-2018-20505.md index 4509b0089c..895de82d4a 100644 --- a/2018/CVE-2018-20505.md +++ b/2018/CVE-2018-20505.md @@ -13,6 +13,7 @@ SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, all No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/righettod/log-requests-to-sqlite - https://github.com/saiyuki1919/BlackHat2019 - https://github.com/siddharthraopotukuchi/trivy diff --git a/2018/CVE-2018-20506.md b/2018/CVE-2018-20506.md index 9cd1a9bde9..0422f4cc63 100644 --- a/2018/CVE-2018-20506.md +++ b/2018/CVE-2018-20506.md @@ -13,6 +13,7 @@ SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/saiyuki1919/BlackHat2019 - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy diff --git a/2018/CVE-2018-20573.md b/2018/CVE-2018-20573.md index 5c460e878f..248038254c 100644 --- a/2018/CVE-2018-20573.md +++ b/2018/CVE-2018-20573.md @@ -13,5 +13,6 @@ The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 al - https://github.com/jbeder/yaml-cpp/issues/655 #### Github -No PoCs found on GitHub currently. +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark diff --git a/2018/CVE-2018-20574.md b/2018/CVE-2018-20574.md index 70c4fb5936..b278442edd 100644 --- a/2018/CVE-2018-20574.md +++ b/2018/CVE-2018-20574.md @@ -13,5 +13,6 @@ The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 - https://github.com/jbeder/yaml-cpp/issues/654 #### Github -No PoCs found on GitHub currently. +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark diff --git a/2018/CVE-2018-20587.md b/2018/CVE-2018-20587.md new file mode 100644 index 0000000000..c0f0bc2133 --- /dev/null +++ b/2018/CVE-2018-20587.md @@ -0,0 +1,17 @@ +### [CVE-2018-20587](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20587) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Bitcoin Core 0.12.0 through 0.17.1 and Bitcoin Knots 0.12.0 through 0.17.x before 0.17.1.knots20181229 have Incorrect Access Control. Local users can exploit this to steal currency by binding the RPC IPv4 localhost port, and forwarding requests to the IPv6 localhost port. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/nachobonilla/awesome-blockchain-security + diff --git a/2018/CVE-2018-20623.md b/2018/CVE-2018-20623.md index b21c38a2f5..54f3f1c0fa 100644 --- a/2018/CVE-2018-20623.md +++ b/2018/CVE-2018-20623.md @@ -14,5 +14,7 @@ No PoCs from references. #### Github - https://github.com/phonito/phonito-vulnerable-container +- https://github.com/strongcourage/uafbench +- https://github.com/strongcourage/uafuzz - https://github.com/wcventure/UAF-Fuzzer-TestSuite diff --git a/2018/CVE-2018-20659.md b/2018/CVE-2018-20659.md index 1d099d6a8b..8b941efa74 100644 --- a/2018/CVE-2018-20659.md +++ b/2018/CVE-2018-20659.md @@ -13,5 +13,6 @@ An issue was discovered in Bento4 1.5.1-627. The AP4_StcoAtom class in Core/Ap4S - https://github.com/axiomatic-systems/Bento4/issues/350 #### Github -No PoCs found on GitHub currently. +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark diff --git a/2018/CVE-2018-20685.md b/2018/CVE-2018-20685.md index f533649f8d..6682243e53 100644 --- a/2018/CVE-2018-20685.md +++ b/2018/CVE-2018-20685.md @@ -13,6 +13,7 @@ In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass inte - https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/revl-ca/scan-docker-image - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy diff --git a/2018/CVE-2018-20797.md b/2018/CVE-2018-20797.md new file mode 100644 index 0000000000..f3d534641b --- /dev/null +++ b/2018/CVE-2018-20797.md @@ -0,0 +1,18 @@ +### [CVE-2018-20797](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20797) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in PoDoFo 0.9.6. There is an attempted excessive memory allocation in PoDoFo::podofo_calloc in base/PdfMemoryManagement.cpp when called from PoDoFo::PdfPredictorDecoder::PdfPredictorDecoder in base/PdfFiltersPrivate.cpp. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark + diff --git a/2018/CVE-2018-20821.md b/2018/CVE-2018-20821.md new file mode 100644 index 0000000000..056774760c --- /dev/null +++ b/2018/CVE-2018-20821.md @@ -0,0 +1,18 @@ +### [CVE-2018-20821](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20821) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Parser::parse_css_variable_value in parser.cpp). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark + diff --git a/2018/CVE-2018-20822.md b/2018/CVE-2018-20822.md new file mode 100644 index 0000000000..29c249b4fd --- /dev/null +++ b/2018/CVE-2018-20822.md @@ -0,0 +1,18 @@ +### [CVE-2018-20822](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20822) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Complex_Selector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark + diff --git a/2018/CVE-2018-20824.md b/2018/CVE-2018-20824.md index c46eac96de..0a88fce719 100644 --- a/2018/CVE-2018-20824.md +++ b/2018/CVE-2018-20824.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/sobinge/nuclei-templates +- https://github.com/sushantdhopat/JIRA_testing diff --git a/2018/CVE-2018-20839.md b/2018/CVE-2018-20839.md index e9c1fadbc2..70e31be230 100644 --- a/2018/CVE-2018-20839.md +++ b/2018/CVE-2018-20839.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/garethr/snykout +- https://github.com/juaromu/wazuh-snyk - https://github.com/revl-ca/scan-docker-image - https://github.com/simonsdave/clair-cicd diff --git a/2018/CVE-2018-20969.md b/2018/CVE-2018-20969.md index c5ad948cd4..833fc324aa 100644 --- a/2018/CVE-2018-20969.md +++ b/2018/CVE-2018-20969.md @@ -15,5 +15,6 @@ do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginnin - https://seclists.org/bugtraq/2019/Aug/29 #### Github +- https://github.com/irsl/gnu-patch-vulnerabilities - https://github.com/phonito/phonito-vulnerable-container diff --git a/2018/CVE-2018-20997.md b/2018/CVE-2018-20997.md index b2d74d2544..26332d643a 100644 --- a/2018/CVE-2018-20997.md +++ b/2018/CVE-2018-20997.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/Artisan-Lab/Rust-memory-safety-bugs +- https://github.com/MaineK00n/go-osv diff --git a/2018/CVE-2018-21035.md b/2018/CVE-2018-21035.md new file mode 100644 index 0000000000..589a7b8ab2 --- /dev/null +++ b/2018/CVE-2018-21035.md @@ -0,0 +1,17 @@ +### [CVE-2018-21035](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21035) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/PalindromeLabs/awesome-websocket-security + diff --git a/2018/CVE-2018-25008.md b/2018/CVE-2018-25008.md new file mode 100644 index 0000000000..42c384562b --- /dev/null +++ b/2018/CVE-2018-25008.md @@ -0,0 +1,17 @@ +### [CVE-2018-25008](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25008) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::get_mut method. This synchronization issue can be lead to memory safety issues through race conditions. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Qwaz/rust-cve + diff --git a/2018/CVE-2018-2628.md b/2018/CVE-2018-2628.md index d58f67fe5f..10228b1f20 100644 --- a/2018/CVE-2018-2628.md +++ b/2018/CVE-2018-2628.md @@ -22,6 +22,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/1120362990/vulnerability-list - https://github.com/9uest/CVE-2018-2628 - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Bywalks/WeblogicScan - https://github.com/Dido1960/Weblogic-CVE-2020-2551-To-Internet - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/Lighird/CVE-2018-2628 @@ -47,6 +48,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/hashtagcyber/Exp - https://github.com/hawk-520/CVE-2018-2628 - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hmoytx/weblogicscan - https://github.com/jas502n/CVE-2018-2628 - https://github.com/jas502n/CVE-2018-2893 - https://github.com/jiangsir404/POC-S @@ -55,15 +57,18 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/klausware/Java-Deserialization-Cheat-Sheet - https://github.com/koutto/jok3r-pocs - https://github.com/likescam/CVE-2018-2628 +- https://github.com/maya6/-scan- - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/mmioimm/weblogic_test - https://github.com/nihaohello/N-MiddlewareScan - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/rabbitmask/WeblogicScanLot +- https://github.com/safe6Sec/wlsEnv - https://github.com/shengqi158/CVE-2018-2628 - https://github.com/skydarker/CVE-2018-2628 - https://github.com/superfish9/pt +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/tdy218/ysoserial-cve-2018-2628 - https://github.com/whoadmin/pocs - https://github.com/wrysunny/cve-2018-2628 diff --git a/2018/CVE-2018-2893.md b/2018/CVE-2018-2893.md index 214f93eb9f..5bfae1c2f4 100644 --- a/2018/CVE-2018-2893.md +++ b/2018/CVE-2018-2893.md @@ -16,6 +16,8 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/0xn0ne/weblogicScanner - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Apri1y/Red-Team-links +- https://github.com/Bywalks/WeblogicScan - https://github.com/Echocipher/Resource-list - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/Harmoc/CTFTools @@ -34,9 +36,13 @@ No PoCs from references. - https://github.com/hanc00l/some_pocsuite - https://github.com/hanc00l/weblogic_unserialize_exploit - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hmoytx/weblogicscan +- https://github.com/hudunkey/Red-Team-links - https://github.com/jas502n/CVE-2018-2893 - https://github.com/jas502n/CVE-2018-3245 +- https://github.com/john-80/-007 - https://github.com/koutto/jok3r-pocs +- https://github.com/lp008/Hack-readme - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/nihaohello/N-MiddlewareScan - https://github.com/pyn3rd/CVE-2018-2893 @@ -46,8 +52,10 @@ No PoCs from references. - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/ryanInf/CVE-2018-2893 - https://github.com/shengqi158/CVE-2018-2628 +- https://github.com/slimdaddy/RedTeam - https://github.com/sry309/CVE-2018-2893 - https://github.com/whoadmin/pocs - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool - https://github.com/zema1/oracle-vuln-crawler diff --git a/2018/CVE-2018-2894.md b/2018/CVE-2018-2894.md index 9a818c697a..6047cf2f6c 100644 --- a/2018/CVE-2018-2894.md +++ b/2018/CVE-2018-2894.md @@ -22,9 +22,13 @@ No PoCs from references. - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/AnonVulc/Pentest-Tools - https://github.com/Aquilao/Toy-Box +- https://github.com/Bywalks/WeblogicScan +- https://github.com/Delishsploits/PayloadsAndMethodology - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/GuynnR/Payloads - https://github.com/LandGrey/CVE-2018-2894 - https://github.com/Muhammd/Awesome-Payloads +- https://github.com/Nieuport/PayloadsAllTheThings - https://github.com/ParrotSec-CN/ParrotSecCN_Community_QQbot - https://github.com/Ra7mo0on/PayloadsAllTheThings - https://github.com/S3cur3Th1sSh1t/Pentest-Tools @@ -32,24 +36,37 @@ No PoCs from references. - https://github.com/XPR1M3/Payloads_All_The_Things - https://github.com/andrysec/PayloadsAllVulnerability - https://github.com/anhtu97/PayloadAllEverything +- https://github.com/apkadmin/PayLoadsAll - https://github.com/awsassets/weblogic_exploit +- https://github.com/chanchalpatra/payload - https://github.com/cross2to/betaseclab_tools - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/dr0op/WeblogicScan - https://github.com/fengjixuchui/RedTeamer - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hellochunqiu/PayloadsAllTheThings +- https://github.com/hmoytx/weblogicscan - https://github.com/jas502n/CVE-2018-2894 - https://github.com/jiangsir404/POC-S - https://github.com/k8gege/PyLadon - https://github.com/koutto/jok3r-pocs +- https://github.com/ksw9722/PayloadsAllTheThings +- https://github.com/lp008/Hack-readme +- https://github.com/mrhacker51/ReverseShellCommands +- https://github.com/nevidimk0/PayloadsAllTheThings +- https://github.com/pwnagelabs/VEF - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/rabbitmask/WeblogicScanLot +- https://github.com/severnake/Pentest-Tools - https://github.com/sobinge/--1 - https://github.com/sobinge/PayloadsAllTheThings +- https://github.com/sobinge/PayloadsAllThesobinge - https://github.com/superfish9/pt +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/theyoge/AD-Pentesting-Tools - https://github.com/veo/vscan - https://github.com/whoadmin/pocs +- https://github.com/winterwolf32/PayloadsAllTheThings - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/xiaoyaovo/2021SecWinterTask - https://github.com/zema1/oracle-vuln-crawler diff --git a/2018/CVE-2018-3149.md b/2018/CVE-2018-3149.md index 52abbc1861..e3d34b34ec 100644 --- a/2018/CVE-2018-3149.md +++ b/2018/CVE-2018-3149.md @@ -14,5 +14,7 @@ No PoCs from references. #### Github - https://github.com/HackJava/JNDI +- https://github.com/flowerlake/spring-jolokia-rce - https://github.com/lz2y/CVE-2021-2394 +- https://github.com/lz2y/DubboPOC diff --git a/2018/CVE-2018-3191.md b/2018/CVE-2018-3191.md index 4199b4425a..9ed7496577 100644 --- a/2018/CVE-2018-3191.md +++ b/2018/CVE-2018-3191.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC - https://github.com/0xn0ne/weblogicScanner +- https://github.com/Apri1y/Red-Team-links - https://github.com/Echocipher/Resource-list - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/Libraggbond/CVE-2018-3191 @@ -28,14 +29,19 @@ No PoCs from references. - https://github.com/fengjixuchui/RedTeamer - https://github.com/followboy1999/weblogic-deserialization - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hudunkey/Red-Team-links - https://github.com/jas502n/CVE-2018-3191 +- https://github.com/john-80/-007 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet - https://github.com/koutto/jok3r-pocs +- https://github.com/lp008/Hack-readme - https://github.com/mackleadmire/CVE-2018-3191-Rce-Exploit - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/pyn3rd/CVE-2018-3191 - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/slimdaddy/RedTeam - https://github.com/superfish9/pt - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool - https://github.com/zema1/oracle-vuln-crawler diff --git a/2018/CVE-2018-3245.md b/2018/CVE-2018-3245.md index 1c499fa890..f2d3567475 100644 --- a/2018/CVE-2018-3245.md +++ b/2018/CVE-2018-3245.md @@ -15,6 +15,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar #### Github - https://github.com/0xT11/CVE-POC - https://github.com/0xn0ne/weblogicScanner +- https://github.com/Apri1y/Red-Team-links - https://github.com/Echocipher/Resource-list - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/PalindromeLabs/Java-Deserialization-CVEs @@ -24,13 +25,18 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/followboy1999/weblogic-deserialization - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hudunkey/Red-Team-links - https://github.com/jas502n/CVE-2018-3245 +- https://github.com/john-80/-007 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet - https://github.com/koutto/jok3r-pocs +- https://github.com/lp008/Hack-readme - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/pyn3rd/CVE-2018-3245 - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/slimdaddy/RedTeam - https://github.com/superfish9/pt - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool - https://github.com/zema1/oracle-vuln-crawler diff --git a/2018/CVE-2018-3721.md b/2018/CVE-2018-3721.md index 69e6de19a7..8977edb6de 100644 --- a/2018/CVE-2018-3721.md +++ b/2018/CVE-2018-3721.md @@ -13,6 +13,8 @@ lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutabl No PoCs from references. #### Github +- https://github.com/D4rkP0w4r/SnykCon-CTF-2021 +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/duckstroms/Web-CTF-Cheatsheet - https://github.com/futoin/core-js-ri-invoker - https://github.com/siddharthraopotukuchi/trivy diff --git a/2018/CVE-2018-3741.md b/2018/CVE-2018-3741.md index cdca0c2151..9063ddeaa3 100644 --- a/2018/CVE-2018-3741.md +++ b/2018/CVE-2018-3741.md @@ -13,6 +13,7 @@ There is a possible XSS vulnerability in all rails-html-sanitizer gem versions b No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers diff --git a/2018/CVE-2018-4233.md b/2018/CVE-2018-4233.md index 2d911fa670..3dbeb08d08 100644 --- a/2018/CVE-2018-4233.md +++ b/2018/CVE-2018-4233.md @@ -20,6 +20,7 @@ An issue was discovered in certain Apple products. iOS before 11.4 is affected. - https://github.com/LinusHenze/WebKit-RegEx-Exploit - https://github.com/NickA1260/My-Coding-Bio - https://github.com/Tom-ODonnell/TFP0-via-Safari-iOS-11.3.1 +- https://github.com/WRFan/jailbreak10.3.3 - https://github.com/Yangcheesen/jailbreakme - https://github.com/awesomehd1/JailbreakMe - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2018/CVE-2018-4277.md b/2018/CVE-2018-4277.md new file mode 100644 index 0000000000..f66b39d50e --- /dev/null +++ b/2018/CVE-2018-4277.md @@ -0,0 +1,17 @@ +### [CVE-2018-4277](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4277) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/deadcyph3r/Awesome-Collection + diff --git a/2018/CVE-2018-4407.md b/2018/CVE-2018-4407.md index b48f527ede..70ec81cac0 100644 --- a/2018/CVE-2018-4407.md +++ b/2018/CVE-2018-4407.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC - https://github.com/649/Crash-iOS-Exploit +- https://github.com/Apri1y/Red-Team-links - https://github.com/Aquilao/Toy-Box - https://github.com/Echocipher/Resource-list - https://github.com/Flerov/WindowsExploitDev @@ -32,16 +33,21 @@ No PoCs from references. - https://github.com/github/securitylab - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/houjingyi233/macOS-iOS-system-security +- https://github.com/hudunkey/Red-Team-links - https://github.com/integeruser/on-pwning +- https://github.com/john-80/-007 +- https://github.com/lp008/Hack-readme - https://github.com/nixawk/labs - https://github.com/oneplus-x/MS17-010 - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/r3dxpl0it/CVE-2018-4407 - https://github.com/secdev/awesome-scapy +- https://github.com/slimdaddy/RedTeam - https://github.com/unixpickle/cve-2018-4407 - https://github.com/wateroot/poc-exp - https://github.com/wrlu/Vulnerabilities - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool - https://github.com/xiaoy-sec/Pentest_Note - https://github.com/zhang040723/web - https://github.com/zteeed/CVE-2018-4407-IOS diff --git a/2018/CVE-2018-4416.md b/2018/CVE-2018-4416.md index 00931824ae..ea2f90911b 100644 --- a/2018/CVE-2018-4416.md +++ b/2018/CVE-2018-4416.md @@ -13,6 +13,7 @@ Multiple memory corruption issues were addressed with improved memory handling. No PoCs from references. #### Github +- https://github.com/SkyBulk/RealWorldPwn - https://github.com/raystyle/SafariTour - https://github.com/tunz/js-vuln-db diff --git a/2018/CVE-2018-4868.md b/2018/CVE-2018-4868.md index 3495c2f068..bc42ad4d4e 100644 --- a/2018/CVE-2018-4868.md +++ b/2018/CVE-2018-4868.md @@ -13,5 +13,7 @@ The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows - https://github.com/Exiv2/exiv2/issues/202 #### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark - https://github.com/andir/nixos-issue-db-example +- https://github.com/tzf-key/MemLock_Benchmark diff --git a/2018/CVE-2018-4878.md b/2018/CVE-2018-4878.md index 09d76b4914..57ab59c109 100644 --- a/2018/CVE-2018-4878.md +++ b/2018/CVE-2018-4878.md @@ -17,15 +17,19 @@ A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/Apri1y/Red-Team-links - https://github.com/B0fH/CVE-2018-4878 - https://github.com/BOFs/365CS - https://github.com/BOFs/CobaltStrike +- https://github.com/CYJoe-Cyclone/Awesome-CobaltStrike +- https://github.com/ChefGordon/List-O-Tools - https://github.com/Echocipher/Resource-list - https://github.com/FlatL1neAPT/MS-Office - https://github.com/FlatL1neAPT/Post-exploitation - https://github.com/H3llozy/CVE-2018-4879 - https://github.com/HacTF/poc--exp - https://github.com/HuanWoWeiLan/SoftwareSystemSecurity +- https://github.com/HuanWoWeiLan/SoftwareSystemSecurity-2019 - https://github.com/InQuest/malware-samples - https://github.com/InQuest/yara-rules - https://github.com/KathodeN/CVE-2018-4878 @@ -35,24 +39,31 @@ A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0. - https://github.com/blackorbird/APT_REPORT - https://github.com/blackorlittle/exps - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/diovil/aaa +- https://github.com/dudacgf/ovr_convert - https://github.com/emtuls/Awesome-Cyber-Security-List - https://github.com/gold1029/Red-Teaming-Toolkit - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/hongriSec/Growth-Diary +- https://github.com/hudunkey/Red-Team-links - https://github.com/hybridious/CVE-2018-4878 +- https://github.com/john-80/-007 - https://github.com/likescam/APT_REPORT - https://github.com/likescam/Red-Teaming-Toolkit - https://github.com/likescam/Red-Teaming-Toolkit_all_pentests +- https://github.com/lp008/Hack-readme - https://github.com/mdsecactivebreach/CVE-2018-4878 - https://github.com/mucahittopal/Pentesting-Pratic-Notes - https://github.com/nao-sec/ektotal - https://github.com/nitishbadole/pentesting_Notes - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/shr3ddersec/Shr3dKit +- https://github.com/slimdaddy/RedTeam - https://github.com/sung3r/CobaltStrike - https://github.com/vysecurity/CVE-2018-4878 - https://github.com/wateroot/poc-exp - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool - https://github.com/ydl555/CVE-2018-4878- - https://github.com/zer0yu/Awesome-CobaltStrike diff --git a/2018/CVE-2018-4939.md b/2018/CVE-2018-4939.md index 52c960b612..34fc5db2bd 100644 --- a/2018/CVE-2018-4939.md +++ b/2018/CVE-2018-4939.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/Ginove/post - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/dudacgf/ovr_convert - https://github.com/klausware/Java-Deserialization-Cheat-Sheet - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet diff --git a/2018/CVE-2018-4990.md b/2018/CVE-2018-4990.md index aff713c871..df8657608a 100644 --- a/2018/CVE-2018-4990.md +++ b/2018/CVE-2018-4990.md @@ -13,7 +13,9 @@ Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and - https://helpx.adobe.com/security/products/acrobat/apsb18-09.html #### Github +- https://github.com/SkyBulk/RealWorldPwn - https://github.com/attackgithub/RealWorldPwn +- https://github.com/fengjixuchui/Just-pwn-it-for-fun - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2018/CVE-2018-4993.md b/2018/CVE-2018-4993.md index e57553d984..7519fcf8d6 100644 --- a/2018/CVE-2018-4993.md +++ b/2018/CVE-2018-4993.md @@ -18,6 +18,7 @@ Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and - https://github.com/deepzec/Bad-Pdf - https://github.com/ponypot/cve - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/severnake/Pentest-Tools - https://github.com/theyoge/AD-Pentesting-Tools - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2018/CVE-2018-5093.md b/2018/CVE-2018-5093.md new file mode 100644 index 0000000000..8c4b1d2486 --- /dev/null +++ b/2018/CVE-2018-5093.md @@ -0,0 +1,17 @@ +### [CVE-2018-5093](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5093) +![](https://img.shields.io/static/v1?label=Product&message=Firefox&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2058%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Buffer%20overflow%20in%20WebAssembly%20during%20Memory%2FTable%20resizing&color=brighgreen) + +### Description + +A heap buffer overflow vulnerability may occur in WebAssembly during Memory/Table resizing, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 58. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ZihanYe/web-browser-vulnerabilities + diff --git a/2018/CVE-2018-5094.md b/2018/CVE-2018-5094.md new file mode 100644 index 0000000000..db3550e038 --- /dev/null +++ b/2018/CVE-2018-5094.md @@ -0,0 +1,17 @@ +### [CVE-2018-5094](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5094) +![](https://img.shields.io/static/v1?label=Product&message=Firefox&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2058%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Buffer%20overflow%20in%20WebAssembly%20with%20garbage%20collection%20on%20uninitialized%20memory&color=brighgreen) + +### Description + +A heap buffer overflow vulnerability may occur in WebAssembly when "shrinkElements" is called followed by garbage collection on memory that is now uninitialized. This results in a potentially exploitable crash. This vulnerability affects Firefox < 58. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ZihanYe/web-browser-vulnerabilities + diff --git a/2018/CVE-2018-5097.md b/2018/CVE-2018-5097.md new file mode 100644 index 0000000000..273951ced9 --- /dev/null +++ b/2018/CVE-2018-5097.md @@ -0,0 +1,20 @@ +### [CVE-2018-5097](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097) +![](https://img.shields.io/static/v1?label=Product&message=Firefox%20ESR&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Firefox&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Thunderbird&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2052.6%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2058%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use-after-free%20when%20source%20document%20is%20manipulated%20during%20XSLT&color=brighgreen) + +### Description + +A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ZihanYe/web-browser-vulnerabilities + diff --git a/2018/CVE-2018-5100.md b/2018/CVE-2018-5100.md new file mode 100644 index 0000000000..cbecb64666 --- /dev/null +++ b/2018/CVE-2018-5100.md @@ -0,0 +1,17 @@ +### [CVE-2018-5100](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5100) +![](https://img.shields.io/static/v1?label=Product&message=Firefox&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2058%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use-after-free%20when%20IsPotentiallyScrollable%20arguments%20are%20freed%20from%20memory&color=brighgreen) + +### Description + +A use-after-free vulnerability can occur when arguments passed to the "IsPotentiallyScrollable" function are freed while still in use by scripts. This results in a potentially exploitable crash. This vulnerability affects Firefox < 58. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ZihanYe/web-browser-vulnerabilities + diff --git a/2018/CVE-2018-5102.md b/2018/CVE-2018-5102.md new file mode 100644 index 0000000000..4fa6cf70a7 --- /dev/null +++ b/2018/CVE-2018-5102.md @@ -0,0 +1,20 @@ +### [CVE-2018-5102](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102) +![](https://img.shields.io/static/v1?label=Product&message=Firefox%20ESR&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Firefox&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Thunderbird&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2052.6%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2058%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use-after-free%20in%20HTML%20media%20elements&color=brighgreen) + +### Description + +A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ZihanYe/web-browser-vulnerabilities + diff --git a/2018/CVE-2018-5104.md b/2018/CVE-2018-5104.md new file mode 100644 index 0000000000..afc3aca732 --- /dev/null +++ b/2018/CVE-2018-5104.md @@ -0,0 +1,20 @@ +### [CVE-2018-5104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104) +![](https://img.shields.io/static/v1?label=Product&message=Firefox%20ESR&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Firefox&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Thunderbird&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2052.6%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2058%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use-after-free%20during%20font%20face%20manipulation&color=brighgreen) + +### Description + +A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ZihanYe/web-browser-vulnerabilities + diff --git a/2018/CVE-2018-5127.md b/2018/CVE-2018-5127.md new file mode 100644 index 0000000000..f00a917b47 --- /dev/null +++ b/2018/CVE-2018-5127.md @@ -0,0 +1,20 @@ +### [CVE-2018-5127](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5127) +![](https://img.shields.io/static/v1?label=Product&message=Firefox%20ESR&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Firefox&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Thunderbird&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2052.7%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2059%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Buffer%20overflow%20manipulating%20SVG%20animatedPathSegList&color=brighgreen) + +### Description + +A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ZihanYe/web-browser-vulnerabilities + diff --git a/2018/CVE-2018-5129.md b/2018/CVE-2018-5129.md index 27c7d1aff6..f9a113f5c6 100644 --- a/2018/CVE-2018-5129.md +++ b/2018/CVE-2018-5129.md @@ -18,6 +18,7 @@ A lack of parameter validation on IPC messages results in a potential out-of-bou #### Github - https://github.com/Escapingbug/awesome-browser-exploit - https://github.com/SkyBulk/the-day-of-nightmares +- https://github.com/ZihanYe/web-browser-vulnerabilities - https://github.com/paulveillard/cybersecurity-windows-exploitation - https://github.com/yeyintminthuhtut/Awesome-Advanced-Windows-Exploitation-References diff --git a/2018/CVE-2018-5230.md b/2018/CVE-2018-5230.md index 1a88d8dc73..6c3d817fd9 100644 --- a/2018/CVE-2018-5230.md +++ b/2018/CVE-2018-5230.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/NarbehJackson/Java-Xss-minitwit16 - https://github.com/NarbehJackson/XSS-Python-Lab - https://github.com/sobinge/nuclei-templates +- https://github.com/sushantdhopat/JIRA_testing diff --git a/2018/CVE-2018-5296.md b/2018/CVE-2018-5296.md index bf40fa8dc8..3164da2a28 100644 --- a/2018/CVE-2018-5296.md +++ b/2018/CVE-2018-5296.md @@ -13,5 +13,7 @@ In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::Re - https://bugzilla.redhat.com/show_bug.cgi?id=1531956 #### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark - https://github.com/andir/nixos-issue-db-example +- https://github.com/tzf-key/MemLock_Benchmark diff --git a/2018/CVE-2018-5407.md b/2018/CVE-2018-5407.md index f622f99435..56077a08e7 100644 --- a/2018/CVE-2018-5407.md +++ b/2018/CVE-2018-5407.md @@ -18,5 +18,6 @@ Simultaneous Multi-threading (SMT) in processors can enable local users to explo #### Github - https://github.com/bbbrumley/portsmash - https://github.com/codexlynx/hardware-attacks-state-of-the-art +- https://github.com/djschleen/ash - https://github.com/nsacyber/Hardware-and-Firmware-Security-Guidance diff --git a/2018/CVE-2018-5709.md b/2018/CVE-2018-5709.md index aedf56da22..2811e8bbaf 100644 --- a/2018/CVE-2018-5709.md +++ b/2018/CVE-2018-5709.md @@ -13,5 +13,6 @@ An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a va No PoCs from references. #### Github +- https://github.com/brandoncamenisch/release-the-code-litecoin - https://github.com/dispera/giant-squid diff --git a/2018/CVE-2018-5728.md b/2018/CVE-2018-5728.md index 43299c73ff..5672ee8e07 100644 --- a/2018/CVE-2018-5728.md +++ b/2018/CVE-2018-5728.md @@ -15,5 +15,6 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/ezelf/seatel_terminals - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2018/CVE-2018-5743.md b/2018/CVE-2018-5743.md index c7dd34cb6c..36b18f9421 100644 --- a/2018/CVE-2018-5743.md +++ b/2018/CVE-2018-5743.md @@ -13,5 +13,7 @@ By design, BIND is intended to limit the number of TCP clients that can be conne No PoCs from references. #### Github +- https://github.com/Seabreg/bind - https://github.com/bg6cq/bind9 +- https://github.com/sischkg/dnsonsen_advent_calendar diff --git a/2018/CVE-2018-5744.md b/2018/CVE-2018-5744.md index aee35212b6..d3678ac036 100644 --- a/2018/CVE-2018-5744.md +++ b/2018/CVE-2018-5744.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/HJXSaber/bind9-my - https://github.com/pexip/os-bind9 +- https://github.com/sischkg/dnsonsen_advent_calendar diff --git a/2018/CVE-2018-5776.md b/2018/CVE-2018-5776.md index 396a736e3b..f9f7264847 100644 --- a/2018/CVE-2018-5776.md +++ b/2018/CVE-2018-5776.md @@ -13,5 +13,6 @@ WordPress before 4.9.2 has XSS in the Flash fallback files in MediaElement (unde No PoCs from references. #### Github +- https://github.com/El-Palomo/DerpNStink - https://github.com/Tanvi20/Week-7-Alternative-Assignment-wp-cve diff --git a/2018/CVE-2018-5783.md b/2018/CVE-2018-5783.md index 90c6bf4dae..2582ab3123 100644 --- a/2018/CVE-2018-5783.md +++ b/2018/CVE-2018-5783.md @@ -14,5 +14,7 @@ In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVe - https://sourceforge.net/p/podofo/tickets/27/ #### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark - https://github.com/andir/nixos-issue-db-example +- https://github.com/tzf-key/MemLock_Benchmark diff --git a/2018/CVE-2018-5968.md b/2018/CVE-2018-5968.md index d74b06e82b..be49596dc5 100644 --- a/2018/CVE-2018-5968.md +++ b/2018/CVE-2018-5968.md @@ -15,5 +15,7 @@ No PoCs from references. #### Github - https://github.com/OneSourceCat/jackson-rce-via-two-new-gadgets - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/ilmari666/cybsec - https://github.com/javaExploit/jackson-rce-via-two-new-gadgets +- https://github.com/yahoo/cubed diff --git a/2018/CVE-2018-6060.md b/2018/CVE-2018-6060.md new file mode 100644 index 0000000000..26fced0128 --- /dev/null +++ b/2018/CVE-2018-6060.md @@ -0,0 +1,17 @@ +### [CVE-2018-6060](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6060) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2065.0.3325.146%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20after%20free&color=brighgreen) + +### Description + +Use after free in WebAudio in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ZihanYe/web-browser-vulnerabilities + diff --git a/2018/CVE-2018-6123.md b/2018/CVE-2018-6123.md new file mode 100644 index 0000000000..7c8bb3f22b --- /dev/null +++ b/2018/CVE-2018-6123.md @@ -0,0 +1,17 @@ +### [CVE-2018-6123](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6123) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2067.0.3396.62%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20after%20free&color=brighgreen) + +### Description + +A use after free in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ZihanYe/web-browser-vulnerabilities + diff --git a/2018/CVE-2018-6389.md b/2018/CVE-2018-6389.md index 87293ce7ec..3170909d2a 100644 --- a/2018/CVE-2018-6389.md +++ b/2018/CVE-2018-6389.md @@ -24,23 +24,30 @@ In WordPress through 4.9.2, unauthenticated attackers can cause a denial of serv - https://github.com/CnHack3r/Penetration_PoC - https://github.com/Daas335b/Codepath.week7 - https://github.com/Daas335b/Week-7 +- https://github.com/El-Palomo/DerpNStink - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups - https://github.com/ItinerisLtd/trellis-cve-2018-6389 - https://github.com/JavierOlmedo/wordpress-cve-2018-6389 - https://github.com/Jetserver/CVE-2018-6389-FIX - https://github.com/JulienGadanho/cve-2018-6389-php-patcher - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Saidul-M-Khan/Awesome-Bugbounty-Writeups - https://github.com/Scatter-Security/wordpressure - https://github.com/SexyBeast233/SecBooks - https://github.com/Tanvi20/Week-7-Alternative-Assignment-wp-cve - https://github.com/WazeHell/CVE-2018-6389 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Zazzzles/Wordpress-DOS +- https://github.com/ajino2k/Awesome-Bugbounty-Writeups - https://github.com/alessiogilardi/PoC---CVE-2018-6389 - https://github.com/alexjasso/Project_7-WordPress_Pentesting - https://github.com/amankapoor/trellis-wordpress-starter-kit - https://github.com/armaanpathan12345/WP-DOS-Exploit-CVE-2018-6389 +- https://github.com/blitz-cmd/Bugbounty-writeups - https://github.com/bogdanovist2061/Project-7---WordPress-Pentesting +- https://github.com/bot8080/awesomeBugbounty +- https://github.com/chalern/Pentest-Tools - https://github.com/devanshbatham/Awesome-Bugbounty-Writeups - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/dsfau/wordpress-CVE-2018-6389 diff --git a/2018/CVE-2018-6405.md b/2018/CVE-2018-6405.md new file mode 100644 index 0000000000..07d46437d8 --- /dev/null +++ b/2018/CVE-2018-6405.md @@ -0,0 +1,17 @@ +### [CVE-2018-6405](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6405) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ksyang-hj/ksyang-hj + diff --git a/2018/CVE-2018-6552.md b/2018/CVE-2018-6552.md index 96a285a1bb..71f0c7c104 100644 --- a/2018/CVE-2018-6552.md +++ b/2018/CVE-2018-6552.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/Metarget/awesome-cloud-native-security +- https://github.com/reni2study/Cloud-Native-Security2 diff --git a/2018/CVE-2018-6622.md b/2018/CVE-2018-6622.md index f7e1c9c9b9..d91ca343d5 100644 --- a/2018/CVE-2018-6622.md +++ b/2018/CVE-2018-6622.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/kkamagui/bitleaker - https://github.com/kkamagui/napper-for-tpm +- https://github.com/lp008/Hack-readme diff --git a/2018/CVE-2018-6869.md b/2018/CVE-2018-6869.md index 50e6f9ce51..ac82249054 100644 --- a/2018/CVE-2018-6869.md +++ b/2018/CVE-2018-6869.md @@ -13,5 +13,6 @@ In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a crash in th - https://github.com/gdraheim/zziplib/issues/22 #### Github -No PoCs found on GitHub currently. +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark diff --git a/2018/CVE-2018-6910.md b/2018/CVE-2018-6910.md index a09063d7e5..75d1f11df6 100644 --- a/2018/CVE-2018-6910.md +++ b/2018/CVE-2018-6910.md @@ -16,5 +16,6 @@ DedeCMS 5.7 allows remote attackers to discover the full path via a direct reque - https://github.com/0ps/pocassistdb - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/FDlucifer/firece-fish - https://github.com/jweny/pocassistdb diff --git a/2018/CVE-2018-6930.md b/2018/CVE-2018-6930.md new file mode 100644 index 0000000000..9663720426 --- /dev/null +++ b/2018/CVE-2018-6930.md @@ -0,0 +1,17 @@ +### [CVE-2018-6930](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6930) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A stack-based buffer over-read in the ComputeResizeImage function in the MagickCore/accelerate.c file of ImageMagick 7.0.7-22 allows a remote attacker to cause a denial of service (application crash) via a maliciously crafted pict file. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ksyang-hj/ksyang-hj + diff --git a/2018/CVE-2018-6952.md b/2018/CVE-2018-6952.md index e2f2dc004f..4bb6505b7d 100644 --- a/2018/CVE-2018-6952.md +++ b/2018/CVE-2018-6952.md @@ -15,4 +15,6 @@ No PoCs from references. #### Github - https://github.com/andir/nixos-issue-db-example - https://github.com/phonito/phonito-vulnerable-container +- https://github.com/strongcourage/uafbench +- https://github.com/strongcourage/uafuzz diff --git a/2018/CVE-2018-6981.md b/2018/CVE-2018-6981.md index af75ad2c17..130bbb39f5 100644 --- a/2018/CVE-2018-6981.md +++ b/2018/CVE-2018-6981.md @@ -14,8 +14,14 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/Apri1y/Red-Team-links - https://github.com/Echocipher/Resource-list - https://github.com/badd1e/Disclosures - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hudunkey/Red-Team-links +- https://github.com/john-80/-007 +- https://github.com/lp008/Hack-readme - https://github.com/siovador/vmxnet3Hunter +- https://github.com/slimdaddy/RedTeam +- https://github.com/xiaoZ-hc/redtool diff --git a/2018/CVE-2018-6982.md b/2018/CVE-2018-6982.md index b753e78e69..aaa2fe8245 100644 --- a/2018/CVE-2018-6982.md +++ b/2018/CVE-2018-6982.md @@ -13,6 +13,12 @@ VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650 No PoCs from references. #### Github +- https://github.com/Apri1y/Red-Team-links - https://github.com/Echocipher/Resource-list +- https://github.com/hudunkey/Red-Team-links +- https://github.com/john-80/-007 +- https://github.com/lp008/Hack-readme - https://github.com/siovador/vmxnet3Hunter +- https://github.com/slimdaddy/RedTeam +- https://github.com/xiaoZ-hc/redtool diff --git a/2018/CVE-2018-7489.md b/2018/CVE-2018-7489.md index 73393262af..b24aa49bd9 100644 --- a/2018/CVE-2018-7489.md +++ b/2018/CVE-2018-7489.md @@ -17,9 +17,11 @@ No PoCs from references. - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/dotanuki-labs/android-oss-cves-research - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/ilmari666/cybsec - https://github.com/klarna/kco_rest_java - https://github.com/pawankeshri/aws-sdk-java-master - https://github.com/sdstoehr/har-reader - https://github.com/speedycloud/java-sdk +- https://github.com/yahoo/cubed - https://github.com/zema1/oracle-vuln-crawler diff --git a/2018/CVE-2018-7600.md b/2018/CVE-2018-7600.md index f32571e4f9..cc3650dc03 100644 --- a/2018/CVE-2018-7600.md +++ b/2018/CVE-2018-7600.md @@ -13,6 +13,7 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 - https://github.com/a2u/CVE-2018-7600 - https://github.com/g0rx/CVE-2018-7600-Drupal-RCE - https://greysec.net/showthread.php?tid=2912&pid=10561 +- https://groups.drupal.org/security/faq-2018-002 - https://research.checkpoint.com/uncovering-drupalgeddon-2/ - https://www.exploit-db.com/exploits/44448/ - https://www.exploit-db.com/exploits/44449/ @@ -29,13 +30,16 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 - https://github.com/Astrogeorgeonethree/Starred - https://github.com/Cyberleet1337/Payloadswebhack - https://github.com/Damian972/drupalgeddon-2 +- https://github.com/Delishsploits/PayloadsAndMethodology - https://github.com/DynamicDesignz/Alien-Framework - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/FireFart/CVE-2018-7600 +- https://github.com/GuynnR/Payloads - https://github.com/Hestat/drupal-check - https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups - https://github.com/Jean-Francois-C/Windows-Penetration-Testing - https://github.com/Muhammd/Awesome-Payloads +- https://github.com/Nieuport/PayloadsAllTheThings - https://github.com/PWN-Kingdom/Test_Tasks - https://github.com/PaloAltoNetworks/research-notes - https://github.com/Prodject/Kn0ck @@ -53,8 +57,10 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 - https://github.com/andrysec/PayloadsAllVulnerability - https://github.com/anhtu97/PayloadAllEverything - https://github.com/antonio-fr/DrupalRS +- https://github.com/apkadmin/PayLoadsAll - https://github.com/aylincetin/PayloadsAllTheThings - https://github.com/bigblackhat/oFx +- https://github.com/chanchalpatra/payload - https://github.com/cjgratacos/drupalgeddon2-test - https://github.com/cocomelonc/vulnexipy - https://github.com/dr-iman/CVE-2018-7600-Drupal-0day-RCE @@ -66,6 +72,7 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 - https://github.com/gobysec/Goby - https://github.com/happynote3966/CVE-2018-7600 - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hellochunqiu/PayloadsAllTheThings - https://github.com/hktalent/myhktools - https://github.com/jirojo2/drupalgeddon2 - https://github.com/jstang9527/gofor @@ -73,10 +80,14 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 - https://github.com/kk98kk0/Payloads - https://github.com/knqyf263/CVE-2018-7600 - https://github.com/koutto/jok3r-pocs +- https://github.com/ksw9722/PayloadsAllTheThings - https://github.com/lanjelot/ctfs - https://github.com/lorddemon/drupalgeddon2 - https://github.com/ludy-dev/drupal8-REST-RCE +- https://github.com/maya6/-scan- +- https://github.com/mrhacker51/ReverseShellCommands - https://github.com/neoblackied/drupal1 +- https://github.com/nevidimk0/PayloadsAllTheThings - https://github.com/nixawk/labs - https://github.com/nxme/php-uicode-issues-drupal - https://github.com/oneplus-x/MS17-010 @@ -88,14 +99,17 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 - https://github.com/qiantu88/test - https://github.com/r3dxpl0it/CVE-2018-7600 - https://github.com/samba234/Sniper +- https://github.com/severnake/Pentest-Tools - https://github.com/sl4cky/CVE-2018-7600 - https://github.com/sl4cky/CVE-2018-7600-Masschecker - https://github.com/sobinge/--1 - https://github.com/sobinge/PayloadsAllTheThings +- https://github.com/sobinge/PayloadsAllThesobinge - https://github.com/superfish9/pt - https://github.com/thehappydinoa/CVE-2018-7600 - https://github.com/theyoge/AD-Pentesting-Tools - https://github.com/unusualwork/Sn1per +- https://github.com/winterwolf32/PayloadsAllTheThings - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/yak0d3/dDumper - https://github.com/zeralot/Dectect-CVE diff --git a/2018/CVE-2018-7876.md b/2018/CVE-2018-7876.md index 0c9adaa094..ddcff09881 100644 --- a/2018/CVE-2018-7876.md +++ b/2018/CVE-2018-7876.md @@ -13,5 +13,6 @@ In libming 0.4.8, a memory exhaustion vulnerability was found in the function pa - https://github.com/libming/libming/issues/109 #### Github -No PoCs found on GitHub currently. +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark diff --git a/2018/CVE-2018-8009.md b/2018/CVE-2018-8009.md index 50e8c832e7..cf8693957f 100644 --- a/2018/CVE-2018-8009.md +++ b/2018/CVE-2018-8009.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/snyk/zip-slip-vulnerability +- https://github.com/yahoo/cubed diff --git a/2018/CVE-2018-8014.md b/2018/CVE-2018-8014.md index b0e38823ac..fc420135a9 100644 --- a/2018/CVE-2018-8014.md +++ b/2018/CVE-2018-8014.md @@ -13,6 +13,7 @@ The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to No PoCs from references. #### Github +- https://github.com/ilmari666/cybsec - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough diff --git a/2018/CVE-2018-8029.md b/2018/CVE-2018-8029.md new file mode 100644 index 0000000000..c6f621989d --- /dev/null +++ b/2018/CVE-2018-8029.md @@ -0,0 +1,17 @@ +### [CVE-2018-8029](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8029) +![](https://img.shields.io/static/v1?label=Product&message=Apache%20Hadoop&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Privilege%20Escalation&color=brighgreen) + +### Description + +In Apache Hadoop versions 3.0.0-alpha1 to 3.1.0, 2.9.0 to 2.9.1, and 2.2.0 to 2.8.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/yahoo/cubed + diff --git a/2018/CVE-2018-8034.md b/2018/CVE-2018-8034.md index eee7fc625d..3413867350 100644 --- a/2018/CVE-2018-8034.md +++ b/2018/CVE-2018-8034.md @@ -13,5 +13,6 @@ The host name verification when using TLS with the WebSocket client was missing. No PoCs from references. #### Github +- https://github.com/ilmari666/cybsec - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough diff --git a/2018/CVE-2018-8037.md b/2018/CVE-2018-8037.md index 930d4892e1..d90f18735c 100644 --- a/2018/CVE-2018-8037.md +++ b/2018/CVE-2018-8037.md @@ -13,5 +13,6 @@ If an async request was completed by the application at the same time as the con No PoCs from references. #### Github +- https://github.com/ilmari666/cybsec - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough diff --git a/2018/CVE-2018-8120.md b/2018/CVE-2018-8120.md index 138175bfcc..5971416435 100644 --- a/2018/CVE-2018-8120.md +++ b/2018/CVE-2018-8120.md @@ -17,6 +17,7 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon #### Github - https://github.com/0xT11/CVE-POC - https://github.com/Al1ex/WindowsElevation +- https://github.com/Apri1y/Red-Team-links - https://github.com/Ascotbe/Kernelhub - https://github.com/CnHack3r/Penetration_PoC - https://github.com/EVOL4/CVE-2018-8120 @@ -48,9 +49,12 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - https://github.com/geeksniper/windows-privilege-escalation - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hudunkey/Red-Team-links - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/john-80/-007 - https://github.com/leeqwind/HolicPOC +- https://github.com/lp008/Hack-readme - https://github.com/mishmashclone/SecWiki-windows-kernel-exploits - https://github.com/n8v79a/win-exploit - https://github.com/ne1llee/cve-2018-8120 @@ -65,6 +69,7 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - https://github.com/renzu0/Windows-exp - https://github.com/root26/bug - https://github.com/safesword/WindowsExp +- https://github.com/slimdaddy/RedTeam - https://github.com/uhub/awesome-cpp - https://github.com/unamer/CVE-2018-8120 - https://github.com/valentinoJones/Windows-Kernel-Exploits @@ -73,6 +78,7 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/xfinest/windows-kernel-exploits +- https://github.com/xiaoZ-hc/redtool - https://github.com/ycdxsb/WindowsPrivilegeEscalation - https://github.com/yedada-wei/- - https://github.com/yedada-wei/gongkaishouji diff --git a/2018/CVE-2018-8174.md b/2018/CVE-2018-8174.md index 434a89c571..fe19b20e64 100644 --- a/2018/CVE-2018-8174.md +++ b/2018/CVE-2018-8174.md @@ -26,6 +26,7 @@ A remote code execution vulnerability exists in the way that the VBScript engine - https://github.com/0x09AL/CVE-2018-8174-msf - https://github.com/0xT11/CVE-POC - https://github.com/1120362990/Paper +- https://github.com/Apri1y/Red-Team-links - https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections - https://github.com/Echocipher/Resource-list - https://github.com/HacTF/poc--exp @@ -40,16 +41,21 @@ A remote code execution vulnerability exists in the way that the VBScript engine - https://github.com/eric-erki/APT_CyberCriminal_Campagin_Collections - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/hongriSec/Growth-Diary +- https://github.com/hudunkey/Red-Team-links - https://github.com/iwarsong/apt +- https://github.com/john-80/-007 - https://github.com/likescam/APT_CyberCriminal_Campagin_Collections - https://github.com/likescam/CyberMonitor-APT_CyberCriminal_Campagin_Collections +- https://github.com/lp008/Hack-readme - https://github.com/orf53975/Rig-Exploit-for-CVE-2018-8174 - https://github.com/piotrflorczyk/cve-2018-8174_analysis - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/ruthlezs/ie11_vbscript_exploit +- https://github.com/slimdaddy/RedTeam - https://github.com/sumas/APT_CyberCriminal_Campagin_Collections - https://github.com/washgo/HackTool - https://github.com/wateroot/poc-exp - https://github.com/wrlu/Vulnerabilities - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool diff --git a/2018/CVE-2018-8212.md b/2018/CVE-2018-8212.md index 70ed1a458a..eb782f43ab 100644 --- a/2018/CVE-2018-8212.md +++ b/2018/CVE-2018-8212.md @@ -15,6 +15,7 @@ A security feature bypass vulnerability exists in Device Guard that could allow No PoCs from references. #### Github +- https://github.com/bohops/UltimateWDACBypassList - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2018/CVE-2018-8417.md b/2018/CVE-2018-8417.md new file mode 100644 index 0000000000..03acde179b --- /dev/null +++ b/2018/CVE-2018-8417.md @@ -0,0 +1,20 @@ +### [CVE-2018-8417](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8417) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Servers&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brighgreen) + +### Description + +A security feature bypass vulnerability exists in Microsoft JScript that could allow an attacker to bypass Device Guard, aka "Microsoft JScript Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/bohops/UltimateWDACBypassList + diff --git a/2018/CVE-2018-8420.md b/2018/CVE-2018-8420.md index b926db47f3..659ff9ac4a 100644 --- a/2018/CVE-2018-8420.md +++ b/2018/CVE-2018-8420.md @@ -23,14 +23,20 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/Apri1y/Red-Team-links - https://github.com/Echocipher/Resource-list - https://github.com/HacTF/poc--exp - https://github.com/L1ves/windows-pentesting-resources - https://github.com/alexfrancow/Exploits - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hudunkey/Red-Team-links - https://github.com/idkwim/CVE-2018-8420 +- https://github.com/john-80/-007 +- https://github.com/lp008/Hack-readme - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/slimdaddy/RedTeam - https://github.com/wateroot/poc-exp - https://github.com/wrlu/Vulnerabilities - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool diff --git a/2018/CVE-2018-8421.md b/2018/CVE-2018-8421.md index 5fa22a2cf8..8a43fc488c 100644 --- a/2018/CVE-2018-8421.md +++ b/2018/CVE-2018-8421.md @@ -13,6 +13,7 @@ A remote code execution vulnerability exists when Microsoft .NET Framework proce No PoCs from references. #### Github +- https://github.com/NHPT/ysoserial.net - https://github.com/pwntester/ysoserial.net - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2018/CVE-2018-8453.md b/2018/CVE-2018-8453.md index 7784dcefea..a4442a254a 100644 --- a/2018/CVE-2018-8453.md +++ b/2018/CVE-2018-8453.md @@ -50,6 +50,7 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - https://github.com/renzu0/Windows-exp - https://github.com/root26/bug - https://github.com/safesword/WindowsExp +- https://github.com/thepwnrip/leHACK-Analysis-of-CVE-2018-8453 - https://github.com/valentinoJones/Windows-Kernel-Exploits - https://github.com/xfinest/windows-kernel-exploits - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2018/CVE-2018-8492.md b/2018/CVE-2018-8492.md new file mode 100644 index 0000000000..00c621ded2 --- /dev/null +++ b/2018/CVE-2018-8492.md @@ -0,0 +1,20 @@ +### [CVE-2018-8492](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8492) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Servers&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brighgreen) + +### Description + +A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/bohops/UltimateWDACBypassList + diff --git a/2018/CVE-2018-8581.md b/2018/CVE-2018-8581.md index 34606808fe..15771f4921 100644 --- a/2018/CVE-2018-8581.md +++ b/2018/CVE-2018-8581.md @@ -16,6 +16,8 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/404notf0und/Security-Data-Analysis-and-Visualization - https://github.com/61106960/adPEAS +- https://github.com/Apri1y/Red-Team-links +- https://github.com/CYJoe-Cyclone/Awesome-CobaltStrike - https://github.com/Echocipher/Resource-list - https://github.com/ErdemOzgen/ActiveDirectoryAttacks - https://github.com/Nieuport/Active-Directory-Kill-Chain-Attack-Defense @@ -25,15 +27,21 @@ No PoCs from references. - https://github.com/WyAtu/CVE-2018-8581 - https://github.com/geeksniper/active-directory-pentest - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hudunkey/Red-Team-links - https://github.com/infosecn1nja/AD-Attack-Defense +- https://github.com/john-80/-007 +- https://github.com/lp008/Hack-readme - https://github.com/mishmashclone/infosecn1nja-AD-Attack-Defense - https://github.com/phackt/Invoke-Recon - https://github.com/qiantu88/CVE-2018-8581 - https://github.com/shantanu561993/DomainUserToDomainAdminTechniques +- https://github.com/slimdaddy/RedTeam - https://github.com/sunzu94/AD-Attack-Defense - https://github.com/superfish9/pt - https://github.com/tataev/Security - https://github.com/tom0li/collection-document +- https://github.com/xiaoZ-hc/redtool - https://github.com/zer0yu/Awesome-CobaltStrike - https://github.com/zer0yu/Intranet_Penetration_CheetSheets +- https://github.com/zoreforlugcoiz/Devhoster diff --git a/2018/CVE-2018-8715.md b/2018/CVE-2018-8715.md index 7e284eb032..a77ac7dec4 100644 --- a/2018/CVE-2018-8715.md +++ b/2018/CVE-2018-8715.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/SexyBeast233/SecBooks +- https://github.com/zmylml/yangzifun diff --git a/2018/CVE-2018-8819.md b/2018/CVE-2018-8819.md index 14e2eb54b6..cfca7295a4 100644 --- a/2018/CVE-2018-8819.md +++ b/2018/CVE-2018-8819.md @@ -14,6 +14,7 @@ An XXE issue was discovered in Automated Logic Corporation (ALC) WebCTRL Version - http://seclists.org/fulldisclosure/2018/Jun/21 #### Github +- https://github.com/deadcyph3r/Awesome-Collection - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2018/CVE-2018-8897.md b/2018/CVE-2018-8897.md index 5d1f8d194d..4b7f6c1bee 100644 --- a/2018/CVE-2018-8897.md +++ b/2018/CVE-2018-8897.md @@ -18,18 +18,24 @@ A statement in the System Programming Guide of the Intel 64 and IA-32 Architectu #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/Apri1y/Red-Team-links - https://github.com/CrackerCat/Kernel-Security-Development - https://github.com/Echocipher/Resource-list - https://github.com/ExpLife0011/awesome-windows-kernel-security-development - https://github.com/Ondrik8/exploit - https://github.com/can1357/CVE-2018-8897 - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hudunkey/Red-Team-links - https://github.com/jiazhang0/pop-mov-ss-exploit +- https://github.com/john-80/-007 +- https://github.com/lp008/Hack-readme - https://github.com/nmulasmajic/CVE-2018-8897 - https://github.com/nmulasmajic/syscall_exploit_CVE-2018-8897 - https://github.com/pr0code/https-github.com-ExpLife0011-awesome-windows-kernel-security-development - https://github.com/pravinsrc/NOTES-windows-kernel-links - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/slimdaddy/RedTeam - https://github.com/whiteHat001/Kernel-Security - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool diff --git a/2018/CVE-2018-8941.md b/2018/CVE-2018-8941.md index c51de2aed6..8c421122f8 100644 --- a/2018/CVE-2018-8941.md +++ b/2018/CVE-2018-8941.md @@ -10,7 +10,7 @@ Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v. 1.01 ha ### POC #### Reference -No PoCs from references. +- https://github.com/SECFORCE/CVE-2018-8941 #### Github - https://github.com/0xT11/CVE-POC diff --git a/2018/CVE-2018-9138.md b/2018/CVE-2018-9138.md index 2cb2ff206b..87395e97c6 100644 --- a/2018/CVE-2018-9138.md +++ b/2018/CVE-2018-9138.md @@ -13,9 +13,11 @@ An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU B - https://sourceware.org/bugzilla/show_bug.cgi?id=23008 #### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark - https://github.com/andir/nixos-issue-db-example - https://github.com/junxzm1990/afl-pt - https://github.com/mudongliang/LinuxFlaw - https://github.com/oneoy/cve- - https://github.com/revl-ca/scan-docker-image +- https://github.com/tzf-key/MemLock_Benchmark diff --git a/2018/CVE-2018-9206.md b/2018/CVE-2018-9206.md index a2f45718a8..150795c132 100644 --- a/2018/CVE-2018-9206.md +++ b/2018/CVE-2018-9206.md @@ -15,12 +15,18 @@ Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Uploa #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/Apri1y/Red-Team-links - https://github.com/Den1al/CVE-2018-9206 - https://github.com/Echocipher/Resource-list - https://github.com/HacTF/poc--exp - https://github.com/Stahlz/JQShell - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hudunkey/Red-Team-links +- https://github.com/john-80/-007 +- https://github.com/lp008/Hack-readme - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/slimdaddy/RedTeam - https://github.com/wateroot/poc-exp - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool diff --git a/2018/CVE-2018-9251.md b/2018/CVE-2018-9251.md index f2f6200136..41d85ad74d 100644 --- a/2018/CVE-2018-9251.md +++ b/2018/CVE-2018-9251.md @@ -13,6 +13,7 @@ The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allo - https://bugzilla.gnome.org/show_bug.cgi?id=794914 #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/andir/nixos-issue-db-example - https://github.com/junxzm1990/afl-pt - https://github.com/revl-ca/scan-docker-image diff --git a/2018/CVE-2018-9276.md b/2018/CVE-2018-9276.md index 0d12e0f04f..9818957e91 100644 --- a/2018/CVE-2018-9276.md +++ b/2018/CVE-2018-9276.md @@ -16,6 +16,7 @@ An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/A1vinSmith/CVE-2018-9276 - https://github.com/chcx/PRTG-Network-Monitor-RCE - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/wildkindcc/CVE-2018-9276 diff --git a/2018/CVE-2018-9862.md b/2018/CVE-2018-9862.md new file mode 100644 index 0000000000..3a515c64be --- /dev/null +++ b/2018/CVE-2018-9862.md @@ -0,0 +1,17 @@ +### [CVE-2018-9862](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9862) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows attackers to obtain root access by leveraging the presence of an initial numeric value on an /etc/passwd line, and then issuing a "docker exec" command with that value in the -u argument, a similar issue to CVE-2016-3697. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sandbornm/HardenDocker + diff --git a/2018/CVE-2018-9995.md b/2018/CVE-2018-9995.md index 94b35028b3..b030b554a0 100644 --- a/2018/CVE-2018-9995.md +++ b/2018/CVE-2018-9995.md @@ -17,6 +17,7 @@ TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in - https://github.com/0ps/pocassistdb - https://github.com/0xT11/CVE-POC - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Apri1y/Red-Team-links - https://github.com/Aquilao/Toy-Box - https://github.com/Cyb0r9/DVR-Exploiter - https://github.com/Echocipher/Resource-list @@ -27,12 +28,17 @@ TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in - https://github.com/ezelf/CVE-2018-9995_dvr_credentials - https://github.com/gwolfs/CVE-2018-9995-ModifiedByGwolfs - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hudunkey/Red-Team-links +- https://github.com/john-80/-007 - https://github.com/jweny/pocassistdb +- https://github.com/lp008/Hack-readme - https://github.com/maxpowersi/CamSploit - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/rufbot/rufbot - https://github.com/shacojx/cve-2018-9995 - https://github.com/sjomurodov/getDVR +- https://github.com/slimdaddy/RedTeam - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xiaoZ-hc/redtool - https://github.com/zzh217/CVE-2018-9995_Batch_scanning_exp diff --git a/2018/CVE-2018-9996.md b/2018/CVE-2018-9996.md index 5544d59d35..17315b88a3 100644 --- a/2018/CVE-2018-9996.md +++ b/2018/CVE-2018-9996.md @@ -13,7 +13,9 @@ An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU B - https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304 #### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark - https://github.com/andir/nixos-issue-db-example - https://github.com/junxzm1990/afl-pt - https://github.com/revl-ca/scan-docker-image +- https://github.com/tzf-key/MemLock_Benchmark diff --git a/2019/CVE-2019-0024.md b/2019/CVE-2019-0024.md new file mode 100644 index 0000000000..977bcb099c --- /dev/null +++ b/2019/CVE-2019-0024.md @@ -0,0 +1,17 @@ +### [CVE-2019-0024](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0024) +![](https://img.shields.io/static/v1?label=Product&message=Juniper%20ATP&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=5.05.0.3%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=XSS&color=brighgreen) + +### Description + +A persistent cross-site scripting (XSS) vulnerability in the Email Collectors menu of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. This issue affects Juniper ATP 5.0 versions prior to 5.0.3. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/SkyBulk/RealWorldPwn + diff --git a/2019/CVE-2019-0053.md b/2019/CVE-2019-0053.md index 0ad61453cd..5eb95ae448 100644 --- a/2019/CVE-2019-0053.md +++ b/2019/CVE-2019-0053.md @@ -15,6 +15,8 @@ Insufficient validation of environment variables in the telnet client supplied i #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/FritzJo/pacheck - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/dreamsmasher/inetutils-CVE-2019-0053-Patched-PKGBUILD - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-0192.md b/2019/CVE-2019-0192.md index 3305f6eefc..18bd5e0264 100644 --- a/2019/CVE-2019-0192.md +++ b/2019/CVE-2019-0192.md @@ -17,10 +17,12 @@ No PoCs from references. - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/Imanfeng/Apache-Solr-RCE - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/Rapidsafeguard/Solr-RCE-CVE-2019-0192 - https://github.com/SexyBeast233/SecBooks - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lp008/Hack-readme - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/mpgn/CVE-2019-0192 - https://github.com/r0eXpeR/redteam_vul diff --git a/2019/CVE-2019-0193.md b/2019/CVE-2019-0193.md index 675a67968d..fb402c839f 100644 --- a/2019/CVE-2019-0193.md +++ b/2019/CVE-2019-0193.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/1135/solr_exploit - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Imanfeng/Apache-Solr-RCE +- https://github.com/Loneyers/solr-rce - https://github.com/SexyBeast233/SecBooks - https://github.com/amcai/myscan - https://github.com/assetnote/blind-ssrf-chains @@ -26,7 +27,11 @@ No PoCs from references. - https://github.com/fengwenhua/CNVD-2021-26058 - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/jas502n/CVE-2019-0193 +- https://github.com/jaychouzzk/CVE-2019-0193-exp +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/scxiaotan1/Docker +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/tdtc7/qps - https://github.com/veracode-research/solr-injection - https://github.com/woods-sega/woodswiki diff --git a/2019/CVE-2019-0196.md b/2019/CVE-2019-0196.md index 92d5c99c0b..ba0d56a5d9 100644 --- a/2019/CVE-2019-0196.md +++ b/2019/CVE-2019-0196.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/Solhack/Team_CSI_platform +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/starnightcyber/vul-info-collect - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough diff --git a/2019/CVE-2019-0197.md b/2019/CVE-2019-0197.md index a0067e12e2..c9887eb20a 100644 --- a/2019/CVE-2019-0197.md +++ b/2019/CVE-2019-0197.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/Solhack/Team_CSI_platform +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/starnightcyber/vul-info-collect - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough diff --git a/2019/CVE-2019-0199.md b/2019/CVE-2019-0199.md index b84847179c..07e31afbfe 100644 --- a/2019/CVE-2019-0199.md +++ b/2019/CVE-2019-0199.md @@ -13,5 +13,6 @@ The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.3 No PoCs from references. #### Github +- https://github.com/ilmari666/cybsec - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough diff --git a/2019/CVE-2019-0205.md b/2019/CVE-2019-0205.md index f5aa6160e1..946f7c8fbd 100644 --- a/2019/CVE-2019-0205.md +++ b/2019/CVE-2019-0205.md @@ -13,5 +13,6 @@ In Apache Thrift all versions up to and including 0.12.0, a server or client may No PoCs from references. #### Github +- https://github.com/k1LoW/oshka - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2019/CVE-2019-0210.md b/2019/CVE-2019-0210.md new file mode 100644 index 0000000000..f3826a1560 --- /dev/null +++ b/2019/CVE-2019-0210.md @@ -0,0 +1,17 @@ +### [CVE-2019-0210](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0210) +![](https://img.shields.io/static/v1?label=Product&message=Apache%20Thrift&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Out-of-bounds%20read%20vulnerability&color=brighgreen) + +### Description + +In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/k1LoW/oshka + diff --git a/2019/CVE-2019-0211.md b/2019/CVE-2019-0211.md index 7571853d98..336d1dce6d 100644 --- a/2019/CVE-2019-0211.md +++ b/2019/CVE-2019-0211.md @@ -20,7 +20,9 @@ In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or p - https://github.com/0xbigshaq/php7-internals - https://github.com/SexyBeast233/SecBooks - https://github.com/Solhack/Team_CSI_platform +- https://github.com/ThePirateWhoSmellsOfSunflowers/TheHackerLinks - https://github.com/alphaSeclab/sec-daily-2019 +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/ozkanbilge/Apache-Exploit-2019 diff --git a/2019/CVE-2019-0217.md b/2019/CVE-2019-0217.md index 7ef52b0a7e..829b181918 100644 --- a/2019/CVE-2019-0217.md +++ b/2019/CVE-2019-0217.md @@ -13,7 +13,9 @@ In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth No PoCs from references. #### Github +- https://github.com/AliceMongodin/NSAPool-PenTest - https://github.com/Solhack/Team_CSI_platform +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough diff --git a/2019/CVE-2019-0220.md b/2019/CVE-2019-0220.md index 5c7ec945bd..84ff9e837d 100644 --- a/2019/CVE-2019-0220.md +++ b/2019/CVE-2019-0220.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/Solhack/Team_CSI_platform +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/starnightcyber/vul-info-collect - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough diff --git a/2019/CVE-2019-0221.md b/2019/CVE-2019-0221.md index 8e855195e3..920e89f701 100644 --- a/2019/CVE-2019-0221.md +++ b/2019/CVE-2019-0221.md @@ -17,6 +17,7 @@ The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/SexyBeast233/SecBooks - https://github.com/alphaSeclab/sec-daily-2019 +- https://github.com/ilmari666/cybsec - https://github.com/starnightcyber/vul-info-collect - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/woods-sega/woodswiki diff --git a/2019/CVE-2019-0227.md b/2019/CVE-2019-0227.md index 2970340b4d..652fea0d1f 100644 --- a/2019/CVE-2019-0227.md +++ b/2019/CVE-2019-0227.md @@ -20,6 +20,8 @@ A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 - https://github.com/amcai/myscan - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/ianxtianxt/cve-2019-0227 +- https://github.com/lp008/Hack-readme - https://github.com/nattimmis/CVE-Collection - https://github.com/sunzu94/AWS-CVEs diff --git a/2019/CVE-2019-0230.md b/2019/CVE-2019-0230.md index 9d5eb1ab7f..362aca1566 100644 --- a/2019/CVE-2019-0230.md +++ b/2019/CVE-2019-0230.md @@ -20,12 +20,14 @@ Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on r - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/BH2UOL/CVE-2019-0230 - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/PrinceFPF/CVE-2019-0230 - https://github.com/SexyBeast233/SecBooks - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/f8al/CVE-2019-0230-PoC - https://github.com/fengziHK/CVE-2019-0230 - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/ramoncjs3/CVE-2019-0230 - https://github.com/s1kr10s/Apache-Struts-v4 - https://github.com/woods-sega/woodswiki diff --git a/2019/CVE-2019-0232.md b/2019/CVE-2019-0232.md index f29fd52415..25b8f1f847 100644 --- a/2019/CVE-2019-0232.md +++ b/2019/CVE-2019-0232.md @@ -21,13 +21,16 @@ When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/flyme2bluemoon/thm-advent - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/ilmari666/cybsec - https://github.com/jas502n/CVE-2019-0232 +- https://github.com/lp008/Hack-readme - https://github.com/pyn3rd/CVE-2019-0232 - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/r0eXpeR/redteam_vul - https://github.com/safe6Sec/PentestNote - https://github.com/setrus/CVE-2019-0232 - https://github.com/starnightcyber/vul-info-collect +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/woods-sega/woodswiki - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2019/CVE-2019-0539.md b/2019/CVE-2019-0539.md index 4d5eb0b88a..dfee8d6d50 100644 --- a/2019/CVE-2019-0539.md +++ b/2019/CVE-2019-0539.md @@ -16,6 +16,7 @@ A remote code execution vulnerability exists in the way that the Chakra scriptin - https://www.exploit-db.com/exploits/46485/ #### Github +- https://github.com/0x43434343/CVE-2019-0539 - https://github.com/0x43434343/OSEE_OSWE_review_2022 - https://github.com/0xT11/CVE-POC - https://github.com/SkyBulk/the-day-of-nightmares diff --git a/2019/CVE-2019-0541.md b/2019/CVE-2019-0541.md index 2521cd4d07..c0aaaff688 100644 --- a/2019/CVE-2019-0541.md +++ b/2019/CVE-2019-0541.md @@ -19,5 +19,5 @@ A remote code execution vulnerability exists in the way that the MSHTML engine i - https://www.exploit-db.com/exploits/46536/ #### Github -No PoCs found on GitHub currently. +- https://github.com/H4xl0r/CVE_2019_0541 diff --git a/2019/CVE-2019-0604.md b/2019/CVE-2019-0604.md index ba3443a7ab..d41ca50920 100644 --- a/2019/CVE-2019-0604.md +++ b/2019/CVE-2019-0604.md @@ -16,6 +16,8 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/H0j3n/EzpzSharepoint +- https://github.com/NHPT/ysoserial.net - https://github.com/PWN-Kingdom/Test_Tasks - https://github.com/QWERTSKIHACK/Active-Directory-Exploitation-Cheat-Sheet. - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet @@ -28,8 +30,10 @@ No PoCs from references. - https://github.com/k8gege/CVE-2019-0604 - https://github.com/likescam/CVE-2019-0604_sharepoint_CVE - https://github.com/linhlhq/CVE-2019-0604 +- https://github.com/m5050/CVE-2019-0604 - https://github.com/michael101096/cs2020_msels - https://github.com/pwntester/ysoserial.net - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/r0eXpeR/supplier - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2019/CVE-2019-0626.md b/2019/CVE-2019-0626.md new file mode 100644 index 0000000000..823c7ffed0 --- /dev/null +++ b/2019/CVE-2019-0626.md @@ -0,0 +1,18 @@ +### [CVE-2019-0626](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0626) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) + +### Description + +A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ThePirateWhoSmellsOfSunflowers/TheHackerLinks + diff --git a/2019/CVE-2019-0666.md b/2019/CVE-2019-0666.md index 337660a18d..97c1f32b36 100644 --- a/2019/CVE-2019-0666.md +++ b/2019/CVE-2019-0666.md @@ -15,5 +15,6 @@ A remote code execution vulnerability exists in the way that the VBScript engine No PoCs from references. #### Github +- https://github.com/ThePirateWhoSmellsOfSunflowers/TheHackerLinks - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-0678.md b/2019/CVE-2019-0678.md index af433ec7dc..79d65d9c53 100644 --- a/2019/CVE-2019-0678.md +++ b/2019/CVE-2019-0678.md @@ -14,6 +14,8 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/c0d3G33k/CVE-2019-0678 +- https://github.com/c0d3G33k/That-evil-bookmark-in-your-browser - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-0708.md b/2019/CVE-2019-0708.md index cb94d267b2..0c393b40cd 100644 --- a/2019/CVE-2019-0708.md +++ b/2019/CVE-2019-0708.md @@ -18,13 +18,20 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html #### Github +- https://github.com/0x0021h/exploitsearch - https://github.com/0x4D31/fatt +- https://github.com/0x6b7966/CVE-2019-0708-RCE +- https://github.com/0xFlag/CVE-2019-0708-test - https://github.com/0xT11/CVE-POC - https://github.com/0xeb-bp/bluekeep - https://github.com/0xpetros/windows-privilage-escalation +- https://github.com/10ocs/Dos - https://github.com/10ocs/bluekeep +- https://github.com/1aa87148377/CVE-2019-0708 - https://github.com/301415926/PENTESTING-BIBLE - https://github.com/303sec/CVE-2019-0708 +- https://github.com/3xploit-db/Pentest-Tools-Framework +- https://github.com/5l1v3r1/ISPY-WAN - https://github.com/61106960/adPEAS - https://github.com/84KaliPleXon3/PENTESTING-BIBLE - https://github.com/AdministratorGithub/CVE-2019-0708 @@ -32,8 +39,11 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - https://github.com/Astrogeorgeonethree/Starred - https://github.com/Barry-McCockiner/CVE-2019-0708 - https://github.com/BlackburnHax/inntinn +- https://github.com/ChefGordon/List-O-Tools +- https://github.com/ChilledChild/CVE-A-Day - https://github.com/CnHack3r/Penetration_PoC - https://github.com/Cyb0r9/ispy +- https://github.com/CyberSift/CyberSift-Alerts - https://github.com/Ekultek/BlueKeep - https://github.com/ErdemOzgen/ActiveDirectoryAttacks - https://github.com/ExpLife0011/awesome-windows-kernel-security-development @@ -46,9 +56,12 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - https://github.com/HackerJ0e/CVE-2019-0708 - https://github.com/HarkjinDev/HarkjinDev - https://github.com/HynekPetrak/detect_bluekeep.py +- https://github.com/Iamgublin/0708Test - https://github.com/Idoit-z/python_nmap +- https://github.com/JSec1337/Scanner-CVE-2019-0708 - https://github.com/Jaky5155/cve-2019-0708-exp - https://github.com/JasonLOU/CVE-2019-0708 +- https://github.com/Kiz619ao630/StepwisePolicy3 - https://github.com/Leoid/CVE-2019-0708 - https://github.com/Mathankumar2701/ALL-PENTESTING-BIBLE - https://github.com/MedoX71T/PENTESTING-BIBLE @@ -63,6 +76,7 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - https://github.com/OCEANOFANYTHING/PENTESTING-BIBLE - https://github.com/Ondrik8/exploit - https://github.com/Pa55w0rd/CVE-2019-0708 +- https://github.com/PleXone2019/spy - https://github.com/R0B1NL1N/AD-Attack-Defense - https://github.com/RickGeex/msf-module-CVE-2019-0708 - https://github.com/Rostelecom-CERT/bluekeepscan @@ -75,9 +89,12 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - https://github.com/SwitHak/SwitHak.github.io - https://github.com/TamilHackz/windows-exploitation - https://github.com/Tengrom/Python_nmap +- https://github.com/The-Mario/MarioB - https://github.com/TinToSer/bluekeep-exploit +- https://github.com/Tk369/Rdp0708 - https://github.com/Tracehowler/Bible - https://github.com/UraSecTeam/CVE-2019-0708 +- https://github.com/Wh1teZe/solo-blog - https://github.com/YHZX2013/CVE-2019-0709 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/YSheldon/MS_T120 @@ -89,6 +106,7 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/ambynotcoder/C-libraries - https://github.com/andreafioraldi/cve_searchsploit +- https://github.com/andripwn/CVE-2019-0708 - https://github.com/areusecure/CVE-2019-0708 - https://github.com/at0mik/CVE-2019-0708-PoC - https://github.com/aymankhder/PENTESTING-BIBLE2 @@ -98,22 +116,30 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - https://github.com/blacksunwen/CVE-2019-0708 - https://github.com/blackunixteam/rdpscan - https://github.com/blockchainguard/CVE-2019-0708 +- https://github.com/cbwang505/CVE-2019-0708-EXP-Windows +- https://github.com/ceskillets/DCV-Predefined-Log-Filter-of-Specific-CVE-of-EternalBlue-and-BlueKeep-with-Auto-Tag- - https://github.com/cgoncalves1/Infosec-Resources +- https://github.com/chalern/Pentest-Tools - https://github.com/closethe/CVE-2019-0708-POC - https://github.com/codereveryday/Programming-Hacking-Resources - https://github.com/coolboy4me/cve-2019-0708_bluekeep_rce - https://github.com/cream-sec/CVE-2019-0708-Msf-- +- https://github.com/cve-2019-0708-poc/cve-2019-0708 - https://github.com/cvencoder/cve-2019-0708 - https://github.com/czq945659538/-study - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/distance-vector/CVE-2019-0708 - https://github.com/dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708- - https://github.com/eastmountyxz/CSDNBlog-Security-Based +- https://github.com/eastmountyxz/CVE-2019-0708-Windows - https://github.com/eastmountyxz/NetworkSecuritySelf-study +- https://github.com/eastmountyxz/SystemSecurity-ReverseAnalysis - https://github.com/echohun/tools - https://github.com/edvacco/CVE-2019-0708-POC - https://github.com/emtuls/Awesome-Cyber-Security-List - https://github.com/erSubhashThapa/pentest-bible - https://github.com/f8al/CVE-2019-0708-POC +- https://github.com/fade-vivida/CVE-2019-0708-test - https://github.com/fengjixuchui/RedTeamer - https://github.com/fourtwizzy/CVE-2019-0708-Check-Device-Patch-Status - https://github.com/freeide/CVE-2019-0708 @@ -142,17 +168,25 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - https://github.com/infenet/CVE-2019-0708 - https://github.com/infiniti-team/CVE-2019-0708 - https://github.com/infosecn1nja/AD-Attack-Defense +- https://github.com/innxrmxst/CVE-2019-0708-DOS - https://github.com/jeansgit/Pentest - https://github.com/jiansiting/CVE-2019-0708 +- https://github.com/jordanbertasso/MetaMap +- https://github.com/julienbassin/PSTenable +- https://github.com/k4yt3x/pwsearch - https://github.com/k8gege/CVE-2019-0708 - https://github.com/kevthehermit/attackerkb-api - https://github.com/kryptoslogic/rdppot - https://github.com/l9c/rdp0708scanner - https://github.com/lp008/CVE_2019_0708_Blue_screen_poc +- https://github.com/lp008/Hack-readme +- https://github.com/lwtz/CVE-2019-0708 - https://github.com/mai-lang-chai/System-Vulnerability - https://github.com/major203/cve-2019-0708-scan - https://github.com/matengfei000/CVE-2019-0708 +- https://github.com/mdiazcl/scanner-bluekeep - https://github.com/mekhalleh/cve-2019-0708 +- https://github.com/michael101096/cs2020_msels - https://github.com/mishmashclone/infosecn1nja-AD-Attack-Defense - https://github.com/morkin1792/security-tests - https://github.com/n0auth/CVE-2019-0708 @@ -164,22 +198,30 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - https://github.com/odimarf/blekeep - https://github.com/oneoy/BlueKeep - https://github.com/p0p0p0/CVE-2019-0708-exploit +- https://github.com/pengusec/awesome-netsec-articles - https://github.com/pentest-a2p2v/pentest-a2p2v-core - https://github.com/phant0n/PENTESTING-BIBLE +- https://github.com/pikpikcu/Pentest-Tools-Framework - https://github.com/pravinsrc/NOTES-windows-kernel-links +- https://github.com/project7io/nmap - https://github.com/pry0cc/BlueKeepTracker - https://github.com/pry0cc/cve-2019-0708-2 +- https://github.com/pwnhacker0x18/Wincrash - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qing-root/CVE-2019-0708-EXP-MSF- - https://github.com/qq431169079/CVE-2019-0709 +- https://github.com/r0co/bluekeep_scanner +- https://github.com/r0eXpeR/supplier - https://github.com/ridhopratama29/zimbohack - https://github.com/robertdavidgraham/rdpscan - https://github.com/rockmelodies/CVE-2019-0708-Exploit - https://github.com/safly/CVE-2019-0708 - https://github.com/sbkcbig/CVE-2019-0708-EXPloit - https://github.com/sbkcbig/CVE-2019-0708-EXPloit-3389 +- https://github.com/shishibabyq/CVE-2019-0708 - https://github.com/shuanx/vulnerability - https://github.com/shun-gg/CVE-2019-0708 +- https://github.com/skommando/CVE-2019-0708 - https://github.com/skyshell20082008/CVE-2019-0708-PoC-Hitting-Path - https://github.com/smallFunction/CVE-2019-0708-POC - https://github.com/sunzu94/AD-Attack-Defense @@ -187,18 +229,23 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - https://github.com/t31m0/PENTESTING-BIBLE - https://github.com/taielab/awesome-hacking-lists - https://github.com/tataev/Security +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/temp-user-2014/CVE-2019-0708 - https://github.com/thugcrowd/CVE-2019-0708 - https://github.com/tolgadevsec/Awesome-Deception - https://github.com/ttsite/CVE-2019-0708 - https://github.com/ttsite/CVE-2019-0708- - https://github.com/turingcompl33t/bluekeep +- https://github.com/ugur-ercan/exploit-collection +- https://github.com/uk45/XploitHunt +- https://github.com/ulisesrc/-2-CVE-2019-0708 - https://github.com/ulisesrc/BlueKeep - https://github.com/umarfarook882/CVE-2019-0708 - https://github.com/umeshae/BlueKeep - https://github.com/uoanlab/vultest - https://github.com/vincentfer/PENTESTING-BIBLE- - https://github.com/viszsec/CyberSecurity-Playground +- https://github.com/vulsio/go-msfdb - https://github.com/wateroot/poc-exp - https://github.com/wdfcc/CVE-2019-0708 - https://github.com/welove88888/888 @@ -215,6 +262,7 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - https://github.com/yetiddbb/CVE-2019-0708-PoC - https://github.com/yushiro/CVE-2019-0708 - https://github.com/ze0r/CVE-2019-0708-exp +- https://github.com/zecopro/bluekeep - https://github.com/zhang040723/web - https://github.com/zjw88282740/CVE-2019-0708-win7 diff --git a/2019/CVE-2019-0785.md b/2019/CVE-2019-0785.md index 4ed1d15fe1..0a73eaef10 100644 --- a/2019/CVE-2019-0785.md +++ b/2019/CVE-2019-0785.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/Jaky5155/CVE-2019-0785 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-0808.md b/2019/CVE-2019-0808.md index 3a802c6eac..a8c1de752a 100644 --- a/2019/CVE-2019-0808.md +++ b/2019/CVE-2019-0808.md @@ -16,6 +16,8 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon #### Github - https://github.com/0xT11/CVE-POC - https://github.com/Ascotbe/Kernelhub +- https://github.com/ChefGordon/List-O-Tools +- https://github.com/DreamoneOnly/CVE-2019-0808-32-64-exp - https://github.com/ExpLife0011/awesome-windows-kernel-security-development - https://github.com/Iamgublin/CVE-2020-1054 - https://github.com/Ondrik8/exploit @@ -23,6 +25,7 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/exodusintel/CVE-2019-0808 - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lp008/Hack-readme - https://github.com/paulveillard/cybersecurity-windows-exploitation - https://github.com/pravinsrc/NOTES-windows-kernel-links - https://github.com/qazbnm456/awesome-cve-poc diff --git a/2019/CVE-2019-0841.md b/2019/CVE-2019-0841.md index cb0991fc1c..39866c6ae7 100644 --- a/2019/CVE-2019-0841.md +++ b/2019/CVE-2019-0841.md @@ -24,6 +24,7 @@ An elevation of privilege vulnerability exists when Windows AppX Deployment Serv - https://github.com/S3cur3Th1sSh1t/SharpByeBear - https://github.com/S3cur3Th1sSh1t/SharpPolarBear - https://github.com/S3cur3Th1sSh1t/WinPwn +- https://github.com/ThePirateWhoSmellsOfSunflowers/TheHackerLinks - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/deadjakk/patch-checker - https://github.com/developer3000S/PoC-in-GitHub @@ -38,6 +39,8 @@ An elevation of privilege vulnerability exists when Windows AppX Deployment Serv - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/rasta-mouse/Watson - https://github.com/rogue-kdc/CVE-2019-0841 +- https://github.com/sgabe/CVE-2019-1253 +- https://github.com/sgabe/CVE-2019-1476 - https://github.com/shubham0d/SymBlock - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2019/CVE-2019-0859.md b/2019/CVE-2019-0859.md index ed0b5a1c89..6cfc5bdc93 100644 --- a/2019/CVE-2019-0859.md +++ b/2019/CVE-2019-0859.md @@ -25,5 +25,6 @@ No PoCs from references. - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lp008/Hack-readme - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2019/CVE-2019-0887.md b/2019/CVE-2019-0887.md index ff8f79d407..a8c1d04a8e 100644 --- a/2019/CVE-2019-0887.md +++ b/2019/CVE-2019-0887.md @@ -17,4 +17,5 @@ A remote code execution vulnerability exists in Remote Desktop Services - former - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/fengjixuchui/RedTeamer - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/qianshuidewajueji/CVE-2019-0887 diff --git a/2019/CVE-2019-0913.md b/2019/CVE-2019-0913.md new file mode 100644 index 0000000000..86b056e4e8 --- /dev/null +++ b/2019/CVE-2019-0913.md @@ -0,0 +1,21 @@ +### [CVE-2019-0913](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0913) +![](https://img.shields.io/static/v1?label=Product&message=ChakraCore&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Edge%20on%20Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Edge%20on%20Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Edge%20on%20Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Edge&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) + +### Description + +A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/0xlane/vu1hub + diff --git a/2019/CVE-2019-1002101.md b/2019/CVE-2019-1002101.md index 9298bc18f4..c5860ee735 100644 --- a/2019/CVE-2019-1002101.md +++ b/2019/CVE-2019-1002101.md @@ -24,4 +24,6 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/g3rzi/HackingKubernetes - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/heroku/bheu19-attacking-cloud-builds +- https://github.com/k1LoW/oshka diff --git a/2019/CVE-2019-1003000.md b/2019/CVE-2019-1003000.md index c7b862fdf5..0fefed358e 100644 --- a/2019/CVE-2019-1003000.md +++ b/2019/CVE-2019-1003000.md @@ -23,6 +23,7 @@ A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/gquere/pwn_jenkins - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/jaychouzzk/- - https://github.com/superfish9/pt - https://github.com/wetw0rk/Exploit-Development - https://github.com/woods-sega/woodswiki diff --git a/2019/CVE-2019-10072.md b/2019/CVE-2019-10072.md index 5e91e3cff9..c78a71c700 100644 --- a/2019/CVE-2019-10072.md +++ b/2019/CVE-2019-10072.md @@ -13,5 +13,6 @@ The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection w No PoCs from references. #### Github +- https://github.com/ilmari666/cybsec - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough diff --git a/2019/CVE-2019-10081.md b/2019/CVE-2019-10081.md index b6140ad3e3..316d42114e 100644 --- a/2019/CVE-2019-10081.md +++ b/2019/CVE-2019-10081.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/Solhack/Team_CSI_platform +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/starnightcyber/vul-info-collect - https://github.com/vshaliii/Funbox2-rookie - https://github.com/vshaliii/Vegeta1-Vulhub-Walkthrough diff --git a/2019/CVE-2019-10082.md b/2019/CVE-2019-10082.md index f1eb7febf1..8269241bf2 100644 --- a/2019/CVE-2019-10082.md +++ b/2019/CVE-2019-10082.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/Solhack/Team_CSI_platform +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough - https://github.com/vshaliii/Funbox2-rookie diff --git a/2019/CVE-2019-10092.md b/2019/CVE-2019-10092.md index 9ec8df023f..a956cc4a82 100644 --- a/2019/CVE-2019-10092.md +++ b/2019/CVE-2019-10092.md @@ -16,8 +16,10 @@ In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was rep - https://github.com/0xT11/CVE-POC - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Solhack/Team_CSI_platform +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/motikan2010/CVE-2019-10092_Docker - https://github.com/sobinge/nuclei-templates - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough diff --git a/2019/CVE-2019-10098.md b/2019/CVE-2019-10098.md index 01349e9354..14f071973e 100644 --- a/2019/CVE-2019-10098.md +++ b/2019/CVE-2019-10098.md @@ -17,6 +17,7 @@ No PoCs from references. - https://github.com/Solhack/Team_CSI_platform - https://github.com/alex14324/Eagel - https://github.com/alphaSeclab/sec-daily-2019 +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough diff --git a/2019/CVE-2019-1010022.md b/2019/CVE-2019-1010022.md index 4d618973f5..736ebabc49 100644 --- a/2019/CVE-2019-1010022.md +++ b/2019/CVE-2019-1010022.md @@ -15,4 +15,5 @@ #### Github - https://github.com/garethr/snykout +- https://github.com/madchap/opa-tests diff --git a/2019/CVE-2019-1010054.md b/2019/CVE-2019-1010054.md index 6912ef6f0b..e1ca361d97 100644 --- a/2019/CVE-2019-1010054.md +++ b/2019/CVE-2019-1010054.md @@ -14,6 +14,7 @@ Dolibarr 7.0.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/chaizeg/CSRF-breach - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-1010299.md b/2019/CVE-2019-1010299.md index 2fe3967f50..f3e468cdb7 100644 --- a/2019/CVE-2019-1010299.md +++ b/2019/CVE-2019-1010299.md @@ -13,5 +13,6 @@ The Rust Programming Language Standard Library 1.18.0 and later is affected by: No PoCs from references. #### Github +- https://github.com/Qwaz/rust-cve - https://github.com/xxg1413/rust-security diff --git a/2019/CVE-2019-10149.md b/2019/CVE-2019-10149.md index 17076b2bed..5989e7b7bc 100644 --- a/2019/CVE-2019-10149.md +++ b/2019/CVE-2019-10149.md @@ -20,13 +20,17 @@ A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation - https://github.com/0xT11/CVE-POC - https://github.com/0xdea/exploits - https://github.com/AzizMea/CVE-2019-10149-privilege-escalation +- https://github.com/Brets0150/StickyExim +- https://github.com/Chris-dev1/exim.exp - https://github.com/Diefunction/CVE-2019-10149 +- https://github.com/Dilshan-Eranda/CVE-2019-10149 - https://github.com/MNEMO-CERT/PoC--CVE-2019-10149_Exim - https://github.com/aishee/CVE-2019-10149-quick - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/area1/exim-cve-2019-10149-data - https://github.com/bananaphones/exim-rce-quickfix - https://github.com/cowbe0x004/eximrce-CVE-2019-10149 +- https://github.com/darsigovrustam/CVE-2019-10149 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/dhn/exploits - https://github.com/hackerhouse-opensource/exploits diff --git a/2019/CVE-2019-10173.md b/2019/CVE-2019-10173.md index fe121b51d6..3f9c3f54c4 100644 --- a/2019/CVE-2019-10173.md +++ b/2019/CVE-2019-10173.md @@ -17,6 +17,7 @@ No PoCs from references. - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/YIXINSHUWU/Penetration_Testing_POC +- https://github.com/chalern/Pentest-Tools - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc diff --git a/2019/CVE-2019-10210.md b/2019/CVE-2019-10210.md new file mode 100644 index 0000000000..c65f956682 --- /dev/null +++ b/2019/CVE-2019-10210.md @@ -0,0 +1,17 @@ +### [CVE-2019-10210](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10210) +![](https://img.shields.io/static/v1?label=Product&message=postgresql&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-377&color=brighgreen) + +### Description + +Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via superuser writing password to unprotected temporary file. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/msantos/cvecat + diff --git a/2019/CVE-2019-10216.md b/2019/CVE-2019-10216.md index bb3771cad0..d244294708 100644 --- a/2019/CVE-2019-10216.md +++ b/2019/CVE-2019-10216.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/barrracud4/image-upload-exploits +- https://github.com/hhc0null/GhostRule diff --git a/2019/CVE-2019-10392.md b/2019/CVE-2019-10392.md index 1c0619e027..be3798038d 100644 --- a/2019/CVE-2019-10392.md +++ b/2019/CVE-2019-10392.md @@ -16,10 +16,12 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/Retr0-ll/littleterm - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/ftk-sostupid/CVE-2019-10392_EXP - https://github.com/gquere/pwn_jenkins - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/jas502n/CVE-2019-10392 - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/r0eXpeR/redteam_vul +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2019/CVE-2019-1040.md b/2019/CVE-2019-1040.md index 154945cd75..10e04f4658 100644 --- a/2019/CVE-2019-1040.md +++ b/2019/CVE-2019-1040.md @@ -22,6 +22,7 @@ No PoCs from references. - https://github.com/AnonVulc/Pentest-Tools - https://github.com/Ascotbe/Kernelhub - https://github.com/ErdemOzgen/ActiveDirectoryAttacks +- https://github.com/EvilAnne/2019-Read-article - https://github.com/Gl3bGl4z/All_NTLM_leak - https://github.com/Nieuport/Active-Directory-Kill-Chain-Attack-Defense - https://github.com/R0B1NL1N/AD-Attack-Defense @@ -36,13 +37,17 @@ No PoCs from references. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/infosecn1nja/AD-Attack-Defense - https://github.com/lazaars/UltraRealy_with_CVE-2019-1040 +- https://github.com/lp008/Hack-readme - https://github.com/mishmashclone/infosecn1nja-AD-Attack-Defense +- https://github.com/nccgroup/Change-Lockscreen - https://github.com/penetrarnya-tm/WeaponizeKali.sh - https://github.com/preempt/ntlm-scanner +- https://github.com/severnake/Pentest-Tools - https://github.com/shantanu561993/DomainUserToDomainAdminTechniques - https://github.com/sunzu94/AD-Attack-Defense - https://github.com/tataev/Security - https://github.com/theyoge/AD-Pentesting-Tools +- https://github.com/wzxmt/CVE-2019-1040 - https://github.com/ycdxsb/WindowsPrivilegeEscalation - https://github.com/zer0yu/Intranet_Penetration_CheetSheets diff --git a/2019/CVE-2019-10567.md b/2019/CVE-2019-10567.md index e79b191180..7b0db08f00 100644 --- a/2019/CVE-2019-10567.md +++ b/2019/CVE-2019-10567.md @@ -13,5 +13,6 @@ There is a way to deceive the GPU kernel driver into thinking there is room in t No PoCs from references. #### Github +- https://github.com/secmob/TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices - https://github.com/xairy/linux-kernel-exploitation diff --git a/2019/CVE-2019-10708.md b/2019/CVE-2019-10708.md index 1e648675ed..926aed9204 100644 --- a/2019/CVE-2019-10708.md +++ b/2019/CVE-2019-10708.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/stavhaygn/CVE-2019-10708 diff --git a/2019/CVE-2019-10709.md b/2019/CVE-2019-10709.md index 55c1a80bae..afaa03bad3 100644 --- a/2019/CVE-2019-10709.md +++ b/2019/CVE-2019-10709.md @@ -14,5 +14,5 @@ AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overf - https://blog.telspace.co.za/2019/08/tsa-2019-001-asus-precision-touchpad.html #### Github -No PoCs found on GitHub currently. +- https://github.com/telspacesystems/Asus-DOS diff --git a/2019/CVE-2019-10723.md b/2019/CVE-2019-10723.md index 794401f88c..4acd1c59a6 100644 --- a/2019/CVE-2019-10723.md +++ b/2019/CVE-2019-10723.md @@ -13,5 +13,6 @@ An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class in doc/PdfP - https://sourceforge.net/p/podofo/tickets/46/ #### Github -No PoCs found on GitHub currently. +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark diff --git a/2019/CVE-2019-10742.md b/2019/CVE-2019-10742.md index 52a8a76d87..377dbc482f 100644 --- a/2019/CVE-2019-10742.md +++ b/2019/CVE-2019-10742.md @@ -18,4 +18,5 @@ Axios up to and including 0.18.0 allows attackers to cause a denial of service ( - https://github.com/puryersc/shiftleftv2 - https://github.com/puryersc/shiftleftv3 - https://github.com/puryersc/shiftleftv4 +- https://github.com/ray-tracer96024/Unintentionally-Vulnerable-Hotel-Management-Website diff --git a/2019/CVE-2019-10744.md b/2019/CVE-2019-10744.md index 0d60ae44ba..dea1e029cd 100644 --- a/2019/CVE-2019-10744.md +++ b/2019/CVE-2019-10744.md @@ -13,14 +13,17 @@ Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The - https://snyk.io/vuln/SNYK-JS-LODASH-450202 #### Github +- https://github.com/A2u13/JS-Security - https://github.com/JoBrad/casefold - https://github.com/MaySoMusician/geidai-ikoi - https://github.com/azuqua/cassanknex - https://github.com/chkp-dhouari/CloudGuard-ShiftLeft-CICD - https://github.com/duckstroms/Web-CTF-Cheatsheet - https://github.com/endorama/CsvToL10nJson +- https://github.com/nVisium/npm-deps-parser - https://github.com/puryersc/shiftleftv2 - https://github.com/puryersc/shiftleftv3 - https://github.com/puryersc/shiftleftv4 +- https://github.com/ray-tracer96024/Unintentionally-Vulnerable-Hotel-Management-Website - https://github.com/w181496/Web-CTF-Cheatsheet diff --git a/2019/CVE-2019-10746.md b/2019/CVE-2019-10746.md index dcc118f4ba..7f5338d48f 100644 --- a/2019/CVE-2019-10746.md +++ b/2019/CVE-2019-10746.md @@ -13,5 +13,6 @@ mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and ver - https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212 #### Github -No PoCs found on GitHub currently. +- https://github.com/nVisium/npm-deps-parser +- https://github.com/ray-tracer96024/Unintentionally-Vulnerable-Hotel-Management-Website diff --git a/2019/CVE-2019-10747.md b/2019/CVE-2019-10747.md index 45894cde2d..86b8a4f24c 100644 --- a/2019/CVE-2019-10747.md +++ b/2019/CVE-2019-10747.md @@ -13,5 +13,6 @@ set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The - https://snyk.io/vuln/SNYK-JS-SETVALUE-450213 #### Github -No PoCs found on GitHub currently. +- https://github.com/nVisium/npm-deps-parser +- https://github.com/ray-tracer96024/Unintentionally-Vulnerable-Hotel-Management-Website diff --git a/2019/CVE-2019-10758.md b/2019/CVE-2019-10758.md index 121e566bd7..9004b42a10 100644 --- a/2019/CVE-2019-10758.md +++ b/2019/CVE-2019-10758.md @@ -27,6 +27,9 @@ mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc - https://github.com/jweny/pocassistdb +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection +- https://github.com/lp008/CVE-2019-10758 +- https://github.com/masahiro331/CVE-2019-10758 - https://github.com/tdtc7/qps - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/yedada-wei/- diff --git a/2019/CVE-2019-10782.md b/2019/CVE-2019-10782.md new file mode 100644 index 0000000000..25e05f6428 --- /dev/null +++ b/2019/CVE-2019-10782.md @@ -0,0 +1,17 @@ +### [CVE-2019-10782](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10782) +![](https://img.shields.io/static/v1?label=Product&message=com.puppycrawl.tools%3Acheckstyle&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=XML%20External%20Entity%20(XXE)%20Injection&color=brighgreen) + +### Description + +All versions of com.puppycrawl.tools:checkstyle before 8.29 are vulnerable to XML External Entity (XXE) Injection due to an incomplete fix for CVE-2019-9658. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/abhisheksr01/spring-boot-microservice-best-practices + diff --git a/2019/CVE-2019-1082.md b/2019/CVE-2019-1082.md index 82ea073e65..9420b1ae7d 100644 --- a/2019/CVE-2019-1082.md +++ b/2019/CVE-2019-1082.md @@ -16,4 +16,5 @@ No PoCs from references. #### Github - https://github.com/CyberMonitor/somethingweneed - https://github.com/alphaSeclab/sec-daily-2019 +- https://github.com/pengusec/awesome-netsec-articles diff --git a/2019/CVE-2019-1083.md b/2019/CVE-2019-1083.md index c91c914ee6..ae9032df1c 100644 --- a/2019/CVE-2019-1083.md +++ b/2019/CVE-2019-1083.md @@ -56,4 +56,5 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/stevenseeley/HowCVE-2019-1083Works diff --git a/2019/CVE-2019-10842.md b/2019/CVE-2019-10842.md index 8cf40c0c03..2bcf6f8b2b 100644 --- a/2019/CVE-2019-10842.md +++ b/2019/CVE-2019-10842.md @@ -13,5 +13,5 @@ Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3. - https://snyk.io/vuln/SNYK-RUBY-BOOTSTRAPSASS-174093 #### Github -No PoCs found on GitHub currently. +- https://github.com/jacksimple/simple-cve-api diff --git a/2019/CVE-2019-10915.md b/2019/CVE-2019-10915.md index 85e7f6476c..9167a7ea5a 100644 --- a/2019/CVE-2019-10915.md +++ b/2019/CVE-2019-10915.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/jiansiting/CVE-2019-10915 diff --git a/2019/CVE-2019-1096.md b/2019/CVE-2019-1096.md index 69719595a7..4543c68ba9 100644 --- a/2019/CVE-2019-1096.md +++ b/2019/CVE-2019-1096.md @@ -19,6 +19,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/CrackerCat/cve-2019-1096-poc - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-11043.md b/2019/CVE-2019-11043.md index e2793aedfe..3ec7930c97 100644 --- a/2019/CVE-2019-11043.md +++ b/2019/CVE-2019-11043.md @@ -13,22 +13,33 @@ In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in - http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html #### Github +- https://github.com/0th3rs-Security-Team/CVE-2019-11043 - https://github.com/0xT11/CVE-POC - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/AleWong/PHP-FPM-Remote-Code-Execution-Vulnerability-CVE-2019-11043- +- https://github.com/B1gd0g/CVE-2019-11043 - https://github.com/CnHack3r/Penetration_PoC - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/HxDDD/CVE-PoC - https://github.com/LubinLew/WEB-CVE +- https://github.com/MRdoulestar/CVE-2019-11043 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/akamajoris/CVE-2019-11043-Docker +- https://github.com/alokaranasinghe/cve-2019-11043 - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/b0o/starred +- https://github.com/babebbu/TNI-CWC-GGEZ-Hosting +- https://github.com/bollwarm/tech-news - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/fairyming/CVE-2019-11043 - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/huowen/CVE-2019-11043 +- https://github.com/ianxtianxt/CVE-2019-11043 - https://github.com/izj007/wechat - https://github.com/jas502n/CVE-2019-11043 - https://github.com/jdecool/stars-feed @@ -36,15 +47,21 @@ In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in - https://github.com/k8gege/CVE-2019-11043 - https://github.com/kriskhub/CVE-2019-11043 - https://github.com/linuxserver/docker-nextcloud +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/ltfafei/my_POC - https://github.com/lucianonooijen/stargazed - https://github.com/m0ver/drupal-installation-issues +- https://github.com/moniik/CVE-2019-11043_env - https://github.com/neex/phuip-fpizdam - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/shadow-horse/cve-2019-11043 - https://github.com/supercid/awesome-starred - https://github.com/superfish9/pt - https://github.com/tdtc7/qps - https://github.com/theMiddleBlue/CVE-2019-11043 +- https://github.com/tinker-li/CVE-2019-11043 +- https://github.com/tjkess/byol +- https://github.com/ugur-ercan/exploit-collection - https://github.com/whalehub/awesome-stars - https://github.com/whoadmin/pocs - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2019/CVE-2019-1108.md b/2019/CVE-2019-1108.md index c4d3b4880b..1d3db01ecd 100644 --- a/2019/CVE-2019-1108.md +++ b/2019/CVE-2019-1108.md @@ -19,6 +19,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/Lanph3re/cve-2019-1108 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-11157.md b/2019/CVE-2019-11157.md index 11e6351abf..6c4ec4f710 100644 --- a/2019/CVE-2019-11157.md +++ b/2019/CVE-2019-11157.md @@ -16,4 +16,5 @@ Improper conditions check in voltage settings for some Intel(R) Processors may a - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/zkenjar/v0ltpwn diff --git a/2019/CVE-2019-11242.md b/2019/CVE-2019-11242.md new file mode 100644 index 0000000000..e7867a9851 --- /dev/null +++ b/2019/CVE-2019-11242.md @@ -0,0 +1,17 @@ +### [CVE-2019-11242](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11242) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A man-in-the-middle vulnerability related to vCenter access was found in Cohesity DataPlatform version 5.x and 6.x prior to 6.1.1c. Cohesity clusters did not verify TLS certificates presented by vCenter. This vulnerability could expose Cohesity user credentials configured to access vCenter. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cohesity/SecAdvisory + diff --git a/2019/CVE-2019-11245.md b/2019/CVE-2019-11245.md index 4a109f821a..3f53e556c4 100644 --- a/2019/CVE-2019-11245.md +++ b/2019/CVE-2019-11245.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/Metarget/awesome-cloud-native-security - https://github.com/alphaSeclab/sec-daily-2019 +- https://github.com/reni2study/Cloud-Native-Security2 diff --git a/2019/CVE-2019-11247.md b/2019/CVE-2019-11247.md index c35c1ac799..03e068e776 100644 --- a/2019/CVE-2019-11247.md +++ b/2019/CVE-2019-11247.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/g3rzi/HackingKubernetes +- https://github.com/stackrox/blog-examples diff --git a/2019/CVE-2019-1125.md b/2019/CVE-2019-1125.md index 4e236fa8e2..bb655b9d5f 100644 --- a/2019/CVE-2019-1125.md +++ b/2019/CVE-2019-1125.md @@ -19,6 +19,7 @@ An information disclosure vulnerability exists when certain central processing u #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/bitdefender/swapgs-attack-poc - https://github.com/codexlynx/hardware-attacks-state-of-the-art - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-11250.md b/2019/CVE-2019-11250.md new file mode 100644 index 0000000000..7264fde75f --- /dev/null +++ b/2019/CVE-2019-11250.md @@ -0,0 +1,17 @@ +### [CVE-2019-11250](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11250) +![](https://img.shields.io/static/v1?label=Product&message=Kubernetes&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-532%3A%20Inclusion%20of%20Sensitive%20Information%20in%20Log%20Files&color=brighgreen) + +### Description + +The Kubernetes client-go library logs request headers at verbosity levels of 7 or higher. This can disclose credentials to unauthorized users via logs or command output. Kubernetes components (such as kube-apiserver) prior to v1.16.0, which make use of basic or bearer token authentication, and run at high verbosity levels, are affected. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/k1LoW/oshka + diff --git a/2019/CVE-2019-11253.md b/2019/CVE-2019-11253.md index 973912b587..d2cae504c3 100644 --- a/2019/CVE-2019-11253.md +++ b/2019/CVE-2019-11253.md @@ -13,6 +13,7 @@ Improper input validation in the Kubernetes API server in versions v1.0-1.12 and No PoCs from references. #### Github +- https://github.com/Metarget/cloud-native-security-book - https://github.com/Metarget/metarget - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/g3rzi/HackingKubernetes diff --git a/2019/CVE-2019-11254.md b/2019/CVE-2019-11254.md new file mode 100644 index 0000000000..814f604c1c --- /dev/null +++ b/2019/CVE-2019-11254.md @@ -0,0 +1,17 @@ +### [CVE-2019-11254](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11254) +![](https://img.shields.io/static/v1?label=Product&message=Kubernetes&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-1050%3A%20Excessive%20Platform%20Resource%20Consumption%20within%20a%20Loop&color=brighgreen) + +### Description + +The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/naveensrinivasan/stunning-tribble + diff --git a/2019/CVE-2019-11269.md b/2019/CVE-2019-11269.md index ce86e65f80..5918d2a589 100644 --- a/2019/CVE-2019-11269.md +++ b/2019/CVE-2019-11269.md @@ -13,5 +13,5 @@ Spring Security OAuth versions 2.3 prior to 2.3.6, 2.2 prior to 2.2.5, 2.1 prior - http://packetstormsecurity.com/files/153299/Spring-Security-OAuth-2.3-Open-Redirection.html #### Github -No PoCs found on GitHub currently. +- https://github.com/BBB-man/CVE-2019-3778-Spring-Security-OAuth-2.3-Open-Redirection diff --git a/2019/CVE-2019-11358.md b/2019/CVE-2019-11358.md index 2ca4205a36..8e07bd741d 100644 --- a/2019/CVE-2019-11358.md +++ b/2019/CVE-2019-11358.md @@ -20,6 +20,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://www.tenable.com/security/tns-2020-02 #### Github +- https://github.com/0rganIzedKa0s/Mechanum-Drive-Train-Practice - https://github.com/0xT11/CVE-POC - https://github.com/11177/goal - https://github.com/11572MouseSpit/FreightFrenzy2021-2022 @@ -29,9 +30,22 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/15303/FreightFrenzy - https://github.com/15534/FtcRobotController2022 - https://github.com/1595Dragons/FTC-TeamCode +- https://github.com/16209-TheDreadPirateRobots/FTC - https://github.com/24parida/FtcRobotController-master - https://github.com/24pparikh/TechIntel2020-2021 - https://github.com/24pparikh/Test2 +- https://github.com/25alis/FTC-Game +- https://github.com/25auchak/Project-WISER +- https://github.com/25guptaa/FTCRepository_2021 +- https://github.com/26banera/Aarushi +- https://github.com/26girisi/FTCRepository1 +- https://github.com/26guptas/Shloka +- https://github.com/26guptas/UltimateGoal +- https://github.com/26mayyav/Vaishnavi +- https://github.com/26moorca/Repository-Name +- https://github.com/26turnea/First-Tech-Challenge +- https://github.com/26vaidha/season2021 +- https://github.com/26zhenga/Code-Stuff - https://github.com/3397/FTC-2022 - https://github.com/3658BOSONS/UG3 - https://github.com/4H-Botsmiths/FTC-18693-Freight-Frenzy @@ -39,25 +53,32 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/535tobor/TestBotRC7.1 - https://github.com/5484-Enderbots-FTC/Ultimate-Goal - https://github.com/5667-Robominers/FtcRobotController-master +- https://github.com/6369Designosars/Summer_Software_6.2 - https://github.com/8097-Botcats/21-22-Code - https://github.com/8097-Botcats/NEWrobotSDK - https://github.com/AHS-Robotics-Club/10396-Ultimate-Goal - https://github.com/AHS-Robotics-Club/12864-Freight-Frenzy - https://github.com/AHS-Robotics-Club/12864-UltimateGoal +- https://github.com/AHS-Robotics-Club/9686-FreightFrenzy - https://github.com/AIMAcademy/9997-FTC-2020 - https://github.com/AJPietan/FtcRobotController-master - https://github.com/AJain862/MechaMantisesFTC2021 - https://github.com/AJain862/NewRobotMechaMantises - https://github.com/AJmods/UltimateGoal6547_V2 +- https://github.com/ASethi04/Camera-Project - https://github.com/ASethi04/FTC6931-2021 - https://github.com/AbbyW89/something-real - https://github.com/AbyssOnGFuel/FTC-10332-TeamCode - https://github.com/Adna-Robotics/FTC-2020 +- https://github.com/AfraIsNotAvailable/Phoenix62 - https://github.com/AlessioToniolo/FTC-PID - https://github.com/Alokxmathur/FreightFrenzy - https://github.com/Alokxmathur/SilverTitans2020-2021 - https://github.com/Alokxmathur/UltimateGoal - https://github.com/AlphaBit-137/AlphaBit_RO137_FreightFrenzy_Code +- https://github.com/AlphaBit-137/AphaBit_RO137_UltimateGoal_Code +- https://github.com/AlphaBit-137/Freight_Frenzy_new_test_code +- https://github.com/Amanzegreat1/UltimateGoal - https://github.com/Andover-Robotics/10331-Ultimate-Goal2 - https://github.com/Andrew-Renfro/Andrew-Renfro - https://github.com/AndrewF1234/ftc_2022_0117 @@ -77,23 +98,32 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/AsianKoala/FTC_14607_new - https://github.com/AtticFanatics14079/FreightFrenzy - https://github.com/AtticFanatics14079/UltimateGoal +- https://github.com/AtticFanatics14079/UltimateGoalFanatics +- https://github.com/AuslinD/rookiecamp2021 - https://github.com/AusreisserSF/FtcUltimateGoal - https://github.com/Avyuuu/Philobots-2020-2021 - https://github.com/Awesomeness278/UltimateGoal2020-2021 - https://github.com/AwesomestCode/FtcRobotController +- https://github.com/AyaanNazir/RogueResistProject2020-2021 - https://github.com/AyaanNazir/StaticVoid-master7.0 +- https://github.com/AyaanNazir/StaticVoid6.2 - https://github.com/BJJmaster316/Henryrepo - https://github.com/BSG9432/BSGFreightFrenzy - https://github.com/BSG9432/CargoCraze +- https://github.com/BSG9432/Ultimate-Goal-2020-2021 - https://github.com/BaCoNeers/UltimateGoal - https://github.com/Bacon14212/First-tech - https://github.com/Bagel03/Dread-Bytes-2020 - https://github.com/Balabot15358/FreightFrenzy +- https://github.com/Bartimus03/RoboticsCode - https://github.com/Bay-Bots/FTC-Ultimate-Goal - https://github.com/Beastmodexol/UltronsMatrix - https://github.com/BeckettOBrien/FreightFrenzyRobotController - https://github.com/BeeGuyDude/2021-Pre-Olympia-FTC-Template +- https://github.com/BeeGuyDude/Nautilus-Nation-2021 +- https://github.com/BeeGuyDude/Vision-Presentation-Testing - https://github.com/Ben8176/BensTest +- https://github.com/Ben8176/Skystone2021 - https://github.com/BenFTC/BenFtc - https://github.com/BlackOps10373/FreightFrenzy - https://github.com/Blue-Chariots-of-Fire/FTC-2020-21-Ultimate-Goal @@ -107,7 +137,10 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/BossBots/FreightFrenzy - https://github.com/BotcatsSoftware/Ultimate-Goal-SDK - https://github.com/BotcatsSoftware/Ultimate-Goal-SDK-master +- https://github.com/BotcatsSoftware/VirtualRobotMaster2020 +- https://github.com/BradenSiegal/Java9-6-20 - https://github.com/BradenSiegal/Ultimate-Goal +- https://github.com/Brickwolves/CC21 - https://github.com/Brickwolves/LR20 - https://github.com/BruinBots/UltimateGoal - https://github.com/BuffaloWings-5015/FtcGamechangerUpdated @@ -119,6 +152,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/CC-Early-College-High-School-Robotics/comp3-6901-3-freightfrenzy - https://github.com/CHSrobotics21/FTCRobotController - https://github.com/CHSrobotics21/FtcRobotController-6.1_CHS2020-21 +- https://github.com/CHSrobotics21/TestBotProject - https://github.com/Cadmes-Creators-FTC/FTCFreightFrenzy - https://github.com/Cadmes-Creators-FTC/FTCUltimateGoal - https://github.com/Calabar-FTC/FTC_2022 @@ -141,6 +175,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/ChuyChugh/ftc-2021 - https://github.com/Cl0ck21/CrowForce2021-2022 - https://github.com/Cl0ck21/HAL9001D-master +- https://github.com/ClashOfCoders/UltimateGoal-2020-2021 - https://github.com/Clayton-Toste/ScotboticsFreightFrenzy - https://github.com/CommandoRobotics/FTC6042_FreightFrenzy_2021 - https://github.com/CommandoRobotics/FTC6042_UltimateGoal_2020 @@ -149,25 +184,34 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/CouGears/FTC_2021-2022 - https://github.com/Cris581416/18490-Season-2021 - https://github.com/Cud123/FTC-12241-Panther-Robotics-Code-Freight-Frenzy +- https://github.com/CyberPunkRobotics/ftc-ultimate-goal - https://github.com/CyberneticElks9567/FreightFrenzy - https://github.com/DCSPD-PantherRobotics/PantherRobotics_2022 - https://github.com/DanielRuf/snyk-js-jquery-174006 - https://github.com/DanielRuf/snyk-js-jquery-565129 - https://github.com/DarkMatter4150/FreightFrenzy2 +- https://github.com/DavidBNolen/Goal-BotFtc - https://github.com/DeanNevan/FtcRobotController-RBServer - https://github.com/Delta11225/11225FreightFrenzyObjectRecognition - https://github.com/DeltaRobotics-FTC/DR_20-21SDK6.1 +- https://github.com/DeltaRobotics-FTC/DR_2021_Offseason - https://github.com/DeltaRobotics-FTC/DR_2021_SDK_7.0 +- https://github.com/Devildogs11206/SummerCamp2021 +- https://github.com/Devildogs11206/UltimateGoal - https://github.com/Devin1Xbox/2020CCG-main - https://github.com/Devin34/TrailBlazer - https://github.com/DevoltRobotics/FreightFrenzy +- https://github.com/DhruvTryhard/Dhruv_Robot. - https://github.com/Dicu69/FTC- - https://github.com/DiegoPerez1441/FtcRobotController_DeusExMaquina - https://github.com/DiegoPerez1441/FtcRobotController_Hestia - https://github.com/DiegoPerez1441/FtcRobotController_Steminists +- https://github.com/DinVin24/FTC_cod_test - https://github.com/Dnemni/FTCJellyfishRobotController - https://github.com/Dnemni/FtcRobotController +- https://github.com/DolalaBanana/SkyStone-5.5 - https://github.com/DrIronfist/FTC +- https://github.com/DrPontificate/skystone - https://github.com/Dragon-Hatcher/UltimateGoalAutoDesignerTemplate - https://github.com/DragosBP/Teste - https://github.com/Dream-Machines-FTC16548/UltimateGoal @@ -180,27 +224,35 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/EastsidePreparatorySchool/UltimateGoal - https://github.com/Edgy13YearOld/pio2022 - https://github.com/Edward77-code/ftc_controll-master +- https://github.com/EdwardLiabc/Training-Project +- https://github.com/Eeshwar-Krishnan/RedesignedRobotcode - https://github.com/Eiline04/killme +- https://github.com/Ely31/control_hub_testing - https://github.com/Emerald-Knights/EK-2021-21 - https://github.com/Emerald-Knights/FreyhiteFrenzie +- https://github.com/EpRoboRaiders/AdamRobotController - https://github.com/EpRoboRaiders/freight-frenzy - https://github.com/EpRoboRaiders/freight-frenzy-test +- https://github.com/EricLottman/6.2ftc20-21-PADEMIC-EDITION-master - https://github.com/Esquimalt-Atom-Smashers/Chomper_not_working - https://github.com/Ethanporath/FtcRobotController-master - https://github.com/EvanBartekYeet/FTCRobitControlVNew - https://github.com/EvanBartekYeet/NewTestRambotics +- https://github.com/EvanCWolfe/VicRobotics2020-2021 - https://github.com/ExNihiloRobotics/FTC-Robot - https://github.com/ExcaliburGaming/2020Robotics - https://github.com/FIRE-Robotics-Old/FTCActual - https://github.com/FIRE-Robotics-Old/FTCTutorial - https://github.com/FIRE-Robotics-Old/UltimateGoal2021 - https://github.com/FIRE-Robotics/FreightFrenzy2022 +- https://github.com/FIRE-Robotics/UltimateGoal2021 - https://github.com/FIRST-4030/FTC-2020 - https://github.com/FIRST-4030/FTC-2021 - https://github.com/FIRST-Tech-Challenge/FtcRobotController - https://github.com/FIRST-Tech-Challenge/SkyStone - https://github.com/FIXIT3491/FTC_Sample - https://github.com/FIXIT3491/Freight_Frenzy_3491 +- https://github.com/FIXIT3491/Ultimate_Goal_3491 - https://github.com/FM493RS-FTC-Team-16944/Ultimate-Goal - https://github.com/FPDRobotics/Gen2 - https://github.com/FRC1410/FTC18677-2021 @@ -211,6 +263,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/FRCTeam4069/FTC2020 - https://github.com/FTC-10195/FTC-10195-2021-2022 - https://github.com/FTC-16360-RC/FTC-16360-2022 +- https://github.com/FTC-18140/JavaClass - https://github.com/FTC-18477-21-22/Freight-Frenzy-2021 - https://github.com/FTC-18568/2021-2022-TeamCode - https://github.com/FTC-18663/2020 @@ -218,6 +271,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/FTC-9277/9777FTCRobotController-FreightFrenzy - https://github.com/FTC-9974-THOR/Ultimate_Goal - https://github.com/FTC-Aztechs/Sgeophrii_UltimateGoal-master +- https://github.com/FTC-Freight-Frenzy-Software/Arinjay-Repository - https://github.com/FTC-Freight-Frenzy-Software/MasterSoftware - https://github.com/FTC-Gaelstrom/Gaelstrom2021-2022 - https://github.com/FTC-Gaelstrom/ModifiedGaelstrom2021-2022 @@ -238,22 +292,27 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/FTC6934/2021-2022FreightFrenzy - https://github.com/FTC7729/2020-FTC-UltimateGoal - https://github.com/FTC8535-SuperNova/2022_21_FreightFrenzy_8535 +- https://github.com/FTC9013/Team-9013-ftc_app-2020-2021 - https://github.com/FTC9182/FTC9182-2021-2022 - https://github.com/FTC9837/FTC9837_UltimateGoal - https://github.com/FTC9889/CC_9889_2020_2021 - https://github.com/FTCJoeBots/2020-JoeBots-Training-Ground +- https://github.com/FTCNinjabots/Ninjabots-Freight-Frenzy-2021-22 - https://github.com/FTCNinjabots/NinjabotsFinalFF2022 - https://github.com/FTCPiRhos/UltimateGoal - https://github.com/FTCPlanB-5309/Freight-Frenzy - https://github.com/FTCTeam7610-Software/7610-Software-Version-7.1 - https://github.com/FTCTeam7610-Software/7610Software-7.1 - https://github.com/FUTURE-FTC10366/FTCFreightFrenzy-2021-22 +- https://github.com/FaltechFTC/FtcRobotController2122 - https://github.com/Firelement/FTC-Team-11308-Ultimate-Goal - https://github.com/FlamingPhoenix/FP_7423_FreightFrenzy - https://github.com/FlamingPhoenix/FP_7423_UltimateGoal - https://github.com/Friends-Robotics/main-robot-repo - https://github.com/Fries2005/FTCTesting21223 +- https://github.com/Frits-Philips-Robotics-Team/16383ultimate - https://github.com/Frits-Philips-Robotics-Team/ultGoal16383 +- https://github.com/Ftc-19374/ftc_robot_controller_6.2_ug - https://github.com/Ftc-EmekHefer11226/Robot2021 - https://github.com/Ftcamb-Al/FtcRobotController16049 - https://github.com/FullMetalFalcons/FTC-2020-UltimateGoal-15668 @@ -270,13 +329,20 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/Gluons-5439/FtcRobotController6.0 - https://github.com/Gluons-5439/UltimateGoal6.0 - https://github.com/Grant12345/9956UlitmateGoalv3 +- https://github.com/Grant12345/FTC-2020-Ultimate-Goal - https://github.com/HAPPYCOWDANCE/FTC-test - https://github.com/HCROBOTICS/ftc-ultimate-goal +- https://github.com/HHS-Robotics-Archive/FtcRCWorkshop - https://github.com/Hav0k42/FTC-2020-Ultimate-Goal - https://github.com/HazenRobotics/freight-frenzy +- https://github.com/HazenRobotics/tile-runner +- https://github.com/Herberger-Robotics/2020-2021-JAVELINAS-SKYSTONE +- https://github.com/Herberger-Robotics/2020-2021-SKYSTONE - https://github.com/Herberger-Robotics/HOWLERS - https://github.com/Herberger-Robotics/HOWLERS2021-2022 +- https://github.com/Herberger-Robotics/practicerepo - https://github.com/Heroberg1-zz/FtcRobotController-master-Update-6.1 +- https://github.com/HerveSV/FTC_PantherRobotics_2021 - https://github.com/Hi-TechHornets/Ultimate-Goal - https://github.com/HighOakRobotics/11392UltimateGoal - https://github.com/HighOakRobotics/16457FreightFrenzy @@ -285,9 +351,12 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/Hopkins-Robotics-Gray-12377/freight-frenzy-12377 - https://github.com/IEsneault/FreightFrenzy - https://github.com/IEsneault/FreightFrenzy_2.0 +- https://github.com/IEsneault/UltimateGoal61-master - https://github.com/INH14084/14084FreightFrenzyCode - https://github.com/ITheo154/control-robot-ultimategoal +- https://github.com/Iamshlokagupta/Ultimategoal_2021 - https://github.com/IconManiacsFTC/2020-FTC-UltimateGoal-master +- https://github.com/Ilgneous/Trollbot4546 - https://github.com/Im-not-a-bot/roboPiotr - https://github.com/Innov8FIRST/UltimateGoal - https://github.com/InspirationRobotics/inspiration_ftc @@ -296,10 +365,12 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/IronReign/FreightFrenzyPipeline - https://github.com/Isaac4321/Chomper - https://github.com/Isabella6776/FreightFrenzy +- https://github.com/IsaiahMcChen/FtcRobotController-master - https://github.com/ItsSamm/MinimumWagersRepo-master - https://github.com/ItzBlackMagma/Team-6189-Code-Updated - https://github.com/JCharatCollins/RoboRavens-UltimateGoal - https://github.com/JIceberg/FTCLib-Dependency-Tests +- https://github.com/JLee-Sin/EHSFTC - https://github.com/JWu0126/FTC-519-2021 - https://github.com/JWu0126/Updated-FTC-519-2021 - https://github.com/JaanviC25/GeneralRelativity21-22 @@ -314,21 +385,29 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/JayZeeKay/GGRepo - https://github.com/JebShortly/ftc-2022-frieght-frenzy - https://github.com/Jellyfish4654/FreightFrenzy +- https://github.com/Jfee04/Team_1_Skystone +- https://github.com/Johnson-Tan/Wrench-Toast-2k20 - https://github.com/JollyBlue19823/FtcRobotics +- https://github.com/Jotaroswifuhehe/FtcRobotController-master - https://github.com/JoxerMoe2/FTC14084FreightFrenzyCodeStore - https://github.com/Jschuetzle/SwampBotsCode - https://github.com/JustJax01/Keene-High-Robotics - https://github.com/Juyoung0701/FtcRobotController-master - https://github.com/Kalyani12849/FTC2021 - https://github.com/Katuna/FtcRC_Islandbots +- https://github.com/Kdhupar21/ELITEUltimategoal - https://github.com/KennedyRoboEagles/FTC2021-FreightFrenzy - https://github.com/Kimzs/FirstT - https://github.com/Knights8081/UltimateGoal +- https://github.com/KnutP/UltimateGoal_Ri30H +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/KuriosityRobotics/UltimateGoal - https://github.com/KyleeCopeland/FTCFreightFrenzy - https://github.com/LaSalleRobots/Freight-Frenzy - https://github.com/LakehillBionicles/FreightFrenzy_1 +- https://github.com/LakehillBionicles/UltimateGoal_1 - https://github.com/LaneStanley/Garnet-Squadron-Freight-Frenzy +- https://github.com/LauraE4/LauraE - https://github.com/LegendarySwift123/UGBasic - https://github.com/LegendarySwift123/UGScrimmage5 - https://github.com/LenickTan/20-21ultgaol @@ -341,6 +420,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/LightningShock11/Robot-X-FTC-2020-2021 - https://github.com/LightningShock11/Robot-X-FTC-2021-2022 - https://github.com/LillyFrazee05/FtcRobotController-master +- https://github.com/LincolnRoboticsFTC14298/FtcRobotController2020-21 - https://github.com/LoganLeeTwentyThree/13348_auto_code - https://github.com/LostInTime4324/2020-2021-code - https://github.com/LostInTime4324/LIT_2021-2022 @@ -349,6 +429,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/LucyHarrison/FTC2021-girlboss - https://github.com/Lunerwalker2/FreightFrenzy1002 - https://github.com/Lunerwalker2/SwerveDriveTesting +- https://github.com/Lydia356/Sensors - https://github.com/Lynx-Robotics/LynxRobotics2020-2021 - https://github.com/LyricalMoon764/UltimateGoal - https://github.com/M-Karamambo/FTC-OffSeason-2022 @@ -356,8 +437,10 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/MHS-FTC/chronobreak-20-21 - https://github.com/MHS-FTC/chronobreak-21-22 - https://github.com/MICDSRobotics-9911/Ramifications-Robot-Code +- https://github.com/MLin2071/FtcRobotController-6.2 - https://github.com/MOCOSTUDS/Studs2022 - https://github.com/MachineKings/MKFreightFrenzy +- https://github.com/MagicMonkyBoy/8204RobotCode - https://github.com/MagicMonkyBoy/8204RobotCode20-21 - https://github.com/MasterH6168/freight-frenzy-2021-2022- - https://github.com/Mau-MD/Voltrons2022 @@ -367,8 +450,12 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/MechanicalMonkeys/FreightFrenzy - https://github.com/MechanicalParadox/FtcUGRobotController - https://github.com/Meeeee6623/Ultimate-Goal-Dev-FTC-327 +- https://github.com/Melanie5710/Melanie2 +- https://github.com/Melanie5710/MelanieM - https://github.com/Meschdog18/khs-robotics-2022 - https://github.com/MiSalocin/BahTech-UltimateGoal +- https://github.com/Michael-the-Hutt/SkyStone +- https://github.com/Michaellsterk/FTC_UltimateGoal_2020-21 - https://github.com/MidnightRiver/FtcRobotController-15374 - https://github.com/MijaWheeler/FF_4 - https://github.com/MijaWheeler/FF_Test2 @@ -376,10 +463,13 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/MijaWheeler/TestFF - https://github.com/MijaWheeler/UltimateGoal_FTC2020 - https://github.com/MilpitasRobotics/0669FTCUltimateGoal +- https://github.com/MishalMalik05/Training- - https://github.com/Mona-Shores-FTC-Robotics/Freight-Frenzy - https://github.com/MondayLXJ/FreightFrenzy-2022-master - https://github.com/MortalXDTroll/FtcRobotController-masterMXT +- https://github.com/Mosrod/BlueprintUltimateGoalFTC - https://github.com/MostlyOperational18119/FreightFrenzy-OpenCV +- https://github.com/MotamoRO/CodeForFTC2021 - https://github.com/MrPy5/FtcRobotController-master - https://github.com/Mukdonalds/IconManiacsQualifier2-master - https://github.com/NBPS-Robotics/FTC-Code-Team-9987-2022 @@ -388,27 +478,35 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/NDCLRobotics/2021-UltimateGoal - https://github.com/NDCLRobotics/2022-FreightFrenzy - https://github.com/NDRoboknights/FTC-UG-2021 +- https://github.com/NKKFu/bootz-code-2021 - https://github.com/NKKFu/roboot-ftc-code-2021 - https://github.com/NT2006/Ftc-vc +- https://github.com/NULLtm/OptimizedFTC - https://github.com/NateVonHagen/teststuff - https://github.com/NathanKe/CoachBotFreightFrenzy - https://github.com/Naumanbo/FreightFrenzyTeam7006 - https://github.com/Naumanbo/Robot - https://github.com/Naumanbo/Team7006 - https://github.com/NawaPlayz/symmetrical-chainsaw +- https://github.com/NayaL-26/FtcRobotController-master - https://github.com/NedMihnea/CODU-FREIGHT-FRENZY - https://github.com/Nerdettes/FTCRobotController - https://github.com/NerdyNarwhalPro/2020-21-UltimateGoal +- https://github.com/NicholasBlackburn1/Ftc-SKyStone-2020-2021 - https://github.com/Nikarton123/FTCUltimateGoal - https://github.com/NotJosh12835/freight-frenzy - https://github.com/NovaKnight14691/ftc14691-disabled - https://github.com/NovaKnight14691/ftc_14691 +- https://github.com/NuclearLion/SoftHoardersUG +- https://github.com/NuclearLion/SoftHoardersUG2 - https://github.com/NutAndBoltz/FreightFrenzy - https://github.com/OHSrobots/2021-2022-Season - https://github.com/OMEGA-FTC9110/FTCFreightFrenzy-2021-22 - https://github.com/OhBoyItsFrancis/ReMOEte-FtcRobotController - https://github.com/OlybotRobotics/FTCRobotController +- https://github.com/OnkarSama/FTC - https://github.com/Opgorg/FrieghtFrenzyMW +- https://github.com/OrigamiYoda/ftcVersionControlDemo - https://github.com/OurGreatLeaderEason/MyRepo - https://github.com/OutoftheBoxFTC/UltimateGoal6.1 - https://github.com/OverlakeRobotics/Nocturnal-2020-Ultimate-Goal @@ -423,10 +521,14 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/PHREDRobotics/FTC8892_2021 - https://github.com/PMBradley/CtRW_Code_2020 - https://github.com/ParagonFTC/freight-frenzy +- https://github.com/ParagonFTC/ftc18326-2021 +- https://github.com/ParagonFTC/summer-2021-training - https://github.com/ParagonFTC/ultimate-goal - https://github.com/Patrick-McGuire/FTC-2020 - https://github.com/Patriotic-Robotics-6372/FreightFrenzy +- https://github.com/Patriotic-Robotics-6372/FreightFrenzy-old - https://github.com/Patriotic-Robotics-6372/UltimateGoal +- https://github.com/Patriotic-Robotics-6372/UltimateGoal-old - https://github.com/PaulFong1/21-22_FTC16887 - https://github.com/PaulFong1/fright-frazy - https://github.com/PaulHenrik/Sandbox_UltimateGoal @@ -452,6 +554,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/PureTrippH/FreeShippingController - https://github.com/PurpleCircuits/FTC_2020-2021 - https://github.com/QASMT-FTC/FTC-13626-Team2 +- https://github.com/R3Vipers/test - https://github.com/RO028-ArchiTechs/Game-Changers-ArchiTechs - https://github.com/RaSky-122/FreightFrenzy_RCv7 - https://github.com/RahulB640/FTCFreightFrenzy2021-2022 @@ -461,16 +564,21 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/RaresLiscan/freight-frenzy - https://github.com/RaresLiscan/ftc-ultimate-goal - https://github.com/RazvanVictor/ftc-version-control-demo +- https://github.com/Redfalcon5-ai/7172-Offseason2021 - https://github.com/Redlion010/4546-21 - https://github.com/RisingNinjas16391/FreightFrenzy - https://github.com/RoBuffs/2021-Controller +- https://github.com/Robert007-23/2020UG - https://github.com/Robin-924/SV6990FF +- https://github.com/RoboDilbert/2020UltimateGoal - https://github.com/RoboDilbert/2021FreightFrenzy - https://github.com/RoboKnights-FTC112/FTC-2018-White - https://github.com/RoboStars/FTC-real-robostars +- https://github.com/RoboStars/FTCTeamCode21-22 - https://github.com/Robosapiens-20/FTC-Ultimate-Goal-Robosapiens - https://github.com/Robot-X-4969/Robot-X-FTC-2021-2022 - https://github.com/Robot-X-4969/RobotX-FTC-2021-2022v2 +- https://github.com/Robot-X-4969/RobotX2021-2022 - https://github.com/Robot-X-4969/RobotX2021-22MiniBot - https://github.com/Robot-X-4969/robotx21-22 - https://github.com/RobotIGS/FTC11515_UltimateGoal @@ -479,14 +587,17 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/RogueResistance/Meet4RR - https://github.com/RonakChaudhuri/FTC_Code_6200 - https://github.com/Rownee/UltimateGoal +- https://github.com/Rshah2067/2020-FTC-UltimateGoal-master - https://github.com/RuthGajj05/FtcRobotController-master - https://github.com/SACHSTech/FTC19446-TTG - https://github.com/SACHSTech/FTC19447-TT2EB +- https://github.com/SARossi1/SkyStone-master - https://github.com/SCHS-Robotics/Crow-Force-2020-2021-SCHS - https://github.com/SCHS-Robotics/HAL9001 - https://github.com/SCHSRaiderbots/UltimateGoal - https://github.com/SHP-Robotics/16886-Code-FreightFrenzy - https://github.com/SHP-Robotics/BaseBot-Template +- https://github.com/SHP-Robotics/base-bot-new - https://github.com/SV612/FTC9830CVHS - https://github.com/SaiBossUltra/UltimateGoal-Sai - https://github.com/SaladQueeny/FTC_KTM_2020_2021_ExpansionHub_6_1 @@ -497,6 +608,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/SchillingW/FtcFreightFrenzy_2021_2022 - https://github.com/SchillingW/FtcUltimateGoal_2020-2021 - https://github.com/SchillingW/PatentPending_14384_2021_FtcFreightFrenzy_7.0 +- https://github.com/Sci-Fighters-Tel-Mond/Temp-Repo - https://github.com/Seb-Robochoa/RogueResistanceUG - https://github.com/SelinaArjomand/2021-FTC-UltimateGoal-master - https://github.com/SequoiaRobotics/FtcRobotController-2021-4475 @@ -504,26 +616,34 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/SequoiaRobotics/FtcRobotController-2021-gc - https://github.com/Servo-Stressers/FTC-Robot - https://github.com/Serylda/503RoadJopper +- https://github.com/Serylda/Temporary-11503UltimateGoal +- https://github.com/ShinigamiHiruzen/SteamOs +- https://github.com/ShivenV/FTC-FREIGHT-FRENZY-2021-22 - https://github.com/ShrishChou/BioBotsFreightFrenzy - https://github.com/SilasBehnke/UltimateGoal - https://github.com/SilkPDX/New7100Controller - https://github.com/SoftHoardersOG/FreightFrenzy7 +- https://github.com/SoftHoardersOG/UlltimateGoalNational - https://github.com/SoftHoardersOG/UltimateGoal2020 - https://github.com/Sova-Tech/FTC-2021-2022 - https://github.com/SpaceWalkr808/omegabots_2022 - https://github.com/Spanini2/idk - https://github.com/StamatieMihnea/UltimateGoal2020 +- https://github.com/StamatieMihnea/UltimateGoalSoftHoarders - https://github.com/StevenKuna/2021-FTC-Freight-Frenzy - https://github.com/SuhasB1/eftc - https://github.com/SuperNovaX100/ftc-wagar-2020 - https://github.com/Superman132/StaticDischargeCode - https://github.com/Supernova11567/Robot2021 +- https://github.com/SuperstellarHannah/WISER - https://github.com/Swampbots/FreightFrenzy +- https://github.com/Swampbots/UltimateGoal - https://github.com/Swampbots/UltimateGoal6.0 - https://github.com/T-Code07/FTC-LRCA-Joshua - https://github.com/TPNxl/ViridianUltimateGoal_Final - https://github.com/TToTheFourth/Fright-Frenzy - https://github.com/TToTheFourth/UltimateGoal +- https://github.com/TYW-da/FtcRobotController-master - https://github.com/Tarnegolden/Everglow2021-22 - https://github.com/Tatooine12201-ftc/ftc-21-22 - https://github.com/TausManifesto/FTC2021 @@ -536,13 +656,16 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/Team14561/UltimateGoal - https://github.com/Team2068/2021-ftc-code - https://github.com/Team2068/2021-ftc-one +- https://github.com/Team2338/TShirtCannon2021 - https://github.com/Team6633/TeamDrive - https://github.com/Team7593/FreightFrenzy +- https://github.com/TeamRobotux/UltimateGoal - https://github.com/TeamRoundedCube/FreightFrenzy21-22 - https://github.com/TeodorRuse/Test2 - https://github.com/Tevillo/FtcRobotController - https://github.com/The-Dynabots/Freight-Frenzy - https://github.com/The-Innovation-Story/FreightFrenzy_FTC +- https://github.com/The-Knights-of-Ni/Skystone2020 - https://github.com/The-Knights-of-Ni/UltimateGoal2021_6.2 - https://github.com/TheCometH/FtcRobotController-master - https://github.com/TheCoolGuy123/FrieghtFrenzy-Controller_and_Autonomous_Test @@ -552,6 +675,8 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/TheronAma/Freight-Frenzy - https://github.com/TheronAma/Freight-Frenzy-Ri2W - https://github.com/TheronAma/Ultimate-Goal +- https://github.com/Thornado4/ftc-vc-test +- https://github.com/Thunderbots5604/2021-UltimateGoal-Final - https://github.com/Tiberiw/FTC_2021 - https://github.com/Tiberiw/Test1 - https://github.com/Tiberiw/Test2 @@ -566,6 +691,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/TrezzyOnCrack/FTC - https://github.com/TrojanDotEXE/FTC-Trojan.exe - https://github.com/TrojanDotEXE/Trojan.exe_148 +- https://github.com/TudorChirila11/cv-useless - https://github.com/TudorFerecus/Programare - https://github.com/TudorFerecus/Programare-Brave-Bots-Freight-Frenzy - https://github.com/TullyNYGuy/FtcRobotController @@ -579,12 +705,18 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/UpliftRobotics/UltimateGoal18172 - https://github.com/VCInventerman/Sargon-FTC-2021-2022 - https://github.com/VamsiPasumarthi/14889-Team-Code +- https://github.com/VasuBanga12/FTCTest - https://github.com/Vector5233/UltimateGoal2 - https://github.com/VigneshSK17/9686-FreightFrenzy-Mecanum-Old +- https://github.com/VigneshSK17/TestingRepo +- https://github.com/Viridian-Roboics/ProgrammerPractice - https://github.com/VivenPuthenpurayil/2020UltimateGoal +- https://github.com/VivenPuthenpurayil/UltimateGoalStates - https://github.com/VladimirKaznacheiev/2020-FTC-UltimateGoal-6.0 +- https://github.com/Voltage16592/FreightFrenzy - https://github.com/Voltage16592/UltimateGoal - https://github.com/VulcanRobotics8375/FreightFrenzy8375 +- https://github.com/VulcanRobotics8375/OffSeason2021 - https://github.com/VulcanRobotics8375/UltimateGoal8375 - https://github.com/WAGS6037/2021_22_FTC_FreightFrenzy - https://github.com/WAGhostRobotics/FreightFrenzy @@ -595,10 +727,16 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/WARbotics/FTC-2022 - https://github.com/WHHSFTC/20-21_season - https://github.com/WHSRobotics/542_20-21_ftc +- https://github.com/WHSRobotics/542_20-21_ftc_summer +- https://github.com/WHSRobotics/542_21-22_Practice - https://github.com/WHSRobotics/542_21-22_ftc +- https://github.com/WHSRobotics/542_ftc_20-21_demo - https://github.com/WHSRobotics/ftc_21-22_practice - https://github.com/WRARobotics/FTC - https://github.com/WSRWavedroids/FreightFrenzy +- https://github.com/Warrior-Robotics-Salamanca/2021-Final-Goal-Code +- https://github.com/Watt-sUP/UltimateGoal-Ri3d +- https://github.com/Westly-Bouchard/Biolime-2021 - https://github.com/WestwoodRobotics/FTC-Arrowhead-2020 - https://github.com/WestwoodRobotics/FTC-Arrowhead-2021 - https://github.com/WestwoodRobotics/FTC-Atlatl-2020 @@ -617,24 +755,32 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/WoodrowRookieRoboTeam/RookiesRobotController - https://github.com/WrenchDressing/UltimateGoal - https://github.com/Wurlie/FTC-Autonomous-Anonymous-2021-2022- +- https://github.com/XAXB75/Settings.java - https://github.com/Xterminate1818/CanadianRobotics - https://github.com/Xterminate1818/CanadianRobotics2021 - https://github.com/YahyaElGawady/HugBot2021-2022 - https://github.com/abdullah1alhakeem/FTC-test - https://github.com/abhardwaj09/ftc-19539 - https://github.com/abhardwaj09/ftcrobotics +- https://github.com/ackertech/Fix-Its_2020-21 - https://github.com/ackertech/Fix-Its_2021-22_V7 +- https://github.com/ackertech/FixIts_2021-22_V6 +- https://github.com/adevine22/FtcRobotController-10237 - https://github.com/adiga1773/pio2021 +- https://github.com/aditWorkspace/SkyStone-master - https://github.com/admiralwaffle4/InvictaCode-21-22 - https://github.com/ahmedCoder12424/FtcRobotController - https://github.com/akumar13-you/CRMS8424-FreightFrenzy - https://github.com/alexDHS0/FtcRobotController-10630-master - https://github.com/alexDHS0/FtcRobotController-master - https://github.com/amanda-peake/2020-FTC-UltimateGoal-master +- https://github.com/amanda-peake/2020-FTC-UltimateGoal-master.practice +- https://github.com/amanda-peake/2020-FTC-UltimateGoal-master.yayyy - https://github.com/amanda-peake/2020-FTC-UltimateGoal-master2 - https://github.com/amanster22/staticDischargeUpdated - https://github.com/amartinez21/Ultimate_Goal - https://github.com/anaypant/FTCTest1 +- https://github.com/andreascasanova/FTCFirsttime - https://github.com/andrei-27/FREIGHT-FRENZY - https://github.com/andrewj2k/UltimateGoal-master - https://github.com/aneeley05/WyvernFtcController @@ -647,27 +793,38 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/artemis18715/Ultimate-Goal - https://github.com/asarad39/FTCRepo2020-2021 - https://github.com/aseelke/FTC_2021 +- https://github.com/ash-hintz/FTC18108RobotController-6.2 - https://github.com/ash-hintz/FTC18108RobotController-7.0 +- https://github.com/ashwinj/FTC_camp +- https://github.com/ashwinj/Taus2021-2 - https://github.com/ashwinj/UltimateGoal2020 +- https://github.com/atkindc/IL_FTC_Minibots - https://github.com/atlee-circuitree/ULTIMATEGOAL - https://github.com/atoneyd/FtcRobotController-6.0 - https://github.com/avinashalamgari/VenomPracticeCode-2020-21 - https://github.com/ayuram/FtcRobotController - https://github.com/banks-4239/FtcRobotController +- https://github.com/barbaralau3/FTC_2021_FREIGHT-FRENZY - https://github.com/batcarrot/Freight-Frenzy-2021-master-2 - https://github.com/baylocke/UltimateGoalRepo +- https://github.com/bcbro/14663-UltimateGoal_2021 - https://github.com/bdiegorvl/Borrebots - https://github.com/beellyy/Treeman-Ultimate-Goal-2021 - https://github.com/bhintzma/FTC18108RobotController-7.0 +- https://github.com/bhintzma/Ftc18108RobotController-6.0 - https://github.com/bibanpegratar/ProgamareBraveBots - https://github.com/bibanpegratar/ValiRobotu +- https://github.com/bignaczak/eBots2020 - https://github.com/bignaczak/eBots2021 - https://github.com/binod-singh/FreightFrenzy_Omegabots +- https://github.com/bitnesswise/jquery-prototype-pollution-fix - https://github.com/blueVIII/2020_UltimateGoal - https://github.com/bobthejoethejoebobbob/Controllerv2.1 - https://github.com/bobthejoethejoebobbob/Controllerv2.3 - https://github.com/bobthejoethejoebobbob/Controllerv2.4 - https://github.com/bogdangosa/Echipa_3 +- https://github.com/bogdangosa/UltimateGoal_RO_025 +- https://github.com/braydonlu/CEBPrograms - https://github.com/braydonlu/cebprograms2021 - https://github.com/broncobots-ftc/FtcRobotController - https://github.com/broncobots-ftc/ftc16671_202122 @@ -680,6 +837,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/carissaxchen/19508FreightFrenzy - https://github.com/cdavidson22/Ultimate_Goal - https://github.com/charliegarfield/Controllerv1 +- https://github.com/charliespy/Repository-3517 - https://github.com/chlohal/Robotics_2021_2022 - https://github.com/chsbacon/FTC_2022-2021_Odometry - https://github.com/cjmacdon89/16595_StrikeBots_UltimateGoal-master @@ -691,17 +849,25 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/cswebdevelopment/robot - https://github.com/cyberhawks14188/CyberHawks-Ultimate-Goal-Repo - https://github.com/cyberhawks14188/Freight-Frenzy-Repo +- https://github.com/cyborg48/UltimateGoal +- https://github.com/darmthealarm/FtcRobotController-master - https://github.com/darmthealarm/VEGA +- https://github.com/dbrus38/MustangRobotics +- https://github.com/denwan20/FTC-programming - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/devsamuelv/Offseason-Code-Dualshock +- https://github.com/devsamuelv/ftc-template - https://github.com/discoduckbots/UltimateGoal - https://github.com/dpeachpeach/WPCPRobogrizzlies - https://github.com/duckstroms/Web-CTF-Cheatsheet - https://github.com/egorfajn/robotics - https://github.com/ehssteelhornets/FreightFrenzy21-22 - https://github.com/elliptical0/17700_2021 +- https://github.com/emadkhan713/UltimateGoal - https://github.com/entech281/FTC_753_Robot_2020 - https://github.com/epicgamer0690/TeamAlphabots - https://github.com/erdos1913/FreightFrenzy +- https://github.com/erdos1913/FtcRobotController-master - https://github.com/escape-velocity-14343/Ultimate-Goal-2020-21 - https://github.com/example-org3rwer324/fjisdfjosdjfodsf - https://github.com/formula-r-ftc/ftcapp-freightfrenzy @@ -714,10 +880,12 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/ftc-9773/UltimateGoal - https://github.com/ftc-team-8813/ftc_app - https://github.com/ftc10131/UltimateGoal +- https://github.com/ftc11109/FtcRobotController2020 - https://github.com/ftc13100/FreightFrenzy-2022 - https://github.com/ftc13100/UltimateGoal-2021 - https://github.com/ftc14158/FreightFrenzy2 - https://github.com/ftc16072/2020preseason +- https://github.com/ftc16072/2021preseason - https://github.com/ftc16072/FreightFrenzy21-22 - https://github.com/ftc16072/UltimateGoal20-21 - https://github.com/ftc16253/FtcRobotController-master @@ -729,6 +897,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/ftc358/Team359_2021-2022 - https://github.com/ftc358/UltimateFerretGoal - https://github.com/ftc6282/ultimate_goal +- https://github.com/ftc8120/FIRSTTECHCHALLENGE2021 - https://github.com/ftc8120/FtcRobotController2 - https://github.com/ftc8120/TeamCode21-22 - https://github.com/ftc8120/TeleOp2021 @@ -741,20 +910,28 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/ftcdontblink/FFEarlySeason - https://github.com/ftcshortcircuits/Artemis6 - https://github.com/ftcsimplycomplex/Ultimate +- https://github.com/ftcsimplycomplex/jimmy - https://github.com/ftcteam14126/FtcRobotController2021 +- https://github.com/ftcteam6085emc2/Season21and22 - https://github.com/ftcteam8645/UG_Quickstart_FTC +- https://github.com/ftctwistedmetal9433/Ultimate-Goal-2020 - https://github.com/fwprobotics/3507-ultimategoal-rc - https://github.com/gagne-3/DRSS_20_21_Road_Runner_Testing - https://github.com/gagne-3/DRSS_20_21_Season_Auto_Update - https://github.com/gagne-3/DRSS_20_21_Season_Auto_Update_OLD - https://github.com/gagne-3/DRSS_21_22_Season_Auto_Update +- https://github.com/gagne-3/DRSS_Baby_Bot_Auto_Update +- https://github.com/gearheadsswteam/FrieghtFrenzy - https://github.com/gearheadsswteam/gamechangers2020 +- https://github.com/gemp22/Summer2021 - https://github.com/geomancer79/FtcRobotController - https://github.com/geomancer79/Tutorial_Ultimate_Goal +- https://github.com/ghs-robotics/FreightFrenzy4042 - https://github.com/ghs-robotics/Offseason20212022 - https://github.com/ghs-robotics/UltimateGoal12788 - https://github.com/ghs-robotics/UltimateGoal4042 - https://github.com/ghs-robotics/UltimateGoalShared +- https://github.com/glftc3888/ftc_code_2020-2021 - https://github.com/glftc3888/ftc_code_2021-2022 - https://github.com/goncalvesm1/Robot_Project - https://github.com/greasedlightning/FTC-API-source-code-version-2020-2021 @@ -763,29 +940,37 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/griffinrobotics11666/18421FreightFrenzy - https://github.com/griffinrobotics11666/18421_UltimateGoal - https://github.com/griffinrobotics11666/FtcRobotController-master +- https://github.com/griffinrobotics11666/MetalMastersFreightFrenzy18420 - https://github.com/griffinrobotics11666/TestRobot - https://github.com/griffinrobotics11666/Ultimate-Goal-18420 - https://github.com/griffinrobotics11666/UltimateGoal_18420_6.1 - https://github.com/haifengchicago/FTC2021NB +- https://github.com/hammerrae/FC_YMCA_FtcRobotController +- https://github.com/hannacheung/FtcRobotController-6.2 - https://github.com/heavydriver/ftc_jasper - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/helenrw/teamcode-FTC-Ultimate-Goal-Master - https://github.com/hhstitan7831/TitanFreightFrenzy - https://github.com/hollybots/ftc_2020_12731 +- https://github.com/hortonvilleroboticskung/UltimateGoal - https://github.com/hydropony/FreightFrenzy11044 - https://github.com/iklein53579/FTCRobotController - https://github.com/imaperson1060/Ftc22 - https://github.com/imsa-ftc-robotics/UltimateGoalMeet1 +- https://github.com/invjar/FTCtesting - https://github.com/isaackrementsov/ultimate-goal - https://github.com/jacen214/Jack2020 - https://github.com/jackroedel/UltimateGoal4042 - https://github.com/jai-kapoor/UP2021-2022 +- https://github.com/jakcharvat/Ultimate-Goal-Prep +- https://github.com/jalvarez5625/2021-2022_Regis_FTC_code - https://github.com/jdesai22/roboGray2020 - https://github.com/jeffreyqdd/ultimate-goal - https://github.com/jhadenfeldt/vue-uhf - https://github.com/jingyi9/UltimateGoal-Parham_Baghbanbashi - https://github.com/jkenney2/TestHub - https://github.com/joelkidsclub/CBFreightFrenzy +- https://github.com/johnduval/SkyStone-scafold - https://github.com/joshuazye/test1 - https://github.com/jpc405/KermitUltimateGoal - https://github.com/jpc405/Kermitultimate @@ -806,27 +991,37 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/kennhung/FTC_2021_Playground - https://github.com/kermodes19767/freightfrenzy - https://github.com/kevinthegreat1/FTC-2021-2022-Team-15943 +- https://github.com/khakiali/FTC - https://github.com/kierancullen/FTCRobotController - https://github.com/kirstenpolk10/8648_FreightFrenzy - https://github.com/kirstenpolk10/9788_FreightFrenzy - https://github.com/kkbrown123/St.JagoFTC2022_2.0 - https://github.com/klee111287/2021-2022_FTC10937 - https://github.com/krill11/RoboRavens-FreightFrenzyUnofficial +- https://github.com/kunhantsai/FtcRobotController - https://github.com/kwobny/Robotics-21-22 - https://github.com/larrytao05/FtcRobotController +- https://github.com/laupetre/FTC-2021 +- https://github.com/lehiller/2021-FTC-UltimateGoal-Wembley - https://github.com/leoschen/FreightFrenzy - https://github.com/lilSonal/ftc-18544-2020 - https://github.com/litehed/FTC-Goal-2020 +- https://github.com/litehed/FTCLibTesting - https://github.com/lknox23/FTCCodingClass - https://github.com/lknox23/FtcRobotController-master - https://github.com/lordofthebricks/FtcRobotController - https://github.com/luckys301/10862_2021 +- https://github.com/luisc04/robotics - https://github.com/marciaklovas/ftc-ultimategoal - https://github.com/markfontecchio/FtcRobotController-6.1-9376 +- https://github.com/marsh135/FTC_RET - https://github.com/mbanham/uchs-ftc +- https://github.com/mbcaftc/SkyStone-scafolding - https://github.com/mechlemon/UltimateGoal - https://github.com/metalworksftc/UltimateGoal - https://github.com/micahreich/14943-FreightFrenzy-Sample +- https://github.com/midlandsstembotics/FTC2020-2021 +- https://github.com/mihir-jain/HelloPranav - https://github.com/minhle30964/FTC-Team-17288-Season-2020-2021 - https://github.com/modengann/Robotics - https://github.com/motherboard7444/2021-FTC-FreightFrenzy-master @@ -848,27 +1043,35 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/olivermorris/Goal2020 - https://github.com/olivermorris/boysrobotics-code - https://github.com/omega9656/summer-robot-2021 +- https://github.com/otaylor2023/Vuforia-Build - https://github.com/owens3364/FTC-Public-21-22 - https://github.com/owens3364/FTC20-21Public - https://github.com/owenstuckman/GolfBot - https://github.com/panthera2021/FtcRobotController +- https://github.com/panthera2021/Ultimate-Goal-6.1 - https://github.com/parthiftc/test1 - https://github.com/paulgobble/Team_Red_2020 +- https://github.com/paytonfrizzell/ftc - https://github.com/pchusdb/FtcRobotController-20211223-120805-release-candidate - https://github.com/pheitman/FreightFrenzy +- https://github.com/pingryrobotics/FTC-2021-Offseason - https://github.com/pingryrobotics/FTC-6069-2021 - https://github.com/pingryrobotics/FTC-6069-2021-2022 - https://github.com/polarcow285/FreightFrenzy-master +- https://github.com/polarcow285/InHouseFTC2021-master - https://github.com/polarcow285/JVFreightFrenzy-master +- https://github.com/polarcow285/robotArm-master - https://github.com/powersurge2/2021UltimateGoal - https://github.com/pranavnightsforrobotics/FtcRobotController-master - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/raresNagy/mecanum - https://github.com/retrorobotics/ftc-vc - https://github.com/rh-robotics/2021-22_Varsity - https://github.com/rhindle/FF_Om_FtcRobotController2021-22 - https://github.com/rhindle/FtcRobotController-ftc265-example - https://github.com/rhindle/Old_FF_Om_FtcRobotController2021-22 - https://github.com/rhsftc/freightfrenzy +- https://github.com/rhunter-NTatC/FtcRobotController-master - https://github.com/richpant/16010TeamCode - https://github.com/richpant/17111TeamCode - https://github.com/richpant/17114TeamCode @@ -882,6 +1085,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/rlorenzo81/11180-for-Oct-30 - https://github.com/rmdettmar/Ultimate-Goal-6.1 - https://github.com/roboass/frc2022-Freight-Frenzy +- https://github.com/roboass/ftc2021-2 - https://github.com/roboken-dev/FtcRobotController-master-Roboken2021 - https://github.com/roboken-dev/FtcRobotControllerLlamas - https://github.com/roboken-dev/FtcRobotControllerLllamasMiniBot @@ -889,7 +1093,9 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/roboken-dev/MiniBotRoboken2021-22 - https://github.com/roboken-dev/Roboken2021-22 - https://github.com/robossauros/FtcFreightFrenzy +- https://github.com/robotgenis/ParallaxUltimateGoal - https://github.com/robotgenis/ParallaxUltimateGoalOfficial +- https://github.com/roboticsTeam6942v2/6.2ftc20-21-PADEMIC-EDITION - https://github.com/roboticswithcassie/RWC_Main - https://github.com/rohan335/BHSRoboticsFTC - https://github.com/rohand2412/Freight-Frenzy-2021 @@ -900,22 +1106,26 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/rusclark16151/RUSerious - https://github.com/sKadooshman/FtcRobotController-master - https://github.com/saeephalke/Athena_EV_FTC +- https://github.com/samgcode/ftc-19041-2021 - https://github.com/samuelkroot/EggCheese18638 - https://github.com/savitri-broncobot/ftc16671_202122-master - https://github.com/sbdevelops/FtcRobotController_CI-Test - https://github.com/scdRobotics/14365-FTC-2021 - https://github.com/scdRobotics/14365-FTC-Tournament2 - https://github.com/scdRobotics/14365_FreightFrenzy_7.1 +- https://github.com/scdRobotics/14365_Freight_Frenzy - https://github.com/scdRobotics/14365_Freight_Frenzy_SDK_7 - https://github.com/scdRobotics/FtcRobotController-6.2 - https://github.com/segalll/FTC-Freight-Frenzy - https://github.com/sgutierrez8c54/Ftc2020 +- https://github.com/shaurya2709/FTCCodestuff - https://github.com/shellbots-team/Freight-Frenzy - https://github.com/shellbots-team/Ultimate-Goal - https://github.com/siddharthraopotukuchi/trivy - https://github.com/signalxp/ftc2020 - https://github.com/silkysmooth812/freightfrenzylearning - https://github.com/simiyo/trivy +- https://github.com/skbushula/SkyStone-master - https://github.com/skeole/skeole-ftcrobotcontroller - https://github.com/smert-WoEN/FTCWoENPublic - https://github.com/sms-robotics/UltimateGoal2020 @@ -927,6 +1137,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/stcline/FtcRobotController-master - https://github.com/sungayu/BotzNBolts-FTC-2020-2021 - https://github.com/sungayu/BotzNBolts-FTC-2021-2022 +- https://github.com/superarash1/Arash-FTC-Programming - https://github.com/susier2016/UltimateGoal2021 - https://github.com/suzannahfigler/Team-Code-16520 - https://github.com/sweesal/2021_PractiseBots @@ -936,6 +1147,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/taigabots/UltimateGoal - https://github.com/tdt2845/tdt-2022-code - https://github.com/team10415/UltimateGoal +- https://github.com/team13413/FTCFirst - https://github.com/team16736/FreightFrenzy - https://github.com/teamfaraday/2021FreightFrenzy - https://github.com/teamftc8466/UltimateGoal @@ -944,9 +1156,12 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/techbrick-ftc/team7gamechangers - https://github.com/techbrick-ftc/vslamcam - https://github.com/techiesrobotics/FreightFrenzy +- https://github.com/techiesrobotics/UltimateGoal2 - https://github.com/technototes/TechnoLib-Quickstart - https://github.com/techristy/CB-2021-2022 - https://github.com/techristy/CB_2021-2022 +- https://github.com/techtronicchallengers/FTC2020-UltimateGoal +- https://github.com/test456789022/FTCTestCode - https://github.com/the-michael-albert/UltimateGoal - https://github.com/the-winsor-school/Wildbots-2020-2021 - https://github.com/the-winsor-school/Wildbots-2021-2022 @@ -962,17 +1177,22 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/titanium-knights/team-a-2021-2022 - https://github.com/titanium-knights/team-b-2020-2021 - https://github.com/titanium-knights/team-b-2021-2022 +- https://github.com/tmetelev/FtcRobotController-master - https://github.com/tnwebdev/jquery-2.2.4-patched - https://github.com/tobortechftc/Kraxberger +- https://github.com/tomglennhs/ultimategoal - https://github.com/totoro987123/16568-Codebase-SDK - https://github.com/trc492/Ftc2022FreightFrenzy - https://github.com/trinayhari/final0s1s - https://github.com/tsdch-robotics/FreightFrenzy2021-2022 - https://github.com/tsdch-robotics/Goal-BotFtc - https://github.com/tundrabots/2021-2022-Robot-Code +- https://github.com/udayamaddi/FTC-9686-2021-22 +- https://github.com/ukshat/FTCTrainingLabs - https://github.com/ukshat/UltimateGoal - https://github.com/umahari/security - https://github.com/valerymao/FTC_Coding_Tutorial +- https://github.com/varun-bharadwaj/542_20-21_ftc - https://github.com/vijayshastri/11347-Freight-Frenzy-Modified - https://github.com/villaneaven/ftcultimategoal - https://github.com/vintasoftware/awesome-django-security @@ -992,6 +1212,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/wjorgensen/FTC - https://github.com/wyrobotics/freightfrenzy-robophins - https://github.com/wyrobotics/ultimategoal-robophins +- https://github.com/wyrobotics/ultimategoal-youngdroids - https://github.com/x16140/rc - https://github.com/xRoALex/ProgrammingLessons - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2019/CVE-2019-11371.md b/2019/CVE-2019-11371.md new file mode 100644 index 0000000000..f5209714e4 --- /dev/null +++ b/2019/CVE-2019-11371.md @@ -0,0 +1,17 @@ +### [CVE-2019-11371](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11371) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +BWA (aka Burrow-Wheeler Aligner) 0.7.17 r1198 has a Buffer Overflow via a long prefix that is mishandled in bns_fasta2bntseq and bns_dump at btnseq.c. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/H4niz/CVE + diff --git a/2019/CVE-2019-11447.md b/2019/CVE-2019-11447.md index 156dd14d04..596a9a7497 100644 --- a/2019/CVE-2019-11447.md +++ b/2019/CVE-2019-11447.md @@ -19,4 +19,5 @@ An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate th - https://github.com/404notf0und/CVE-Flow - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/iainr/CuteNewsRCE diff --git a/2019/CVE-2019-11477.md b/2019/CVE-2019-11477.md index e101dc1ad8..76b7d86c70 100644 --- a/2019/CVE-2019-11477.md +++ b/2019/CVE-2019-11477.md @@ -23,5 +23,6 @@ Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subj - https://github.com/kaosagnt/ansible-everyday - https://github.com/lucassbeiler/linux_hardening_arsenal - https://github.com/misanthropos/FFFFM +- https://github.com/sasqwatch/cve-2019-11477-poc - https://github.com/sonoransun/tcp_sack_fix diff --git a/2019/CVE-2019-11507.md b/2019/CVE-2019-11507.md index bdf9bc533f..e5b53fdfd1 100644 --- a/2019/CVE-2019-11507.md +++ b/2019/CVE-2019-11507.md @@ -14,5 +14,5 @@ In Pulse Secure Pulse Connect Secure (PCS) 8.3.x before 8.3R7.1 and 9.0.x before - https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516 #### Github -No PoCs found on GitHub currently. +- https://github.com/jaychouzzk/Pulse-Secure-SSL-VPN-CVE-2019 diff --git a/2019/CVE-2019-11508.md b/2019/CVE-2019-11508.md index 072e8c22e5..da38400f54 100644 --- a/2019/CVE-2019-11508.md +++ b/2019/CVE-2019-11508.md @@ -13,5 +13,5 @@ In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, - https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/ #### Github -No PoCs found on GitHub currently. +- https://github.com/jaychouzzk/Pulse-Secure-SSL-VPN-CVE-2019 diff --git a/2019/CVE-2019-11510.md b/2019/CVE-2019-11510.md index 2e86022a0b..9607272de9 100644 --- a/2019/CVE-2019-11510.md +++ b/2019/CVE-2019-11510.md @@ -27,10 +27,15 @@ In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/amcai/myscan +- https://github.com/antichown/vpn-ssl-pulse +- https://github.com/aqhmal/pulsexploit +- https://github.com/chalern/Pentest-Tools +- https://github.com/cisagov/check-your-pulse - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/dnif/content - https://github.com/es0/CVE-2019-11510_poc - https://github.com/fengjixuchui/RedTeamer +- https://github.com/gquere/PulseSecure_session_hijacking - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/huike007/penetration_poc @@ -38,10 +43,15 @@ In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7 - https://github.com/iGotRootSRC/Dorkers - https://github.com/imjdl/CVE-2019-11510-poc - https://github.com/jas502n/CVE-2019-11510-1 +- https://github.com/jason3e7/CVE-2019-11510 +- https://github.com/jaychouzzk/Pulse-Secure-SSL-VPN-CVE-2019 - https://github.com/jweny/pocassistdb +- https://github.com/nuc13us/Pulse +- https://github.com/popyue/Pulse_exploit - https://github.com/projectzeroindia/CVE-2019-11510 - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/r00tpgp/http-pulse_ssl_vpn.nse +- https://github.com/r0eXpeR/supplier - https://github.com/sobinge/nuclei-templates - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2019/CVE-2019-11538.md b/2019/CVE-2019-11538.md index 21b011e56f..ddc01a74fb 100644 --- a/2019/CVE-2019-11538.md +++ b/2019/CVE-2019-11538.md @@ -13,5 +13,5 @@ In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before - https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/ #### Github -No PoCs found on GitHub currently. +- https://github.com/jaychouzzk/Pulse-Secure-SSL-VPN-CVE-2019 diff --git a/2019/CVE-2019-11539.md b/2019/CVE-2019-11539.md index 71e615e794..a87cf921cc 100644 --- a/2019/CVE-2019-11539.md +++ b/2019/CVE-2019-11539.md @@ -18,7 +18,10 @@ In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before #### Github - https://github.com/0xDezzy/CVE-2019-11539 - https://github.com/0xT11/CVE-POC +- https://github.com/BraveLittleRoaster/pulsar - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/jaychouzzk/Pulse-Secure-SSL-VPN-CVE-2019 +- https://github.com/r0eXpeR/supplier diff --git a/2019/CVE-2019-11540.md b/2019/CVE-2019-11540.md index 3d19a24fa0..0b83c3ca61 100644 --- a/2019/CVE-2019-11540.md +++ b/2019/CVE-2019-11540.md @@ -13,5 +13,6 @@ In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4 and 8.3RX befo - https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/ #### Github -No PoCs found on GitHub currently. +- https://github.com/gquere/PulseSecure_session_hijacking +- https://github.com/jaychouzzk/Pulse-Secure-SSL-VPN-CVE-2019 diff --git a/2019/CVE-2019-11542.md b/2019/CVE-2019-11542.md index e7b80ec85d..d14ce4283a 100644 --- a/2019/CVE-2019-11542.md +++ b/2019/CVE-2019-11542.md @@ -13,5 +13,5 @@ In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before - https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/ #### Github -No PoCs found on GitHub currently. +- https://github.com/jaychouzzk/Pulse-Secure-SSL-VPN-CVE-2019 diff --git a/2019/CVE-2019-11580.md b/2019/CVE-2019-11580.md index 3c4ba16557..663e381121 100644 --- a/2019/CVE-2019-11580.md +++ b/2019/CVE-2019-11580.md @@ -19,11 +19,14 @@ Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin inco - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/SexyBeast233/SecBooks - https://github.com/SouthWind0/southwind0.github.io +- https://github.com/ThePirateWhoSmellsOfSunflowers/TheHackerLinks - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/jas502n/CVE-2019-11580 +- https://github.com/lp008/Hack-readme - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/shelld3v/CVE-2019-11580 - https://github.com/sobinge/nuclei-templates - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2019/CVE-2019-11581.md b/2019/CVE-2019-11581.md index f4108a3298..3409c5921a 100644 --- a/2019/CVE-2019-11581.md +++ b/2019/CVE-2019-11581.md @@ -14,9 +14,11 @@ No PoCs from references. #### Github - https://github.com/0ps/pocassistdb +- https://github.com/0x48piraj/Jiraffe - https://github.com/0xT11/CVE-POC - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/PetrusViet/CVE-2021-39115 - https://github.com/SexyBeast233/SecBooks - https://github.com/afinepl/research - https://github.com/amcai/myscan @@ -27,7 +29,10 @@ No PoCs from references. - https://github.com/kobs0N/CVE-2019-11581 - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/r0eXpeR/redteam_vul +- https://github.com/r0hack/RCE-in-Jira - https://github.com/sobinge/nuclei-templates +- https://github.com/sushantdhopat/JIRA_testing +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/woods-sega/woodswiki - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2019/CVE-2019-11634.md b/2019/CVE-2019-11634.md new file mode 100644 index 0000000000..5cfaac9bc6 --- /dev/null +++ b/2019/CVE-2019-11634.md @@ -0,0 +1,17 @@ +### [CVE-2019-11634](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11634) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Citrix Workspace App before 1904 for Windows has Incorrect Access Control. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2019/CVE-2019-11687.md b/2019/CVE-2019-11687.md index 9f836605ee..aa424786f1 100644 --- a/2019/CVE-2019-11687.md +++ b/2019/CVE-2019-11687.md @@ -18,4 +18,6 @@ An issue was discovered in the DICOM Part 10 File Format in the NEMA DICOM Stand - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/kosmokato/bad-dicom +- https://github.com/rjhorniii/DICOM-YARA-rules diff --git a/2019/CVE-2019-11707.md b/2019/CVE-2019-11707.md index d53697dc82..c41da6f30d 100644 --- a/2019/CVE-2019-11707.md +++ b/2019/CVE-2019-11707.md @@ -19,10 +19,12 @@ A type confusion vulnerability can occur when manipulating JavaScript objects du #### Github - https://github.com/0xT11/CVE-POC - https://github.com/De4dCr0w/Browser-pwn +- https://github.com/ZihanYe/web-browser-vulnerabilities - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/googleprojectzero/fuzzilli - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/m1ghtym0/browser-pwn +- https://github.com/tunnelshade/cve-2019-11707 - https://github.com/vigneshsrao/CVE-2019-11707 diff --git a/2019/CVE-2019-11708.md b/2019/CVE-2019-11708.md index c30c85ae01..93236414f7 100644 --- a/2019/CVE-2019-11708.md +++ b/2019/CVE-2019-11708.md @@ -19,6 +19,7 @@ Insufficient vetting of parameters passed with the Prompt:Open IPC message betwe - https://github.com/0vercl0k/0vercl0k - https://github.com/0vercl0k/CVE-2019-11708 - https://github.com/0xT11/CVE-POC +- https://github.com/ChefGordon/List-O-Tools - https://github.com/CnHack3r/Penetration_PoC - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2019/CVE-2019-11730.md b/2019/CVE-2019-11730.md index 9f311c6690..ad54914426 100644 --- a/2019/CVE-2019-11730.md +++ b/2019/CVE-2019-11730.md @@ -17,8 +17,10 @@ A vulnerability exists where if a user opens a locally saved HTML file, this fil #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/alidnf/CVE-2019-11730 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/eniocarboni/p7m +- https://github.com/ficstamas/advanced-graphics-project - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/lanjelot/ctfs - https://github.com/sudo-bmitch/presentations diff --git a/2019/CVE-2019-11932.md b/2019/CVE-2019-11932.md index 190ce87878..3773af0813 100644 --- a/2019/CVE-2019-11932.md +++ b/2019/CVE-2019-11932.md @@ -16,14 +16,24 @@ A double free vulnerability in the DDGifSlurp function in decoding.c in the andr #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/5l1v3r1/CVE-2019-11932 +- https://github.com/Err0r-ICA/WhatsPayloadRCE +- https://github.com/JasonJerry/WhatsRCE +- https://github.com/PleXone2019/WhatsRCE +- https://github.com/SmoZy92/CVE-2019-11932 - https://github.com/TinToSer/whatsapp_rce +- https://github.com/TortugaAttack/pen-testing +- https://github.com/TulungagungCyberLink/CVE-2019-11932 - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/awakened1712/CVE-2019-11932 +- https://github.com/dashtic172/abdul - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/dorkerdevil/CVE-2019-11932 - https://github.com/fastmo/CVE-2019-11932 - https://github.com/frankzappasmustache/starred-repos - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/infiniteLoopers/CVE-2019-11932 +- https://github.com/jsn-OO7/whatsapp - https://github.com/mRanonyMousTZ/CVE-2019-11932-whatsApp-exploit - https://github.com/valbrux/CVE-2019-11932-SupportApp diff --git a/2019/CVE-2019-11933.md b/2019/CVE-2019-11933.md index 6e4290ca39..35170fc07d 100644 --- a/2019/CVE-2019-11933.md +++ b/2019/CVE-2019-11933.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/NatleoJ/CVE-2019-11933 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-12083.md b/2019/CVE-2019-12083.md index 35273e079b..a9a6afaa8f 100644 --- a/2019/CVE-2019-12083.md +++ b/2019/CVE-2019-12083.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/Artisan-Lab/Rust-memory-safety-bugs +- https://github.com/Qwaz/rust-cve - https://github.com/xxg1413/rust-security diff --git a/2019/CVE-2019-12086.md b/2019/CVE-2019-12086.md index e8cca97349..bedd8d45f4 100644 --- a/2019/CVE-2019-12086.md +++ b/2019/CVE-2019-12086.md @@ -17,8 +17,11 @@ No PoCs from references. - https://github.com/SugarP1g/LearningSecurity - https://github.com/codeplutos/CVE-2019-12086-jackson-databind-file-read - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/galimba/Jackson-deserialization-PoC - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/ilmari666/cybsec - https://github.com/kiwitcms/junit-plugin - https://github.com/klarna/kco_rest_java +- https://github.com/lp008/Hack-readme - https://github.com/migupl/poc-yaas-server diff --git a/2019/CVE-2019-12097.md b/2019/CVE-2019-12097.md new file mode 100644 index 0000000000..cdd99edc07 --- /dev/null +++ b/2019/CVE-2019-12097.md @@ -0,0 +1,17 @@ +### [CVE-2019-12097](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12097) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Telerik Fiddler v5.0.20182.28034 doesn't verify the hash of EnableLoopback.exe before running it, which could lead to code execution or local privilege escalation by replacing the original EnableLoopback.exe. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/huanshenyi/appium-test + diff --git a/2019/CVE-2019-12101.md b/2019/CVE-2019-12101.md new file mode 100644 index 0000000000..f770e10a50 --- /dev/null +++ b/2019/CVE-2019-12101.md @@ -0,0 +1,17 @@ +### [CVE-2019-12101](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12101) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +coap_decode_option in coap.c in LibNyoci 0.07.00rc1 mishandles certain packets with "Uri-Path: (null)" and consequently allows remote attackers to cause a denial of service (segmentation fault). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ThingzDefense/IoT-Flock + diff --git a/2019/CVE-2019-1218.md b/2019/CVE-2019-1218.md index 9841948697..d603c3df17 100644 --- a/2019/CVE-2019-1218.md +++ b/2019/CVE-2019-1218.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/d0gukank/CVE-2019-1218 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-12181.md b/2019/CVE-2019-12181.md index aaba7a937e..ea2d63bdfd 100644 --- a/2019/CVE-2019-12181.md +++ b/2019/CVE-2019-12181.md @@ -16,6 +16,7 @@ A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 f #### Github - https://github.com/0xT11/CVE-POC - https://github.com/anoaghost/Localroot_Compile +- https://github.com/b9q/Serv-U-FTP-Server-15.1.7---Local-Privilege-Escalation - https://github.com/bcoles/local-exploits - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/guywhataguy/CVE-2019-12181 diff --git a/2019/CVE-2019-12258.md b/2019/CVE-2019-12258.md index 12e166e48b..e5ee9c2924 100644 --- a/2019/CVE-2019-12258.md +++ b/2019/CVE-2019-12258.md @@ -13,5 +13,6 @@ Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. Th No PoCs from references. #### Github +- https://github.com/ArmisSecurity/urgent11-detector - https://github.com/sud0woodo/Urgent11-Suricata-LUA-scripts diff --git a/2019/CVE-2019-12272.md b/2019/CVE-2019-12272.md index 20d42197b1..a2173f59b2 100644 --- a/2019/CVE-2019-12272.md +++ b/2019/CVE-2019-12272.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/HACHp1/LuCI_RCE_exp - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/roguedream/lede-17.01.3 diff --git a/2019/CVE-2019-12314.md b/2019/CVE-2019-12314.md index 896c9eda9e..6e798d3a71 100644 --- a/2019/CVE-2019-12314.md +++ b/2019/CVE-2019-12314.md @@ -18,5 +18,6 @@ Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path travers - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/ras313/CVE-2019-12314 - https://github.com/sobinge/nuclei-templates diff --git a/2019/CVE-2019-12384.md b/2019/CVE-2019-12384.md index 5a6cd2809c..bd29c80984 100644 --- a/2019/CVE-2019-12384.md +++ b/2019/CVE-2019-12384.md @@ -23,10 +23,13 @@ FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a va - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/amcai/myscan - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/diakogiannis/moviebook - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/ilmari666/cybsec - https://github.com/jas502n/CVE-2019-12384 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/shashihacks/OSCP +- https://github.com/tzwlhack/Vulnerability - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2019/CVE-2019-12453.md b/2019/CVE-2019-12453.md index 6bdab7fd3a..e11162c5f3 100644 --- a/2019/CVE-2019-12453.md +++ b/2019/CVE-2019-12453.md @@ -16,4 +16,6 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/undefinedmode/CVE-2019-12453 +- https://github.com/undefinedmode/CVE-2019-12475 diff --git a/2019/CVE-2019-12475.md b/2019/CVE-2019-12475.md index 069d39d841..0f572572c9 100644 --- a/2019/CVE-2019-12475.md +++ b/2019/CVE-2019-12475.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/undefinedmode/CVE-2019-12475 diff --git a/2019/CVE-2019-12476.md b/2019/CVE-2019-12476.md index f0a85adc5b..4791308220 100644 --- a/2019/CVE-2019-12476.md +++ b/2019/CVE-2019-12476.md @@ -17,4 +17,5 @@ An authentication bypass vulnerability in the password reset functionality in Zo - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lp008/Hack-readme diff --git a/2019/CVE-2019-12491.md b/2019/CVE-2019-12491.md new file mode 100644 index 0000000000..45109ec273 --- /dev/null +++ b/2019/CVE-2019-12491.md @@ -0,0 +1,17 @@ +### [CVE-2019-12491](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12491) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +OnApp before 5.0.0-88, 5.5.0-93, and 6.0.0-196 allows an attacker to run arbitrary commands with root privileges on servers managed by OnApp for XEN/KVM hypervisors. To exploit the vulnerability an attacker has to have control of a single server on a given cloud (e.g. by renting one). From the source server, the attacker can craft any command and trigger the OnApp platform to execute that command with root privileges on a target server. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/benjeems/packetStrider + diff --git a/2019/CVE-2019-1253.md b/2019/CVE-2019-1253.md index 268797e9b6..d5d57f4bc3 100644 --- a/2019/CVE-2019-1253.md +++ b/2019/CVE-2019-1253.md @@ -33,6 +33,7 @@ An elevation of privilege vulnerability exists when the Windows AppX Deployment - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc - https://github.com/lawrenceamer/0xsp-Mongoose +- https://github.com/likescam/CVE-2019-1253 - https://github.com/mishmashclone/rasta-mouse-Watson - https://github.com/padovah4ck/CVE-2019-1253 - https://github.com/paramint/Watson-Windows-check-KB diff --git a/2019/CVE-2019-12537.md b/2019/CVE-2019-12537.md new file mode 100644 index 0000000000..6460ccf217 --- /dev/null +++ b/2019/CVE-2019-12537.md @@ -0,0 +1,17 @@ +### [CVE-2019-12537](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12537) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the SearchN.do search field. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine + diff --git a/2019/CVE-2019-12539.md b/2019/CVE-2019-12539.md new file mode 100644 index 0000000000..93c57b932a --- /dev/null +++ b/2019/CVE-2019-12539.md @@ -0,0 +1,17 @@ +### [CVE-2019-12539](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12539) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in the Purchase component of Zoho ManageEngine ServiceDesk Plus. There is XSS via the SearchN.do search field, a different vulnerability than CVE-2019-12189. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine + diff --git a/2019/CVE-2019-12540.md b/2019/CVE-2019-12540.md new file mode 100644 index 0000000000..2ff5308484 --- /dev/null +++ b/2019/CVE-2019-12540.md @@ -0,0 +1,17 @@ +### [CVE-2019-12540](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12540) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in Zoho ManageEngine ServiceDesk Plus 10.5. There is XSS via the WorkOrder.do search field. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine + diff --git a/2019/CVE-2019-12586.md b/2019/CVE-2019-12586.md index 9e37a3ce8b..ed5e688625 100644 --- a/2019/CVE-2019-12586.md +++ b/2019/CVE-2019-12586.md @@ -15,7 +15,9 @@ The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266 #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/84KaliPleXon3/esp32_esp8266_attacks - https://github.com/Matheus-Garbelini/esp32_esp8266_attacks - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/ruimarinho/mota diff --git a/2019/CVE-2019-12587.md b/2019/CVE-2019-12587.md index 5aec6901ec..8b36e9fbc6 100644 --- a/2019/CVE-2019-12587.md +++ b/2019/CVE-2019-12587.md @@ -14,5 +14,7 @@ The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266 - https://matheus-garbelini.github.io/home/post/zero-pmk-installation/ #### Github +- https://github.com/84KaliPleXon3/esp32_esp8266_attacks - https://github.com/Matheus-Garbelini/esp32_esp8266_attacks +- https://github.com/ruimarinho/mota diff --git a/2019/CVE-2019-12588.md b/2019/CVE-2019-12588.md index 5c04216be4..a0c63608ff 100644 --- a/2019/CVE-2019-12588.md +++ b/2019/CVE-2019-12588.md @@ -14,5 +14,7 @@ The client 802.11 mac implementation in Espressif ESP8266_NONOS_SDK 2.2.0 throug - https://matheus-garbelini.github.io/home/post/esp8266-beacon-frame-crash/ #### Github +- https://github.com/84KaliPleXon3/esp32_esp8266_attacks - https://github.com/Matheus-Garbelini/esp32_esp8266_attacks +- https://github.com/ruimarinho/mota diff --git a/2019/CVE-2019-12595.md b/2019/CVE-2019-12595.md new file mode 100644 index 0000000000..2288ede396 --- /dev/null +++ b/2019/CVE-2019-12595.md @@ -0,0 +1,17 @@ +### [CVE-2019-12595](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12595) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the RCSettings.do rdsName parameter. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine + diff --git a/2019/CVE-2019-12596.md b/2019/CVE-2019-12596.md new file mode 100644 index 0000000000..ad1c4c94e5 --- /dev/null +++ b/2019/CVE-2019-12596.md @@ -0,0 +1,17 @@ +### [CVE-2019-12596](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12596) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via SoftwareListView.do with the parameter swType or swComplianceType. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine + diff --git a/2019/CVE-2019-12597.md b/2019/CVE-2019-12597.md new file mode 100644 index 0000000000..c863fc3c58 --- /dev/null +++ b/2019/CVE-2019-12597.md @@ -0,0 +1,17 @@ +### [CVE-2019-12597](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12597) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via ResourcesAttachments.jsp with the parameter pageName. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine + diff --git a/2019/CVE-2019-12730.md b/2019/CVE-2019-12730.md index fde0dfdb7c..16fccaec29 100644 --- a/2019/CVE-2019-12730.md +++ b/2019/CVE-2019-12730.md @@ -13,5 +13,5 @@ aa_read_header in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1 - https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n4.1.4 #### Github -No PoCs found on GitHub currently. +- https://github.com/homoluctus/ecranner diff --git a/2019/CVE-2019-12735.md b/2019/CVE-2019-12735.md index 231bc9234a..601a3af690 100644 --- a/2019/CVE-2019-12735.md +++ b/2019/CVE-2019-12735.md @@ -22,4 +22,5 @@ getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers - https://github.com/oldthree3/CVE-2019-12735-VIM-NEOVIM - https://github.com/pcy190/ace-vim-neovim - https://github.com/vicmej/modeline-vim +- https://github.com/whunt1/makevim diff --git a/2019/CVE-2019-12750.md b/2019/CVE-2019-12750.md index dc42516779..764d0e74d4 100644 --- a/2019/CVE-2019-12750.md +++ b/2019/CVE-2019-12750.md @@ -18,4 +18,5 @@ Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec End - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/fengjixuchui/RedTeamer - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/v-p-b/cve-2019-12750 diff --git a/2019/CVE-2019-12780.md b/2019/CVE-2019-12780.md index f786c1d628..9fbeaa5c6f 100644 --- a/2019/CVE-2019-12780.md +++ b/2019/CVE-2019-12780.md @@ -14,4 +14,5 @@ The Belkin Wemo Enabled Crock-Pot allows command injection in the Wemo UPnP API #### Github - https://github.com/travispaul/node-nvd-search +- https://github.com/travispaul/node-nvd-search-cli diff --git a/2019/CVE-2019-12814.md b/2019/CVE-2019-12814.md index aaee58b2a0..1b8a61d2be 100644 --- a/2019/CVE-2019-12814.md +++ b/2019/CVE-2019-12814.md @@ -14,10 +14,13 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/Al1ex/CVE-2019-12814 - https://github.com/BorderTech/java-common - https://github.com/SexyBeast233/SecBooks - https://github.com/SugarP1g/LearningSecurity - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/diakogiannis/moviebook - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/ilmari666/cybsec - https://github.com/paolodenti/telegram-types diff --git a/2019/CVE-2019-12815.md b/2019/CVE-2019-12815.md index 487b87d01c..07a7d8be0b 100644 --- a/2019/CVE-2019-12815.md +++ b/2019/CVE-2019-12815.md @@ -14,6 +14,8 @@ An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/KTN1990/CVE-2019-12815 +- https://github.com/Universe1122/URL-crawler - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-12840.md b/2019/CVE-2019-12840.md index 3fd2a845c3..658a97484e 100644 --- a/2019/CVE-2019-12840.md +++ b/2019/CVE-2019-12840.md @@ -17,6 +17,8 @@ In Webmin through 1.910, any user authorized to the "Package Updates" module can #### Github - https://github.com/0xT11/CVE-POC - https://github.com/KrE80r/webmin_cve-2019-12840_poc +- https://github.com/anasbousselham/webminscan +- https://github.com/bkaraceylan/CVE-2019-12840_POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-12889.md b/2019/CVE-2019-12889.md index a13cd74a1b..8796c95d02 100644 --- a/2019/CVE-2019-12889.md +++ b/2019/CVE-2019-12889.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/nulsect0r/CVE-2019-12889 diff --git a/2019/CVE-2019-12890.md b/2019/CVE-2019-12890.md index 73f8d17f3a..3ad6221ab6 100644 --- a/2019/CVE-2019-12890.md +++ b/2019/CVE-2019-12890.md @@ -15,6 +15,7 @@ RedwoodHQ 2.5.5 does not require any authentication for database operations, whi #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/EthicalHCOP/CVE-2019-12890_RedxploitHQ - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-12922.md b/2019/CVE-2019-12922.md index 162a70304a..31c1b21031 100644 --- a/2019/CVE-2019-12922.md +++ b/2019/CVE-2019-12922.md @@ -16,4 +16,5 @@ A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup pa #### Github - https://github.com/alphaSeclab/sec-daily-2019 +- https://github.com/tdcoming/Vulnerability-engine diff --git a/2019/CVE-2019-12941.md b/2019/CVE-2019-12941.md new file mode 100644 index 0000000000..f2e4e5bca1 --- /dev/null +++ b/2019/CVE-2019-12941.md @@ -0,0 +1,20 @@ +### [CVE-2019-12941](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12941) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +AutoPi Wi-Fi/NB and 4G/LTE devices before 2019-10-15 allows an attacker to perform a brute-force attack or dictionary attack to gain access to the WiFi network, which provides root access to the device. The default WiFi password and WiFi SSID are derived from the same hash function output (input is only 8 characters), which allows an attacker to deduce the WiFi password from the WiFi SSID. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/jmatss/thesis-cuda +- https://github.com/jmatss/thesis-go +- https://github.com/jmatss/thesis-java +- https://github.com/jmatss/thesis-rust + diff --git a/2019/CVE-2019-12999.md b/2019/CVE-2019-12999.md index 0af1c25cd5..9f96dec980 100644 --- a/2019/CVE-2019-12999.md +++ b/2019/CVE-2019-12999.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/davidshares/Lightning-Network - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lightninglabs/chanleakcheck diff --git a/2019/CVE-2019-13000.md b/2019/CVE-2019-13000.md index 8034fc3a0c..aede484029 100644 --- a/2019/CVE-2019-13000.md +++ b/2019/CVE-2019-13000.md @@ -14,8 +14,10 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/ACINQ/detection-tool-cve-2019-13000 - https://github.com/chaincodelabs/lightning-curriculum - https://github.com/davidshares/Lightning-Network - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lightninglabs/chanleakcheck diff --git a/2019/CVE-2019-13024.md b/2019/CVE-2019-13024.md index 36dd95ae26..a53d6190f2 100644 --- a/2019/CVE-2019-13024.md +++ b/2019/CVE-2019-13024.md @@ -14,8 +14,10 @@ Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web before 2.8.2 #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/YeezyTaughtMe1/htb-wall-writeup - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/get-get-get-get/Centreon-RCE - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/mhaskar/CVE-2019-13024 diff --git a/2019/CVE-2019-13027.md b/2019/CVE-2019-13027.md index 3c02e1483c..7c90d830a8 100644 --- a/2019/CVE-2019-13027.md +++ b/2019/CVE-2019-13027.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/IckoGZ/CVE-2019-13027 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-13052.md b/2019/CVE-2019-13052.md index b9d8ce9567..db92e35e18 100644 --- a/2019/CVE-2019-13052.md +++ b/2019/CVE-2019-13052.md @@ -13,6 +13,7 @@ Logitech Unifying devices allow live decryption if the pairing of a keyboard to - https://www.youtube.com/watch?v=GRJ7i2J_Y80 #### Github +- https://github.com/10ocs/LOGITaker- - https://github.com/RoganDawes/LOGITacker - https://github.com/RoganDawes/munifying - https://github.com/mame82/UnifyingVulnsDisclosureRepo diff --git a/2019/CVE-2019-13053.md b/2019/CVE-2019-13053.md index f93c8828c8..54a1d834a1 100644 --- a/2019/CVE-2019-13053.md +++ b/2019/CVE-2019-13053.md @@ -13,6 +13,7 @@ Logitech Unifying devices allow keystroke injection, bypassing encryption. The a No PoCs from references. #### Github +- https://github.com/10ocs/LOGITaker- - https://github.com/RoganDawes/LOGITacker - https://github.com/mame82/UnifyingVulnsDisclosureRepo diff --git a/2019/CVE-2019-13054.md b/2019/CVE-2019-13054.md index f96cddb7ea..63e9441a8c 100644 --- a/2019/CVE-2019-13054.md +++ b/2019/CVE-2019-13054.md @@ -13,8 +13,10 @@ The Logitech R500 presentation clicker allows attackers to determine the AES key No PoCs from references. #### Github +- https://github.com/10ocs/LOGITaker- - https://github.com/RoganDawes/LOGITacker - https://github.com/RoganDawes/munifying +- https://github.com/RoganDawes/munifying-web - https://github.com/mame82/UnifyingVulnsDisclosureRepo - https://github.com/mame82/munifying_pre_release diff --git a/2019/CVE-2019-13055.md b/2019/CVE-2019-13055.md index 61820edbe9..c76eb9645a 100644 --- a/2019/CVE-2019-13055.md +++ b/2019/CVE-2019-13055.md @@ -13,6 +13,7 @@ Certain Logitech Unifying devices allow attackers to dump AES keys and addresses - https://www.youtube.com/watch?v=5z_PEZ5PyeA #### Github +- https://github.com/10ocs/LOGITaker- - https://github.com/RoganDawes/LOGITacker - https://github.com/RoganDawes/munifying - https://github.com/mame82/UnifyingVulnsDisclosureRepo diff --git a/2019/CVE-2019-13063.md b/2019/CVE-2019-13063.md index 340e8e1144..323e61dec5 100644 --- a/2019/CVE-2019-13063.md +++ b/2019/CVE-2019-13063.md @@ -13,6 +13,7 @@ Within Sahi Pro 8.0.0, an attacker can send a specially crafted URL to include a - https://www.exploit-db.com/exploits/47062 #### Github +- https://github.com/0x6b7966/CVE-2019-13063-POC - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-13086.md b/2019/CVE-2019-13086.md index 7dc14824d1..6cbedd8a3d 100644 --- a/2019/CVE-2019-13086.md +++ b/2019/CVE-2019-13086.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/SexyBeast233/SecBooks - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lingchuL/CVE_POC_test diff --git a/2019/CVE-2019-13101.md b/2019/CVE-2019-13101.md index 30ef464a03..c965fc83cd 100644 --- a/2019/CVE-2019-13101.md +++ b/2019/CVE-2019-13101.md @@ -16,5 +16,6 @@ An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. w - https://github.com/0xT11/CVE-POC - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/halencarjunior/dlkploit600 - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-13115.md b/2019/CVE-2019-13115.md index 97ea3d23d5..32ae2cd9e1 100644 --- a/2019/CVE-2019-13115.md +++ b/2019/CVE-2019-13115.md @@ -14,7 +14,9 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/CSSProject/libssh2-Exploit - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/viz27/Libssh2-Exploit diff --git a/2019/CVE-2019-1322.md b/2019/CVE-2019-1322.md index c8bc3db68f..7236072d64 100644 --- a/2019/CVE-2019-1322.md +++ b/2019/CVE-2019-1322.md @@ -21,6 +21,7 @@ An elevation of privilege vulnerability exists when Windows improperly handles a - https://github.com/Ascotbe/Kernelhub - https://github.com/CnHack3r/Penetration_PoC - https://github.com/DeEpinGh0st/Erebus +- https://github.com/Gl3bGl4z/knowledge - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/alphaSeclab/sec-daily-2019 @@ -30,6 +31,7 @@ An elevation of privilege vulnerability exists when Windows improperly handles a - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/pengusec/awesome-netsec-articles - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/ycdxsb/WindowsPrivilegeEscalation - https://github.com/yedada-wei/- diff --git a/2019/CVE-2019-13224.md b/2019/CVE-2019-13224.md index b01cf6c810..93585543d2 100644 --- a/2019/CVE-2019-13224.md +++ b/2019/CVE-2019-13224.md @@ -15,5 +15,6 @@ No PoCs from references. #### Github - https://github.com/ForAllSecure/VulnerabilitiesLab - https://github.com/kkos/oniguruma +- https://github.com/onivim/esy-oniguruma - https://github.com/winlibs/oniguruma diff --git a/2019/CVE-2019-13225.md b/2019/CVE-2019-13225.md index 373332e0de..81263db1ef 100644 --- a/2019/CVE-2019-13225.md +++ b/2019/CVE-2019-13225.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/kkos/oniguruma +- https://github.com/onivim/esy-oniguruma - https://github.com/winlibs/oniguruma diff --git a/2019/CVE-2019-13272.md b/2019/CVE-2019-13272.md index ba79f7a518..81dca693ca 100644 --- a/2019/CVE-2019-13272.md +++ b/2019/CVE-2019-13272.md @@ -27,14 +27,20 @@ In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the - https://github.com/De4dCr0w/Linux-kernel-EoP-exp - https://github.com/Getshell/LinuxTQ - https://github.com/H0j3n/EzpzCheatSheet +- https://github.com/Huandtx/CVE-2019-13272 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/ONQLin/OS-CourseDesign +- https://github.com/RashmikaEkanayake/Privilege-Escalation-CVE-2019-13272- - https://github.com/S3cur3Th1sSh1t/Pentest-Tools - https://github.com/SexyBeast233/SecBooks - https://github.com/Snoopy-Sec/Localroot-ALL-CVE +- https://github.com/Tharana/Exploiting-a-Linux-kernel-vulnerability +- https://github.com/Tharana/vulnerability-exploitation - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/anoaghost/Localroot_Compile - https://github.com/bcoles/kernel-exploits +- https://github.com/bigbigliang-malwarebenchmark/cve-2019-13272 - https://github.com/cedelasen/htb-laboratory - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/fei9747/LinuxEelvation @@ -46,10 +52,15 @@ In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the - https://github.com/icecliffs/Linux-For-Root - https://github.com/jas502n/CVE-2019-13272 - https://github.com/jiayy/android_vuln_poc-exp +- https://github.com/karlhat/Ksplice-demo - https://github.com/n3t1nv4d3/kernel-exploits - https://github.com/oneoy/CVE-2019-13272 +- https://github.com/polosec/CVE-2019-13272 - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/rakjong/LinuxElevation +- https://github.com/severnake/Pentest-Tools +- https://github.com/sumedhaDharmasena/-Kernel-ptrace-c-mishandles-vulnerability-CVE-2019-13272 +- https://github.com/teddy47/CVE-2019-13272---Documentation - https://github.com/theyoge/AD-Pentesting-Tools - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2019/CVE-2019-1333.md b/2019/CVE-2019-1333.md index b6f9b2ca70..bc4c2a81f0 100644 --- a/2019/CVE-2019-1333.md +++ b/2019/CVE-2019-1333.md @@ -18,5 +18,6 @@ A remote code execution vulnerability exists in the Windows Remote Desktop Clien No PoCs from references. #### Github +- https://github.com/tdcoming/Vulnerability-engine - https://github.com/tom0li/collection-document diff --git a/2019/CVE-2019-13361.md b/2019/CVE-2019-13361.md index 1b4df1e555..6d82b57797 100644 --- a/2019/CVE-2019-13361.md +++ b/2019/CVE-2019-13361.md @@ -16,4 +16,5 @@ Smanos W100 1.0.0 devices have Insecure Permissions, exploitable by an attacker - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lodi-g/CVE-2019-13361 diff --git a/2019/CVE-2019-13403.md b/2019/CVE-2019-13403.md index 36b3c53e3a..12f8e64f25 100644 --- a/2019/CVE-2019-13403.md +++ b/2019/CVE-2019-13403.md @@ -14,6 +14,7 @@ Temenos CWX version 8.9 has an Broken Access Control vulnerability in the module #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/B3Bo1d/CVE-2019-13403 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-13404.md b/2019/CVE-2019-13404.md index b1ed2b4810..6e24052229 100644 --- a/2019/CVE-2019-13404.md +++ b/2019/CVE-2019-13404.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/alidnf/CVE-2019-13404 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-13497.md b/2019/CVE-2019-13497.md index 5e50c024fb..48e66375b0 100644 --- a/2019/CVE-2019-13497.md +++ b/2019/CVE-2019-13497.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/FurqanKhan1/CVE-2019-13497 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-13503.md b/2019/CVE-2019-13503.md index 55e5363bc0..a5629975e8 100644 --- a/2019/CVE-2019-13503.md +++ b/2019/CVE-2019-13503.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/MyKings/security-study-tutorial - https://github.com/alphaSeclab/sec-daily-2019 +- https://github.com/hazedic/fuzzenv-exiv2 diff --git a/2019/CVE-2019-13504.md b/2019/CVE-2019-13504.md index 361b64ee93..a1ea08992b 100644 --- a/2019/CVE-2019-13504.md +++ b/2019/CVE-2019-13504.md @@ -17,5 +17,6 @@ No PoCs from references. - https://github.com/MyKings/security-study-tutorial - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/hazedic/fuzzenv-exiv2 - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-13574.md b/2019/CVE-2019-13574.md index 4646034e26..4c1f0689f2 100644 --- a/2019/CVE-2019-13574.md +++ b/2019/CVE-2019-13574.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/masahiro331/CVE-2019-13574 diff --git a/2019/CVE-2019-13604.md b/2019/CVE-2019-13604.md index f37c580a09..9fca8f89dc 100644 --- a/2019/CVE-2019-13604.md +++ b/2019/CVE-2019-13604.md @@ -13,5 +13,5 @@ There is a short key vulnerability in HID Global DigitalPersona (formerly Crossm - https://github.com/sungjungk/fp-img-key-crack #### Github -No PoCs found on GitHub currently. +- https://github.com/sungjungk/fp-img-key-crack diff --git a/2019/CVE-2019-13636.md b/2019/CVE-2019-13636.md index ad6ccafde4..5f2af689ca 100644 --- a/2019/CVE-2019-13636.md +++ b/2019/CVE-2019-13636.md @@ -15,5 +15,5 @@ In GNU patch through 2.7.6, the following of symlinks is mishandled in certain c - https://seclists.org/bugtraq/2019/Aug/29 #### Github -No PoCs found on GitHub currently. +- https://github.com/irsl/gnu-patch-vulnerabilities diff --git a/2019/CVE-2019-13638.md b/2019/CVE-2019-13638.md index 0d0e8bd575..43e6f2be49 100644 --- a/2019/CVE-2019-13638.md +++ b/2019/CVE-2019-13638.md @@ -15,5 +15,5 @@ GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be - https://seclists.org/bugtraq/2019/Aug/29 #### Github -No PoCs found on GitHub currently. +- https://github.com/irsl/gnu-patch-vulnerabilities diff --git a/2019/CVE-2019-1367.md b/2019/CVE-2019-1367.md index fff6d9fa64..c8f136b9ca 100644 --- a/2019/CVE-2019-1367.md +++ b/2019/CVE-2019-1367.md @@ -23,7 +23,9 @@ No PoCs from references. - https://github.com/HackOvert/awesome-bugs - https://github.com/Panopticon-Project/panopticon-DarkHotel - https://github.com/alphaSeclab/sec-daily-2020 +- https://github.com/cufarvid/Tools - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/mandarenmanman/CVE-2019-1367 - https://github.com/wugedz/CVEs diff --git a/2019/CVE-2019-13694.md b/2019/CVE-2019-13694.md new file mode 100644 index 0000000000..c5352a3aa4 --- /dev/null +++ b/2019/CVE-2019-13694.md @@ -0,0 +1,17 @@ +### [CVE-2019-13694](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13694) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2077.0.3865.120%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20after%20free&color=brighgreen) + +### Description + +Use after free in WebRTC in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/james0x40/chrome-webrtc-pocs + diff --git a/2019/CVE-2019-13720.md b/2019/CVE-2019-13720.md index 272d426427..07a5ad2a44 100644 --- a/2019/CVE-2019-13720.md +++ b/2019/CVE-2019-13720.md @@ -14,9 +14,11 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/ChoKyuWon/CVE-2019-13720 - https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections - https://github.com/De4dCr0w/Browser-pwn - https://github.com/alphaSeclab/sec-daily-2019 +- https://github.com/cve-2019-13720/cve-2019-13720 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/qazbnm456/awesome-cve-poc diff --git a/2019/CVE-2019-1385.md b/2019/CVE-2019-1385.md index 95a1cc6ebd..6431616719 100644 --- a/2019/CVE-2019-1385.md +++ b/2019/CVE-2019-1385.md @@ -23,6 +23,7 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/hlldz/dazzleUP +- https://github.com/klinix5/CVE-2019-1385 - https://github.com/lawrenceamer/0xsp-Mongoose - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2019/CVE-2019-1388.md b/2019/CVE-2019-1388.md index d2fe3af9ce..cb2791aa98 100644 --- a/2019/CVE-2019-1388.md +++ b/2019/CVE-2019-1388.md @@ -23,8 +23,10 @@ No PoCs from references. - https://github.com/CnHack3r/Penetration_PoC - https://github.com/Faridbg/THM_Advent_of_Cyber - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Mrq123/solo-blog - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/SexyBeast233/SecBooks +- https://github.com/TCM-Course-Resources/Windows-Privilege-Escalation-Resources - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/chriskaliX/AD-Pentest-Notes @@ -36,11 +38,14 @@ No PoCs from references. - https://github.com/hlldz/dazzleUP - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/is0late/Tools - https://github.com/izj007/wechat - https://github.com/jas502n/CVE-2019-1388 +- https://github.com/jaychouzzk/CVE-2019-1388 - https://github.com/lawrenceamer/0xsp-Mongoose - https://github.com/mai-lang-chai/System-Vulnerability - https://github.com/merlinxcy/ToolBox +- https://github.com/nickswink/Retro-Writeup - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/superhero1/OSCP-Prep - https://github.com/sv3nbeast/CVE-2019-1388 diff --git a/2019/CVE-2019-13956.md b/2019/CVE-2019-13956.md index 186add3ea4..a8bcfe9113 100644 --- a/2019/CVE-2019-13956.md +++ b/2019/CVE-2019-13956.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/rhbb/CVE-2019-13956 diff --git a/2019/CVE-2019-1402.md b/2019/CVE-2019-1402.md index 35cf66b7ba..3d39fc21f2 100644 --- a/2019/CVE-2019-1402.md +++ b/2019/CVE-2019-1402.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lauxjpn/CorruptQueryAccessWorkaround diff --git a/2019/CVE-2019-14040.md b/2019/CVE-2019-14040.md index db921cb2cb..5d73a33a00 100644 --- a/2019/CVE-2019-14040.md +++ b/2019/CVE-2019-14040.md @@ -16,5 +16,6 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/tamirzb/CVE-2019-14040 - https://github.com/xairy/linux-kernel-exploitation diff --git a/2019/CVE-2019-14041.md b/2019/CVE-2019-14041.md index eb505a7470..3a33a889ee 100644 --- a/2019/CVE-2019-14041.md +++ b/2019/CVE-2019-14041.md @@ -16,5 +16,6 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/tamirzb/CVE-2019-14041 - https://github.com/xairy/linux-kernel-exploitation diff --git a/2019/CVE-2019-1405.md b/2019/CVE-2019-1405.md index cabafd450d..5ca9f2bd9c 100644 --- a/2019/CVE-2019-1405.md +++ b/2019/CVE-2019-1405.md @@ -36,6 +36,7 @@ An elevation of privilege vulnerability exists when the Windows Universal Plug a - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc - https://github.com/lawrenceamer/0xsp-Mongoose +- https://github.com/pengusec/awesome-netsec-articles - https://github.com/shubham0d/SymBlock - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2019/CVE-2019-14221.md b/2019/CVE-2019-14221.md index bcdad4ef32..26bcc9fb10 100644 --- a/2019/CVE-2019-14221.md +++ b/2019/CVE-2019-14221.md @@ -13,5 +13,5 @@ - https://www.exploit-db.com/exploits/47206 #### Github -No PoCs found on GitHub currently. +- https://github.com/cccaaasser/1CRM-CVE diff --git a/2019/CVE-2019-14267.md b/2019/CVE-2019-14267.md index 18d718b63c..a79954b04e 100644 --- a/2019/CVE-2019-14267.md +++ b/2019/CVE-2019-14267.md @@ -16,4 +16,5 @@ PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data asso - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/snappyJack/pdfresurrect_CVE-2019-14267 diff --git a/2019/CVE-2019-14271.md b/2019/CVE-2019-14271.md index 8e2d1ffd57..6e00fbd12e 100644 --- a/2019/CVE-2019-14271.md +++ b/2019/CVE-2019-14271.md @@ -13,10 +13,13 @@ In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), c No PoCs from references. #### Github +- https://github.com/Metarget/cloud-native-security-book - https://github.com/Metarget/metarget - https://github.com/PercussiveElbow/docker-escape-tool - https://github.com/SexyBeast233/SecBooks - https://github.com/SugarP1g/LearningSecurity - https://github.com/alphaSeclab/sec-daily-2019 +- https://github.com/chrisguest75/docker_build_examples +- https://github.com/heroku/bheu19-attacking-cloud-builds - https://github.com/ssst0n3/docker_archive diff --git a/2019/CVE-2019-14277.md b/2019/CVE-2019-14277.md index 72cdf67af0..c859a763d7 100644 --- a/2019/CVE-2019-14277.md +++ b/2019/CVE-2019-14277.md @@ -13,6 +13,7 @@ - https://www.exploit-db.com/exploits/47150 #### Github +- https://github.com/ugur-ercan/exploit-collection - https://github.com/zeropwn/vulnerability-reports-and-pocs - https://github.com/zeropwn/zeropwn diff --git a/2019/CVE-2019-14287.md b/2019/CVE-2019-14287.md index 93c897d439..e2501692e5 100644 --- a/2019/CVE-2019-14287.md +++ b/2019/CVE-2019-14287.md @@ -15,21 +15,47 @@ In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can #### Github - https://github.com/0xT11/CVE-POC - https://github.com/AfvanMoopen/tryhackme- +- https://github.com/CMNatic/Dockerized-CVE-2019-14287 +- https://github.com/CMNatic/UoG-CTF +- https://github.com/CashWilliams/CVE-2019-14287-demo +- https://github.com/DewmiApsara/CVE-2019-14287 +- https://github.com/FauxFaux/sudo-cve-2019-14287 - https://github.com/Getshell/LinuxTQ +- https://github.com/HussyCool/CVE-2019-14287-IT18030372- +- https://github.com/Janette88/cve-2019-14287sudoexp +- https://github.com/RoqueNight/Linux-Privilege-Escalation-Basics +- https://github.com/SachinthaDeSilva-cmd/Exploit-CVE-2019-14287 - https://github.com/SexyBeast233/SecBooks +- https://github.com/ShianTrish/sudo-Security-Bypass-vulnerability-CVE-2019-14287 +- https://github.com/Sindadziy/cve-2019-14287 +- https://github.com/Sindayifu/CVE-2019-14287-CVE-2014-6271 - https://github.com/Sithma/SNP +- https://github.com/TCM-Course-Resources/Linux-Privilege-Escalation-Resources +- https://github.com/Tharana/Exploiting-a-Linux-kernel-vulnerability +- https://github.com/Tharana/vulnerability-exploitation +- https://github.com/agariy/MyFirstWebShell - https://github.com/alphaSeclab/sec-daily-2019 +- https://github.com/axax002/sudo-vulnerability-CVE-2019-14287 +- https://github.com/bianfusia/CTF-writeup - https://github.com/catsecorg/CatSec-TryHackMe-WriteUps - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/dhniroshan/offensive_hacking +- https://github.com/ejlevin99/Sudo-Security-Bypass-Vulnerability - https://github.com/emtuls/Awesome-Cyber-Security-List +- https://github.com/gurneesh/CVE-2019-14287-write-up - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/huang919/cve-2019-14287-PPT +- https://github.com/janod313/-CVE-2019-14287-SUDO-bypass-vulnerability - https://github.com/jordansinclair1990/TryHackMeAgentSudo - https://github.com/mai-lang-chai/System-Vulnerability +- https://github.com/malangalothbrok/linux-bypass - https://github.com/malangalothbrok/sudo-linux-bypass - https://github.com/n0w4n/CVE-2019-14287 - https://github.com/shallvhack/Sudo-Security-Bypass-CVE-2019-14287 - https://github.com/shashihacks/OSCP - https://github.com/shrishtydayal2304/100-days-of-code - https://github.com/stefanman125/CyberSci-pizzashop +- https://github.com/thinuri99/Sudo-Security-Bypass-Vulnerability-CVE-2019-14287- +- https://github.com/wenyu1999/sudo- - https://github.com/xyongcn/exploit diff --git a/2019/CVE-2019-14314.md b/2019/CVE-2019-14314.md index c9315303a2..cf1017b7b5 100644 --- a/2019/CVE-2019-14314.md +++ b/2019/CVE-2019-14314.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/imthoe/CVE-2019-14314 diff --git a/2019/CVE-2019-14319.md b/2019/CVE-2019-14319.md index 76e7fbdef4..75f3ab6625 100644 --- a/2019/CVE-2019-14319.md +++ b/2019/CVE-2019-14319.md @@ -14,6 +14,7 @@ The TikTok (formerly Musical.ly) application 12.2.0 for Android and iOS performs #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/MelroyB/CVE-2019-14319 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-14326.md b/2019/CVE-2019-14326.md index 2f426fb74f..59e805f1e7 100644 --- a/2019/CVE-2019-14326.md +++ b/2019/CVE-2019-14326.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/seqred-s-a/cve-2019-14326 diff --git a/2019/CVE-2019-14379.md b/2019/CVE-2019-14379.md index 8c4ea66dfd..ac0b943bf7 100644 --- a/2019/CVE-2019-14379.md +++ b/2019/CVE-2019-14379.md @@ -13,5 +13,8 @@ SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles de No PoCs from references. #### Github +- https://github.com/diakogiannis/moviebook +- https://github.com/galimba/Jackson-deserialization-PoC - https://github.com/heike2718/commons +- https://github.com/ilmari666/cybsec diff --git a/2019/CVE-2019-14439.md b/2019/CVE-2019-14439.md index a469c60d0b..4f1f0b58e6 100644 --- a/2019/CVE-2019-14439.md +++ b/2019/CVE-2019-14439.md @@ -15,6 +15,10 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/diakogiannis/moviebook +- https://github.com/galimba/Jackson-deserialization-PoC - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/heike2718/commons +- https://github.com/ilmari666/cybsec +- https://github.com/jas502n/CVE-2019-14439 diff --git a/2019/CVE-2019-14514.md b/2019/CVE-2019-14514.md index 1b1d84d255..7fa9d86267 100644 --- a/2019/CVE-2019-14514.md +++ b/2019/CVE-2019-14514.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/seqred-s-a/cve-2019-14514 diff --git a/2019/CVE-2019-14529.md b/2019/CVE-2019-14529.md index 945a2d6c91..c42b6fdab2 100644 --- a/2019/CVE-2019-14529.md +++ b/2019/CVE-2019-14529.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/Wezery/CVE-2019-14529 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-14530.md b/2019/CVE-2019-14530.md index 45992339f4..e55a2e28e5 100644 --- a/2019/CVE-2019-14530.md +++ b/2019/CVE-2019-14530.md @@ -16,6 +16,7 @@ An issue was discovered in custom/ajax_download.php in OpenEMR before 5.0.2 via #### Github - https://github.com/0xT11/CVE-POC - https://github.com/Hacker5preme/Exploits +- https://github.com/Wezery/CVE-2019-14530 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-14537.md b/2019/CVE-2019-14537.md index d6f06ae521..2b18a04bd7 100644 --- a/2019/CVE-2019-14537.md +++ b/2019/CVE-2019-14537.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/Wocanilo/CVE-2019-14537 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-14540.md b/2019/CVE-2019-14540.md index 2a8d22848a..ae64590fc6 100644 --- a/2019/CVE-2019-14540.md +++ b/2019/CVE-2019-14540.md @@ -20,6 +20,8 @@ No PoCs from references. - https://github.com/SexyBeast233/SecBooks - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/ilmari666/cybsec - https://github.com/kiwitcms/junit-plugin - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +- https://github.com/yahoo/cubed diff --git a/2019/CVE-2019-1458.md b/2019/CVE-2019-1458.md index bc1ea8fc38..1df8609c44 100644 --- a/2019/CVE-2019-1458.md +++ b/2019/CVE-2019-1458.md @@ -19,6 +19,7 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - https://github.com/0xpetros/windows-privilage-escalation - https://github.com/Ascotbe/Kernelhub - https://github.com/CnHack3r/Penetration_PoC +- https://github.com/DreamoneOnly/CVE-2019-1458-malware - https://github.com/FULLSHADE/WindowsExploitationResources - https://github.com/Jkrasher/WindowsThreatResearch_JKrasher - https://github.com/Mr-xn/Penetration_Testing_POC @@ -40,9 +41,11 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - https://github.com/mishmashclone/SecWiki-windows-kernel-exploits - https://github.com/nicolas-gagnon/windows-kernel-exploits - https://github.com/paramint/windows-kernel-exploits +- https://github.com/piotrflorczyk/cve-2019-1458_POC - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/root26/bug - https://github.com/safesword/WindowsExp +- https://github.com/unamer/CVE-2019-1458 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2019/CVE-2019-14697.md b/2019/CVE-2019-14697.md index 2f6cd96fd0..0eab21002b 100644 --- a/2019/CVE-2019-14697.md +++ b/2019/CVE-2019-14697.md @@ -13,7 +13,10 @@ musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, r No PoCs from references. #### Github +- https://github.com/admmasters/docker-node10 +- https://github.com/admmasters/docker-node12 - https://github.com/siddharthraopotukuchi/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers - https://github.com/umahari/security +- https://github.com/vinamra28/tekton-image-scan-trivy diff --git a/2019/CVE-2019-14745.md b/2019/CVE-2019-14745.md index e780eb8b2d..c969da6cf1 100644 --- a/2019/CVE-2019-14745.md +++ b/2019/CVE-2019-14745.md @@ -17,4 +17,5 @@ In radare2 before 3.7.0, a command injection vulnerability exists in bin_symbols - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/xooxo/CVE-2019-14745 diff --git a/2019/CVE-2019-14751.md b/2019/CVE-2019-14751.md index 205374e5a9..5cf6953cf5 100644 --- a/2019/CVE-2019-14751.md +++ b/2019/CVE-2019-14751.md @@ -17,4 +17,5 @@ NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing at - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/mssalvatore/CVE-2019-14751_PoC diff --git a/2019/CVE-2019-1476.md b/2019/CVE-2019-1476.md index 77ea98ca1e..83e25f6a8e 100644 --- a/2019/CVE-2019-1476.md +++ b/2019/CVE-2019-1476.md @@ -25,5 +25,6 @@ An elevation of privilege vulnerability exists when Windows AppX Deployment Serv - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/sgabe/CVE-2019-1476 - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2019/CVE-2019-14811.md b/2019/CVE-2019-14811.md index a3b217cb1b..d5efee8478 100644 --- a/2019/CVE-2019-14811.md +++ b/2019/CVE-2019-14811.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/barrracud4/image-upload-exploits +- https://github.com/hhc0null/GhostRule diff --git a/2019/CVE-2019-14812.md b/2019/CVE-2019-14812.md index cb55fa55ab..0746334b32 100644 --- a/2019/CVE-2019-14812.md +++ b/2019/CVE-2019-14812.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/barrracud4/image-upload-exploits +- https://github.com/hhc0null/GhostRule diff --git a/2019/CVE-2019-14813.md b/2019/CVE-2019-14813.md index 9ab0101429..d586f202f9 100644 --- a/2019/CVE-2019-14813.md +++ b/2019/CVE-2019-14813.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/barrracud4/image-upload-exploits +- https://github.com/hhc0null/GhostRule diff --git a/2019/CVE-2019-14830.md b/2019/CVE-2019-14830.md index 6562dbbb5d..0872a5406f 100644 --- a/2019/CVE-2019-14830.md +++ b/2019/CVE-2019-14830.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/Fr3d-/moodle-token-stealer - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-14838.md b/2019/CVE-2019-14838.md new file mode 100644 index 0000000000..8382311107 --- /dev/null +++ b/2019/CVE-2019-14838.md @@ -0,0 +1,17 @@ +### [CVE-2019-14838](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14838) +![](https://img.shields.io/static/v1?label=Product&message=wildfly-core&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284&color=brighgreen) + +### Description + +A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cbsuresh/rh6_jbosseap724 + diff --git a/2019/CVE-2019-14843.md b/2019/CVE-2019-14843.md new file mode 100644 index 0000000000..ef8cceb273 --- /dev/null +++ b/2019/CVE-2019-14843.md @@ -0,0 +1,17 @@ +### [CVE-2019-14843](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14843) +![](https://img.shields.io/static/v1?label=Product&message=wildfly-security-manager&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-592&color=brighgreen) + +### Description + +A flaw was found in Wildfly Security Manager, running under JDK 11 or 8, that authorized requests for any requester. This flaw could be used by a malicious app deployed on the app server to access unauthorized information and possibly conduct further attacks. Versions shipped with Red Hat Jboss EAP 7 and Red Hat SSO 7 are vulnerable to this issue. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cbsuresh/rh6_jbosseap724 + diff --git a/2019/CVE-2019-14855.md b/2019/CVE-2019-14855.md index 618285f8f9..fd98952e8f 100644 --- a/2019/CVE-2019-14855.md +++ b/2019/CVE-2019-14855.md @@ -13,6 +13,7 @@ A flaw was found in the way certificate signatures could be forged using collisi No PoCs from references. #### Github +- https://github.com/SHA-mbles/SHA-mbles.github.io - https://github.com/garethr/snykout - https://github.com/hannob/pgpbugs diff --git a/2019/CVE-2019-14865.md b/2019/CVE-2019-14865.md new file mode 100644 index 0000000000..1e7a6d4869 --- /dev/null +++ b/2019/CVE-2019-14865.md @@ -0,0 +1,17 @@ +### [CVE-2019-14865](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14865) +![](https://img.shields.io/static/v1?label=Product&message=grub2&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-267&color=brighgreen) + +### Description + +A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/taviso/scanlimits + diff --git a/2019/CVE-2019-14889.md b/2019/CVE-2019-14889.md new file mode 100644 index 0000000000..da00724bbb --- /dev/null +++ b/2019/CVE-2019-14889.md @@ -0,0 +1,17 @@ +### [CVE-2019-14889](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14889) +![](https://img.shields.io/static/v1?label=Product&message=libssh&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-78&color=brighgreen) + +### Description + +A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence the third parameter of the function, it would become possible for an attacker to inject arbitrary commands, leading to a compromise of the remote target. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/tom-dell/CVELK + diff --git a/2019/CVE-2019-14893.md b/2019/CVE-2019-14893.md index 1561fdc209..4a08050fa0 100644 --- a/2019/CVE-2019-14893.md +++ b/2019/CVE-2019-14893.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/yahoo/cubed diff --git a/2019/CVE-2019-14899.md b/2019/CVE-2019-14899.md index 41358b6444..fc7a392cb2 100644 --- a/2019/CVE-2019-14899.md +++ b/2019/CVE-2019-14899.md @@ -13,6 +13,7 @@ A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Andro No PoCs from references. #### Github +- https://github.com/SailfishOS-sdm660/SailfishOS_Kernel_Defconfig - https://github.com/Whonix/security-misc - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-14912.md b/2019/CVE-2019-14912.md index 4879dca3d1..77fefbc52d 100644 --- a/2019/CVE-2019-14912.md +++ b/2019/CVE-2019-14912.md @@ -14,6 +14,7 @@ An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does not properl #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/Wocanilo/adaPwn - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-14941.md b/2019/CVE-2019-14941.md new file mode 100644 index 0000000000..2d537db6a3 --- /dev/null +++ b/2019/CVE-2019-14941.md @@ -0,0 +1,17 @@ +### [CVE-2019-14941](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14941) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +SHAREit through 4.0.6.177 does not check the body length from the received packet header (which is used to allocate memory for the next set of data). This could lead to a system denial of service due to uncontrolled memory allocation. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/nathunandwani/shareit-cwe-789 + diff --git a/2019/CVE-2019-15029.md b/2019/CVE-2019-15029.md index a9146304d7..1924769dc9 100644 --- a/2019/CVE-2019-15029.md +++ b/2019/CVE-2019-15029.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/mhaskar/CVE-2019-15029 diff --git a/2019/CVE-2019-15043.md b/2019/CVE-2019-15043.md index e13ae212e1..da8d5613a9 100644 --- a/2019/CVE-2019-15043.md +++ b/2019/CVE-2019-15043.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/DNTYO/F5_Vulnerability - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/h0ffayyy/CVE-2019-15043 - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/n1sh1th/CVE-POC - https://github.com/sobinge/nuclei-templates diff --git a/2019/CVE-2019-15053.md b/2019/CVE-2019-15053.md index 118a9857b5..e0eab37574 100644 --- a/2019/CVE-2019-15053.md +++ b/2019/CVE-2019-15053.md @@ -16,4 +16,5 @@ The "HTML Include and replace macro" plugin before 1.5.0 for Confluence Server a - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/l0nax/CVE-2019-15053 diff --git a/2019/CVE-2019-15081.md b/2019/CVE-2019-15081.md index 64da3d7d18..494d9472a3 100644 --- a/2019/CVE-2019-15081.md +++ b/2019/CVE-2019-15081.md @@ -13,5 +13,5 @@ OpenCart 3.x, when the attacker has login access to the admin panel, allows stor - http://packetstormsecurity.com/files/154286/Opencart-3.x-Cross-Site-Scripting.html #### Github -No PoCs found on GitHub currently. +- https://github.com/nipunsomani/Opencart-3.x.x-Authenticated-Stored-XSS diff --git a/2019/CVE-2019-15107.md b/2019/CVE-2019-15107.md index 45dfcc93f3..a18c3f6288 100644 --- a/2019/CVE-2019-15107.md +++ b/2019/CVE-2019-15107.md @@ -24,23 +24,40 @@ An issue was discovered in Webmin <=1.920. The parameter old in password_change. - https://github.com/3gstudent/Homework-of-Python - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/AdministratorGithub/CVE-2019-15107 +- https://github.com/AleWong/WebminRCE-EXP-CVE-2019-15107- +- https://github.com/ChakoMoonFish/webmin_CVE-2019-15107 - https://github.com/CnHack3r/Penetration_PoC - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/HACHp1/webmin_docker_and_exp - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Pichuuuuu/CVE-2019-15107 +- https://github.com/Rayferrufino/Make-and-Break - https://github.com/SexyBeast233/SecBooks - https://github.com/YIXINSHUWU/Penetration_Testing_POC +- https://github.com/YeezyTaughtMe1/HTB-Postman +- https://github.com/cd6629/Python-scripts +- https://github.com/chalern/Pentest-Tools - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/fengjixuchui/RedTeamer +- https://github.com/fofapro/vulfocus +- https://github.com/foxsin34/WebMin-1.890-Exploit-unauthorized-RCE +- https://github.com/g0db0x/CVE_2019_15107 - https://github.com/hanc00l/some_pocsuite +- https://github.com/hannob/webminex - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/ianxtianxt/CVE-2019-15107 - https://github.com/jas502n/CVE-2019-15107 - https://github.com/jas502n/CVE-2019-15642 +- https://github.com/ketlerd/CVE-2019-15107 +- https://github.com/lonehand/TIPS - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/sobinge/nuclei-templates - https://github.com/tom0li/collection-document +- https://github.com/ugur-ercan/exploit-collection +- https://github.com/whokilleddb/CVE-2019-15107 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/yedada-wei/- diff --git a/2019/CVE-2019-15120.md b/2019/CVE-2019-15120.md index 67b9e6fca6..88d0ed11d9 100644 --- a/2019/CVE-2019-15120.md +++ b/2019/CVE-2019-15120.md @@ -15,5 +15,6 @@ The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode. #### Github - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/h3llraiser/CVE-2019-15120 - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-15126.md b/2019/CVE-2019-15126.md index 6347736e59..8c1101d046 100644 --- a/2019/CVE-2019-15126.md +++ b/2019/CVE-2019-15126.md @@ -15,12 +15,14 @@ An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure #### Github +- https://github.com/0x13enny/kr00k - https://github.com/0xT11/CVE-POC - https://github.com/Astrogeorgeonethree/Starred - https://github.com/WinMin/Protocol-Vul - https://github.com/akabe1/kr00ker - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hexway/r00kie-kr00kie - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/raw-packet/raw-packet - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2019/CVE-2019-15224.md b/2019/CVE-2019-15224.md index 14a4f05d1d..73762e1412 100644 --- a/2019/CVE-2019-15224.md +++ b/2019/CVE-2019-15224.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/chef-cft/inspec_cve_2019_15224 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-15225.md b/2019/CVE-2019-15225.md new file mode 100644 index 0000000000..051cebf91e --- /dev/null +++ b/2019/CVE-2019-15225.md @@ -0,0 +1,17 @@ +### [CVE-2019-15225](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15225) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In Envoy through 1.11.1, users may configure a route to match incoming path headers via the libstdc++ regular expression implementation. A remote attacker may send a request with a very long URI to result in a denial of service (memory consumption). This is a related issue to CVE-2019-14993. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/dgn/killenvoy + diff --git a/2019/CVE-2019-15231.md b/2019/CVE-2019-15231.md index a4f59401d3..7ffe994df1 100644 --- a/2019/CVE-2019-15231.md +++ b/2019/CVE-2019-15231.md @@ -13,5 +13,6 @@ No PoCs from references. #### Github +- https://github.com/hannob/webminex - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2019/CVE-2019-15233.md b/2019/CVE-2019-15233.md index 8d72f3a1fe..3bbfa86af1 100644 --- a/2019/CVE-2019-15233.md +++ b/2019/CVE-2019-15233.md @@ -16,4 +16,5 @@ The Live:Text Box macro in the Old Street Live Input Macros app before 2.11 for - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/l0nax/CVE-2019-15233 diff --git a/2019/CVE-2019-15234.md b/2019/CVE-2019-15234.md new file mode 100644 index 0000000000..d24dafeb50 --- /dev/null +++ b/2019/CVE-2019-15234.md @@ -0,0 +1,17 @@ +### [CVE-2019-15234](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15234) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +SHAREit through 4.0.6.177 does not check the full message length from the received packet header (which is used to allocate memory for the next set of data). This could lead to a system denial of service due to uncontrolled memory allocation. This is different from CVE-2019-14941. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/nathunandwani/shareit-cwe-789 + diff --git a/2019/CVE-2019-1543.md b/2019/CVE-2019-1543.md index 8fd4f24eed..ad80f268ca 100644 --- a/2019/CVE-2019-1543.md +++ b/2019/CVE-2019-1543.md @@ -13,11 +13,19 @@ ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/aquasecurity/trivy +- https://github.com/fhirfactory/pegacorn-scanner-trivy +- https://github.com/georgearce24/aquasecurity-trivy +- https://github.com/immydestiny/trivy-file +- https://github.com/jntass/TASSL-1.1.1k +- https://github.com/justPray/1122 +- https://github.com/kaisenlinux/trivy - https://github.com/pottava/trivy-restapi - https://github.com/ronomon/crypto-async - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers +- https://github.com/thecyberbaby/Trivy-by-aquaSecurity - https://github.com/umahari/security diff --git a/2019/CVE-2019-1547.md b/2019/CVE-2019-1547.md index 1ef15d604f..f3c3d0ab2c 100644 --- a/2019/CVE-2019-1547.md +++ b/2019/CVE-2019-1547.md @@ -15,8 +15,12 @@ Normally in OpenSSL EC groups always have a co-factor present and this is used i - https://www.tenable.com/security/tns-2019-08 #### Github +- https://github.com/djschleen/ash +- https://github.com/jntass/TASSL-1.1.1k - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers +- https://github.com/thecyberbaby/Trivy-by-aquaSecurity - https://github.com/umahari/security +- https://github.com/vinamra28/tekton-image-scan-trivy diff --git a/2019/CVE-2019-1549.md b/2019/CVE-2019-1549.md index 1e04d49dc1..93402fe2f2 100644 --- a/2019/CVE-2019-1549.md +++ b/2019/CVE-2019-1549.md @@ -13,8 +13,12 @@ OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was int - https://seclists.org/bugtraq/2019/Oct/1 #### Github +- https://github.com/djschleen/ash +- https://github.com/jntass/TASSL-1.1.1k - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers +- https://github.com/thecyberbaby/Trivy-by-aquaSecurity - https://github.com/umahari/security +- https://github.com/vinamra28/tekton-image-scan-trivy diff --git a/2019/CVE-2019-1551.md b/2019/CVE-2019-1551.md index 44a9b67022..8e39ccad81 100644 --- a/2019/CVE-2019-1551.md +++ b/2019/CVE-2019-1551.md @@ -18,5 +18,7 @@ There is an overflow bug in the x64_64 Montgomery squaring procedure used in exp - https://github.com/garethr/snykout - https://github.com/siddharthraopotukuchi/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers +- https://github.com/thecyberbaby/Trivy-by-aquaSecurity - https://github.com/umahari/security +- https://github.com/vinamra28/tekton-image-scan-trivy diff --git a/2019/CVE-2019-15511.md b/2019/CVE-2019-15511.md index b2875c3a1d..2c091e5410 100644 --- a/2019/CVE-2019-15511.md +++ b/2019/CVE-2019-15511.md @@ -14,6 +14,7 @@ An exploitable local privilege escalation vulnerability exists in the GalaxyClie #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/adenkiewicz/CVE-2019-15511 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-1552.md b/2019/CVE-2019-1552.md index 9ca73f4cec..564dc62dd5 100644 --- a/2019/CVE-2019-1552.md +++ b/2019/CVE-2019-1552.md @@ -13,5 +13,5 @@ OpenSSL has internal defaults for a directory tree where it can find a configura - https://www.tenable.com/security/tns-2019-08 #### Github -No PoCs found on GitHub currently. +- https://github.com/jntass/TASSL-1.1.1k diff --git a/2019/CVE-2019-15588.md b/2019/CVE-2019-15588.md index bc72aed1d6..199b63395b 100644 --- a/2019/CVE-2019-15588.md +++ b/2019/CVE-2019-15588.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/tdcoming/Vulnerability-engine diff --git a/2019/CVE-2019-1559.md b/2019/CVE-2019-1559.md index ee03ec200c..aa99f07147 100644 --- a/2019/CVE-2019-1559.md +++ b/2019/CVE-2019-1559.md @@ -13,6 +13,7 @@ If an application encounters a fatal protocol error and then calls SSL_shutdown( No PoCs from references. #### Github +- https://github.com/daTourist/Centos-6-openssl-1.0.1e-58.pd1trfir - https://github.com/revl-ca/scan-docker-image - https://github.com/tls-attacker/TLS-Padding-Oracles diff --git a/2019/CVE-2019-15605.md b/2019/CVE-2019-15605.md index 95d6d7d46c..ddb38b2637 100644 --- a/2019/CVE-2019-15605.md +++ b/2019/CVE-2019-15605.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/jlcarruda/node-poc-http-smuggling diff --git a/2019/CVE-2019-1563.md b/2019/CVE-2019-1563.md index caeec79b21..a9f84250fb 100644 --- a/2019/CVE-2019-1563.md +++ b/2019/CVE-2019-1563.md @@ -14,8 +14,12 @@ In situations where an attacker receives automated notification of the success o - https://seclists.org/bugtraq/2019/Oct/1 #### Github +- https://github.com/djschleen/ash +- https://github.com/jntass/TASSL-1.1.1k - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers +- https://github.com/thecyberbaby/Trivy-by-aquaSecurity - https://github.com/umahari/security +- https://github.com/vinamra28/tekton-image-scan-trivy diff --git a/2019/CVE-2019-15642.md b/2019/CVE-2019-15642.md index aac43f9cbe..7f63442e86 100644 --- a/2019/CVE-2019-15642.md +++ b/2019/CVE-2019-15642.md @@ -17,6 +17,7 @@ No PoCs from references. - https://github.com/CnHack3r/Penetration_PoC - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/YIXINSHUWU/Penetration_Testing_POC +- https://github.com/chalern/Pentest-Tools - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-15745.md b/2019/CVE-2019-15745.md new file mode 100644 index 0000000000..d4ff303f35 --- /dev/null +++ b/2019/CVE-2019-15745.md @@ -0,0 +1,17 @@ +### [CVE-2019-15745](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15745) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The Eques elf smart plug and the mobile app use a hardcoded AES 256 bit key to encrypt the commands and responses between the device and the app. The communication happens over UDP port 27431. An attacker on the local network can use the same key to encrypt and send commands to discover all smart plugs in a network, take over control of a device, and perform actions such as turning it on and off. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/iamckn/eques + diff --git a/2019/CVE-2019-1579.md b/2019/CVE-2019-1579.md index a1ccf06644..5a9c4ff0c6 100644 --- a/2019/CVE-2019-1579.md +++ b/2019/CVE-2019-1579.md @@ -16,6 +16,9 @@ Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier - https://github.com/0xT11/CVE-POC - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/fischbach/gp_vulnerability - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/pengusec/awesome-netsec-articles +- https://github.com/r0eXpeR/supplier - https://github.com/securifera/CVE-2019-1579 diff --git a/2019/CVE-2019-15799.md b/2019/CVE-2019-15799.md new file mode 100644 index 0000000000..8ef0aff078 --- /dev/null +++ b/2019/CVE-2019-15799.md @@ -0,0 +1,17 @@ +### [CVE-2019-15799](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15799) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. User accounts created through the web interface of the device, when given non-admin level privileges, have the same level of privileged access as administrators when connecting to the device via SSH (while their permissions via the web interface are in fact restricted). This allows normal users to obtain the administrative password by running the tech-support command via the CLI: this contains the encrypted passwords for all users on the device. As these passwords are encrypted using well-known and static parameters, they can be decrypted and the original passwords (including the administrator password) can be obtained. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/jasperla/realtek_turnkey_decrypter + diff --git a/2019/CVE-2019-15801.md b/2019/CVE-2019-15801.md new file mode 100644 index 0000000000..75b912ecda --- /dev/null +++ b/2019/CVE-2019-15801.md @@ -0,0 +1,17 @@ +### [CVE-2019-15801](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15801) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware image contains encrypted passwords that are used to authenticate users wishing to access a diagnostics or password-recovery menu. Using the hardcoded cryptographic key found elsewhere in the firmware, these passwords can be decrypted. This is related to fds_sys_passDebugPasswd_ret() and fds_sys_passRecoveryPasswd_ret() in libfds.so.0.0. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/jasperla/realtek_turnkey_decrypter + diff --git a/2019/CVE-2019-15802.md b/2019/CVE-2019-15802.md index e265145f3e..5d7cdda13a 100644 --- a/2019/CVE-2019-15802.md +++ b/2019/CVE-2019-15802.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/jasperla/realtek_turnkey_decrypter diff --git a/2019/CVE-2019-15846.md b/2019/CVE-2019-15846.md index 81fd1a1d55..7ea875d0f6 100644 --- a/2019/CVE-2019-15846.md +++ b/2019/CVE-2019-15846.md @@ -18,6 +18,7 @@ Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via - https://github.com/0xT11/CVE-POC - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/area1/exim-cve-2019-10149-data +- https://github.com/d3k4z/nmap-cve2019-15846 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/iGotRootSRC/Dorkers diff --git a/2019/CVE-2019-15910.md b/2019/CVE-2019-15910.md index 1069e5e40f..ab822786dc 100644 --- a/2019/CVE-2019-15910.md +++ b/2019/CVE-2019-15910.md @@ -13,5 +13,5 @@ An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL - https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15910.md #### Github -No PoCs found on GitHub currently. +- https://github.com/chengcheng227/CVE-POC diff --git a/2019/CVE-2019-15911.md b/2019/CVE-2019-15911.md index a6464005f1..6ec242fff6 100644 --- a/2019/CVE-2019-15911.md +++ b/2019/CVE-2019-15911.md @@ -13,5 +13,5 @@ An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL - https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15911.md #### Github -No PoCs found on GitHub currently. +- https://github.com/chengcheng227/CVE-POC diff --git a/2019/CVE-2019-15912.md b/2019/CVE-2019-15912.md index 530c15f6c7..cd570413c0 100644 --- a/2019/CVE-2019-15912.md +++ b/2019/CVE-2019-15912.md @@ -14,5 +14,5 @@ An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL - https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15912_2.md #### Github -No PoCs found on GitHub currently. +- https://github.com/chengcheng227/CVE-POC diff --git a/2019/CVE-2019-15913.md b/2019/CVE-2019-15913.md index 9d60166dac..08112e03fc 100644 --- a/2019/CVE-2019-15913.md +++ b/2019/CVE-2019-15913.md @@ -13,5 +13,5 @@ An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RT - https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15913.md #### Github -No PoCs found on GitHub currently. +- https://github.com/chengcheng227/CVE-POC diff --git a/2019/CVE-2019-15914.md b/2019/CVE-2019-15914.md index 411d151782..c62c0c358d 100644 --- a/2019/CVE-2019-15914.md +++ b/2019/CVE-2019-15914.md @@ -14,5 +14,5 @@ An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RT - https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15914_2.md #### Github -No PoCs found on GitHub currently. +- https://github.com/chengcheng227/CVE-POC diff --git a/2019/CVE-2019-15915.md b/2019/CVE-2019-15915.md index 4f639d69e2..8f28d9e8d6 100644 --- a/2019/CVE-2019-15915.md +++ b/2019/CVE-2019-15915.md @@ -13,5 +13,5 @@ An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, RTCGQ01LM devi - https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15915.md #### Github -No PoCs found on GitHub currently. +- https://github.com/chengcheng227/CVE-POC diff --git a/2019/CVE-2019-15949.md b/2019/CVE-2019-15949.md index ae1369250f..1edcb01425 100644 --- a/2019/CVE-2019-15949.md +++ b/2019/CVE-2019-15949.md @@ -17,4 +17,5 @@ Nagios XI before 5.6.6 allows remote command execution as root. The exploit requ #### Github - https://github.com/AfvanMoopen/tryhackme- - https://github.com/catsecorg/CatSec-TryHackMe-WriteUps +- https://github.com/jakgibb/nagiosxi-root-rce-exploit diff --git a/2019/CVE-2019-1609.md b/2019/CVE-2019-1609.md index e401fba12f..6adb6f5de7 100644 --- a/2019/CVE-2019-1609.md +++ b/2019/CVE-2019-1609.md @@ -20,4 +20,5 @@ No PoCs from references. #### Github - https://github.com/dacade/cve-2019-16097 +- https://github.com/tdcoming/Vulnerability-engine diff --git a/2019/CVE-2019-16097.md b/2019/CVE-2019-16097.md index 045c428a09..3b2b57fa3b 100644 --- a/2019/CVE-2019-16097.md +++ b/2019/CVE-2019-16097.md @@ -17,9 +17,16 @@ core/api/user.go in Harbor 1.7.0 through 1.8.2 allows non-admin users to create - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/SexyBeast233/SecBooks +- https://github.com/TeraSecTeam/ary - https://github.com/alphaSeclab/sec-daily-2019 +- https://github.com/dacade/cve-2019-16097 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/evilAdan0s/CVE-2019-16097 - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/ianxtianxt/CVE-2019-16097 +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection +- https://github.com/luckybool1020/CVE-2019-16097 +- https://github.com/rockmelodies/CVE-2019-16097-batch - https://github.com/tdtc7/qps +- https://github.com/theLSA/harbor-give-me-admin diff --git a/2019/CVE-2019-16113.md b/2019/CVE-2019-16113.md index 3de0f07668..29b3e93a93 100644 --- a/2019/CVE-2019-16113.md +++ b/2019/CVE-2019-16113.md @@ -17,6 +17,8 @@ Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php b #### Github - https://github.com/0xT11/CVE-POC - https://github.com/cocomelonc/vulnexipy +- https://github.com/cybervaca/CVE-2019-16113 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/ynots0ups/CVE-2019-16113 diff --git a/2019/CVE-2019-16117.md b/2019/CVE-2019-16117.md index bf40e45b57..689624016d 100644 --- a/2019/CVE-2019-16117.md +++ b/2019/CVE-2019-16117.md @@ -13,5 +13,5 @@ Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin bef - http://packetstormsecurity.com/files/154433/WordPress-Photo-Gallery-1.5.34-Cross-Site-Scripting.html #### Github -No PoCs found on GitHub currently. +- https://github.com/El-Palomo/EVM1 diff --git a/2019/CVE-2019-16118.md b/2019/CVE-2019-16118.md index 3403d39888..e7f1afca90 100644 --- a/2019/CVE-2019-16118.md +++ b/2019/CVE-2019-16118.md @@ -13,5 +13,5 @@ Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin bef - http://packetstormsecurity.com/files/154433/WordPress-Photo-Gallery-1.5.34-Cross-Site-Scripting.html #### Github -No PoCs found on GitHub currently. +- https://github.com/El-Palomo/EVM1 diff --git a/2019/CVE-2019-16119.md b/2019/CVE-2019-16119.md index 76c5fcbe97..de28fe1988 100644 --- a/2019/CVE-2019-16119.md +++ b/2019/CVE-2019-16119.md @@ -13,5 +13,5 @@ SQL injection in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 fo - http://packetstormsecurity.com/files/154432/WordPress-Photo-Gallery-1.5.34-SQL-Injection.html #### Github -No PoCs found on GitHub currently. +- https://github.com/El-Palomo/EVM1 diff --git a/2019/CVE-2019-16131.md b/2019/CVE-2019-16131.md index 2b86030f77..8299d628b7 100644 --- a/2019/CVE-2019-16131.md +++ b/2019/CVE-2019-16131.md @@ -17,6 +17,7 @@ No PoCs from references. - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/YIXINSHUWU/Penetration_Testing_POC +- https://github.com/chalern/Pentest-Tools - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc diff --git a/2019/CVE-2019-16132.md b/2019/CVE-2019-16132.md index 8ff0f91c16..af689466ab 100644 --- a/2019/CVE-2019-16132.md +++ b/2019/CVE-2019-16132.md @@ -17,6 +17,7 @@ No PoCs from references. - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/YIXINSHUWU/Penetration_Testing_POC +- https://github.com/chalern/Pentest-Tools - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc diff --git a/2019/CVE-2019-16163.md b/2019/CVE-2019-16163.md index fa9bc28403..c498048c57 100644 --- a/2019/CVE-2019-16163.md +++ b/2019/CVE-2019-16163.md @@ -14,5 +14,6 @@ Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion #### Github - https://github.com/kkos/oniguruma +- https://github.com/onivim/esy-oniguruma - https://github.com/winlibs/oniguruma diff --git a/2019/CVE-2019-16201.md b/2019/CVE-2019-16201.md index 74e44b7b71..fefc971ab2 100644 --- a/2019/CVE-2019-16201.md +++ b/2019/CVE-2019-16201.md @@ -13,5 +13,6 @@ WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2. No PoCs from references. #### Github +- https://github.com/MarioBarbarino/planet.rb - https://github.com/feedreader/planet.rb diff --git a/2019/CVE-2019-16222.md b/2019/CVE-2019-16222.md index f2508b4869..b2c8d3b132 100644 --- a/2019/CVE-2019-16222.md +++ b/2019/CVE-2019-16222.md @@ -13,5 +13,6 @@ WordPress before 5.2.3 has an issue with URL sanitization in wp_kses_bad_protoco No PoCs from references. #### Github +- https://github.com/El-Palomo/DerpNStink - https://github.com/El-Palomo/SYMFONOS diff --git a/2019/CVE-2019-16278.md b/2019/CVE-2019-16278.md index 3f0d8babee..c2e29d87de 100644 --- a/2019/CVE-2019-16278.md +++ b/2019/CVE-2019-16278.md @@ -20,20 +20,29 @@ Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 - https://github.com/AnubisSec/CVE-2019-16278 - https://github.com/CnHack3r/Penetration_PoC - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/Kr0ff/cve-2019-16278 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/NHPT/CVE-2019-16278 - https://github.com/SexyBeast233/SecBooks - https://github.com/YIXINSHUWU/Penetration_Testing_POC +- https://github.com/YeezyTaughtMe1/Traverxec - https://github.com/alphaSeclab/sec-daily-2019 +- https://github.com/darkerego/Nostromo_Python3 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/holmes-py/King-of-the-hill - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc - https://github.com/ianxtianxt/CVE-2019-16278 +- https://github.com/imjdl/CVE-2019-16278-PoC - https://github.com/jas502n/CVE-2019-16278 - https://github.com/jweny/pocassistdb +- https://github.com/keshiba/cve-2019-16278 - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/sobinge/nuclei-templates +- https://github.com/theRealFr13nd/CVE-2019-16278-Nostromo_1.9.6-RCE +- https://github.com/ugur-ercan/exploit-collection - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/yedada-wei/- diff --git a/2019/CVE-2019-16279.md b/2019/CVE-2019-16279.md index d8f7a29b58..d488e6a3eb 100644 --- a/2019/CVE-2019-16279.md +++ b/2019/CVE-2019-16279.md @@ -24,6 +24,7 @@ No PoCs from references. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/ianxtianxt/CVE-2019-16279 - https://github.com/jas502n/CVE-2019-16278 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/yedada-wei/- diff --git a/2019/CVE-2019-16309.md b/2019/CVE-2019-16309.md index 203e335891..94d56070cb 100644 --- a/2019/CVE-2019-16309.md +++ b/2019/CVE-2019-16309.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/CnHack3r/Penetration_PoC - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/YIXINSHUWU/Penetration_Testing_POC +- https://github.com/chalern/Pentest-Tools - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc diff --git a/2019/CVE-2019-16313.md b/2019/CVE-2019-16313.md index 1be6c7c470..e8ca4f6e72 100644 --- a/2019/CVE-2019-16313.md +++ b/2019/CVE-2019-16313.md @@ -20,9 +20,11 @@ No PoCs from references. - https://github.com/SexyBeast233/SecBooks - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/bigblackhat/oFx +- https://github.com/chalern/Pentest-Tools - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/tdtc7/qps - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/yedada-wei/- diff --git a/2019/CVE-2019-16314.md b/2019/CVE-2019-16314.md index 9577e5075a..29a6784f1a 100644 --- a/2019/CVE-2019-16314.md +++ b/2019/CVE-2019-16314.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/CnHack3r/Penetration_PoC - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/YIXINSHUWU/Penetration_Testing_POC +- https://github.com/chalern/Pentest-Tools - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc diff --git a/2019/CVE-2019-16335.md b/2019/CVE-2019-16335.md index b1c385ba31..6676787b10 100644 --- a/2019/CVE-2019-16335.md +++ b/2019/CVE-2019-16335.md @@ -13,5 +13,7 @@ A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2 No PoCs from references. #### Github +- https://github.com/ilmari666/cybsec - https://github.com/kiwitcms/junit-plugin +- https://github.com/yahoo/cubed diff --git a/2019/CVE-2019-16394.md b/2019/CVE-2019-16394.md index 0c939c7d7d..aed06dbdcb 100644 --- a/2019/CVE-2019-16394.md +++ b/2019/CVE-2019-16394.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/trungnd51/Silent_CVE_2019_16394 diff --git a/2019/CVE-2019-16405.md b/2019/CVE-2019-16405.md index 5146aaa0ea..9e53318509 100644 --- a/2019/CVE-2019-16405.md +++ b/2019/CVE-2019-16405.md @@ -14,6 +14,7 @@ Centreon Web before 2.8.30, 18.10.x before 18.10.8, 19.04.x before 19.04.5 and 1 #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/TheCyberGeek/CVE-2019-16405.rb - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-16531.md b/2019/CVE-2019-16531.md index ae766b4c5e..dc463e1df3 100644 --- a/2019/CVE-2019-16531.md +++ b/2019/CVE-2019-16531.md @@ -13,5 +13,5 @@ LayerBB before 1.1.4 has multiple CSRF issues, as demonstrated by changing the S - http://packetstormsecurity.com/files/154549/LayerBB-1.1.3-Cross-Site-Request-Forgery.html #### Github -No PoCs found on GitHub currently. +- https://github.com/0xB9/LayerBB-1.1.3-CSRF diff --git a/2019/CVE-2019-16662.md b/2019/CVE-2019-16662.md index 33d6d1e09f..a41a0745ab 100644 --- a/2019/CVE-2019-16662.md +++ b/2019/CVE-2019-16662.md @@ -18,9 +18,12 @@ An issue was discovered in rConfig 3.9.2. An attacker can directly execute syste - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/SexyBeast233/SecBooks +- https://github.com/TheCyberGeek/CVE-2019-19268 - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/mhaskar/CVE-2019-16662 +- https://github.com/mhaskar/CVE-2019-16663 - https://github.com/sobinge/nuclei-templates +- https://github.com/ugur-ercan/exploit-collection diff --git a/2019/CVE-2019-16663.md b/2019/CVE-2019-16663.md index 897bfedb31..7ec329b775 100644 --- a/2019/CVE-2019-16663.md +++ b/2019/CVE-2019-16663.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/0ps/pocassistdb - https://github.com/0xT11/CVE-POC - https://github.com/SexyBeast233/SecBooks +- https://github.com/TheCyberGeek/CVE-2019-19268 - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-16724.md b/2019/CVE-2019-16724.md index 90aa530631..b676ec0762 100644 --- a/2019/CVE-2019-16724.md +++ b/2019/CVE-2019-16724.md @@ -17,6 +17,7 @@ File Sharing Wizard 1.5.0 allows a remote attacker to obtain arbitrary code exec #### Github - https://github.com/0xhuesca/CVE-2019-18655 - https://github.com/FULLSHADE/OSCE +- https://github.com/GihanJ/Structured-Exception-Handling-SEH-Buffer-Overflow - https://github.com/Mrnmap/ShellCode - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2019/CVE-2019-16729.md b/2019/CVE-2019-16729.md new file mode 100644 index 0000000000..7f502235dc --- /dev/null +++ b/2019/CVE-2019-16729.md @@ -0,0 +1,17 @@ +### [CVE-2019-16729](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16729) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +pam-python before 1.0.7-1 has an issue in regard to the default environment variable handling of Python, which could allow for local root escalation in certain PAM setups. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stealth/papyrus + diff --git a/2019/CVE-2019-16759.md b/2019/CVE-2019-16759.md index a45f4fb3f7..fbbc1401c4 100644 --- a/2019/CVE-2019-16759.md +++ b/2019/CVE-2019-16759.md @@ -23,20 +23,32 @@ vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/CnHack3r/Penetration_PoC - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/FarjaalAhmad/CVE-2019-16759 +- https://github.com/M0sterHxck/CVE-2019-16759-Vbulletin-rce-exploit - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/amcai/myscan +- https://github.com/andripwn/pwn-vbulletin +- https://github.com/ardzz/vbulletin-bot +- https://github.com/chalern/Pentest-Tools - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/huyanshuhan/NekoBotV1 - https://github.com/jas502n/CVE-2019-16759 +- https://github.com/mas1337/CVE-2019-16759 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/p0megranate/makura +- https://github.com/psychoxploit/vbull - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/r00tpgp/http-vuln-CVE-2019-16759 - https://github.com/sobinge/nuclei-templates +- https://github.com/theLSA/vbulletin5-rce +- https://github.com/ugur-ercan/exploit-collection - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/yedada-wei/- diff --git a/2019/CVE-2019-16769.md b/2019/CVE-2019-16769.md index 015fa98f46..bb65948a43 100644 --- a/2019/CVE-2019-16769.md +++ b/2019/CVE-2019-16769.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/ossf-cve-benchmark/CVE-2019-16769 +- https://github.com/ray-tracer96024/Unintentionally-Vulnerable-Hotel-Management-Website diff --git a/2019/CVE-2019-16773.md b/2019/CVE-2019-16773.md index 4ec6debf9f..6283d78848 100644 --- a/2019/CVE-2019-16773.md +++ b/2019/CVE-2019-16773.md @@ -13,6 +13,7 @@ No PoCs from references. #### Github +- https://github.com/El-Palomo/DerpNStink - https://github.com/El-Palomo/SYMFONOS - https://github.com/SexyBeast233/SecBooks diff --git a/2019/CVE-2019-16780.md b/2019/CVE-2019-16780.md index a2456251ae..256da4ec11 100644 --- a/2019/CVE-2019-16780.md +++ b/2019/CVE-2019-16780.md @@ -13,5 +13,6 @@ WordPress users with lower privileges (like contributors) can inject JavaScript - https://wpvulndb.com/vulnerabilities/9976 #### Github +- https://github.com/El-Palomo/DerpNStink - https://github.com/El-Palomo/SYMFONOS diff --git a/2019/CVE-2019-16781.md b/2019/CVE-2019-16781.md index 52369532a6..625e4bd659 100644 --- a/2019/CVE-2019-16781.md +++ b/2019/CVE-2019-16781.md @@ -13,5 +13,6 @@ In WordPress before 5.3.1, authenticated users with lower privileges (like contr - https://wpvulndb.com/vulnerabilities/9976 #### Github +- https://github.com/El-Palomo/DerpNStink - https://github.com/El-Palomo/SYMFONOS diff --git a/2019/CVE-2019-16784.md b/2019/CVE-2019-16784.md index 48f260432e..a35565c2cf 100644 --- a/2019/CVE-2019-16784.md +++ b/2019/CVE-2019-16784.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/AlterSolutions/PyInstallerPrivEsc - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-16788.md b/2019/CVE-2019-16788.md index b355c1d759..f558bd7f1e 100644 --- a/2019/CVE-2019-16788.md +++ b/2019/CVE-2019-16788.md @@ -13,5 +13,6 @@ No PoCs from references. #### Github +- https://github.com/El-Palomo/DerpNStink - https://github.com/El-Palomo/SYMFONOS diff --git a/2019/CVE-2019-16884.md b/2019/CVE-2019-16884.md index 32949f7fbc..80a4d98973 100644 --- a/2019/CVE-2019-16884.md +++ b/2019/CVE-2019-16884.md @@ -15,5 +15,6 @@ No PoCs from references. #### Github - https://github.com/Metarget/awesome-cloud-native-security - https://github.com/Metarget/metarget +- https://github.com/PRISHIta123/Securing_Open_Source_Components_on_Containers - https://github.com/ssst0n3/docker_archive diff --git a/2019/CVE-2019-16889.md b/2019/CVE-2019-16889.md index b19b5783fb..22c916b483 100644 --- a/2019/CVE-2019-16889.md +++ b/2019/CVE-2019-16889.md @@ -15,5 +15,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/grampae/meep +- https://github.com/grampae/meep2 - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-16902.md b/2019/CVE-2019-16902.md new file mode 100644 index 0000000000..0b4dcc9c62 --- /dev/null +++ b/2019/CVE-2019-16902.md @@ -0,0 +1,17 @@ +### [CVE-2019-16902](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16902) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In the ARforms plugin 3.7.1 for WordPress, arf_delete_file in arformcontroller.php allows unauthenticated deletion of an arbitrary file by supplying the full pathname. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Almorabea/Arforms-Exploit + diff --git a/2019/CVE-2019-16941.md b/2019/CVE-2019-16941.md index 657f62e761..7aead11e68 100644 --- a/2019/CVE-2019-16941.md +++ b/2019/CVE-2019-16941.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/geeksniper/reverse-engineering-toolkit - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/purpleracc00n/CVE-2019-16941 diff --git a/2019/CVE-2019-16942.md b/2019/CVE-2019-16942.md index d6a0720e83..c2c0e51aac 100644 --- a/2019/CVE-2019-16942.md +++ b/2019/CVE-2019-16942.md @@ -13,5 +13,8 @@ A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 th No PoCs from references. #### Github +- https://github.com/glambert22/movieManager +- https://github.com/ilmari666/cybsec - https://github.com/kiwitcms/junit-plugin +- https://github.com/yahoo/cubed diff --git a/2019/CVE-2019-16943.md b/2019/CVE-2019-16943.md new file mode 100644 index 0000000000..bab030c588 --- /dev/null +++ b/2019/CVE-2019-16943.md @@ -0,0 +1,18 @@ +### [CVE-2019-16943](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16943) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec +- https://github.com/yahoo/cubed + diff --git a/2019/CVE-2019-17026.md b/2019/CVE-2019-17026.md index 6e2b5987a5..7ff6baecde 100644 --- a/2019/CVE-2019-17026.md +++ b/2019/CVE-2019-17026.md @@ -20,9 +20,11 @@ Incorrect alias information in IonMonkey JIT compiler for setting array elements - https://github.com/0xT11/CVE-POC - https://github.com/HackOvert/awesome-bugs - https://github.com/alphaSeclab/sec-daily-2020 +- https://github.com/cloudrise/lansweeper-reports - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/forrest-orr/DoubleStar - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/maxpl0it/CVE-2019-17026-Exploit - https://github.com/mgaudet/SpiderMonkeyBibliography +- https://github.com/v3nt4n1t0/DetectMozillaFirefoxVulnDomain.ps1 diff --git a/2019/CVE-2019-17043.md b/2019/CVE-2019-17043.md new file mode 100644 index 0000000000..fab026d932 --- /dev/null +++ b/2019/CVE-2019-17043.md @@ -0,0 +1,17 @@ +### [CVE-2019-17043](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17043) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the best1collect.exe SUID binary could allow an attacker to elevate his/her privileges to the ones of the "patrol" user by specially crafting a shared library .so file that will be loaded during execution. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/blogresponder/BMC-Patrol-Agent-local-root-privilege-escalation + diff --git a/2019/CVE-2019-17044.md b/2019/CVE-2019-17044.md new file mode 100644 index 0000000000..b801fe6259 --- /dev/null +++ b/2019/CVE-2019-17044.md @@ -0,0 +1,17 @@ +### [CVE-2019-17044](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17044) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the PatrolAgent SUID binary could allow an attacker with "patrol" privileges to elevate his/her privileges to the ones of the "root" user by specially crafting a shared library .so file that will be loaded during execution. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/blogresponder/BMC-Patrol-Agent-local-root-privilege-escalation + diff --git a/2019/CVE-2019-17059.md b/2019/CVE-2019-17059.md index 7b08f5a443..bfc29aa12a 100644 --- a/2019/CVE-2019-17059.md +++ b/2019/CVE-2019-17059.md @@ -14,4 +14,5 @@ A shell injection vulnerability on the Sophos Cyberoam firewall appliance with C #### Github - https://github.com/alphaSeclab/sec-daily-2019 +- https://github.com/pengusec/awesome-netsec-articles diff --git a/2019/CVE-2019-17080.md b/2019/CVE-2019-17080.md index 37a8fbdf09..88e979182a 100644 --- a/2019/CVE-2019-17080.md +++ b/2019/CVE-2019-17080.md @@ -14,7 +14,9 @@ mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code execution if #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/Andhrimnirr/Mintinstall-object-injection - https://github.com/SexyBeast233/SecBooks - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/materaj2/Mintinstall-object-injection diff --git a/2019/CVE-2019-17124.md b/2019/CVE-2019-17124.md index afb582b243..e31c1247aa 100644 --- a/2019/CVE-2019-17124.md +++ b/2019/CVE-2019-17124.md @@ -16,4 +16,5 @@ Kramer VIAware 2.5.0719.1034 has Incorrect Access Control. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hessandrew/CVE-2019-17124 diff --git a/2019/CVE-2019-17195.md b/2019/CVE-2019-17195.md index 012391a7b6..1550af2320 100644 --- a/2019/CVE-2019-17195.md +++ b/2019/CVE-2019-17195.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/somatrasss/weblogic2021 +- https://github.com/yahoo/cubed diff --git a/2019/CVE-2019-17221.md b/2019/CVE-2019-17221.md index 58e5042955..11ac583a10 100644 --- a/2019/CVE-2019-17221.md +++ b/2019/CVE-2019-17221.md @@ -15,5 +15,6 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/h4ckologic/CVE-2019-17221 - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-17234.md b/2019/CVE-2019-17234.md index ca92ca5125..9cbbcc3215 100644 --- a/2019/CVE-2019-17234.md +++ b/2019/CVE-2019-17234.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/administra1tor/CVE-2019-17234b-Exploit - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-17240.md b/2019/CVE-2019-17240.md index 5149d91691..897d6e61fc 100644 --- a/2019/CVE-2019-17240.md +++ b/2019/CVE-2019-17240.md @@ -17,10 +17,12 @@ bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute- #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/CasperGN/tooling - https://github.com/LucaReggiannini/LDS - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/noraj/Bludit-auth-BF-bypass - https://github.com/pwnd-root/exploits-and-stuff - https://github.com/tobor88/Python3-Tools diff --git a/2019/CVE-2019-17241.md b/2019/CVE-2019-17241.md new file mode 100644 index 0000000000..e1daf3b274 --- /dev/null +++ b/2019/CVE-2019-17241.md @@ -0,0 +1,17 @@ +### [CVE-2019-17241](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17241) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000d563. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17242.md b/2019/CVE-2019-17242.md new file mode 100644 index 0000000000..a96583174f --- /dev/null +++ b/2019/CVE-2019-17242.md @@ -0,0 +1,17 @@ +### [CVE-2019-17242](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17242) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000966f. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17243.md b/2019/CVE-2019-17243.md new file mode 100644 index 0000000000..31212a6f79 --- /dev/null +++ b/2019/CVE-2019-17243.md @@ -0,0 +1,17 @@ +### [CVE-2019-17243](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17243) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000003155. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17244.md b/2019/CVE-2019-17244.md new file mode 100644 index 0000000000..96ea8b7e2f --- /dev/null +++ b/2019/CVE-2019-17244.md @@ -0,0 +1,17 @@ +### [CVE-2019-17244](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17244) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000001d8a. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17245.md b/2019/CVE-2019-17245.md new file mode 100644 index 0000000000..73052f2b7e --- /dev/null +++ b/2019/CVE-2019-17245.md @@ -0,0 +1,17 @@ +### [CVE-2019-17245](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17245) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x0000000000004359. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17246.md b/2019/CVE-2019-17246.md new file mode 100644 index 0000000000..d0f28774e8 --- /dev/null +++ b/2019/CVE-2019-17246.md @@ -0,0 +1,17 @@ +### [CVE-2019-17246](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17246) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000258c. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17247.md b/2019/CVE-2019-17247.md new file mode 100644 index 0000000000..0993ed8c3b --- /dev/null +++ b/2019/CVE-2019-17247.md @@ -0,0 +1,17 @@ +### [CVE-2019-17247](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17247) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x0000000000007da8. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17248.md b/2019/CVE-2019-17248.md new file mode 100644 index 0000000000..ba44539036 --- /dev/null +++ b/2019/CVE-2019-17248.md @@ -0,0 +1,17 @@ +### [CVE-2019-17248](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17248) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x00000000000025b6. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17249.md b/2019/CVE-2019-17249.md new file mode 100644 index 0000000000..d6ea34f900 --- /dev/null +++ b/2019/CVE-2019-17249.md @@ -0,0 +1,17 @@ +### [CVE-2019-17249](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17249) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000d57b. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17250.md b/2019/CVE-2019-17250.md new file mode 100644 index 0000000000..77bdf81668 --- /dev/null +++ b/2019/CVE-2019-17250.md @@ -0,0 +1,17 @@ +### [CVE-2019-17250](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17250) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x00000000000042f5. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17251.md b/2019/CVE-2019-17251.md new file mode 100644 index 0000000000..87616fbe24 --- /dev/null +++ b/2019/CVE-2019-17251.md @@ -0,0 +1,17 @@ +### [CVE-2019-17251](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17251) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +IrfanView 4.53 allows a User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d43. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17252.md b/2019/CVE-2019-17252.md new file mode 100644 index 0000000000..400d1dc4cb --- /dev/null +++ b/2019/CVE-2019-17252.md @@ -0,0 +1,17 @@ +### [CVE-2019-17252](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17252) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +IrfanView 4.53 allows a User Mode Write AV starting at FORMATS!Read_BadPNG+0x0000000000000115. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17253.md b/2019/CVE-2019-17253.md new file mode 100644 index 0000000000..cd3f8676da --- /dev/null +++ b/2019/CVE-2019-17253.md @@ -0,0 +1,17 @@ +### [CVE-2019-17253](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17253) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +IrfanView 4.53 allows a User Mode Write AV starting at JPEG_LS+0x000000000000a6b8. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17254.md b/2019/CVE-2019-17254.md new file mode 100644 index 0000000000..756a4ab7cd --- /dev/null +++ b/2019/CVE-2019-17254.md @@ -0,0 +1,17 @@ +### [CVE-2019-17254](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17254) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at FORMATS!Read_BadPNG+0x0000000000000101. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17255.md b/2019/CVE-2019-17255.md new file mode 100644 index 0000000000..231063ccab --- /dev/null +++ b/2019/CVE-2019-17255.md @@ -0,0 +1,17 @@ +### [CVE-2019-17255](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17255) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +IrfanView 4.53 allows a User Mode Write AV starting at EXR!ReadEXR+0x0000000000010836. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17256.md b/2019/CVE-2019-17256.md new file mode 100644 index 0000000000..fee0cfe998 --- /dev/null +++ b/2019/CVE-2019-17256.md @@ -0,0 +1,17 @@ +### [CVE-2019-17256](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17256) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +IrfanView 4.53 allows a User Mode Write AV starting at DPX!ReadDPX_W+0x0000000000001203. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17257.md b/2019/CVE-2019-17257.md new file mode 100644 index 0000000000..5608281582 --- /dev/null +++ b/2019/CVE-2019-17257.md @@ -0,0 +1,17 @@ +### [CVE-2019-17257](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17257) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +IrfanView 4.53 allows a Exception Handler Chain to be Corrupted starting at EXR!ReadEXR+0x000000000002af80. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17258.md b/2019/CVE-2019-17258.md new file mode 100644 index 0000000000..05e56b6856 --- /dev/null +++ b/2019/CVE-2019-17258.md @@ -0,0 +1,17 @@ +### [CVE-2019-17258](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17258) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x000000000000839c. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17259.md b/2019/CVE-2019-17259.md new file mode 100644 index 0000000000..1474743370 --- /dev/null +++ b/2019/CVE-2019-17259.md @@ -0,0 +1,17 @@ +### [CVE-2019-17259](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17259) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +KMPlayer 4.2.2.31 allows a User Mode Write AV starting at utils!src_new+0x000000000014d6ee. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17260.md b/2019/CVE-2019-17260.md new file mode 100644 index 0000000000..12eede1507 --- /dev/null +++ b/2019/CVE-2019-17260.md @@ -0,0 +1,17 @@ +### [CVE-2019-17260](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17260) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +MPC-HC through 1.7.13 allows a Read Access Violation on a Block Data Move starting at mpc_hc!memcpy+0x000000000000004e. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17261.md b/2019/CVE-2019-17261.md new file mode 100644 index 0000000000..c051f21e7d --- /dev/null +++ b/2019/CVE-2019-17261.md @@ -0,0 +1,17 @@ +### [CVE-2019-17261](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17261) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0000000000001e51. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17262.md b/2019/CVE-2019-17262.md new file mode 100644 index 0000000000..3d4ec1b666 --- /dev/null +++ b/2019/CVE-2019-17262.md @@ -0,0 +1,17 @@ +### [CVE-2019-17262](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17262) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0000000000001fc0. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/linhlhq/research + diff --git a/2019/CVE-2019-17267.md b/2019/CVE-2019-17267.md new file mode 100644 index 0000000000..1425b159ad --- /dev/null +++ b/2019/CVE-2019-17267.md @@ -0,0 +1,18 @@ +### [CVE-2019-17267](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17267) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ilmari666/cybsec +- https://github.com/yahoo/cubed + diff --git a/2019/CVE-2019-17367.md b/2019/CVE-2019-17367.md new file mode 100644 index 0000000000..fb0370f686 --- /dev/null +++ b/2019/CVE-2019-17367.md @@ -0,0 +1,17 @@ +### [CVE-2019-17367](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17367) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +OpenWRT firmware version 18.06.4 is vulnerable to CSRF via wireless/radio0.network1, wireless/radio1.network1, firewall, firewall/zones, firewall/forwards, firewall/rules, network/wan, network/wan6, or network/lan under /cgi-bin/luci/admin/network/. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/paragmhatre10/OpenWrt-vulnerabilities + diff --git a/2019/CVE-2019-17372.md b/2019/CVE-2019-17372.md index 9496936296..57b57ef758 100644 --- a/2019/CVE-2019-17372.md +++ b/2019/CVE-2019-17372.md @@ -13,5 +13,5 @@ Certain NETGEAR devices allow remote attackers to disable all authentication req - https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.md #### Github -No PoCs found on GitHub currently. +- https://github.com/zer0yu/CVE_Request diff --git a/2019/CVE-2019-17373.md b/2019/CVE-2019-17373.md index cabd267767..cfe6d32355 100644 --- a/2019/CVE-2019-17373.md +++ b/2019/CVE-2019-17373.md @@ -13,5 +13,5 @@ Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm p - https://github.com/zer0yu/CVE_Request/blob/master/netgear/Netgear_web_interface_exists_authentication_bypass.md #### Github -No PoCs found on GitHub currently. +- https://github.com/zer0yu/CVE_Request diff --git a/2019/CVE-2019-17408.md b/2019/CVE-2019-17408.md index 482e0b6a31..d1e81e6c1c 100644 --- a/2019/CVE-2019-17408.md +++ b/2019/CVE-2019-17408.md @@ -13,5 +13,5 @@ parserIfLabel in inc/zzz_template.php in ZZZCMS zzzphp 1.7.3 allows remote attac - https://github.com/Tardis07/CVE_GO/blob/master/zzzphp_code_execution_v1.7.3.md #### Github -No PoCs found on GitHub currently. +- https://github.com/Tardis07/CVE_GO diff --git a/2019/CVE-2019-17424.md b/2019/CVE-2019-17424.md index 6f41934070..b100cc5bb1 100644 --- a/2019/CVE-2019-17424.md +++ b/2019/CVE-2019-17424.md @@ -19,6 +19,7 @@ A stack-based buffer overflow in the processPrivilage() function in IOS/process- - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/guywhataguy/CVE-2019-17424 - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/huike007/penetration_poc diff --git a/2019/CVE-2019-17427.md b/2019/CVE-2019-17427.md index b50c4e6b0d..5cf10a2968 100644 --- a/2019/CVE-2019-17427.md +++ b/2019/CVE-2019-17427.md @@ -14,6 +14,7 @@ In Redmine before 3.4.11 and 4.0.x before 4.0.4, persistent XSS exists due to te #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/RealLinkers/CVE-2019-17427 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-17495.md b/2019/CVE-2019-17495.md index ae6b6a644f..b623753bba 100644 --- a/2019/CVE-2019-17495.md +++ b/2019/CVE-2019-17495.md @@ -14,6 +14,7 @@ A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23 #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/SecT0uch/CVE-2019-17495-test - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2019/CVE-2019-17525.md b/2019/CVE-2019-17525.md index 51b4f5b1e1..5e538a9231 100644 --- a/2019/CVE-2019-17525.md +++ b/2019/CVE-2019-17525.md @@ -16,4 +16,5 @@ The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to byp - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/huzaifahussain98/CVE-2019-17525 diff --git a/2019/CVE-2019-17531.md b/2019/CVE-2019-17531.md index a54dbe260d..707f1675bf 100644 --- a/2019/CVE-2019-17531.md +++ b/2019/CVE-2019-17531.md @@ -15,5 +15,7 @@ No PoCs from references. #### Github - https://github.com/dotanuki-labs/android-oss-cves-research - https://github.com/gredler/aegis4j +- https://github.com/ilmari666/cybsec - https://github.com/tomtom-international/goji-http-client +- https://github.com/yahoo/cubed diff --git a/2019/CVE-2019-17532.md b/2019/CVE-2019-17532.md new file mode 100644 index 0000000000..8d35a6238c --- /dev/null +++ b/2019/CVE-2019-17532.md @@ -0,0 +1,17 @@ +### [CVE-2019-17532](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17532) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered on Belkin Wemo Switch 28B WW_2.00.11057.PVT-OWRT-SNS devices. They allow remote attackers to cause a denial of service (persistent rules-processing outage) via a crafted ruleDbBody element in a StoreRules request to the upnp/control/rules1 URI, because database corruption occurs. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/badnack/wemo_dos + diff --git a/2019/CVE-2019-17541.md b/2019/CVE-2019-17541.md index 9520c6cb3a..cb47683c1a 100644 --- a/2019/CVE-2019-17541.md +++ b/2019/CVE-2019-17541.md @@ -13,5 +13,5 @@ ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickC - https://github.com/ImageMagick/ImageMagick/issues/1641 #### Github -No PoCs found on GitHub currently. +- https://github.com/007Alice/crashes diff --git a/2019/CVE-2019-17545.md b/2019/CVE-2019-17545.md new file mode 100644 index 0000000000..e053f86715 --- /dev/null +++ b/2019/CVE-2019-17545.md @@ -0,0 +1,17 @@ +### [CVE-2019-17545](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17545) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/deepakdba/cve_checklist + diff --git a/2019/CVE-2019-17549.md b/2019/CVE-2019-17549.md new file mode 100644 index 0000000000..e7f031a022 --- /dev/null +++ b/2019/CVE-2019-17549.md @@ -0,0 +1,18 @@ +### [CVE-2019-17549](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17549) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +ESET Cyber Security before 6.8.1.0 is vulnerable to a denial-of-service allowing any user to stop (kill) ESET processes. An attacker can abuse this bug to stop the protection from ESET and launch his attack. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/U-Mark-CYR3CON/CYR3CON_Demo +- https://github.com/cyr3con-ai/cyRating-check-action + diff --git a/2019/CVE-2019-17558.md b/2019/CVE-2019-17558.md index 68c429f76a..cbed2c41e8 100644 --- a/2019/CVE-2019-17558.md +++ b/2019/CVE-2019-17558.md @@ -26,6 +26,7 @@ Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/huike007/penetration_poc - https://github.com/koala2099/GitHub-Chinese-Top-Charts +- https://github.com/neilzhang1/Chinese-Charts - https://github.com/pinkieli/GitHub-Chinese-Top-Charts - https://github.com/qingyuanfeiniao/Chinese-Top-Charts - https://github.com/sobinge/nuclei-templates diff --git a/2019/CVE-2019-17564.md b/2019/CVE-2019-17564.md index 032491c897..7bae01f16c 100644 --- a/2019/CVE-2019-17564.md +++ b/2019/CVE-2019-17564.md @@ -15,18 +15,26 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC - https://github.com/CnHack3r/Penetration_PoC +- https://github.com/Dor-Tumarkin/CVE-2019-17564-FastJson-Gadget +- https://github.com/Exploit-3389/CVE-2019-17564 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet +- https://github.com/Hu3sky/CVE-2019-17564 +- https://github.com/Jaky5155/CVE-2019-17564 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/SexyBeast233/SecBooks - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/fairyming/CVE-2019-17564 - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection +- https://github.com/lz2y/DubboPOC - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/r00t4dm/CVE-2019-17564 - https://github.com/tdtc7/qps - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2019/CVE-2019-17567.md b/2019/CVE-2019-17567.md new file mode 100644 index 0000000000..2fd7854bd5 --- /dev/null +++ b/2019/CVE-2019-17567.md @@ -0,0 +1,17 @@ +### [CVE-2019-17567](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17567) +![](https://img.shields.io/static/v1?label=Product&message=Apache%20HTTP%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=2.4%3D%202.4.46%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=mod_proxy_wstunnel%20tunneling%20of%20non%20Upgraded%20connections&color=brighgreen) + +### Description + +Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network + diff --git a/2019/CVE-2019-17570.md b/2019/CVE-2019-17570.md index 4c7c17a137..30b55990f2 100644 --- a/2019/CVE-2019-17570.md +++ b/2019/CVE-2019-17570.md @@ -18,4 +18,5 @@ An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcRes - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/fbeasts/xmlrpc-common-deserialization - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/r00t4dm/CVE-2019-17570 diff --git a/2019/CVE-2019-17571.md b/2019/CVE-2019-17571.md index 5e16c8c49d..7714e42e4f 100644 --- a/2019/CVE-2019-17571.md +++ b/2019/CVE-2019-17571.md @@ -37,7 +37,9 @@ No PoCs from references. - https://github.com/marklogic/marklogic-contentpump - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/shadow-horse/CVE-2019-17571 - https://github.com/thl-cmk/CVE-log4j-check_mk-plugin - https://github.com/woods-sega/woodswiki - https://github.com/x-f1v3/Vulnerability_Environment +- https://github.com/yahoo/cubed diff --git a/2019/CVE-2019-1759.md b/2019/CVE-2019-1759.md index 601c7ed746..f631d2e707 100644 --- a/2019/CVE-2019-1759.md +++ b/2019/CVE-2019-1759.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/r3m0t3nu11/CVE-2019-1759-csrf-js-rce diff --git a/2019/CVE-2019-17596.md b/2019/CVE-2019-17596.md index 905b44a26f..6b47ee161e 100644 --- a/2019/CVE-2019-17596.md +++ b/2019/CVE-2019-17596.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/pquerna/poc-dsa-verify-CVE-2019-17596 diff --git a/2019/CVE-2019-17621.md b/2019/CVE-2019-17621.md index ece4adab43..7b55708ba0 100644 --- a/2019/CVE-2019-17621.md +++ b/2019/CVE-2019-17621.md @@ -19,10 +19,12 @@ The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/YIXINSHUWU/Penetration_Testing_POC +- https://github.com/firmianay/IoT-vulhub - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc - https://github.com/s1kr10s/D-Link-DIR-859-RCE +- https://github.com/secenv/GoInputProxy - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/yedada-wei/- - https://github.com/yedada-wei/gongkaishouji diff --git a/2019/CVE-2019-17626.md b/2019/CVE-2019-17626.md new file mode 100644 index 0000000000..7d7af6fc81 --- /dev/null +++ b/2019/CVE-2019-17626.md @@ -0,0 +1,17 @@ +### [CVE-2019-17626](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17626) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '::EnsureCapacity in Core - https://github.com/axiomatic-systems/Bento4/issues/354 #### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark - https://github.com/wcventure/MemLock-Fuzz diff --git a/2019/CVE-2019-7813.md b/2019/CVE-2019-7813.md new file mode 100644 index 0000000000..631df21d55 --- /dev/null +++ b/2019/CVE-2019-7813.md @@ -0,0 +1,17 @@ +### [CVE-2019-7813](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7813) +![](https://img.shields.io/static/v1?label=Product&message=Adobe%20Acrobat%20and%20Reader&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Out-of-Bounds%20Read%E2%80%AF&color=brighgreen) + +### Description + +Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/SkyBulk/RealWorldPwn + diff --git a/2019/CVE-2019-8038.md b/2019/CVE-2019-8038.md new file mode 100644 index 0000000000..8411a1d427 --- /dev/null +++ b/2019/CVE-2019-8038.md @@ -0,0 +1,17 @@ +### [CVE-2019-8038](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8038) +![](https://img.shields.io/static/v1?label=Product&message=Adobe%20Acrobat%20and%20Reader&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20After%20Free%20%20%20&color=brighgreen) + +### Description + +Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fengjixuchui/pdf + diff --git a/2019/CVE-2019-8039.md b/2019/CVE-2019-8039.md new file mode 100644 index 0000000000..7a72819e11 --- /dev/null +++ b/2019/CVE-2019-8039.md @@ -0,0 +1,17 @@ +### [CVE-2019-8039](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8039) +![](https://img.shields.io/static/v1?label=Product&message=Adobe%20Acrobat%20and%20Reader&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20After%20Free%20%20%20&color=brighgreen) + +### Description + +Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fengjixuchui/pdf + diff --git a/2019/CVE-2019-8312.md b/2019/CVE-2019-8312.md index 62ce8a8852..4b87171bab 100644 --- a/2019/CVE-2019-8312.md +++ b/2019/CVE-2019-8312.md @@ -13,5 +13,6 @@ An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This iss No PoCs from references. #### Github +- https://github.com/E4ck/vuls - https://github.com/raystyle/vuls diff --git a/2019/CVE-2019-8313.md b/2019/CVE-2019-8313.md index 953e05c89f..2a1770b848 100644 --- a/2019/CVE-2019-8313.md +++ b/2019/CVE-2019-8313.md @@ -13,5 +13,6 @@ An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This iss No PoCs from references. #### Github +- https://github.com/E4ck/vuls - https://github.com/raystyle/vuls diff --git a/2019/CVE-2019-8314.md b/2019/CVE-2019-8314.md index 32a2e6036e..60b3ea0438 100644 --- a/2019/CVE-2019-8314.md +++ b/2019/CVE-2019-8314.md @@ -13,5 +13,6 @@ An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This iss No PoCs from references. #### Github +- https://github.com/E4ck/vuls - https://github.com/raystyle/vuls diff --git a/2019/CVE-2019-8315.md b/2019/CVE-2019-8315.md index 2a628527c6..a5c6ce2e2f 100644 --- a/2019/CVE-2019-8315.md +++ b/2019/CVE-2019-8315.md @@ -13,5 +13,6 @@ An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This iss No PoCs from references. #### Github +- https://github.com/E4ck/vuls - https://github.com/raystyle/vuls diff --git a/2019/CVE-2019-8316.md b/2019/CVE-2019-8316.md index 014e1a9278..0201e8dfc7 100644 --- a/2019/CVE-2019-8316.md +++ b/2019/CVE-2019-8316.md @@ -13,5 +13,6 @@ An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This iss No PoCs from references. #### Github +- https://github.com/E4ck/vuls - https://github.com/raystyle/vuls diff --git a/2019/CVE-2019-8317.md b/2019/CVE-2019-8317.md index 895cb8e703..b3191e95c1 100644 --- a/2019/CVE-2019-8317.md +++ b/2019/CVE-2019-8317.md @@ -13,5 +13,6 @@ An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This iss No PoCs from references. #### Github +- https://github.com/E4ck/vuls - https://github.com/raystyle/vuls diff --git a/2019/CVE-2019-8318.md b/2019/CVE-2019-8318.md index a224c61350..f66b7f9ef8 100644 --- a/2019/CVE-2019-8318.md +++ b/2019/CVE-2019-8318.md @@ -13,5 +13,6 @@ An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This iss No PoCs from references. #### Github +- https://github.com/E4ck/vuls - https://github.com/raystyle/vuls diff --git a/2019/CVE-2019-8319.md b/2019/CVE-2019-8319.md index d5a99545f1..b3c41ede10 100644 --- a/2019/CVE-2019-8319.md +++ b/2019/CVE-2019-8319.md @@ -13,5 +13,6 @@ An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This iss No PoCs from references. #### Github +- https://github.com/E4ck/vuls - https://github.com/raystyle/vuls diff --git a/2019/CVE-2019-8331.md b/2019/CVE-2019-8331.md index 9f1a05dd7d..3c66137284 100644 --- a/2019/CVE-2019-8331.md +++ b/2019/CVE-2019-8331.md @@ -15,6 +15,7 @@ In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip - https://seclists.org/bugtraq/2019/May/18 #### Github +- https://github.com/MuDiAhmed/invitation_system - https://github.com/andersoncontreira/http-tunnel-node - https://github.com/pdobb/pronto-bundler_audit diff --git a/2019/CVE-2019-8442.md b/2019/CVE-2019-8442.md index 7cb4ad81ca..f6450d65cb 100644 --- a/2019/CVE-2019-8442.md +++ b/2019/CVE-2019-8442.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/jweny/pocassistdb - https://github.com/sobinge/nuclei-templates +- https://github.com/sushantdhopat/JIRA_testing diff --git a/2019/CVE-2019-8446.md b/2019/CVE-2019-8446.md index fdcfdb200d..b9988431b5 100644 --- a/2019/CVE-2019-8446.md +++ b/2019/CVE-2019-8446.md @@ -15,6 +15,7 @@ The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows rem #### Github - https://github.com/0xT11/CVE-POC - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/CyberTrashPanda/CVE-2019-8446 - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-8449.md b/2019/CVE-2019-8449.md index e77bedb63a..4f1c70c5c9 100644 --- a/2019/CVE-2019-8449.md +++ b/2019/CVE-2019-8449.md @@ -14,6 +14,7 @@ The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allow #### Github - https://github.com/0ps/pocassistdb +- https://github.com/0x48piraj/Jiraffe - https://github.com/0xT11/CVE-POC - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates @@ -23,8 +24,12 @@ The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allow - https://github.com/hackerhackrat/R-poc - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/jweny/pocassistdb +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection +- https://github.com/mufeedvh/CVE-2019-8449 - https://github.com/r0eXpeR/redteam_vul +- https://github.com/r0lh/CVE-2019-8449 - https://github.com/sobinge/nuclei-templates +- https://github.com/sushantdhopat/JIRA_testing - https://github.com/tdtc7/qps - https://github.com/und3sc0n0c1d0/UserEnumJira - https://github.com/woods-sega/woodswiki diff --git a/2019/CVE-2019-8451.md b/2019/CVE-2019-8451.md index b547d807e2..5ddf3b3a33 100644 --- a/2019/CVE-2019-8451.md +++ b/2019/CVE-2019-8451.md @@ -14,7 +14,9 @@ No PoCs from references. #### Github - https://github.com/0ps/pocassistdb +- https://github.com/0x48piraj/Jiraffe - https://github.com/0xT11/CVE-POC +- https://github.com/0xbug/CVE-2019-8451 - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/BitTheByte/Eagle - https://github.com/Elsfa7-110/kenzer-templates @@ -27,12 +29,14 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/h0ffayyy/Jira-CVE-2019-8451 - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/ianxtianxt/CVE-2019-8451 - https://github.com/jas502n/CVE-2019-8451 - https://github.com/jweny/pocassistdb - https://github.com/n1sh1th/CVE-POC - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/r0eXpeR/redteam_vul - https://github.com/sobinge/nuclei-templates +- https://github.com/sushantdhopat/JIRA_testing - https://github.com/woods-sega/woodswiki - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2019/CVE-2019-8457.md b/2019/CVE-2019-8457.md index 34a263f6a3..20a36ea8c3 100644 --- a/2019/CVE-2019-8457.md +++ b/2019/CVE-2019-8457.md @@ -13,5 +13,7 @@ SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound re No PoCs from references. #### Github +- https://github.com/colonelmeow/appsecctf +- https://github.com/jrak1204/overstock_test - https://github.com/revl-ca/scan-docker-image diff --git a/2019/CVE-2019-8513.md b/2019/CVE-2019-8513.md index 970f1fa78e..423c85f9ed 100644 --- a/2019/CVE-2019-8513.md +++ b/2019/CVE-2019-8513.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC - https://github.com/ChiChou/sploits +- https://github.com/ThePirateWhoSmellsOfSunflowers/TheHackerLinks - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/genknife/cve-2019-8513 diff --git a/2019/CVE-2019-8526.md b/2019/CVE-2019-8526.md index 8cb371a905..e7e2a9384c 100644 --- a/2019/CVE-2019-8526.md +++ b/2019/CVE-2019-8526.md @@ -15,5 +15,7 @@ No PoCs from references. #### Github - https://github.com/LinusHenze/Keysteal - https://github.com/TH3-HUNT3R/Root-MacOS +- https://github.com/amanszpapaya/MacPer +- https://github.com/lp008/Hack-readme - https://github.com/thehappydinoa/rootOS diff --git a/2019/CVE-2019-8591.md b/2019/CVE-2019-8591.md index 1c971a175a..1f7402bd83 100644 --- a/2019/CVE-2019-8591.md +++ b/2019/CVE-2019-8591.md @@ -20,6 +20,8 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/WRFan/jailbreak10.3.3 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/jsherman212/used_sock diff --git a/2019/CVE-2019-8601.md b/2019/CVE-2019-8601.md index 95ff0dbf0a..a99759decf 100644 --- a/2019/CVE-2019-8601.md +++ b/2019/CVE-2019-8601.md @@ -26,6 +26,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/BadAccess11/CVE-2019-8601 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-8605.md b/2019/CVE-2019-8605.md index bc16617a38..d4d652acc0 100644 --- a/2019/CVE-2019-8605.md +++ b/2019/CVE-2019-8605.md @@ -19,7 +19,9 @@ A use after free issue was addressed with improved memory management. This issue No PoCs from references. #### Github +- https://github.com/WRFan/jailbreak10.3.3 - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/houjingyi233/macOS-iOS-system-security +- https://github.com/jsherman212/used_sock diff --git a/2019/CVE-2019-8641.md b/2019/CVE-2019-8641.md index 87221f3252..bb0a909397 100644 --- a/2019/CVE-2019-8641.md +++ b/2019/CVE-2019-8641.md @@ -30,4 +30,5 @@ No PoCs from references. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nitishbadole/PENTESTING-BIBLE - https://github.com/phant0n/PENTESTING-BIBLE +- https://github.com/satan1a/awesome-ios-security-cn diff --git a/2019/CVE-2019-8646.md b/2019/CVE-2019-8646.md index 56a45bcb0f..dc951d425d 100644 --- a/2019/CVE-2019-8646.md +++ b/2019/CVE-2019-8646.md @@ -20,5 +20,6 @@ No PoCs from references. #### Github - https://github.com/Siguza/ios-resources +- https://github.com/TinToSer/ios-RCE-Vulnerability - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-8647.md b/2019/CVE-2019-8647.md new file mode 100644 index 0000000000..b617a23df7 --- /dev/null +++ b/2019/CVE-2019-8647.md @@ -0,0 +1,21 @@ +### [CVE-2019-8647](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8647) +![](https://img.shields.io/static/v1?label=Product&message=iOS&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=tvOS&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=watchOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%20iOS%2012.4%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%20tvOS%2012.4%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%20watchOS%205.3%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=A%20remote%20attacker%20may%20be%20able%20to%20cause%20arbitrary%20code%20execution&color=brighgreen) + +### Description + +A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.4, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause arbitrary code execution. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/TinToSer/ios-RCE-Vulnerability + diff --git a/2019/CVE-2019-8660.md b/2019/CVE-2019-8660.md new file mode 100644 index 0000000000..ccdb373f7c --- /dev/null +++ b/2019/CVE-2019-8660.md @@ -0,0 +1,23 @@ +### [CVE-2019-8660](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8660) +![](https://img.shields.io/static/v1?label=Product&message=iOS&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=macOS&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=tvOS&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=watchOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%20iOS%2012.4%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%20macOS%20Mojave%2010.14.6%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%20tvOS%2012.4%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%20watchOS%205.3%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=A%20remote%20attacker%20may%20be%20able%20to%20cause%20unexpected%20application%20termination%20or%20arbitrary%20code%20execution&color=brighgreen) + +### Description + +A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/TinToSer/ios-RCE-Vulnerability + diff --git a/2019/CVE-2019-8662.md b/2019/CVE-2019-8662.md new file mode 100644 index 0000000000..205b43be8f --- /dev/null +++ b/2019/CVE-2019-8662.md @@ -0,0 +1,23 @@ +### [CVE-2019-8662](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8662) +![](https://img.shields.io/static/v1?label=Product&message=iOS&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=macOS&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=tvOS&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=watchOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%20iOS%2012.4%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%20macOS%20Mojave%2010.14.6%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%20tvOS%2012.4%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%20watchOS%205.3%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=An%20attacker%20may%20be%20able%20to%20trigger%20a%20use-after-free%20in%20an%20application%20deserializing%20an%20untrusted%20NSDictionary&color=brighgreen) + +### Description + +This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/TinToSer/ios-RCE-Vulnerability + diff --git a/2019/CVE-2019-8781.md b/2019/CVE-2019-8781.md index 626bba472c..1e747a4343 100644 --- a/2019/CVE-2019-8781.md +++ b/2019/CVE-2019-8781.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC - https://github.com/A2nkF/macOS-Kernel-Exploit +- https://github.com/TrungNguyen1909/CVE-2019-8781-macOS - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-8802.md b/2019/CVE-2019-8802.md new file mode 100644 index 0000000000..65551353d2 --- /dev/null +++ b/2019/CVE-2019-8802.md @@ -0,0 +1,17 @@ +### [CVE-2019-8802](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8802) +![](https://img.shields.io/static/v1?label=Product&message=macOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%20macOS%20Catalina%2010.15.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=A%20malicious%20application%20may%20be%20able%20to%20gain%20root%20privileges&color=brighgreen) + +### Description + +A validation issue was addressed with improved logic. This issue is fixed in macOS Catalina 10.15.1. A malicious application may be able to gain root privileges. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/V0lk3n/OSMR-CheatSheet + diff --git a/2019/CVE-2019-8805.md b/2019/CVE-2019-8805.md new file mode 100644 index 0000000000..720a4738a9 --- /dev/null +++ b/2019/CVE-2019-8805.md @@ -0,0 +1,17 @@ +### [CVE-2019-8805](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8805) +![](https://img.shields.io/static/v1?label=Product&message=macOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%20macOS%20Catalina%2010.15.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=An%20application%20may%20be%20able%20to%20execute%20arbitrary%20code%20with%20system%20privileges&color=brighgreen) + +### Description + +A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Catalina 10.15.1. An application may be able to execute arbitrary code with system privileges. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/V0lk3n/OSMR-CheatSheet + diff --git a/2019/CVE-2019-8936.md b/2019/CVE-2019-8936.md index cece6f3b66..7c48be0e3c 100644 --- a/2019/CVE-2019-8936.md +++ b/2019/CVE-2019-8936.md @@ -17,4 +17,5 @@ NTP through 4.2.8p12 has a NULL Pointer Dereference. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/snappyJack/CVE-2019-8936 diff --git a/2019/CVE-2019-8942.md b/2019/CVE-2019-8942.md index ab1c8607e6..54d9157533 100644 --- a/2019/CVE-2019-8942.md +++ b/2019/CVE-2019-8942.md @@ -16,6 +16,7 @@ WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/El-Palomo/DerpNStink - https://github.com/brianwrf/WordPress_4.9.8_RCE_POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-8943.md b/2019/CVE-2019-8943.md index 53ff9666c1..6d8d970af4 100644 --- a/2019/CVE-2019-8943.md +++ b/2019/CVE-2019-8943.md @@ -17,6 +17,7 @@ WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (w #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/El-Palomo/DerpNStink - https://github.com/SexyBeast233/SecBooks - https://github.com/brianwrf/WordPress_4.9.8_RCE_POC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2019/CVE-2019-8956.md b/2019/CVE-2019-8956.md index f6441ef43b..23efd61aaf 100644 --- a/2019/CVE-2019-8956.md +++ b/2019/CVE-2019-8956.md @@ -19,5 +19,7 @@ No PoCs from references. - https://github.com/bsauce/kernel-security-learning - https://github.com/butterflyhack/CVE-2019-8956 - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/exube/sctp_uaf - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/now4yreal/linux_pwn diff --git a/2019/CVE-2019-8979.md b/2019/CVE-2019-8979.md index 7d0fbe00a3..a768e13444 100644 --- a/2019/CVE-2019-8979.md +++ b/2019/CVE-2019-8979.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/elttam/ko7demo - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-9004.md b/2019/CVE-2019-9004.md new file mode 100644 index 0000000000..0babb7d715 --- /dev/null +++ b/2019/CVE-2019-9004.md @@ -0,0 +1,17 @@ +### [CVE-2019-9004](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9004) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In Eclipse Wakaama (formerly liblwm2m) 1.0, core/er-coap-13/er-coap-13.c in lwm2mserver in the LWM2M server mishandles invalid options, leading to a memory leak. Processing of a single crafted packet leads to leaking (wasting) 24 bytes of memory. This can lead to termination of the LWM2M server after exhausting all available memory. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ThingzDefense/IoT-Flock + diff --git a/2019/CVE-2019-9053.md b/2019/CVE-2019-9053.md index 98866ad360..257ca20506 100644 --- a/2019/CVE-2019-9053.md +++ b/2019/CVE-2019-9053.md @@ -15,5 +15,7 @@ An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News m #### Github - https://github.com/AfvanMoopen/tryhackme- +- https://github.com/Faridbg/THM_Simple_CTF - https://github.com/catsecorg/CatSec-TryHackMe-WriteUps +- https://github.com/cloudkevin/HTB-Writeup diff --git a/2019/CVE-2019-9070.md b/2019/CVE-2019-9070.md new file mode 100644 index 0000000000..6c82f624e0 --- /dev/null +++ b/2019/CVE-2019-9070.md @@ -0,0 +1,18 @@ +### [CVE-2019-9070](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9070) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark + diff --git a/2019/CVE-2019-9071.md b/2019/CVE-2019-9071.md new file mode 100644 index 0000000000..f731a8a9c7 --- /dev/null +++ b/2019/CVE-2019-9071.md @@ -0,0 +1,18 @@ +### [CVE-2019-9071](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9071) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ICSE2020-MemLock/MemLock_Benchmark +- https://github.com/tzf-key/MemLock_Benchmark + diff --git a/2019/CVE-2019-9117.md b/2019/CVE-2019-9117.md new file mode 100644 index 0000000000..0bc5cca73c --- /dev/null +++ b/2019/CVE-2019-9117.md @@ -0,0 +1,17 @@ +### [CVE-2019-9117](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9117) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetNetworkTomographySettings API function, as demonstrated by shell metacharacters in the tomography_ping_number field. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/E4ck/vuls + diff --git a/2019/CVE-2019-9118.md b/2019/CVE-2019-9118.md new file mode 100644 index 0000000000..e441520912 --- /dev/null +++ b/2019/CVE-2019-9118.md @@ -0,0 +1,17 @@ +### [CVE-2019-9118](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9118) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetNTPServerSettings API function, as demonstrated by shell metacharacters in the system_time_timezone field. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/E4ck/vuls + diff --git a/2019/CVE-2019-9119.md b/2019/CVE-2019-9119.md new file mode 100644 index 0000000000..0e179f69eb --- /dev/null +++ b/2019/CVE-2019-9119.md @@ -0,0 +1,17 @@ +### [CVE-2019-9119](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9119) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetStaticRouteSettings API function, as demonstrated by shell metacharacters in the staticroute_list field. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/E4ck/vuls + diff --git a/2019/CVE-2019-9120.md b/2019/CVE-2019-9120.md new file mode 100644 index 0000000000..a06092499d --- /dev/null +++ b/2019/CVE-2019-9120.md @@ -0,0 +1,17 @@ +### [CVE-2019-9120](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9120) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetWLanACLSettings API function, as demonstrated by shell metacharacters in the wl(0).(0)_maclist field. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/E4ck/vuls + diff --git a/2019/CVE-2019-9121.md b/2019/CVE-2019-9121.md new file mode 100644 index 0000000000..7b14ccb9c4 --- /dev/null +++ b/2019/CVE-2019-9121.md @@ -0,0 +1,17 @@ +### [CVE-2019-9121](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9121) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetSmartQoSSettings API function, as demonstrated by shell metacharacters in the smartqos_priority_devices field. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/E4ck/vuls + diff --git a/2019/CVE-2019-9153.md b/2019/CVE-2019-9153.md index 2aa5062490..10c4759c19 100644 --- a/2019/CVE-2019-9153.md +++ b/2019/CVE-2019-9153.md @@ -15,6 +15,7 @@ Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/ZenyWay/opgp-service-cve-2019-9153 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2019/CVE-2019-9176.md b/2019/CVE-2019-9176.md new file mode 100644 index 0000000000..f1be6275de --- /dev/null +++ b/2019/CVE-2019-9176.md @@ -0,0 +1,17 @@ +### [CVE-2019-9176](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9176) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows CSRF. + +### POC + +#### Reference +- https://gitlab.com/gitlab-org/gitlab-ce/issues/55664 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2019/CVE-2019-9193.md b/2019/CVE-2019-9193.md index faf798778a..7b235fcc6a 100644 --- a/2019/CVE-2019-9193.md +++ b/2019/CVE-2019-9193.md @@ -23,4 +23,5 @@ - https://github.com/ngadminq/Bei-Gai-penetration-test-guide - https://github.com/superfish9/pt - https://github.com/w181496/Web-CTF-Cheatsheet +- https://github.com/wkjung0624/CVE-2019-9193 diff --git a/2019/CVE-2019-9195.md b/2019/CVE-2019-9195.md index ca3e0a4726..707c2d6f6e 100644 --- a/2019/CVE-2019-9195.md +++ b/2019/CVE-2019-9195.md @@ -13,5 +13,6 @@ util/src/zip.rs in Grin before 1.0.2 mishandles suspicious files. An attacker ca No PoCs from references. #### Github +- https://github.com/DogecoinBoss/Dogecoin2 - https://github.com/mimblewimble/grin-pm diff --git a/2019/CVE-2019-9465.md b/2019/CVE-2019-9465.md index c6c3d7e8e2..6fd230ae31 100644 --- a/2019/CVE-2019-9465.md +++ b/2019/CVE-2019-9465.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/alexbakker/CVE-2019-9465 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2019/CVE-2019-9506.md b/2019/CVE-2019-9506.md index 2ab523c1eb..b35d3893dc 100644 --- a/2019/CVE-2019-9506.md +++ b/2019/CVE-2019-9506.md @@ -20,5 +20,6 @@ No PoCs from references. - https://github.com/engn33r/awesome-bluetooth-security - https://github.com/francozappa/knob - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/u10427687/bluetooth-KNOB - https://github.com/winterheart/broadcom-bt-firmware diff --git a/2019/CVE-2019-9512.md b/2019/CVE-2019-9512.md index 5da8604245..80f2b516cd 100644 --- a/2019/CVE-2019-9512.md +++ b/2019/CVE-2019-9512.md @@ -13,6 +13,7 @@ Some HTTP/2 implementations are vulnerable to ping floods, potentially leading t - https://kb.cert.org/vuls/id/605641/ #### Github +- https://github.com/Metarget/cloud-native-security-book - https://github.com/Metarget/metarget - https://github.com/UCloudDocs/uk8s - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-9641.md b/2019/CVE-2019-9641.md index a924fb647b..5065df09fb 100644 --- a/2019/CVE-2019-9641.md +++ b/2019/CVE-2019-9641.md @@ -13,6 +13,7 @@ An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before No PoCs from references. #### Github +- https://github.com/janforman/php-5 - https://github.com/syadg123/pigat - https://github.com/teamssix/pigat diff --git a/2019/CVE-2019-9670.md b/2019/CVE-2019-9670.md index ec0b048247..d7b272b3c2 100644 --- a/2019/CVE-2019-9670.md +++ b/2019/CVE-2019-9670.md @@ -19,9 +19,11 @@ mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/SexyBeast233/SecBooks +- https://github.com/attackgithub/Zimbra-RCE - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/fengjixuchui/RedTeamer - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/rek7/Zimbra-RCE - https://github.com/sobinge/nuclei-templates +- https://github.com/ugur-ercan/exploit-collection diff --git a/2019/CVE-2019-9704.md b/2019/CVE-2019-9704.md new file mode 100644 index 0000000000..7cea1945f7 --- /dev/null +++ b/2019/CVE-2019-9704.md @@ -0,0 +1,17 @@ +### [CVE-2019-9704](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9704) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (daemon crash) via a large crontab file because the calloc return value is not checked. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/devmatic-it/debcvescan + diff --git a/2019/CVE-2019-9740.md b/2019/CVE-2019-9740.md index 74863730f1..56d7658ce5 100644 --- a/2019/CVE-2019-9740.md +++ b/2019/CVE-2019-9740.md @@ -15,6 +15,7 @@ An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Py - https://bugs.python.org/issue36276 #### Github +- https://github.com/Tiaonmmn/renderer - https://github.com/lanjelot/ctfs - https://github.com/ltfafei/my_POC - https://github.com/revl-ca/scan-docker-image diff --git a/2019/CVE-2019-9766.md b/2019/CVE-2019-9766.md index 050602b699..abc18a81c2 100644 --- a/2019/CVE-2019-9766.md +++ b/2019/CVE-2019-9766.md @@ -16,4 +16,5 @@ Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting a file, a - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/moonheadobj/CVE-2019-9766 diff --git a/2019/CVE-2019-9787.md b/2019/CVE-2019-9787.md index 864fd3a3b8..a47dfac4ef 100644 --- a/2019/CVE-2019-9787.md +++ b/2019/CVE-2019-9787.md @@ -14,8 +14,13 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/El-Palomo/DerpNStink +- https://github.com/PalmTreeForest/CodePath_Week_7-8 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/matinciel/Wordpress_CVE-2019-9787 - https://github.com/rkatogit/cve-2019-9787_csrf_poc +- https://github.com/sijiahi/Wordpress_cve-2019-9787_defense - https://github.com/smfils1/Cybersecurity-WordPress-Pentesting +- https://github.com/who909/WordPress-vs.-Kali diff --git a/2019/CVE-2019-9791.md b/2019/CVE-2019-9791.md index 35ed4df369..7a266094f5 100644 --- a/2019/CVE-2019-9791.md +++ b/2019/CVE-2019-9791.md @@ -16,6 +16,7 @@ The type inference system allows the compilation of functions that can cause typ - https://bugzilla.mozilla.org/show_bug.cgi?id=1530958 #### Github +- https://github.com/ZihanYe/web-browser-vulnerabilities - https://github.com/googleprojectzero/fuzzilli - https://github.com/tunz/js-vuln-db - https://github.com/ulexec/Exploits diff --git a/2019/CVE-2019-9810.md b/2019/CVE-2019-9810.md index f7cd0f39c6..5651805513 100644 --- a/2019/CVE-2019-9810.md +++ b/2019/CVE-2019-9810.md @@ -20,14 +20,18 @@ Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice - https://github.com/0vercl0k/CVE-2019-11708 - https://github.com/0vercl0k/CVE-2019-9810 - https://github.com/0xT11/CVE-POC +- https://github.com/ZihanYe/web-browser-vulnerabilities - https://github.com/a0viedo/demystifying-js-engines - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/b0o/starred - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/fengjixuchui/Just-pwn-it-for-fun - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lp008/Hack-readme - https://github.com/m1ghtym0/browser-pwn - https://github.com/mgaudet/SpiderMonkeyBibliography +- https://github.com/tunnelshade/cve-2019-11707 - https://github.com/vintagesucks/awesome-stars - https://github.com/xuechiyaobai/CVE-2019-9810-PoC diff --git a/2019/CVE-2019-9813.md b/2019/CVE-2019-9813.md index 8c193d9632..77aed16789 100644 --- a/2019/CVE-2019-9813.md +++ b/2019/CVE-2019-9813.md @@ -16,6 +16,7 @@ Incorrect handling of __proto__ mutations may lead to type confusion in IonMonke - https://bugzilla.mozilla.org/show_bug.cgi?id=1538006 #### Github +- https://github.com/ZihanYe/web-browser-vulnerabilities - https://github.com/googleprojectzero/fuzzilli - https://github.com/tunz/js-vuln-db diff --git a/2019/CVE-2019-9923.md b/2019/CVE-2019-9923.md index c0a3a91c71..a61c3fd799 100644 --- a/2019/CVE-2019-9923.md +++ b/2019/CVE-2019-9923.md @@ -13,6 +13,7 @@ pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer derefere No PoCs from references. #### Github +- https://github.com/brandoncamenisch/release-the-code-litecoin - https://github.com/garethr/snykout - https://github.com/revl-ca/scan-docker-image diff --git a/2019/CVE-2019-9924.md b/2019/CVE-2019-9924.md index 05b77b292a..4ca89b4922 100644 --- a/2019/CVE-2019-9924.md +++ b/2019/CVE-2019-9924.md @@ -13,6 +13,7 @@ rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BAS No PoCs from references. #### Github +- https://github.com/KorayAgaya/TrivyWeb - https://github.com/revl-ca/scan-docker-image - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy diff --git a/2019/CVE-2019-9946.md b/2019/CVE-2019-9946.md index e28a62d888..d7c7fef8be 100644 --- a/2019/CVE-2019-9946.md +++ b/2019/CVE-2019-9946.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/Metarget/awesome-cloud-native-security - https://github.com/Metarget/metarget - https://github.com/champtar/blog +- https://github.com/reni2study/Cloud-Native-Security2 diff --git a/2020/CVE-2020-0001.md b/2020/CVE-2020-0001.md index c61fc35da2..a58bdc8a5d 100644 --- a/2020/CVE-2020-0001.md +++ b/2020/CVE-2020-0001.md @@ -13,6 +13,7 @@ In getProcessRecordLocked of ActivityManagerService.java isolated apps are not h No PoCs from references. #### Github +- https://github.com/Zachinio/CVE-2020-0001 - https://github.com/anthonyharrison/CVSS - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/he1m4n6a/cve-db diff --git a/2020/CVE-2020-0022.md b/2020/CVE-2020-0022.md index 67d09ca730..426c95f1a2 100644 --- a/2020/CVE-2020-0022.md +++ b/2020/CVE-2020-0022.md @@ -15,6 +15,7 @@ In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bou #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/5k1l/cve-2020-0022 - https://github.com/Polo35/CVE-2020-0022 - https://github.com/Roo4L/BlueFrag_PoC - https://github.com/WinMin/Protocol-Vul diff --git a/2020/CVE-2020-0108.md b/2020/CVE-2020-0108.md index ff25758e27..cc9fb50b55 100644 --- a/2020/CVE-2020-0108.md +++ b/2020/CVE-2020-0108.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC - https://github.com/CrackerCat/ServiceCheater +- https://github.com/XDo0/ServiceCheater - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-0113.md b/2020/CVE-2020-0113.md index 3e1e600663..a5c827d749 100644 --- a/2020/CVE-2020-0113.md +++ b/2020/CVE-2020-0113.md @@ -13,6 +13,7 @@ In sendCaptureResult of Camera3OutputUtils.cpp, there is a possible out of bound No PoCs from references. #### Github +- https://github.com/XDo0/ServiceCheater - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-0551.md b/2020/CVE-2020-0551.md index c8d6fcf7c3..d3c90fdd3f 100644 --- a/2020/CVE-2020-0551.md +++ b/2020/CVE-2020-0551.md @@ -15,11 +15,13 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC - https://github.com/AngrySilver/incubator-teaclave-sgx-sdk +- https://github.com/UzL-ITS/util-lookup - https://github.com/apache/incubator-teaclave-sgx-sdk - https://github.com/bitdefender/lvi-lfb-attack-poc - https://github.com/codexlynx/hardware-attacks-state-of-the-art - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/intel-secl/crypto-api-toolkit - https://github.com/intel/crypto-api-toolkit - https://github.com/intel/intel-sgx-ssl - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-0554.md b/2020/CVE-2020-0554.md index 21d8aed8fa..26662574c1 100644 --- a/2020/CVE-2020-0554.md +++ b/2020/CVE-2020-0554.md @@ -19,6 +19,7 @@ No PoCs from references. - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/tdtc7/qps - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/yedada-wei/- diff --git a/2020/CVE-2020-0601.md b/2020/CVE-2020-0601.md index 242a8c50dc..b06e0c495e 100644 --- a/2020/CVE-2020-0601.md +++ b/2020/CVE-2020-0601.md @@ -66,6 +66,7 @@ A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) valid - https://github.com/eastmountyxz/CVE-2018-20250-WinRAR - https://github.com/eastmountyxz/CVE-2020-0601-EXP - https://github.com/eastmountyxz/NetworkSecuritySelf-study +- https://github.com/eastmountyxz/SystemSecurity-ReverseAnalysis - https://github.com/exploitblizzard/CVE-2020-0601-spoofkey - https://github.com/gentilkiwi/curveball - https://github.com/gremwell/cve-2020-0601_poc @@ -85,6 +86,7 @@ A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) valid - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/robmichel2854/robs-links - https://github.com/saleemrashid/badecparams +- https://github.com/sourcx/zeekweek-2021 - https://github.com/talbeerysec/CurveBallDetection - https://github.com/thimelp/cve-2020-0601-Perl - https://github.com/tobor88/PowerShell-Blue-Team diff --git a/2020/CVE-2020-0609.md b/2020/CVE-2020-0609.md index bd4c2e7d72..b6bb94a1ed 100644 --- a/2020/CVE-2020-0609.md +++ b/2020/CVE-2020-0609.md @@ -30,6 +30,7 @@ No PoCs from references. - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/ruppde/rdg_scanner_cve-2020-0609 +- https://github.com/ruppde/scan_CVE-2020-29583 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2020/CVE-2020-0618.md b/2020/CVE-2020-0618.md index 455cb02b30..607173a2c5 100644 --- a/2020/CVE-2020-0618.md +++ b/2020/CVE-2020-0618.md @@ -41,6 +41,8 @@ A remote code execution vulnerability exists in Microsoft SQL Server Reporting S - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc - https://github.com/jumpif0/test +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection +- https://github.com/michael101096/cs2020_msels - https://github.com/nitishbadole/PENTESTING-BIBLE - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/phant0n/PENTESTING-BIBLE diff --git a/2020/CVE-2020-0646.md b/2020/CVE-2020-0646.md index b5b38feeb6..424fa6aa09 100644 --- a/2020/CVE-2020-0646.md +++ b/2020/CVE-2020-0646.md @@ -65,6 +65,8 @@ A remote code execution vulnerability exists when the Microsoft .NET Framework f #### Github - https://github.com/SexyBeast233/SecBooks +- https://github.com/Viralmaniar/BigBountyRecon +- https://github.com/michael101096/cs2020_msels - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/xbl3/awesome-cve-poc_qazbnm456 diff --git a/2020/CVE-2020-0683.md b/2020/CVE-2020-0683.md index 0861b651e5..122b7e856a 100644 --- a/2020/CVE-2020-0683.md +++ b/2020/CVE-2020-0683.md @@ -41,6 +41,7 @@ An elevation of privilege vulnerability exists in the Windows Installer when MSI - https://github.com/padovah4ck/CVE-2020-0683 - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/shubham0d/SymBlock +- https://github.com/tzwlhack/Vulnerability - https://github.com/vaibhavkrjha/shufti - https://github.com/viszsec/CyberSecurity-Playground - https://github.com/wateroot/poc-exp diff --git a/2020/CVE-2020-0688.md b/2020/CVE-2020-0688.md index 73fcca1fa4..1073b67023 100644 --- a/2020/CVE-2020-0688.md +++ b/2020/CVE-2020-0688.md @@ -24,14 +24,17 @@ A remote code execution vulnerability exists in Microsoft Exchange software when - https://github.com/61106960/adPEAS - https://github.com/AnonVulc/Pentest-Tools - https://github.com/CnHack3r/Penetration_PoC +- https://github.com/EvilAnne/2020-Read-article - https://github.com/Jean-Francois-C/Windows-Penetration-Testing - https://github.com/Jumbo-WJB/CVE-2020-0688 - https://github.com/Ken-Abruzzi/cve_2020_0688 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/MrTiz/CVE-2020-0688 - https://github.com/QWERTSKIHACK/Active-Directory-Exploitation-Cheat-Sheet. - https://github.com/Ridter/cve-2020-0688 - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet - https://github.com/S3cur3Th1sSh1t/Pentest-Tools +- https://github.com/SLSteff/CVE-2020-0688-Scanner - https://github.com/SexyBeast233/SecBooks - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Yt1g3r/CVE-2020-0688_EXP @@ -39,6 +42,7 @@ A remote code execution vulnerability exists in Microsoft Exchange software when - https://github.com/bhdresh/SnortRules - https://github.com/cepxeo/redteambins - https://github.com/cert-lv/CVE-2020-0688 +- https://github.com/certat/exchange-scans - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/dnif/content - https://github.com/fengjixuchui/RedTeamer @@ -50,8 +54,10 @@ A remote code execution vulnerability exists in Microsoft Exchange software when - https://github.com/huike007/poc - https://github.com/justin-p/PSForgot2kEyXCHANGE - https://github.com/ktpdpro/CVE-2020-0688 +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/mahyarx/Exploit_CVE-2020-0688 - https://github.com/med0x2e/GadgetToJScript +- https://github.com/michael101096/cs2020_msels - https://github.com/murataydemir/CVE-2020-0688 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/onSec-fr/CVE-2020-0688-Scanner @@ -62,6 +68,7 @@ A remote code execution vulnerability exists in Microsoft Exchange software when - https://github.com/random-robbie/cve-2020-0688 - https://github.com/ravinacademy/CVE-2020-0688 - https://github.com/righter83/CVE-2020-0688 +- https://github.com/severnake/Pentest-Tools - https://github.com/superfish9/pt - https://github.com/taielab/awesome-hacking-lists - https://github.com/tdtc7/qps diff --git a/2020/CVE-2020-0714.md b/2020/CVE-2020-0714.md new file mode 100644 index 0000000000..88f3975240 --- /dev/null +++ b/2020/CVE-2020-0714.md @@ -0,0 +1,26 @@ +### [CVE-2020-0714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0714) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201909%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) + +### Description + +An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Information Disclosure Vulnerability'. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/V0lk3n/OSMR-CheatSheet + diff --git a/2020/CVE-2020-0796.md b/2020/CVE-2020-0796.md index c89ab534da..fd2dc9aeac 100644 --- a/2020/CVE-2020-0796.md +++ b/2020/CVE-2020-0796.md @@ -47,12 +47,14 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - https://github.com/Barriuso/SMBGhost_AutomateExploitation - https://github.com/BinaryShadow94/SMBv3.1.1-scan---CVE-2020-0796 - https://github.com/ButrintKomoni/cve-2020-0796 +- https://github.com/CYJoe-Cyclone/Awesome-CobaltStrike - https://github.com/CnHack3r/Penetration_PoC - https://github.com/CyberMonitor/somethingweneed - https://github.com/Dhoomralochana/Scanners-for-CVE-2020-0796-Testing - https://github.com/DreamoneOnly/CVE-2020-0796-LPE - https://github.com/EncodeGroup/BOF-RegSave - https://github.com/FULLSHADE/WindowsExploitationResources +- https://github.com/GryllsAaron/CVE-2020-0796-POC - https://github.com/GuoKerS/Some_Script - https://github.com/GuoKerS/aioScan_CVE-2020-0796 - https://github.com/HackOvert/awesome-bugs @@ -62,9 +64,11 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - https://github.com/Ken-Abruzzi/cve_2020_0796 - https://github.com/LabDookhtegan/CVE-2020-0796-EXP - https://github.com/Loveforkeeps/Lemon-Duck +- https://github.com/MasterSploit/LPE---CVE-2020-0796 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/NullArray/WinKernel-Resources +- https://github.com/ORCA666/CVE-2020-0796 - https://github.com/QWERTSKIHACK/Active-Directory-Exploitation-Cheat-Sheet. - https://github.com/Ra7mo0on/SMBGhost - https://github.com/RonnieNiu/CVE-2020_0796-exp @@ -102,6 +106,7 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - https://github.com/eastmountyxz/CSDNBlog-Security-Based - https://github.com/eastmountyxz/CVE-2020-0796-SMB - https://github.com/eastmountyxz/NetworkSecuritySelf-study +- https://github.com/eastmountyxz/SystemSecurity-ReverseAnalysis - https://github.com/eerykitty/CVE-2020-0796-PoC - https://github.com/ericzhong2010/GUI-Check-CVE-2020-0976 - https://github.com/eventsentry/scripts @@ -138,6 +143,7 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - https://github.com/marcinguy/CVE-2020-0796 - https://github.com/mathisvickie/KMAC - https://github.com/maxpl0it/Unauthenticated-CVE-2020-0796-PoC +- https://github.com/michael101096/cs2020_msels - https://github.com/mishmashclone/SecWiki-windows-kernel-exploits - https://github.com/msuiche/smbaloo - https://github.com/netscylla/SMBGhost @@ -146,6 +152,7 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/paramint/windows-kernel-exploits - https://github.com/pathakabhi24/Awesome-C +- https://github.com/pengusec/awesome-netsec-articles - https://github.com/psc4re/NSE-scripts - https://github.com/pwninx/WinPwn - https://github.com/qazbnm456/awesome-cve-poc @@ -159,6 +166,7 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - https://github.com/sung3r/CobaltStrike - https://github.com/syadg123/CVE-2020-0796 - https://github.com/syadg123/SMBGhost +- https://github.com/t0rt3ll1n0/cms-scanner - https://github.com/taielab/awesome-hacking-lists - https://github.com/tango-j/CVE-2020-0796 - https://github.com/technion/DisableSMBCompression diff --git a/2020/CVE-2020-0932.md b/2020/CVE-2020-0932.md index 82b8d81c13..45deda7a95 100644 --- a/2020/CVE-2020-0932.md +++ b/2020/CVE-2020-0932.md @@ -15,6 +15,7 @@ A remote code execution vulnerability exists in Microsoft SharePoint when the so No PoCs from references. #### Github +- https://github.com/H0j3n/EzpzSharepoint - https://github.com/QWERTSKIHACK/Active-Directory-Exploitation-Cheat-Sheet. - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet - https://github.com/pwntester/ysoserial.net diff --git a/2020/CVE-2020-0984.md b/2020/CVE-2020-0984.md index 0d99c0711a..af57c5d9e1 100644 --- a/2020/CVE-2020-0984.md +++ b/2020/CVE-2020-0984.md @@ -13,6 +13,7 @@ An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MA No PoCs from references. #### Github +- https://github.com/V0lk3n/OSMR-CheatSheet - https://github.com/dfrankland/xpc-connection-rs - https://github.com/qazbnm456/awesome-cve-poc diff --git a/2020/CVE-2020-10110.md b/2020/CVE-2020-10110.md index d4bfab3413..bbe798a86c 100644 --- a/2020/CVE-2020-10110.md +++ b/2020/CVE-2020-10110.md @@ -14,5 +14,5 @@ - https://seclists.org/fulldisclosure/2020/Mar/7 #### Github -No PoCs found on GitHub currently. +- https://github.com/stratosphereips/nist-cve-search-tool diff --git a/2020/CVE-2020-10111.md b/2020/CVE-2020-10111.md index 4ae7a8c364..253a70e04f 100644 --- a/2020/CVE-2020-10111.md +++ b/2020/CVE-2020-10111.md @@ -14,5 +14,5 @@ - http://seclists.org/fulldisclosure/2020/Mar/11 #### Github -No PoCs found on GitHub currently. +- https://github.com/stratosphereips/nist-cve-search-tool diff --git a/2020/CVE-2020-10112.md b/2020/CVE-2020-10112.md index 85e48c1f63..3f8950b4c3 100644 --- a/2020/CVE-2020-10112.md +++ b/2020/CVE-2020-10112.md @@ -14,5 +14,5 @@ - http://seclists.org/fulldisclosure/2020/Mar/8 #### Github -No PoCs found on GitHub currently. +- https://github.com/stratosphereips/nist-cve-search-tool diff --git a/2020/CVE-2020-10148.md b/2020/CVE-2020-10148.md index 019adb0932..c6bae1f41e 100644 --- a/2020/CVE-2020-10148.md +++ b/2020/CVE-2020-10148.md @@ -15,9 +15,11 @@ No PoCs from references. #### Github - https://github.com/0ps/pocassistdb - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/B1anda0/CVE-2020-10148 - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/SexyBeast233/SecBooks +- https://github.com/Udyz/CVE-2020-10148-Solarwinds-Orion - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub @@ -25,5 +27,7 @@ No PoCs from references. - https://github.com/jaeles-project/jaeles-signatures - https://github.com/jweny/pocassistdb - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/rdoix/CVE-2020-10148-Solarwinds-Orion - https://github.com/sobinge/nuclei-templates +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-10189.md b/2020/CVE-2020-10189.md index aa0164f07d..f45e1355d6 100644 --- a/2020/CVE-2020-10189.md +++ b/2020/CVE-2020-10189.md @@ -31,6 +31,7 @@ Zoho ManageEngine Desktop Central before 10.0.474 allows remote code execution b - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tdtc7/qps diff --git a/2020/CVE-2020-10199.md b/2020/CVE-2020-10199.md index ddf32c3f28..20275ad8d4 100644 --- a/2020/CVE-2020-10199.md +++ b/2020/CVE-2020-10199.md @@ -29,8 +29,10 @@ Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2). - https://github.com/huike007/poc - https://github.com/jas502n/CVE-2020-10199 - https://github.com/koala2099/GitHub-Chinese-Top-Charts +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/magicming200/CVE-2020-10199_CVE-2020-10204 - https://github.com/muzai/Clog +- https://github.com/neilzhang1/Chinese-Charts - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/pinkieli/GitHub-Chinese-Top-Charts - https://github.com/qingyuanfeiniao/Chinese-Top-Charts diff --git a/2020/CVE-2020-10204.md b/2020/CVE-2020-10204.md index 70b9615dc8..97eac7f6c1 100644 --- a/2020/CVE-2020-10204.md +++ b/2020/CVE-2020-10204.md @@ -27,7 +27,9 @@ No PoCs from references. - https://github.com/huike007/poc - https://github.com/jas502n/CVE-2020-10199 - https://github.com/koala2099/GitHub-Chinese-Top-Charts +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/magicming200/CVE-2020-10199_CVE-2020-10204 +- https://github.com/neilzhang1/Chinese-Charts - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/pinkieli/GitHub-Chinese-Top-Charts - https://github.com/qingyuanfeiniao/Chinese-Top-Charts diff --git a/2020/CVE-2020-1054.md b/2020/CVE-2020-1054.md index c491485db1..01e9802bc9 100644 --- a/2020/CVE-2020-1054.md +++ b/2020/CVE-2020-1054.md @@ -29,6 +29,7 @@ An elevation of privilege vulnerability exists in Windows when the Windows kerne - https://github.com/Ascotbe/Kernelhub - https://github.com/CnHack3r/Penetration_PoC - https://github.com/FULLSHADE/WindowsExploitationResources +- https://github.com/Graham382/CVE-2020-1054 - https://github.com/Iamgublin/CVE-2020-1054 - https://github.com/KaLendsi/CVE-2020-1054 - https://github.com/Mr-xn/Penetration_Testing_POC diff --git a/2020/CVE-2020-10564.md b/2020/CVE-2020-10564.md index 1f5ae6d923..1d6d85712b 100644 --- a/2020/CVE-2020-10564.md +++ b/2020/CVE-2020-10564.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/ChoiSG/vwp +- https://github.com/PaulBorie/kubernetes-security - https://github.com/vavkamil/dvwp diff --git a/2020/CVE-2020-10663.md b/2020/CVE-2020-10663.md index 3f82388b00..46768f524e 100644 --- a/2020/CVE-2020-10663.md +++ b/2020/CVE-2020-10663.md @@ -21,4 +21,5 @@ No PoCs from references. - https://github.com/qoqa/gem-mandrill-api - https://github.com/rails-lts/json_cve_2020_10663 - https://github.com/rainchen/code_quality +- https://github.com/retailzipline/mandrill-api-ruby diff --git a/2020/CVE-2020-10672.md b/2020/CVE-2020-10672.md index b6f41de38c..611385f770 100644 --- a/2020/CVE-2020-10672.md +++ b/2020/CVE-2020-10672.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/yahoo/cubed diff --git a/2020/CVE-2020-10673.md b/2020/CVE-2020-10673.md index 0ae88a5b95..e0a1a5d511 100644 --- a/2020/CVE-2020-10673.md +++ b/2020/CVE-2020-10673.md @@ -31,6 +31,7 @@ No PoCs from references. - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/yahoo/cubed - https://github.com/yedada-wei/- - https://github.com/yedada-wei/gongkaishouji diff --git a/2020/CVE-2020-10675.md b/2020/CVE-2020-10675.md new file mode 100644 index 0000000000..37d1f70ce2 --- /dev/null +++ b/2020/CVE-2020-10675.md @@ -0,0 +1,18 @@ +### [CVE-2020-10675](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10675) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The Library API in buger jsonparser through 2019-12-04 allows attackers to cause a denial of service (infinite loop) via a Delete call. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/k1LoW/oshka +- https://github.com/naveensrinivasan/stunning-tribble + diff --git a/2020/CVE-2020-10713.md b/2020/CVE-2020-10713.md index a62aa83302..638dcb192d 100644 --- a/2020/CVE-2020-10713.md +++ b/2020/CVE-2020-10713.md @@ -18,6 +18,8 @@ A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 - https://github.com/Jetico/shim-review - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/YIXINSHUWU/Penetration_Testing_POC +- https://github.com/YeongSeokLee/shim-review +- https://github.com/amzdev0401/shim-review-backup - https://github.com/bitraser/shim-review-15.4 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/eclypsium/BootHole @@ -26,6 +28,7 @@ A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 - https://github.com/huike007/penetration_poc - https://github.com/jason-chang-atrust/shim-review - https://github.com/kaosagnt/ansible-everyday +- https://github.com/luojc123/shim-nsdl - https://github.com/lzap/redhat-kernel-shim-signatures - https://github.com/neverware/shim-review - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-10749.md b/2020/CVE-2020-10749.md index 97d0a15b4c..92d8febd0c 100644 --- a/2020/CVE-2020-10749.md +++ b/2020/CVE-2020-10749.md @@ -19,4 +19,5 @@ No PoCs from references. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/knqyf263/CVE-2020-10749 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/reni2study/Cloud-Native-Security2 diff --git a/2020/CVE-2020-10812.md b/2020/CVE-2020-10812.md index 6f8a2c5da4..07770dea8f 100644 --- a/2020/CVE-2020-10812.md +++ b/2020/CVE-2020-10812.md @@ -10,6 +10,7 @@ An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exist ### POC #### Reference +- https://github.com/Loginsoft-Research/hdf5-reports/tree/master/Vuln_4 - https://research.loginsoft.com/bugs/null-pointer-dereference-in-h5fquery-c-hdf5-1-13-0/ #### Github diff --git a/2020/CVE-2020-10878.md b/2020/CVE-2020-10878.md index ed1a2728eb..96598325fc 100644 --- a/2020/CVE-2020-10878.md +++ b/2020/CVE-2020-10878.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/Azure/publish-security-assessments - https://github.com/dragon7-fc/misc - https://github.com/garethr/snykout +- https://github.com/hisashin0728/AmazonECRScanSecurityHub diff --git a/2020/CVE-2020-10968.md b/2020/CVE-2020-10968.md new file mode 100644 index 0000000000..91b35ff594 --- /dev/null +++ b/2020/CVE-2020-10968.md @@ -0,0 +1,17 @@ +### [CVE-2020-10968](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10968) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/yahoo/cubed + diff --git a/2020/CVE-2020-10969.md b/2020/CVE-2020-10969.md index 41994329ef..16835ecddc 100644 --- a/2020/CVE-2020-10969.md +++ b/2020/CVE-2020-10969.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/yahoo/cubed diff --git a/2020/CVE-2020-10977.md b/2020/CVE-2020-10977.md index ba805d7e2f..a50bdc072d 100644 --- a/2020/CVE-2020-10977.md +++ b/2020/CVE-2020-10977.md @@ -13,18 +13,23 @@ GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an iss - http://packetstormsecurity.com/files/160441/GitLab-File-Read-Remote-Code-Execution.html #### Github +- https://github.com/CYJoe-Cyclone/PenetrationTesttips - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/JustMichi/CVE-2020-10977.py - https://github.com/KooroshRZ/CVE-2020-10977 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/Power7089/PenetrationTest-Tips - https://github.com/SexyBeast233/SecBooks - https://github.com/cocomelonc/vulnexipy - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/dotPY-hax/gitlab_RCE - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/huike007/penetration_poc - https://github.com/jeansgit/Pentest - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/r0eXpeR/redteam_vul - https://github.com/taielab/awesome-hacking-lists +- https://github.com/thewhiteh4t/cve-2020-10977 +- https://github.com/tzwlhack/Vulnerability - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2020/CVE-2020-11022.md b/2020/CVE-2020-11022.md index d6abcca843..ccac756790 100644 --- a/2020/CVE-2020-11022.md +++ b/2020/CVE-2020-11022.md @@ -25,4 +25,5 @@ In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML f - https://github.com/corey-schneider/bagel-shop - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tnwebdev/jquery-2.2.4-patched +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-11023.md b/2020/CVE-2020-11023.md index 8d5f9efcee..7c3ead0bf8 100644 --- a/2020/CVE-2020-11023.md +++ b/2020/CVE-2020-11023.md @@ -22,4 +22,5 @@ In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/arijitdirghanji/100DaysofLearning - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-11025.md b/2020/CVE-2020-11025.md index 60c90cf547..41852182fe 100644 --- a/2020/CVE-2020-11025.md +++ b/2020/CVE-2020-11025.md @@ -13,6 +13,7 @@ In affected versions of WordPress, a cross-site scripting (XSS) vulnerability in No PoCs from references. #### Github +- https://github.com/El-Palomo/DerpNStink - https://github.com/El-Palomo/SYMFONOS - https://github.com/zer0uid/docker-CVEanalysis diff --git a/2020/CVE-2020-11026.md b/2020/CVE-2020-11026.md index 068cb81c74..970bb416a1 100644 --- a/2020/CVE-2020-11026.md +++ b/2020/CVE-2020-11026.md @@ -13,5 +13,6 @@ In affected versions of WordPress, files with a specially crafted name when uplo No PoCs from references. #### Github +- https://github.com/El-Palomo/DerpNStink - https://github.com/El-Palomo/SYMFONOS diff --git a/2020/CVE-2020-11027.md b/2020/CVE-2020-11027.md index 6954dbd24f..f6896d51ad 100644 --- a/2020/CVE-2020-11027.md +++ b/2020/CVE-2020-11027.md @@ -13,5 +13,6 @@ In affected versions of WordPress, a password reset link emailed to a user does No PoCs from references. #### Github +- https://github.com/El-Palomo/DerpNStink - https://github.com/El-Palomo/SYMFONOS diff --git a/2020/CVE-2020-11028.md b/2020/CVE-2020-11028.md index 2a206277aa..c683e5be5b 100644 --- a/2020/CVE-2020-11028.md +++ b/2020/CVE-2020-11028.md @@ -13,5 +13,6 @@ In affected versions of WordPress, some private posts, which were previously pub No PoCs from references. #### Github +- https://github.com/El-Palomo/DerpNStink - https://github.com/El-Palomo/SYMFONOS diff --git a/2020/CVE-2020-11029.md b/2020/CVE-2020-11029.md index 913f03396d..2162459950 100644 --- a/2020/CVE-2020-11029.md +++ b/2020/CVE-2020-11029.md @@ -13,5 +13,6 @@ In affected versions of WordPress, a vulnerability in the stats() method of clas No PoCs from references. #### Github +- https://github.com/El-Palomo/DerpNStink - https://github.com/El-Palomo/SYMFONOS diff --git a/2020/CVE-2020-11050.md b/2020/CVE-2020-11050.md new file mode 100644 index 0000000000..1aeeaf0e3e --- /dev/null +++ b/2020/CVE-2020-11050.md @@ -0,0 +1,17 @@ +### [CVE-2020-11050](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11050) +![](https://img.shields.io/static/v1?label=Product&message=Java-WebSocket&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-297%3A%20Improper%20Validation%20of%20Certificate%20with%20Host%20Mismatch&color=brighgreen) + +### Description + +In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched in 1.5.0. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/PalindromeLabs/awesome-websocket-security + diff --git a/2020/CVE-2020-11111.md b/2020/CVE-2020-11111.md index 7c5cdcafea..b862310f71 100644 --- a/2020/CVE-2020-11111.md +++ b/2020/CVE-2020-11111.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/yahoo/cubed diff --git a/2020/CVE-2020-11112.md b/2020/CVE-2020-11112.md index 39046a4782..025ff0d664 100644 --- a/2020/CVE-2020-11112.md +++ b/2020/CVE-2020-11112.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/yahoo/cubed diff --git a/2020/CVE-2020-11113.md b/2020/CVE-2020-11113.md index c333876f1a..445f8db246 100644 --- a/2020/CVE-2020-11113.md +++ b/2020/CVE-2020-11113.md @@ -19,4 +19,5 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/yahoo/cubed diff --git a/2020/CVE-2020-11444.md b/2020/CVE-2020-11444.md index ed00c0e425..8da46811e6 100644 --- a/2020/CVE-2020-11444.md +++ b/2020/CVE-2020-11444.md @@ -19,6 +19,7 @@ No PoCs from references. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/jas502n/CVE-2020-10199 - https://github.com/koala2099/GitHub-Chinese-Top-Charts +- https://github.com/neilzhang1/Chinese-Charts - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/pinkieli/GitHub-Chinese-Top-Charts - https://github.com/qingyuanfeiniao/Chinese-Top-Charts diff --git a/2020/CVE-2020-1147.md b/2020/CVE-2020-1147.md index 22c79a92cd..bc071c9c82 100644 --- a/2020/CVE-2020-1147.md +++ b/2020/CVE-2020-1147.md @@ -84,7 +84,9 @@ A remote code execution vulnerability exists in .NET Framework, Microsoft ShareP #### Github - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/H0j3n/EzpzSharepoint - https://github.com/amcai/myscan +- https://github.com/michael101096/cs2020_msels - https://github.com/pwntester/ysoserial.net - https://github.com/sobinge/nuclei-templates diff --git a/2020/CVE-2020-11518.md b/2020/CVE-2020-11518.md index 2d2c513f32..ab708a8874 100644 --- a/2020/CVE-2020-11518.md +++ b/2020/CVE-2020-11518.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +- https://github.com/r0eXpeR/supplier diff --git a/2020/CVE-2020-11619.md b/2020/CVE-2020-11619.md new file mode 100644 index 0000000000..9819ac8a10 --- /dev/null +++ b/2020/CVE-2020-11619.md @@ -0,0 +1,17 @@ +### [CVE-2020-11619](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11619) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/yahoo/cubed + diff --git a/2020/CVE-2020-11620.md b/2020/CVE-2020-11620.md index 2309ba76a4..78fc92fdd4 100644 --- a/2020/CVE-2020-11620.md +++ b/2020/CVE-2020-11620.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/paolodenti/telegram-types - https://github.com/r00t4dm/r00t4dm +- https://github.com/yahoo/cubed diff --git a/2020/CVE-2020-11651.md b/2020/CVE-2020-11651.md index 0d6076fd0b..dc82c06eb5 100644 --- a/2020/CVE-2020-11651.md +++ b/2020/CVE-2020-11651.md @@ -16,7 +16,9 @@ An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2 #### Github - https://github.com/0xT11/CVE-POC - https://github.com/0xc0d/CVE-2020-11651 +- https://github.com/Al1ex/CVE-2020-11652 - https://github.com/CnHack3r/Penetration_PoC +- https://github.com/FDlucifer/firece-fish - https://github.com/Imanfeng/SaltStack-Exp - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/RakhithJK/CVE-2020-11651 @@ -29,6 +31,7 @@ An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2 - https://github.com/dozernz/cve-2020-11651 - https://github.com/dwoz/salt-rekey - https://github.com/fanjq99/CVE-2020-11652 +- https://github.com/fofapro/vulfocus - https://github.com/gobysec/Goby - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/hectorgie/PoC-in-GitHub @@ -38,6 +41,7 @@ An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2 - https://github.com/jasperla/CVE-2020-11651-poc - https://github.com/kasini3000/kasini3000 - https://github.com/kevthehermit/CVE-2020-11651 +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/lovelyjuice/cve-2020-11651-exp-plus - https://github.com/merlinxcy/ToolBox - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-11652.md b/2020/CVE-2020-11652.md index b81d78f753..c35fe5cba1 100644 --- a/2020/CVE-2020-11652.md +++ b/2020/CVE-2020-11652.md @@ -16,6 +16,7 @@ An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2 #### Github - https://github.com/0xT11/CVE-POC - https://github.com/0xc0d/CVE-2020-11651 +- https://github.com/Al1ex/CVE-2020-11652 - https://github.com/CnHack3r/Penetration_PoC - https://github.com/Imanfeng/SaltStack-Exp - https://github.com/Mr-xn/Penetration_Testing_POC @@ -25,6 +26,7 @@ An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/dwoz/salt-rekey - https://github.com/fanjq99/CVE-2020-11652 +- https://github.com/fofapro/vulfocus - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/heikanet/CVE-2020-11651-CVE-2020-11652-EXP @@ -32,6 +34,7 @@ An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2 - https://github.com/huike007/poc - https://github.com/jasperla/CVE-2020-11651-poc - https://github.com/kasini3000/kasini3000 +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/rapyuta-robotics/clean-script - https://github.com/rossengeorgiev/salt-security-backports diff --git a/2020/CVE-2020-11655.md b/2020/CVE-2020-11655.md index 5794ec19f0..3dcc321712 100644 --- a/2020/CVE-2020-11655.md +++ b/2020/CVE-2020-11655.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/garethr/snykout +- https://github.com/vinamra28/tekton-image-scan-trivy diff --git a/2020/CVE-2020-11656.md b/2020/CVE-2020-11656.md index 77b0bf6efe..88d04039a2 100644 --- a/2020/CVE-2020-11656.md +++ b/2020/CVE-2020-11656.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/garethr/snykout +- https://github.com/ycamper/censys-scripts diff --git a/2020/CVE-2020-11710.md b/2020/CVE-2020-11710.md index 305f164f01..eaf503e614 100644 --- a/2020/CVE-2020-11710.md +++ b/2020/CVE-2020-11710.md @@ -20,5 +20,6 @@ No PoCs from references. - https://github.com/RandomRobbieBF/kong-pwn - https://github.com/amcai/myscan - https://github.com/gobysec/Goby +- https://github.com/reni2study/Cloud-Native-Security2 - https://github.com/sobinge/nuclei-templates diff --git a/2020/CVE-2020-1181.md b/2020/CVE-2020-1181.md index e9a5d371b3..8a252d22f8 100644 --- a/2020/CVE-2020-1181.md +++ b/2020/CVE-2020-1181.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/SexyBeast233/SecBooks - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/r0eXpeR/supplier diff --git a/2020/CVE-2020-11851.md b/2020/CVE-2020-11851.md index 3c91e981a6..707b823b5b 100644 --- a/2020/CVE-2020-11851.md +++ b/2020/CVE-2020-11851.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/NetW0rK1le3r/awesome-hacking-lists +- https://github.com/ch1nghz/CVE-2020-11851 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-11974.md b/2020/CVE-2020-11974.md index efdd5cd0dc..a6eaef9361 100644 --- a/2020/CVE-2020-11974.md +++ b/2020/CVE-2020-11974.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/SexyBeast233/SecBooks +- https://github.com/langligelang/langligelang diff --git a/2020/CVE-2020-11975.md b/2020/CVE-2020-11975.md index 3069c5b9f4..5d109764ac 100644 --- a/2020/CVE-2020-11975.md +++ b/2020/CVE-2020-11975.md @@ -13,7 +13,9 @@ Apache Unomi allows conditions to use OGNL scripting which offers the possibilit No PoCs from references. #### Github +- https://github.com/1135/unomi_exploit - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/eugenebmx/CVE-2020-13942 - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-11989.md b/2020/CVE-2020-11989.md index e3c1eb7e3e..2f1fd71025 100644 --- a/2020/CVE-2020-11989.md +++ b/2020/CVE-2020-11989.md @@ -21,6 +21,7 @@ No PoCs from references. - https://github.com/chibd2000/Burp-Extender-Study-Develop - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/threedr3am/learnjavabug - https://github.com/woods-sega/woodswiki diff --git a/2020/CVE-2020-11993.md b/2020/CVE-2020-11993.md index 8a0242b87d..0ca76cf619 100644 --- a/2020/CVE-2020-11993.md +++ b/2020/CVE-2020-11993.md @@ -15,6 +15,7 @@ Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for th #### Github - https://github.com/Dheia/sc-main - https://github.com/Solhack/Team_CSI_platform +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/vshaliii/Funbox2-rookie - https://github.com/vshaliii/Vegeta1-Vulhub-Walkthrough diff --git a/2020/CVE-2020-12062.md b/2020/CVE-2020-12062.md new file mode 100644 index 0000000000..6be2252f14 --- /dev/null +++ b/2020/CVE-2020-12062.md @@ -0,0 +1,17 @@ +### [CVE-2020-12062](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12062) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +** DISPUTED ** The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client's download directory by creating a crafted subdirectory anywhere on the remote server. The victim must use the command scp -rp to download a file hierarchy containing, anywhere inside, this crafted subdirectory. NOTE: the vendor points out that "this attack can achieve no more than a hostile peer is already able to achieve within the scp protocol" and "utimes does not fail under normal circumstances." + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network + diff --git a/2020/CVE-2020-12078.md b/2020/CVE-2020-12078.md index 01c57ff5a6..039a8f6d96 100644 --- a/2020/CVE-2020-12078.md +++ b/2020/CVE-2020-12078.md @@ -19,6 +19,7 @@ An issue was discovered in Open-AudIT 3.3.1. There is shell metacharacter inject - https://github.com/SexyBeast233/SecBooks - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/mhaskar/CVE-2020-12078 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tdtc7/qps diff --git a/2020/CVE-2020-12351.md b/2020/CVE-2020-12351.md index fe9dd74b2e..5ff70d8216 100644 --- a/2020/CVE-2020-12351.md +++ b/2020/CVE-2020-12351.md @@ -18,6 +18,7 @@ Improper input validation in BlueZ may allow an unauthenticated user to potentia - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/hac425xxx/heap-exploitation-in-real-world - https://github.com/joydo/CVE-Writeups - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/xairy/linux-kernel-exploitation diff --git a/2020/CVE-2020-12352.md b/2020/CVE-2020-12352.md index 0f83147818..f6a83c9836 100644 --- a/2020/CVE-2020-12352.md +++ b/2020/CVE-2020-12352.md @@ -17,6 +17,7 @@ Improper access control in BlueZ may allow an unauthenticated user to potentiall - https://github.com/Charmve/BLE-Security-Attack-Defence - https://github.com/WinMin/Protocol-Vul - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/hac425xxx/heap-exploitation-in-real-world - https://github.com/joydo/CVE-Writeups - https://github.com/xairy/linux-kernel-exploitation diff --git a/2020/CVE-2020-12702.md b/2020/CVE-2020-12702.md index efda4676e1..b5f44aced0 100644 --- a/2020/CVE-2020-12702.md +++ b/2020/CVE-2020-12702.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/salgio/ESPTouchCatcher +- https://github.com/salgio/eWeLink-QR-Code diff --git a/2020/CVE-2020-12812.md b/2020/CVE-2020-12812.md new file mode 100644 index 0000000000..aac546f446 --- /dev/null +++ b/2020/CVE-2020-12812.md @@ -0,0 +1,18 @@ +### [CVE-2020-12812](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12812) +![](https://img.shields.io/static/v1?label=Product&message=Fortinet%20FortiOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Access%20Control&color=brighgreen) + +### Description + +An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/irinarenteria/attackerkb-clj +- https://github.com/r0eXpeR/supplier + diff --git a/2020/CVE-2020-12856.md b/2020/CVE-2020-12856.md index 3f835ec59c..670e67bea2 100644 --- a/2020/CVE-2020-12856.md +++ b/2020/CVE-2020-12856.md @@ -17,6 +17,7 @@ OpenTrace, as used in COVIDSafe through v1.0.17, TraceTogether, ABTraceTogether, - https://github.com/TinyNiko/android_bulletin_notes - https://github.com/alwentiu/COVIDSafe-CVE-2020-12856 - https://github.com/alwentiu/CVE-2020-14292 +- https://github.com/alwentiu/contact-tracing-research - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-12912.md b/2020/CVE-2020-12912.md new file mode 100644 index 0000000000..557434a269 --- /dev/null +++ b/2020/CVE-2020-12912.md @@ -0,0 +1,17 @@ +### [CVE-2020-12912](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12912) +![](https://img.shields.io/static/v1?label=Product&message=AMD%20extension%20to%20Linux%20%22hwmon%22%20for%20Zen1%20platforms&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-749%3A%20Exposed%20Dangerous%20Method%20or%20Function&color=brighgreen) + +### Description + +A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an attacker to use the Linux-based Running Average Power Limit (RAPL) interface to show various side channel attacks. In line with industry partners, AMD has updated the RAPL interface to require privileged access. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/evdenis/cvehound + diff --git a/2020/CVE-2020-12928.md b/2020/CVE-2020-12928.md index cb3dcfc4bb..4add4b960a 100644 --- a/2020/CVE-2020-12928.md +++ b/2020/CVE-2020-12928.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/ekknod/EC_PRO-LAN - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-13277.md b/2020/CVE-2020-13277.md index bf3bfd3462..91501cbec8 100644 --- a/2020/CVE-2020-13277.md +++ b/2020/CVE-2020-13277.md @@ -15,5 +15,6 @@ An authorization issue in the mirroring logic allowed read access to private rep #### Github - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lyy289065406/CVE-2020-13277 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-13401.md b/2020/CVE-2020-13401.md index cd18a5c21c..49a9f417d0 100644 --- a/2020/CVE-2020-13401.md +++ b/2020/CVE-2020-13401.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/Metarget/awesome-cloud-native-security - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/reni2study/Cloud-Native-Security2 diff --git a/2020/CVE-2020-13449.md b/2020/CVE-2020-13449.md index 02ba3077df..53213c2c5c 100644 --- a/2020/CVE-2020-13449.md +++ b/2020/CVE-2020-13449.md @@ -13,5 +13,5 @@ A directory traversal vulnerability in the Markdown engine of Gotenberg through - http://packetstormsecurity.com/files/160744/Gotenberg-6.2.0-Traversal-Code-Execution-Insecure-Permissions.html #### Github -No PoCs found on GitHub currently. +- https://github.com/br0xpl/gotenberg_hack diff --git a/2020/CVE-2020-13450.md b/2020/CVE-2020-13450.md index e6a88c1f29..58869df206 100644 --- a/2020/CVE-2020-13450.md +++ b/2020/CVE-2020-13450.md @@ -13,5 +13,5 @@ A directory traversal vulnerability in file upload function of Gotenberg through - http://packetstormsecurity.com/files/160744/Gotenberg-6.2.0-Traversal-Code-Execution-Insecure-Permissions.html #### Github -No PoCs found on GitHub currently. +- https://github.com/br0xpl/gotenberg_hack diff --git a/2020/CVE-2020-13451.md b/2020/CVE-2020-13451.md index 298edcf3be..d2d83f0bdd 100644 --- a/2020/CVE-2020-13451.md +++ b/2020/CVE-2020-13451.md @@ -13,5 +13,5 @@ An incomplete-cleanup vulnerability in the Office rendering engine of Gotenberg - http://packetstormsecurity.com/files/160744/Gotenberg-6.2.0-Traversal-Code-Execution-Insecure-Permissions.html #### Github -No PoCs found on GitHub currently. +- https://github.com/br0xpl/gotenberg_hack diff --git a/2020/CVE-2020-13452.md b/2020/CVE-2020-13452.md index c71aae17ca..c5e0162df5 100644 --- a/2020/CVE-2020-13452.md +++ b/2020/CVE-2020-13452.md @@ -13,5 +13,5 @@ In Gotenberg through 6.2.1, insecure permissions for tini (writable by user gote - http://packetstormsecurity.com/files/160744/Gotenberg-6.2.0-Traversal-Code-Execution-Insecure-Permissions.html #### Github -No PoCs found on GitHub currently. +- https://github.com/br0xpl/gotenberg_hack diff --git a/2020/CVE-2020-13487.md b/2020/CVE-2020-13487.md index 800bdab3bd..591813c9d1 100644 --- a/2020/CVE-2020-13487.md +++ b/2020/CVE-2020-13487.md @@ -13,5 +13,9 @@ The bbPress plugin through 2.6.4 for WordPress has stored XSS in the Forum creat - https://www.youtube.com/watch?v=3rXP8CGTe08 #### Github +- https://github.com/Saidul-M-Khan/Awesome-Bugbounty-Writeups +- https://github.com/ajino2k/Awesome-Bugbounty-Writeups +- https://github.com/blitz-cmd/Bugbounty-writeups +- https://github.com/bot8080/awesomeBugbounty - https://github.com/devanshbatham/Awesome-Bugbounty-Writeups diff --git a/2020/CVE-2020-1350.md b/2020/CVE-2020-1350.md index f70b093bce..e3302a257d 100644 --- a/2020/CVE-2020-1350.md +++ b/2020/CVE-2020-1350.md @@ -21,6 +21,7 @@ A remote code execution vulnerability exists in Windows Domain Name System serve - https://github.com/CVEmaster/CVE-2020-1350 - https://github.com/CnHack3r/Penetration_PoC - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/EvilAnne/2020-Read-article - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/Plazmaz/CVE-2020-1350-poc - https://github.com/Secuora-Org/CVE-2020-1350-checker.ps1 @@ -56,6 +57,7 @@ A remote code execution vulnerability exists in Windows Domain Name System serve - https://github.com/tinkersec/cve-2020-1350 - https://github.com/tobor88/PowerShell-Blue-Team - https://github.com/tolgadevsec/Awesome-Deception +- https://github.com/tzwlhack/Vulnerability - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/ycdxsb/WindowsPrivilegeEscalation - https://github.com/yedada-wei/- diff --git a/2020/CVE-2020-13529.md b/2020/CVE-2020-13529.md index 29c12f4d07..bc2d40c219 100644 --- a/2020/CVE-2020-13529.md +++ b/2020/CVE-2020-13529.md @@ -13,5 +13,6 @@ An exploitable denial-of-service vulnerability exists in Systemd 245. A speciall No PoCs from references. #### Github +- https://github.com/epequeno/devops-demo - https://github.com/onzack/trivy-multiscanner diff --git a/2020/CVE-2020-13777.md b/2020/CVE-2020-13777.md index dac490d182..593e9c3804 100644 --- a/2020/CVE-2020-13777.md +++ b/2020/CVE-2020-13777.md @@ -24,6 +24,7 @@ No PoCs from references. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/michaelbiven/security - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/not1337/tlsserver - https://github.com/prprhyt/PoC_TLS1_3_CVE-2020-13777 - https://github.com/shigeki/challenge_CVE-2020-13777 diff --git a/2020/CVE-2020-13884.md b/2020/CVE-2020-13884.md index 33d55abf28..e88237142c 100644 --- a/2020/CVE-2020-13884.md +++ b/2020/CVE-2020-13884.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/hessandrew/CVE-2020-13884 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/stratosphereips/nist-cve-search-tool diff --git a/2020/CVE-2020-13885.md b/2020/CVE-2020-13885.md index 1c7325547d..3f356d396d 100644 --- a/2020/CVE-2020-13885.md +++ b/2020/CVE-2020-13885.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/hessandrew/CVE-2020-13885 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/stratosphereips/nist-cve-search-tool diff --git a/2020/CVE-2020-13921.md b/2020/CVE-2020-13921.md index aa7f28b367..e8582d78ee 100644 --- a/2020/CVE-2020-13921.md +++ b/2020/CVE-2020-13921.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/pen4uin/vulnerability-lab +- https://github.com/shanika04/apache_skywalking diff --git a/2020/CVE-2020-13925.md b/2020/CVE-2020-13925.md index c96b68ddf3..0bd316d374 100644 --- a/2020/CVE-2020-13925.md +++ b/2020/CVE-2020-13925.md @@ -19,6 +19,7 @@ No PoCs from references. - https://github.com/bit4woo/CVE-2020-13925 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tdtc7/qps diff --git a/2020/CVE-2020-13933.md b/2020/CVE-2020-13933.md index 3e2cb29b43..f0bc4a1f71 100644 --- a/2020/CVE-2020-13933.md +++ b/2020/CVE-2020-13933.md @@ -23,6 +23,7 @@ No PoCs from references. - https://github.com/chibd2000/Burp-Extender-Study-Develop - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/lyy289065406/CVE-2020-13933 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2020/CVE-2020-13935.md b/2020/CVE-2020-13935.md index 7e0ffeb1e9..ce9151fed6 100644 --- a/2020/CVE-2020-13935.md +++ b/2020/CVE-2020-13935.md @@ -17,14 +17,18 @@ The payload length in a WebSocket frame was not correctly validated in Apache To - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NetW0rK1le3r/awesome-hacking-lists +- https://github.com/RedTeamPentesting/CVE-2020-13935 - https://github.com/SexyBeast233/SecBooks - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/huike007/penetration_poc - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/nu11secur1ty/CVE-mitre +- https://github.com/qeeqbox/falcon - https://github.com/superfish9/pt - https://github.com/taielab/awesome-hacking-lists +- https://github.com/tzwlhack/Vulnerability - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2020/CVE-2020-13936.md b/2020/CVE-2020-13936.md index 676cd52493..e0446b2dc0 100644 --- a/2020/CVE-2020-13936.md +++ b/2020/CVE-2020-13936.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks - https://github.com/jimbethancourt/RefactorFirst +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-13937.md b/2020/CVE-2020-13937.md index fabf26169a..43e76d51ae 100644 --- a/2020/CVE-2020-13937.md +++ b/2020/CVE-2020-13937.md @@ -23,4 +23,6 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/sobinge/nuclei-templates +- https://github.com/tzwlhack/Vulnerability +- https://github.com/yaunsky/CVE-2020-13937 diff --git a/2020/CVE-2020-13942.md b/2020/CVE-2020-13942.md index 5a34fabd18..1b04c1c667 100644 --- a/2020/CVE-2020-13942.md +++ b/2020/CVE-2020-13942.md @@ -13,17 +13,26 @@ It is possible to inject malicious OGNL or MVEL scripts into the /context.json p No PoCs from references. #### Github +- https://github.com/1135/unomi_exploit - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/SexyBeast233/SecBooks - https://github.com/SouthWind0/southwind0.github.io - https://github.com/alphaSeclab/sec-daily-2020 +- https://github.com/blackmarketer/CVE-2020-13942 - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/eugenebmx/CVE-2020-13942 - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/litt1eb0yy/One-Liner-Scripts +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection +- https://github.com/lp008/CVE-2020-13942 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/qeeqbox/falcon +- https://github.com/shifa123/CVE-2020-13942-POC- - https://github.com/sobinge/nuclei-templates +- https://github.com/tzwlhack/Vulnerability +- https://github.com/yaunsky/Unomi-CVE-2020-13942 - https://github.com/zhzyker/vulmap diff --git a/2020/CVE-2020-13949.md b/2020/CVE-2020-13949.md new file mode 100644 index 0000000000..b830e8f8c9 --- /dev/null +++ b/2020/CVE-2020-13949.md @@ -0,0 +1,17 @@ +### [CVE-2020-13949](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13949) +![](https://img.shields.io/static/v1?label=Product&message=Apache%20Thrift&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Potential%20DoS%20when%20processing%20untrusted%20Thrift%20payloads&color=brighgreen) + +### Description + +In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/k1LoW/oshka + diff --git a/2020/CVE-2020-13957.md b/2020/CVE-2020-13957.md index 8d2bc7a67d..59735d6dbd 100644 --- a/2020/CVE-2020-13957.md +++ b/2020/CVE-2020-13957.md @@ -15,7 +15,9 @@ No PoCs from references. #### Github - https://github.com/Imanfeng/Apache-Solr-RCE - https://github.com/SexyBeast233/SecBooks +- https://github.com/errorecho/CVEs-Collection - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/s-index/poc-list diff --git a/2020/CVE-2020-13998.md b/2020/CVE-2020-13998.md new file mode 100644 index 0000000000..cb8b3aca5b --- /dev/null +++ b/2020/CVE-2020-13998.md @@ -0,0 +1,17 @@ +### [CVE-2020-13998](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13998) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +** UNSUPPORTED WHEN ASSIGNED ** Citrix XenApp 6.5, when 2FA is enabled, allows a remote unauthenticated attacker to ascertain whether a user exists on the server, because the 2FA error page only occurs after a valid username is entered. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stratosphereips/nist-cve-search-tool + diff --git a/2020/CVE-2020-14060.md b/2020/CVE-2020-14060.md index 6e102d0dc5..d05e58258b 100644 --- a/2020/CVE-2020-14060.md +++ b/2020/CVE-2020-14060.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/SexyBeast233/SecBooks +- https://github.com/yahoo/cubed diff --git a/2020/CVE-2020-14061.md b/2020/CVE-2020-14061.md new file mode 100644 index 0000000000..fd0b1cfbe4 --- /dev/null +++ b/2020/CVE-2020-14061.md @@ -0,0 +1,17 @@ +### [CVE-2020-14061](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14061) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/yahoo/cubed + diff --git a/2020/CVE-2020-14062.md b/2020/CVE-2020-14062.md index bc0d65395a..256590782f 100644 --- a/2020/CVE-2020-14062.md +++ b/2020/CVE-2020-14062.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/SexyBeast233/SecBooks +- https://github.com/yahoo/cubed diff --git a/2020/CVE-2020-14064.md b/2020/CVE-2020-14064.md index 4a5d7fd8f8..84cf3e4b45 100644 --- a/2020/CVE-2020-14064.md +++ b/2020/CVE-2020-14064.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/masoud-zivari/CVE-2020-14064 - https://github.com/networksecure/CVE-2020-14064 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2020/CVE-2020-14065.md b/2020/CVE-2020-14065.md index 13b3d93665..43a9c4df1f 100644 --- a/2020/CVE-2020-14065.md +++ b/2020/CVE-2020-14065.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/masoud-zivari/CVE-2020-14065 - https://github.com/networksecure/CVE-2020-14065 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2020/CVE-2020-14145.md b/2020/CVE-2020-14145.md index 59f0fdb5b1..b7733408ec 100644 --- a/2020/CVE-2020-14145.md +++ b/2020/CVE-2020-14145.md @@ -13,6 +13,7 @@ The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading No PoCs from references. #### Github +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/phx/cvescan - https://github.com/siddicky/git-and-crumpets - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough diff --git a/2020/CVE-2020-14155.md b/2020/CVE-2020-14155.md index b0c8f2fc8e..47e0e53953 100644 --- a/2020/CVE-2020-14155.md +++ b/2020/CVE-2020-14155.md @@ -14,6 +14,8 @@ No PoCs from references. #### Github - https://github.com/dispera/giant-squid +- https://github.com/domyrtille/interview_project +- https://github.com/epequeno/devops-demo - https://github.com/garethr/snykout - https://github.com/nedenwalker/spring-boot-app-using-gradle - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln diff --git a/2020/CVE-2020-14179.md b/2020/CVE-2020-14179.md index cdc9cb9161..6bbd63daa9 100644 --- a/2020/CVE-2020-14179.md +++ b/2020/CVE-2020-14179.md @@ -15,8 +15,10 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/c0brabaghdad1/CVE-2020-14179 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hackerhackrat/R-poc - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/sobinge/nuclei-templates +- https://github.com/sushantdhopat/JIRA_testing diff --git a/2020/CVE-2020-14181.md b/2020/CVE-2020-14181.md index a0cebd8f25..b10e326ab5 100644 --- a/2020/CVE-2020-14181.md +++ b/2020/CVE-2020-14181.md @@ -25,6 +25,8 @@ Affected versions of Atlassian Jira Server and Data Center allow an unauthentica - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/jweny/pocassistdb - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/r0eXpeR/supplier - https://github.com/sobinge/nuclei-templates +- https://github.com/sushantdhopat/JIRA_testing - https://github.com/und3sc0n0c1d0/UserEnumJira diff --git a/2020/CVE-2020-14195.md b/2020/CVE-2020-14195.md index 946c94a76c..72b6799ead 100644 --- a/2020/CVE-2020-14195.md +++ b/2020/CVE-2020-14195.md @@ -20,4 +20,5 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/yahoo/cubed diff --git a/2020/CVE-2020-14292.md b/2020/CVE-2020-14292.md index 19adf3851b..91f6b9051c 100644 --- a/2020/CVE-2020-14292.md +++ b/2020/CVE-2020-14292.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/404notf0und/CVE-Flow - https://github.com/alwentiu/CVE-2020-14292 +- https://github.com/alwentiu/contact-tracing-research - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-14295.md b/2020/CVE-2020-14295.md index 3a2f14eda7..257001117c 100644 --- a/2020/CVE-2020-14295.md +++ b/2020/CVE-2020-14295.md @@ -14,7 +14,10 @@ A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL - http://packetstormsecurity.com/files/162918/Cacti-1.2.12-SQL-Injection-Remote-Command-Execution.html #### Github +- https://github.com/0xaniketB/HackTheBox-Monitors - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/Mayfly277/vulns - https://github.com/Orange-Cyberdefense/CVE-repository - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-14308.md b/2020/CVE-2020-14308.md index 3bc87fa27c..b2dd60a1b1 100644 --- a/2020/CVE-2020-14308.md +++ b/2020/CVE-2020-14308.md @@ -14,8 +14,10 @@ No PoCs from references. #### Github - https://github.com/DNTYO/F5_Vulnerability +- https://github.com/amzdev0401/shim-review-backup - https://github.com/bitraser/shim-review-15.4 - https://github.com/jason-chang-atrust/shim-review +- https://github.com/luojc123/shim-nsdl - https://github.com/neverware/shim-review - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/puzzleos/uefi-shim_review diff --git a/2020/CVE-2020-14309.md b/2020/CVE-2020-14309.md index 748e53d79e..afcb13068a 100644 --- a/2020/CVE-2020-14309.md +++ b/2020/CVE-2020-14309.md @@ -14,8 +14,10 @@ No PoCs from references. #### Github - https://github.com/DNTYO/F5_Vulnerability +- https://github.com/amzdev0401/shim-review-backup - https://github.com/bitraser/shim-review-15.4 - https://github.com/jason-chang-atrust/shim-review +- https://github.com/luojc123/shim-nsdl - https://github.com/neverware/shim-review - https://github.com/puzzleos/uefi-shim_review - https://github.com/rhboot/shim-review diff --git a/2020/CVE-2020-14310.md b/2020/CVE-2020-14310.md index 26b4e703bd..1a5ce0c928 100644 --- a/2020/CVE-2020-14310.md +++ b/2020/CVE-2020-14310.md @@ -15,8 +15,10 @@ No PoCs from references. #### Github - https://github.com/DNTYO/F5_Vulnerability +- https://github.com/amzdev0401/shim-review-backup - https://github.com/bitraser/shim-review-15.4 - https://github.com/jason-chang-atrust/shim-review +- https://github.com/luojc123/shim-nsdl - https://github.com/neverware/shim-review - https://github.com/puzzleos/uefi-shim_review - https://github.com/renorobert/grub-bhyve-bugs diff --git a/2020/CVE-2020-14311.md b/2020/CVE-2020-14311.md index 601cd04439..f10078557c 100644 --- a/2020/CVE-2020-14311.md +++ b/2020/CVE-2020-14311.md @@ -15,8 +15,10 @@ No PoCs from references. #### Github - https://github.com/DNTYO/F5_Vulnerability +- https://github.com/amzdev0401/shim-review-backup - https://github.com/bitraser/shim-review-15.4 - https://github.com/jason-chang-atrust/shim-review +- https://github.com/luojc123/shim-nsdl - https://github.com/neverware/shim-review - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/puzzleos/uefi-shim_review diff --git a/2020/CVE-2020-14364.md b/2020/CVE-2020-14364.md index 7cd1e0d9fb..6ad70a3cb7 100644 --- a/2020/CVE-2020-14364.md +++ b/2020/CVE-2020-14364.md @@ -13,6 +13,7 @@ An out-of-bounds read/write access flaw was found in the USB emulator of the QEM No PoCs from references. #### Github +- https://github.com/Resery/Learning_Record - https://github.com/SexyBeast233/SecBooks - https://github.com/V1NKe/learning-qemu - https://github.com/WinMin/awesome-vm-exploit diff --git a/2020/CVE-2020-14372.md b/2020/CVE-2020-14372.md index f40a1e0d53..8edf048474 100644 --- a/2020/CVE-2020-14372.md +++ b/2020/CVE-2020-14372.md @@ -13,9 +13,11 @@ A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enable No PoCs from references. #### Github +- https://github.com/amzdev0401/shim-review-backup - https://github.com/bitraser/shim-review-15.4 - https://github.com/jason-chang-atrust/shim-review - https://github.com/kaosagnt/ansible-everyday +- https://github.com/luojc123/shim-nsdl - https://github.com/neverware/shim-review - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/puzzleos/uefi-shim_review diff --git a/2020/CVE-2020-14386.md b/2020/CVE-2020-14386.md index b17fc0b5c8..ddf3db0b12 100644 --- a/2020/CVE-2020-14386.md +++ b/2020/CVE-2020-14386.md @@ -23,6 +23,7 @@ A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be ex - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/reni2study/Cloud-Native-Security2 - https://github.com/sderosiaux/every-single-day-i-tldr - https://github.com/taielab/awesome-hacking-lists - https://github.com/xairy/linux-kernel-exploitation diff --git a/2020/CVE-2020-14422.md b/2020/CVE-2020-14422.md new file mode 100644 index 0000000000..0dfcba14f0 --- /dev/null +++ b/2020/CVE-2020-14422.md @@ -0,0 +1,17 @@ +### [CVE-2020-14422](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14422) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/vinamra28/tekton-image-scan-trivy + diff --git a/2020/CVE-2020-14645.md b/2020/CVE-2020-14645.md index 6dd5a68a72..dfc54af103 100644 --- a/2020/CVE-2020-14645.md +++ b/2020/CVE-2020-14645.md @@ -21,6 +21,7 @@ No PoCs from references. - https://github.com/HYWZ36/CVE-2020-14645-code - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NetW0rK1le3r/awesome-hacking-lists +- https://github.com/Schira4396/CVE-2020-14645 - https://github.com/SexyBeast233/SecBooks - https://github.com/Y4er/CVE-2020-14645 - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2020/CVE-2020-1467.md b/2020/CVE-2020-1467.md new file mode 100644 index 0000000000..5f76e48e37 --- /dev/null +++ b/2020/CVE-2020-1467.md @@ -0,0 +1,52 @@ +### [CVE-2020-1467](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1467) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20for%2032-bit%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20for%20x64-based%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1%20for%2032-bit%20systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1%20for%20x64-based%20systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20RT%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20for%20x64-based%20Systems%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20for%20x64-based%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20for%2032-bit%20Systems%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20for%2032-bit%20Systems%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20for%20x64-based%20Systems%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20for%20x64-based%20Systems%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201909%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%202004%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) + +### Description + +An elevation of privilege vulnerability exists when Windows improperly handles hard links, aka 'Windows Hard Link Elevation of Privilege Vulnerability'. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ijatrom/searchcve + diff --git a/2020/CVE-2020-1472.md b/2020/CVE-2020-1472.md index abdfb95f7f..fa15864b2c 100644 --- a/2020/CVE-2020-1472.md +++ b/2020/CVE-2020-1472.md @@ -28,6 +28,7 @@ An elevation of privilege vulnerability exists when an attacker establishes a vu - https://www.kb.cert.org/vuls/id/490028 #### Github +- https://github.com/0x727/usefull-elevation-of-privilege - https://github.com/0xT11/CVE-POC - https://github.com/0xcccc666/cve-2020-1472_Tool-collection - https://github.com/0xkami/CVE-2020-1472 @@ -42,6 +43,7 @@ An elevation of privilege vulnerability exists when an attacker establishes a vu - https://github.com/CasperGN/ActiveDirectoryEnumeration - https://github.com/DNTYO/F5_Vulnerability - https://github.com/ErdemOzgen/ActiveDirectoryAttacks +- https://github.com/EvilAnne/2020-Read-article - https://github.com/Fa1c0n35/CVE-2020-1472 - https://github.com/Fa1c0n35/CVE-2020-1472-02- - https://github.com/Fa1c0n35/SecuraBV-CVE-2020-1472 @@ -51,6 +53,7 @@ An elevation of privilege vulnerability exists when an attacker establishes a vu - https://github.com/Kecatoca/Zerologon_Poc - https://github.com/Kecatoca/Zerologon_test - https://github.com/Ken-Abruzzi/cve-2020-1472 +- https://github.com/LuemmelSec/Pentest-Tools-Collection - https://github.com/Mathankumar2701/ALL-PENTESTING-BIBLE - https://github.com/MedoX71T/PENTESTING-BIBLE - https://github.com/Micle5858/PENTESTING-BIBLE @@ -64,6 +67,7 @@ An elevation of privilege vulnerability exists when an attacker establishes a vu - https://github.com/Privia-Security/ADZero - https://github.com/Qazeer/OffensivePythonPipeline - https://github.com/R0B1NL1N/CVE-2020-1472 +- https://github.com/RyanNgCT/EH-Assignment - https://github.com/S3cur3Th1sSh1t/WinPwn - https://github.com/Saidul-M-Khan/PENTESTING-BIBLE - https://github.com/SecuraBV/CVE-2020-1472 @@ -76,8 +80,11 @@ An elevation of privilege vulnerability exists when an attacker establishes a vu - https://github.com/VoidSec/CVE-2020-1472 - https://github.com/Whippet0/CVE-2020-1472 - https://github.com/WiIs0n/Zerologon_CVE-2020-1472 +- https://github.com/WillOram/ADReset - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/YangSirrr/YangsirStudyPlan +- https://github.com/YossiSassi/ZeroLogon-Exploitation-Check +- https://github.com/YossiSassi/hAcKtive-Directory-Forensics - https://github.com/aRustyDev/C844 - https://github.com/alexverboon/MDATP - https://github.com/alphaSeclab/sec-daily-2020 @@ -102,6 +109,7 @@ An elevation of privilege vulnerability exists when an attacker establishes a vu - https://github.com/hunter32me/2020-1472 - https://github.com/iamrajivd/pentest - https://github.com/ihebski/A-Red-Teamer-diaries +- https://github.com/ijatrom/searchcve - https://github.com/infosecn1nja/AD-Attack-Defense - https://github.com/izj007/wechat - https://github.com/johnpathe/zerologon-cve-2020-1472-notes @@ -109,6 +117,7 @@ An elevation of privilege vulnerability exists when an attacker establishes a vu - https://github.com/lawrenceamer/0xsp-Mongoose - https://github.com/maikelnight/zerologon - https://github.com/midpipps/CVE-2020-1472-Easy +- https://github.com/mishmashclone/Flangvik-SharpCollection - https://github.com/mishmashclone/infosecn1nja-AD-Attack-Defense - https://github.com/mos165/CVE-20200-1472 - https://github.com/mstxq17/cve-2020-1472 @@ -116,18 +125,22 @@ An elevation of privilege vulnerability exists when an attacker establishes a vu - https://github.com/nitishbadole/PENTESTING-BIBLE - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/npocmak/CVE-2020-1472 +- https://github.com/ommadawn46/CFB8-Zero-IV-Attack - https://github.com/penetrarnya-tm/WeaponizeKali.sh - https://github.com/phant0n/PENTESTING-BIBLE - https://github.com/preempt/ntlm-scanner - https://github.com/puckiestyle/CVE-2020-1472 - https://github.com/pwninx/WinPwn +- https://github.com/r0eXpeR/supplier - https://github.com/rhymeswithmogul/Set-ZerologonMitigation - https://github.com/risksense/zerologon - https://github.com/rth0pper/zerologon - https://github.com/scv-m/zabbix-template-CVE-2020-1472 - https://github.com/shanfenglan/cve-2020-1472 - https://github.com/sho-luv/zerologon +- https://github.com/sinfulz/JustGetDA - https://github.com/spiegel-im-spiegel/go-cvss +- https://github.com/stanfrbd/searchcve - https://github.com/striveben/CVE-2020-1472 - https://github.com/sunzu94/AD-Attack-Defense - https://github.com/sv3nbeast/CVE-2020-1472 diff --git a/2020/CVE-2020-14750.md b/2020/CVE-2020-14750.md index 0af75de54a..b9f703bccf 100644 --- a/2020/CVE-2020-14750.md +++ b/2020/CVE-2020-14750.md @@ -15,10 +15,12 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware #### Github - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/corelight/CVE-2020-14882-weblogicRCE - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/jas502n/CVE-2020-14882 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/pprietosanchez/CVE-2020-14750 - https://github.com/r00t4dm/r00t4dm - https://github.com/rabbitsafe/CVE-2021-2109 diff --git a/2020/CVE-2020-14756.md b/2020/CVE-2020-14756.md index a6665a4ea2..2fcdb93ec2 100644 --- a/2020/CVE-2020-14756.md +++ b/2020/CVE-2020-14756.md @@ -17,8 +17,11 @@ No PoCs from references. - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/SexyBeast233/SecBooks - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/freeide/CVE-2021-2394 +- https://github.com/lz2y/CVE-2021-2394 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/r0eXpeR/redteam_vul - https://github.com/somatrasss/weblogic2021 +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-14815.md b/2020/CVE-2020-14815.md index 23a60b041f..d27a8c9498 100644 --- a/2020/CVE-2020-14815.md +++ b/2020/CVE-2020-14815.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/sobinge/nuclei-templates +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-1488.md b/2020/CVE-2020-1488.md new file mode 100644 index 0000000000..4db4bd3aa7 --- /dev/null +++ b/2020/CVE-2020-1488.md @@ -0,0 +1,52 @@ +### [CVE-2020-1488](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1488) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1%20for%2032-bit%20systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1%20for%20x64-based%20systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20RT%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201909%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%202004%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) + +### Description + +An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/gitaramos/links + diff --git a/2020/CVE-2020-14882.md b/2020/CVE-2020-14882.md index 0b024a4471..a01e870576 100644 --- a/2020/CVE-2020-14882.md +++ b/2020/CVE-2020-14882.md @@ -16,18 +16,25 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware #### Github - https://github.com/0day666/Vulnerability-verification +- https://github.com/0thm4n3/cve-2020-14882 - https://github.com/0xn0ne/weblogicScanner - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Ares-X/VulWiki - https://github.com/Astrogeorgeonethree/Starred +- https://github.com/CYJoe-Cyclone/Awesome-CobaltStrike - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/FDlucifer/firece-fish - https://github.com/GGyao/CVE-2020-14882_ALL +- https://github.com/GGyao/CVE-2020-14882_POC - https://github.com/Jean-Francois-C/Windows-Penetration-Testing - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/NS-Sp4ce/CVE-2020-14882 - https://github.com/NetW0rK1le3r/awesome-hacking-lists +- https://github.com/QmF0c3UK/CVE-2020-14882 - https://github.com/SexyBeast233/SecBooks - https://github.com/SouthWind0/southwind0.github.io +- https://github.com/XTeam-Wing/CVE-2020-14882 - https://github.com/Yang0615777/PocList - https://github.com/alexfrancow/CVE-2020-14882 - https://github.com/alphaSeclab/sec-daily-2020 @@ -36,6 +43,9 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/bhdresh/SnortRules - https://github.com/bigblackhat/oFx - https://github.com/bonjourmalware/melody +- https://github.com/corelight/CVE-2020-14882-weblogicRCE +- https://github.com/cvebase/cvebase-wiki +- https://github.com/daehee/nvd - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hanc00l/some_pocsuite - https://github.com/hectorgie/PoC-in-GitHub @@ -45,17 +55,30 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/jeansgit/Pentest - https://github.com/koala2099/GitHub-Chinese-Top-Charts - https://github.com/koutto/jok3r-pocs +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection +- https://github.com/ludy-dev/Weblogic_Unauthorized-bypass-RCE - https://github.com/milo2012/CVE-2020-14882 +- https://github.com/mmioimm/cve-2020-14882 +- https://github.com/murataydemir/CVE-2020-14882 - https://github.com/murataydemir/CVE-2020-14883 +- https://github.com/neilzhang1/Chinese-Charts - https://github.com/niudaii/go-crack - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/ovProphet/CVE-2020-14882-checker +- https://github.com/pprietosanchez/CVE-2020-14750 +- https://github.com/qeeqbox/falcon - https://github.com/qingyuanfeiniao/Chinese-Top-Charts - https://github.com/r0eXpeR/redteam_vul +- https://github.com/s1kr10s/CVE-2020-14882 - https://github.com/sobinge/nuclei-templates - https://github.com/superfish9/pt +- https://github.com/tzwlhack/Vulnerability - https://github.com/veo/vscan - https://github.com/whoadmin/pocs - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +- https://github.com/wsfengfan/cve-2020-14882 +- https://github.com/wuzuowei/nice-scripts +- https://github.com/xfiftyone/CVE-2020-14882 - https://github.com/xiaoyaovo/2021SecWinterTask - https://github.com/zer0yu/Awesome-CobaltStrike - https://github.com/zhzyker/exphub diff --git a/2020/CVE-2020-14883.md b/2020/CVE-2020-14883.md index 9465409297..463834676d 100644 --- a/2020/CVE-2020-14883.md +++ b/2020/CVE-2020-14883.md @@ -17,6 +17,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/0xn0ne/weblogicScanner - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Astrogeorgeonethree/Starred +- https://github.com/B1anda0/CVE-2020-14883 - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/SexyBeast233/SecBooks @@ -26,6 +27,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/jas502n/CVE-2020-14882 +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/murataydemir/CVE-2020-14883 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/veo/vscan diff --git a/2020/CVE-2020-14966.md b/2020/CVE-2020-14966.md index a4ae9b8221..19a3b79072 100644 --- a/2020/CVE-2020-14966.md +++ b/2020/CVE-2020-14966.md @@ -13,5 +13,6 @@ An issue was discovered in the jsrsasign package through 8.0.18 for Node.js. It - https://github.com/kjur/jsrsasign/issues/437 #### Github +- https://github.com/Olaf0257/certificate-decode - https://github.com/kjur/jsrsasign diff --git a/2020/CVE-2020-14967.md b/2020/CVE-2020-14967.md index d7b7908c66..cda94f4a6d 100644 --- a/2020/CVE-2020-14967.md +++ b/2020/CVE-2020-14967.md @@ -13,5 +13,6 @@ An issue was discovered in the jsrsasign package before 8.0.18 for Node.js. Its - https://github.com/kjur/jsrsasign/issues/439 #### Github +- https://github.com/Olaf0257/certificate-decode - https://github.com/kjur/jsrsasign diff --git a/2020/CVE-2020-14968.md b/2020/CVE-2020-14968.md index 6f394a9f80..34a7f89c5c 100644 --- a/2020/CVE-2020-14968.md +++ b/2020/CVE-2020-14968.md @@ -13,5 +13,6 @@ An issue was discovered in the jsrsasign package before 8.0.17 for Node.js. Its - https://github.com/kjur/jsrsasign/issues/438 #### Github +- https://github.com/Olaf0257/certificate-decode - https://github.com/kjur/jsrsasign diff --git a/2020/CVE-2020-15133.md b/2020/CVE-2020-15133.md new file mode 100644 index 0000000000..701cdd3851 --- /dev/null +++ b/2020/CVE-2020-15133.md @@ -0,0 +1,17 @@ +### [CVE-2020-15133](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15133) +![](https://img.shields.io/static/v1?label=Product&message=faye-websocket&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-295%3A%20Improper%20Certificate%20Validation&color=brighgreen) + +### Description + +In faye-websocket before version 0.11.0, there is a lack of certification validation in TLS handshakes. The `Faye::WebSocket::Client` class uses the `EM::Connection#start_tls` method in EventMachine to implement the TLS handshake whenever a `wss:` URL is used for the connection. This method does not implement certificate verification by default, meaning that it does not check that the server presents a valid and trusted TLS certificate for the expected hostname. That means that any `wss:` connection made using this library is vulnerable to a man-in-the-middle attack, since it does not confirm the identity of the server it is connected to. For further background information on this issue, please see the referenced GitHub Advisory. Upgrading `faye-websocket` to v0.11.0 is recommended. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/PalindromeLabs/awesome-websocket-security + diff --git a/2020/CVE-2020-15134.md b/2020/CVE-2020-15134.md new file mode 100644 index 0000000000..e886f1c6a8 --- /dev/null +++ b/2020/CVE-2020-15134.md @@ -0,0 +1,17 @@ +### [CVE-2020-15134](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15134) +![](https://img.shields.io/static/v1?label=Product&message=faye&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-295%3A%20Improper%20Certificate%20Validation&color=brighgreen) + +### Description + +Faye before version 1.4.0, there is a lack of certification validation in TLS handshakes. Faye uses em-http-request and faye-websocket in the Ruby version of its client. Those libraries both use the `EM::Connection#start_tls` method in EventMachine to implement the TLS handshake whenever a `wss:` URL is used for the connection. This method does not implement certificate verification by default, meaning that it does not check that the server presents a valid and trusted TLS certificate for the expected hostname. That means that any `https:` or `wss:` connection made using these libraries is vulnerable to a man-in-the-middle attack, since it does not confirm the identity of the server it is connected to. The first request a Faye client makes is always sent via normal HTTP, but later messages may be sent via WebSocket. Therefore it is vulnerable to the same problem that these underlying libraries are, and we needed both libraries to support TLS verification before Faye could claim to do the same. Your client would still be insecure if its initial HTTPS request was verified, but later WebSocket connections were not. This is fixed in Faye v1.4.0, which enables verification by default. For further background information on this issue, please see the referenced GitHub Advisory. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/PalindromeLabs/awesome-websocket-security + diff --git a/2020/CVE-2020-15148.md b/2020/CVE-2020-15148.md index 221945b05f..c1073081e4 100644 --- a/2020/CVE-2020-15148.md +++ b/2020/CVE-2020-15148.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/0xkami/cve-2020-15148 - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/Maskhe/CVE-2020-15148-bypasses diff --git a/2020/CVE-2020-15168.md b/2020/CVE-2020-15168.md index c4700a016d..e81b615634 100644 --- a/2020/CVE-2020-15168.md +++ b/2020/CVE-2020-15168.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/404notf0und/CVE-Flow +- https://github.com/k1LoW/oshka diff --git a/2020/CVE-2020-15227.md b/2020/CVE-2020-15227.md index 4d2a4b806f..5c60313795 100644 --- a/2020/CVE-2020-15227.md +++ b/2020/CVE-2020-15227.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/filipsedivy/CVE-2020-15227 - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/hu4wufu/CVE-2020-15227 - https://github.com/huike007/penetration_poc diff --git a/2020/CVE-2020-15228.md b/2020/CVE-2020-15228.md index 44f93fde60..139a1019f6 100644 --- a/2020/CVE-2020-15228.md +++ b/2020/CVE-2020-15228.md @@ -14,6 +14,8 @@ In the `@actions/core` npm module before version 1.2.6,`addPath` and `exportVari #### Github - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/guettli/fix-CVE-2020-15228 - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/k1LoW/oshka - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-15257.md b/2020/CVE-2020-15257.md index 6dafe7d3c0..f195511ec1 100644 --- a/2020/CVE-2020-15257.md +++ b/2020/CVE-2020-15257.md @@ -22,5 +22,10 @@ No PoCs from references. - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/cdk-team/CDK - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/joemcmanus/threatstackReport +- https://github.com/nccgroup/abstractshimmer - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/reni2study/Cloud-Native-Security2 +- https://github.com/summershrimp/exploits-open +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-15349.md b/2020/CVE-2020-15349.md index cf35ebc44f..531aa9225a 100644 --- a/2020/CVE-2020-15349.md +++ b/2020/CVE-2020-15349.md @@ -13,6 +13,7 @@ BinaryNights ForkLift 3.x before 3.4 has a local privilege escalation vulnerabil No PoCs from references. #### Github +- https://github.com/Traxes/Forklift_LPE - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2020/CVE-2020-15366.md b/2020/CVE-2020-15366.md new file mode 100644 index 0000000000..4bb3c76c88 --- /dev/null +++ b/2020/CVE-2020-15366.md @@ -0,0 +1,17 @@ +### [CVE-2020-15366](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15366) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. (While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code.) + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/jra89/thethirdparty + diff --git a/2020/CVE-2020-15394.md b/2020/CVE-2020-15394.md index 5d87ab3072..e18f9422ca 100644 --- a/2020/CVE-2020-15394.md +++ b/2020/CVE-2020-15394.md @@ -13,5 +13,5 @@ The REST API in Zoho ManageEngine Applications Manager before build 14740 allows - https://www.manageengine.com #### Github -No PoCs found on GitHub currently. +- https://github.com/trungtin1998/cve diff --git a/2020/CVE-2020-15506.md b/2020/CVE-2020-15506.md new file mode 100644 index 0000000000..51bdbacae4 --- /dev/null +++ b/2020/CVE-2020-15506.md @@ -0,0 +1,17 @@ +### [CVE-2020-15506](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15506) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to bypass authentication mechanisms via unspecified vectors. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/BitTheByte/BitTraversal + diff --git a/2020/CVE-2020-15705.md b/2020/CVE-2020-15705.md index a3192c10a7..3941475bc2 100644 --- a/2020/CVE-2020-15705.md +++ b/2020/CVE-2020-15705.md @@ -14,8 +14,10 @@ No PoCs from references. #### Github - https://github.com/DNTYO/F5_Vulnerability +- https://github.com/amzdev0401/shim-review-backup - https://github.com/bitraser/shim-review-15.4 - https://github.com/jason-chang-atrust/shim-review +- https://github.com/luojc123/shim-nsdl - https://github.com/neverware/shim-review - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/puzzleos/uefi-shim_review diff --git a/2020/CVE-2020-15778.md b/2020/CVE-2020-15778.md index 09f1c39e7b..1328968729 100644 --- a/2020/CVE-2020-15778.md +++ b/2020/CVE-2020-15778.md @@ -16,9 +16,11 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/CnHack3r/Penetration_PoC - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Neko-chanQwQ/CVE-2020-15778-Exploit - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/SexyBeast233/SecBooks - https://github.com/YIXINSHUWU/Penetration_Testing_POC +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/cpandya2909/CVE-2020-15778 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-15779.md b/2020/CVE-2020-15779.md new file mode 100644 index 0000000000..5ffe5a67b6 --- /dev/null +++ b/2020/CVE-2020-15779.md @@ -0,0 +1,17 @@ +### [CVE-2020-15779](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15779) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A Path Traversal issue was discovered in the socket.io-file package through 2.0.31 for Node.js. The socket.io-file::createFile message uses path.join with ../ in the name option, and the uploadDir and rename options determine the path. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/PalindromeLabs/awesome-websocket-security + diff --git a/2020/CVE-2020-15867.md b/2020/CVE-2020-15867.md index 0bbaf45a46..cbf5a506b1 100644 --- a/2020/CVE-2020-15867.md +++ b/2020/CVE-2020-15867.md @@ -14,4 +14,5 @@ The git hook feature in Gogs 0.5.5 through 0.12.2 allows for authenticated remot #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-15899.md b/2020/CVE-2020-15899.md index f5d6edfdc1..3ea6abbe36 100644 --- a/2020/CVE-2020-15899.md +++ b/2020/CVE-2020-15899.md @@ -13,5 +13,6 @@ Grin 3.0.0 before 4.0.0 has insufficient validation of data related to Mimblewim No PoCs from references. #### Github +- https://github.com/DogecoinBoss/Dogecoin2 - https://github.com/mimblewimble/grin-pm diff --git a/2020/CVE-2020-15907.md b/2020/CVE-2020-15907.md new file mode 100644 index 0000000000..8f69ac416d --- /dev/null +++ b/2020/CVE-2020-15907.md @@ -0,0 +1,17 @@ +### [CVE-2020-15907](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15907) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In Mahara 19.04 before 19.04.6, 19.10 before 19.10.4, and 20.04 before 20.04.1, certain places could execute file or folder names containing JavaScript. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adeshkolte/My-CVEs + diff --git a/2020/CVE-2020-15944.md b/2020/CVE-2020-15944.md index 49cf8a923f..ad7b82af3b 100644 --- a/2020/CVE-2020-15944.md +++ b/2020/CVE-2020-15944.md @@ -15,5 +15,5 @@ An issue was discovered in the Gantt-Chart module before 5.5.5 for Jira. Due to - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-030.txt #### Github -No PoCs found on GitHub currently. +- https://github.com/r0eXpeR/supplier diff --git a/2020/CVE-2020-15999.md b/2020/CVE-2020-15999.md index 9066de5e14..09bb69d096 100644 --- a/2020/CVE-2020-15999.md +++ b/2020/CVE-2020-15999.md @@ -13,11 +13,14 @@ Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed - https://googleprojectzero.blogspot.com/p/rca-cve-2020-15999.html #### Github +- https://github.com/Marmeus/CVE-2020-15999 - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/TinyNiko/android_bulletin_notes - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/maarlo/CVE-2020-15999 +- https://github.com/marcinguy/CVE-2020-15999 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/star-sg/CVE - https://github.com/taielab/awesome-hacking-lists diff --git a/2020/CVE-2020-16005.md b/2020/CVE-2020-16005.md new file mode 100644 index 0000000000..5a3e9c909b --- /dev/null +++ b/2020/CVE-2020-16005.md @@ -0,0 +1,17 @@ +### [CVE-2020-16005](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16005) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2086.0.4240.183%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Insufficient%20policy%20enforcement&color=brighgreen) + +### Description + +Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/StarCrossPortal/bug-hunting-101 + diff --git a/2020/CVE-2020-16012.md b/2020/CVE-2020-16012.md index 4b2af28b66..a9197dbc61 100644 --- a/2020/CVE-2020-16012.md +++ b/2020/CVE-2020-16012.md @@ -13,6 +13,7 @@ Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280 No PoCs from references. #### Github +- https://github.com/aleksejspopovs/cve-2020-16012 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-16040.md b/2020/CVE-2020-16040.md index bfb861a03e..f6c0e965fd 100644 --- a/2020/CVE-2020-16040.md +++ b/2020/CVE-2020-16040.md @@ -17,6 +17,7 @@ Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowe #### Github - https://github.com/SexyBeast233/SecBooks - https://github.com/Wi1L-Y/News +- https://github.com/dongAxis/to_be_a_v8_master - https://github.com/joydo/CVE-Writeups - https://github.com/oneoy/exploits1 - https://github.com/r4j0x00/exploits diff --git a/2020/CVE-2020-1611.md b/2020/CVE-2020-1611.md index b35c52a8ae..d01b75751f 100644 --- a/2020/CVE-2020-1611.md +++ b/2020/CVE-2020-1611.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/Ibonok/CVE-2020-1611 - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/r0eXpeR/supplier diff --git a/2020/CVE-2020-16126.md b/2020/CVE-2020-16126.md index 4cdac3f4c7..94f5efa2cf 100644 --- a/2020/CVE-2020-16126.md +++ b/2020/CVE-2020-16126.md @@ -16,4 +16,5 @@ An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ub - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/zev3n/Ubuntu-Gnome-privilege-escalation diff --git a/2020/CVE-2020-16127.md b/2020/CVE-2020-16127.md index 91c2840959..e2a260c225 100644 --- a/2020/CVE-2020-16127.md +++ b/2020/CVE-2020-16127.md @@ -13,5 +13,5 @@ An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ub - https://securitylab.github.com/advisories/GHSL-2020-187-accountsservice-drop-privs-DOS #### Github -No PoCs found on GitHub currently. +- https://github.com/zev3n/Ubuntu-Gnome-privilege-escalation diff --git a/2020/CVE-2020-1615.md b/2020/CVE-2020-1615.md new file mode 100644 index 0000000000..1a1858711f --- /dev/null +++ b/2020/CVE-2020-1615.md @@ -0,0 +1,17 @@ +### [CVE-2020-1615](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1615) +![](https://img.shields.io/static/v1?label=Product&message=Junos%20OS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=17.1%3C%2017.1R2-S11%2C%2017.1R3-S2%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-798%20Use%20of%20Hard-coded%20Credentials&color=brighgreen) + +### Description + +The factory configuration for vMX installations, as shipped, includes default credentials for the root account. Without proper modification of these default credentials by the administrator, an attacker could exploit these credentials and access the vMX instance without authorization. This issue affects Juniper Networks Junos OS: 17.1 versions prior to 17.1R2-S11, 17.1R3-S2 on vMX; 17.2 versions prior to 17.2R3-S3 on vMX; 17.3 versions prior to 17.3R2-S5, 17.3R3-S7 on vMX; 17.4 versions prior to 17.4R2-S9, 17.4R3 on vMX; 18.1 versions prior to 18.1R3-S9 on vMX; 18.2 versions prior to 18.2R2-S7, 18.2R3-S3 on vMX; 18.2X75 versions prior to 18.2X75-D420, 18.2X75-D60 on vMX; 18.3 versions prior to 18.3R1-S7, 18.3R2-S3, 18.3R3-S1 on vMX; 18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3 on vMX; 19.1 versions prior to 19.1R1-S4, 19.1R2, 19.1R3 on vMX; 19.2 versions prior to 19.2R1-S3, 19.2R2 on vMX; 19.3 versions prior to 19.3R1-S1, 19.3R2 on vMX. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2020/CVE-2020-16270.md b/2020/CVE-2020-16270.md index 06fb78008d..56ef4a15c5 100644 --- a/2020/CVE-2020-16270.md +++ b/2020/CVE-2020-16270.md @@ -15,6 +15,7 @@ OLIMPOKS under 3.3.39 allows Auth/Admin ErrorMessage XSS. Remote Attacker can us #### Github - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/Security-AVS/CVE-2020-16270 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-1664.md b/2020/CVE-2020-1664.md new file mode 100644 index 0000000000..5c735d52f6 --- /dev/null +++ b/2020/CVE-2020-1664.md @@ -0,0 +1,17 @@ +### [CVE-2020-1664](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1664) +![](https://img.shields.io/static/v1?label=Product&message=Junos%20OS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=17.3%3C%2017.3R3-S9%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-121%20Stack-based%20Buffer%20Overflow&color=brighgreen) + +### Description + +A stack buffer overflow vulnerability in the device control daemon (DCD) on Juniper Networks Junos OS allows a low privilege local user to create a Denial of Service (DoS) against the daemon or execute arbitrary code in the system with root privilege. This issue affects Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S9; 17.4 versions prior to 17.4R2-S12, 17.4R3-S3; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S6; 18.2X75 versions prior to 18.2X75-D53, 18.2X75-D65; 18.3 versions prior to 18.3R2-S4, 18.3R3-S4; 18.4 versions prior to 18.4R2-S5, 18.4R3-S5; 19.1 versions prior to 19.1R3-S3; 19.2 versions prior to 19.2R1-S5, 19.2R3; 19.3 versions prior to 19.3R2-S4, 19.3R3; 19.4 versions prior to 19.4R1-S3, 19.4R2-S2, 19.4R3; 20.1 versions prior to 20.1R1-S4, 20.1R2; 20.2 versions prior to 20.2R1-S1, 20.2R2. Versions of Junos OS prior to 17.3 are unaffected by this vulnerability. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2020/CVE-2020-16846.md b/2020/CVE-2020-16846.md index e5520bf4cd..a034b6cd45 100644 --- a/2020/CVE-2020-16846.md +++ b/2020/CVE-2020-16846.md @@ -21,4 +21,5 @@ An issue was discovered in SaltStack Salt through 3002. Sending crafted web requ - https://github.com/jweny/pocassistdb - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/sobinge/nuclei-templates +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-16875.md b/2020/CVE-2020-16875.md index 2be64cf243..f05267686c 100644 --- a/2020/CVE-2020-16875.md +++ b/2020/CVE-2020-16875.md @@ -19,8 +19,10 @@ A remote code execution vulnerability exists in Microsoft Exchange server due to - https://github.com/404notf0und/CVE-Flow - https://github.com/Cheroxx/Patch-Tuesday-Updates - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/EvilAnne/2020-Read-article - https://github.com/SexyBeast233/SecBooks - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/mdisec/mdisec-twitch-yayinlari - https://github.com/r0eXpeR/redteam_vul +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-16898.md b/2020/CVE-2020-16898.md index d828a684f8..e964a3f2ca 100644 --- a/2020/CVE-2020-16898.md +++ b/2020/CVE-2020-16898.md @@ -65,6 +65,7 @@ No PoCs from references. - https://github.com/initconf/CVE-2020-16898-Bad-Neighbor - https://github.com/jeansgit/Pentest - https://github.com/jiansiting/cve-2020-16898 +- https://github.com/komomon/CVE-2020-16898--EXP-POC - https://github.com/komomon/CVE-2020-16898-EXP-POC - https://github.com/ltfafei/my_POC - https://github.com/momika233/CVE-2020-16898-exp @@ -72,6 +73,7 @@ No PoCs from references. - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/phant0n/PENTESTING-BIBLE - https://github.com/secdev/awesome-scapy +- https://github.com/tzwlhack/Vulnerability - https://github.com/uhub/awesome-lua - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2020/CVE-2020-17035.md b/2020/CVE-2020-17035.md index dce491a8c3..aa1e270d2b 100644 --- a/2020/CVE-2020-17035.md +++ b/2020/CVE-2020-17035.md @@ -31,6 +31,7 @@ No PoCs from references. #### Github - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/flamelu/CVE-2020-17035-patch-analysis - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-17057.md b/2020/CVE-2020-17057.md index 61fe39a833..a13a4da3a3 100644 --- a/2020/CVE-2020-17057.md +++ b/2020/CVE-2020-17057.md @@ -35,4 +35,5 @@ No PoCs from references. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/ycdxsb/WindowsPrivilegeEscalation +- https://github.com/ze0r/cve-2020-17057 diff --git a/2020/CVE-2020-17083.md b/2020/CVE-2020-17083.md index 06fc3a5057..7819210e5c 100644 --- a/2020/CVE-2020-17083.md +++ b/2020/CVE-2020-17083.md @@ -19,4 +19,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/r0eXpeR/redteam_vul +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-17087.md b/2020/CVE-2020-17087.md index d6386fe695..f02ddf5b1e 100644 --- a/2020/CVE-2020-17087.md +++ b/2020/CVE-2020-17087.md @@ -31,10 +31,12 @@ No PoCs from references. #### Github - https://github.com/Ascotbe/Kernelhub +- https://github.com/TinToSer/CVE2020-17087 - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/revengsh/CVE-2020-17087 - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2020/CVE-2020-17123.md b/2020/CVE-2020-17123.md new file mode 100644 index 0000000000..7655d1c72c --- /dev/null +++ b/2020/CVE-2020-17123.md @@ -0,0 +1,22 @@ +### [CVE-2020-17123](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17123) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20365%20Apps%20for%20Enterprise%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20365%20Apps%20for%20Enterprise%20for%2064-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Excel&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%20Web%20Apps&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Office%20Online%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) + +### Description + +Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17122, CVE-2020-17125, CVE-2020-17127, CVE-2020-17128, CVE-2020-17129. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2020/CVE-2020-17143.md b/2020/CVE-2020-17143.md index 7f93b5465e..0aaab4e4df 100644 --- a/2020/CVE-2020-17143.md +++ b/2020/CVE-2020-17143.md @@ -18,4 +18,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-17144.md b/2020/CVE-2020-17144.md index 7b36a6e2e6..37ead098c4 100644 --- a/2020/CVE-2020-17144.md +++ b/2020/CVE-2020-17144.md @@ -13,14 +13,19 @@ Microsoft Exchange Remote Code Execution Vulnerability This CVE ID is unique fro No PoCs from references. #### Github +- https://github.com/Airboi/CVE-2020-17144-EXP - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/S3cur3Th1sSh1t/Pentest-Tools - https://github.com/SexyBeast233/SecBooks +- https://github.com/alexfrancow/CVE-Search - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/superfish9/pt - https://github.com/taielab/awesome-hacking-lists +- https://github.com/tzwlhack/Vulnerability +- https://github.com/zcgonvh/CVE-2020-17144 diff --git a/2020/CVE-2020-17518.md b/2020/CVE-2020-17518.md index 0317f1b97a..02194c4ddb 100644 --- a/2020/CVE-2020-17518.md +++ b/2020/CVE-2020-17518.md @@ -16,12 +16,15 @@ No PoCs from references. - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/QmF0c3UK/CVE-2020-17518 - https://github.com/SexyBeast233/SecBooks - https://github.com/bigblackhat/oFx - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hanc00l/some_pocsuite +- https://github.com/murataydemir/CVE-2020-17518 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/rakjong/Flink-CVE-2020-17518-getshell - https://github.com/sobinge/nuclei-templates +- https://github.com/tzwlhack/Vulnerability - https://github.com/zhzyker/vulmap diff --git a/2020/CVE-2020-17519.md b/2020/CVE-2020-17519.md index 2d27547b48..e09a6a8462 100644 --- a/2020/CVE-2020-17519.md +++ b/2020/CVE-2020-17519.md @@ -15,16 +15,24 @@ A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as #### Github - https://github.com/0ps/pocassistdb - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/B1anda0/CVE-2020-17519 - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/MrCl0wnLab/SimplesApachePathTraversal +- https://github.com/QmF0c3UK/CVE-2020-17519 - https://github.com/SexyBeast233/SecBooks - https://github.com/bigblackhat/oFx - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/dolevf/apache-flink-directory-traversal.nse - https://github.com/hanc00l/some_pocsuite - https://github.com/huike007/penetration_poc - https://github.com/jweny/pocassistdb +- https://github.com/murataydemir/CVE-2020-17519 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/radbsie/CVE-2020-17519-Exp - https://github.com/sobinge/nuclei-templates +- https://github.com/thebatmanfuture/apacheflink----POC +- https://github.com/tzwlhack/Vulnerability - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2020/CVE-2020-17523.md b/2020/CVE-2020-17523.md index 76655730c5..baa88cc2c2 100644 --- a/2020/CVE-2020-17523.md +++ b/2020/CVE-2020-17523.md @@ -13,12 +13,15 @@ Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially craf No PoCs from references. #### Github +- https://github.com/CYJoe-Cyclone/PenetrationTesttips - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/HackJava/Shiro - https://github.com/Power7089/PenetrationTest-Tips - https://github.com/SexyBeast233/SecBooks - https://github.com/chibd2000/Burp-Extender-Study-Develop - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/mstxq17/SecurityArticleLogger - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-17530.md b/2020/CVE-2020-17530.md index 97159b2dd5..1d739bc040 100644 --- a/2020/CVE-2020-17530.md +++ b/2020/CVE-2020-17530.md @@ -14,18 +14,31 @@ Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may #### Github - https://github.com/0day666/Vulnerability-verification +- https://github.com/154802388/CVE-2020-17531 - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Al1ex/CVE-2020-17530 +- https://github.com/CyborgSecurity/CVE-2020-17530 - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/EvilPulsar/S2-061 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/SexyBeast233/SecBooks +- https://github.com/alexfrancow/CVE-Search - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/fengziHK/CVE-2020-17530-strust2-061 - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/huike007/penetration_poc - https://github.com/jeansgit/Pentest +- https://github.com/ka1n4t/CVE-2020-17530 +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/pangyu360es/CVE-2020-17530 +- https://github.com/phil-fly/CVE-2020-17530 - https://github.com/sobinge/nuclei-templates +- https://github.com/tzwlhack/Vulnerability +- https://github.com/uzzzval/CVE-2020-17530 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/woods-sega/woodswiki +- https://github.com/wuzuowei/CVE-2020-17530 diff --git a/2020/CVE-2020-17531.md b/2020/CVE-2020-17531.md index 7b31de3d8a..6392840048 100644 --- a/2020/CVE-2020-17531.md +++ b/2020/CVE-2020-17531.md @@ -13,6 +13,7 @@ A Java Serialization vulnerability was found in Apache Tapestry 4. Apache Tapest No PoCs from references. #### Github +- https://github.com/154802388/CVE-2020-17531 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-17532.md b/2020/CVE-2020-17532.md index b67ca2ad45..2c700c90aa 100644 --- a/2020/CVE-2020-17532.md +++ b/2020/CVE-2020-17532.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-1764.md b/2020/CVE-2020-1764.md index ef95db3006..99074d7498 100644 --- a/2020/CVE-2020-1764.md +++ b/2020/CVE-2020-1764.md @@ -20,5 +20,6 @@ No PoCs from references. - https://github.com/jpts/cve-2020-1764-poc - https://github.com/mishmashclone/ticarpi-jwt_tool - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/puckiestyle/jwt_tool - https://github.com/ticarpi/jwt_tool diff --git a/2020/CVE-2020-18568.md b/2020/CVE-2020-18568.md index 649890b3e7..52e1d8cf70 100644 --- a/2020/CVE-2020-18568.md +++ b/2020/CVE-2020-18568.md @@ -14,4 +14,5 @@ The D-Link DSR-250 (3.14) DSR-1000N (2.11B201) UPnP service contains a command i #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-18737.md b/2020/CVE-2020-18737.md index 397fbe1c38..6d8f700ac3 100644 --- a/2020/CVE-2020-18737.md +++ b/2020/CVE-2020-18737.md @@ -14,4 +14,5 @@ An issue was discovered in Typora 0.9.67. There is an XSS vulnerability that cau #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-1927.md b/2020/CVE-2020-1927.md index d37842756d..56e1dc4961 100644 --- a/2020/CVE-2020-1927.md +++ b/2020/CVE-2020-1927.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/Solhack/Team_CSI_platform +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough diff --git a/2020/CVE-2020-1934.md b/2020/CVE-2020-1934.md index 17390935e5..b9d50945f8 100644 --- a/2020/CVE-2020-1934.md +++ b/2020/CVE-2020-1934.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/Solhack/Team_CSI_platform +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough diff --git a/2020/CVE-2020-1938.md b/2020/CVE-2020-1938.md index f3b296828b..4ffb431c6d 100644 --- a/2020/CVE-2020-1938.md +++ b/2020/CVE-2020-1938.md @@ -49,6 +49,7 @@ No PoCs from references. - https://github.com/fairyming/CVE-2020-1938 - https://github.com/fatal0/tomcat-cve-2020-1938-check - https://github.com/fengjixuchui/RedTeamer +- https://github.com/fofapro/vulfocus - https://github.com/gobysec/Goby - https://github.com/hanc00l/some_pocsuite - https://github.com/hasee2018/Penetration_Testing_POC @@ -60,9 +61,11 @@ No PoCs from references. - https://github.com/jeansgit/Pentest - https://github.com/koala2099/GitHub-Chinese-Top-Charts - https://github.com/laolisafe/CVE-2020-1938 +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/ltfafei/my_POC - https://github.com/microservices-devsecops-organization/movie-catalog-service-dev - https://github.com/naozibuhao/CNVD-2020-10487-Tomcat-ajp-POC-A +- https://github.com/neilzhang1/Chinese-Charts - https://github.com/nibiwodong/CNVD-2020-10487-Tomcat-ajp-POC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor @@ -70,6 +73,7 @@ No PoCs from references. - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qingyuanfeiniao/Chinese-Top-Charts - https://github.com/safe6Sec/PentestNote +- https://github.com/severnake/Pentest-Tools - https://github.com/sgdream/CVE-2020-1938 - https://github.com/shaunmclernon/ghostcat-verification - https://github.com/sv3nbeast/CVE-2020-1938-Tomact-file_include-file_read diff --git a/2020/CVE-2020-1947.md b/2020/CVE-2020-1947.md index 69d7a177aa..e1144adeb7 100644 --- a/2020/CVE-2020-1947.md +++ b/2020/CVE-2020-1947.md @@ -29,6 +29,7 @@ No PoCs from references. - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc - https://github.com/jas502n/CVE-2020-1947 +- https://github.com/langligelang/langligelang - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/shadowsock5/ShardingSphere_CVE-2020-1947 diff --git a/2020/CVE-2020-1948.md b/2020/CVE-2020-1948.md index 2cd4eb062d..c4a6a1de21 100644 --- a/2020/CVE-2020-1948.md +++ b/2020/CVE-2020-1948.md @@ -28,6 +28,7 @@ No PoCs from references. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/lz2y/DubboPOC - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tanjiti/sec_profile diff --git a/2020/CVE-2020-1952.md b/2020/CVE-2020-1952.md new file mode 100644 index 0000000000..7aa21d98be --- /dev/null +++ b/2020/CVE-2020-1952.md @@ -0,0 +1,17 @@ +### [CVE-2020-1952](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1952) +![](https://img.shields.io/static/v1?label=Product&message=IoTDB&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) + +### Description + +An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. When starting IoTDB, the JMX port 31999 is exposed with no certification.Then, clients could execute code remotely. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/langligelang/langligelang + diff --git a/2020/CVE-2020-1957.md b/2020/CVE-2020-1957.md index 00addc78a2..5920c74c52 100644 --- a/2020/CVE-2020-1957.md +++ b/2020/CVE-2020-1957.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/atdpa4sw0rd/Experience-library - https://github.com/bfengj/CTF - https://github.com/chibd2000/Burp-Extender-Study-Develop +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/threedr3am/learnjavabug - https://github.com/woods-sega/woodswiki diff --git a/2020/CVE-2020-1967.md b/2020/CVE-2020-1967.md index 7cf533508f..42bdd904ac 100644 --- a/2020/CVE-2020-1967.md +++ b/2020/CVE-2020-1967.md @@ -25,9 +25,12 @@ Server or client applications that call the SSL_check_chain() function during or - https://github.com/goharbor/pluggable-scanner-spec - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/irsl/CVE-2020-1967 +- https://github.com/jntass/TASSL-1.1.1k - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/rossmacarthur/sheldon-cross - https://github.com/siddharthraopotukuchi/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers +- https://github.com/thecyberbaby/Trivy-by-aquaSecurity - https://github.com/umahari/security +- https://github.com/vinamra28/tekton-image-scan-trivy diff --git a/2020/CVE-2020-1971.md b/2020/CVE-2020-1971.md index 14c65f1efe..5b3c3ce9b8 100644 --- a/2020/CVE-2020-1971.md +++ b/2020/CVE-2020-1971.md @@ -15,11 +15,15 @@ The X.509 GeneralName type is a generic type for representing different types of - https://www.tenable.com/security/tns-2021-10 #### Github +- https://github.com/MBHudson/CVE-2020-1971 - https://github.com/Metztli/debian-openssl-1.1.1i - https://github.com/bollwarm/SecToolSet - https://github.com/developer-guy/image-scanning-using-trivy-as-go-library - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/jntass/TASSL-1.1.1k - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/stevechanieee/-5-OpenSSL_Versioning +- https://github.com/thecyberbaby/Trivy-by-aquaSecurity +- https://github.com/vinamra28/tekton-image-scan-trivy diff --git a/2020/CVE-2020-2020.md b/2020/CVE-2020-2020.md index 7513171171..e8c6aff80f 100644 --- a/2020/CVE-2020-2020.md +++ b/2020/CVE-2020-2020.md @@ -13,5 +13,7 @@ An improper handling of exceptional conditions vulnerability in Cortex XDR Agent No PoCs from references. #### Github +- https://github.com/python-libmsf/python-libmsf +- https://github.com/python-libmsf/python-libmsf.github.io - https://github.com/xfiftyone/CVE-2020-14882 diff --git a/2020/CVE-2020-2021.md b/2020/CVE-2020-2021.md index f890331712..2faec998de 100644 --- a/2020/CVE-2020-2021.md +++ b/2020/CVE-2020-2021.md @@ -15,4 +15,7 @@ No PoCs from references. #### Github - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/mr-r3b00t/CVE-2020-2021 +- https://github.com/python-libmsf/python-libmsf +- https://github.com/python-libmsf/python-libmsf.github.io +- https://github.com/r0eXpeR/supplier diff --git a/2020/CVE-2020-2034.md b/2020/CVE-2020-2034.md index 1a8f34b2fe..828f68a582 100644 --- a/2020/CVE-2020-2034.md +++ b/2020/CVE-2020-2034.md @@ -19,4 +19,5 @@ No PoCs from references. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/noperator/panos-scanner +- https://github.com/r0eXpeR/supplier diff --git a/2020/CVE-2020-21224.md b/2020/CVE-2020-21224.md index 1112aa419c..e58046b428 100644 --- a/2020/CVE-2020-21224.md +++ b/2020/CVE-2020-21224.md @@ -22,5 +22,7 @@ No PoCs from references. - https://github.com/SexyBeast233/SecBooks - https://github.com/SouthWind0/southwind0.github.io - https://github.com/jweny/pocassistdb +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-21378.md b/2020/CVE-2020-21378.md index 2dd3cefbb5..fffb508080 100644 --- a/2020/CVE-2020-21378.md +++ b/2020/CVE-2020-21378.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-21585.md b/2020/CVE-2020-21585.md index 46793a6aea..17cd738d8e 100644 --- a/2020/CVE-2020-21585.md +++ b/2020/CVE-2020-21585.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-2229.md b/2020/CVE-2020-2229.md index 573f37470b..4072d81eb5 100644 --- a/2020/CVE-2020-2229.md +++ b/2020/CVE-2020-2229.md @@ -14,4 +14,5 @@ Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the tooltip c #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-23342.md b/2020/CVE-2020-23342.md index dbf8f30e6f..401b58b552 100644 --- a/2020/CVE-2020-23342.md +++ b/2020/CVE-2020-23342.md @@ -15,4 +15,5 @@ A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php tha #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-23968.md b/2020/CVE-2020-23968.md index d4e735d9f9..9eee71a1a2 100644 --- a/2020/CVE-2020-23968.md +++ b/2020/CVE-2020-23968.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/ricardojba/CVE-2020-23968-ILEX-SignGo-EoP diff --git a/2020/CVE-2020-24227.md b/2020/CVE-2020-24227.md index eeb7bd6915..fa5bed7dcc 100644 --- a/2020/CVE-2020-24227.md +++ b/2020/CVE-2020-24227.md @@ -15,5 +15,6 @@ No PoCs from references. #### Github - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/nathunandwani/CVE-2020-24227 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-24579.md b/2020/CVE-2020-24579.md index deb72d4f59..68f40cabd2 100644 --- a/2020/CVE-2020-24579.md +++ b/2020/CVE-2020-24579.md @@ -19,4 +19,5 @@ An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2. - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/SexyBeast233/SecBooks - https://github.com/sobinge/nuclei-templates +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-24581.md b/2020/CVE-2020-24581.md index a4823e46ed..786657f9da 100644 --- a/2020/CVE-2020-24581.md +++ b/2020/CVE-2020-24581.md @@ -18,5 +18,6 @@ An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2. - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/huike007/penetration_poc +- https://github.com/tzwlhack/Vulnerability - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2020/CVE-2020-24609.md b/2020/CVE-2020-24609.md index a1a9f934f7..16270ada43 100644 --- a/2020/CVE-2020-24609.md +++ b/2020/CVE-2020-24609.md @@ -16,4 +16,5 @@ TechKshetra Info Solutions Pvt. Ltd Savsoft Quiz 5.5 and earlier has XSS which c #### Github - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/hemantsolo/CVE-Reference diff --git a/2020/CVE-2020-24616.md b/2020/CVE-2020-24616.md index a2742be53f..49c45c0700 100644 --- a/2020/CVE-2020-24616.md +++ b/2020/CVE-2020-24616.md @@ -19,4 +19,5 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/yahoo/cubed diff --git a/2020/CVE-2020-24723.md b/2020/CVE-2020-24723.md index c4b2f2c93c..d8142071e5 100644 --- a/2020/CVE-2020-24723.md +++ b/2020/CVE-2020-24723.md @@ -14,4 +14,5 @@ Cross Site Scripting (XSS) vulnerability in the Registration page of the admin p #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-24750.md b/2020/CVE-2020-24750.md index dbb8b6cf5b..e80696a204 100644 --- a/2020/CVE-2020-24750.md +++ b/2020/CVE-2020-24750.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/SexyBeast233/SecBooks - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/yahoo/cubed diff --git a/2020/CVE-2020-24807.md b/2020/CVE-2020-24807.md new file mode 100644 index 0000000000..60a71e4c72 --- /dev/null +++ b/2020/CVE-2020-24807.md @@ -0,0 +1,17 @@ +### [CVE-2020-24807](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24807) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +** UNSUPPORTED WHEN ASSIGNED ** The socket.io-file package through 2.0.31 for Node.js relies on client-side validation of file types, which allows remote attackers to execute arbitrary code by uploading an executable file via a modified JSON name field. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/PalindromeLabs/awesome-websocket-security + diff --git a/2020/CVE-2020-25078.md b/2020/CVE-2020-25078.md index 7bf3304a71..b4612e5eed 100644 --- a/2020/CVE-2020-25078.md +++ b/2020/CVE-2020-25078.md @@ -22,7 +22,9 @@ No PoCs from references. - https://github.com/SexyBeast233/SecBooks - https://github.com/SouthWind0/southwind0.github.io - https://github.com/Yang0615777/PocList +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/tzwlhack/Vulnerability - https://github.com/yamori/pm2_logs diff --git a/2020/CVE-2020-2509.md b/2020/CVE-2020-2509.md new file mode 100644 index 0000000000..dc710df0e4 --- /dev/null +++ b/2020/CVE-2020-2509.md @@ -0,0 +1,20 @@ +### [CVE-2020-2509](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2509) +![](https://img.shields.io/static/v1?label=Product&message=QTS&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=QuTS%20hero&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%204.5.2.1566%20Build%2020210202%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%20h4.5.1.1491%20build%2020201119%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-77%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20a%20Command%20('Command%20Injection')&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-78%20OS%20Command%20Injection&color=brighgreen) + +### Description + +A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 Build 20210202 and later QTS 4.5.1.1495 Build 20201123 and later QTS 4.3.6.1620 Build 20210322 and later QTS 4.3.4.1632 Build 20210324 and later QTS 4.3.3.1624 Build 20210416 and later QTS 4.2.6 Build 20210327 and later QuTS hero h4.5.1.1491 build 20201119 and later + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2020/CVE-2020-25211.md b/2020/CVE-2020-25211.md index ccad38ee2f..c21cf4f69b 100644 --- a/2020/CVE-2020-25211.md +++ b/2020/CVE-2020-25211.md @@ -14,4 +14,5 @@ In the Linux kernel through 5.8.7, local attackers able to inject conntrack netl #### Github - https://github.com/404notf0und/CVE-Flow +- https://github.com/EGI-Federation/SVG-advisories diff --git a/2020/CVE-2020-25213.md b/2020/CVE-2020-25213.md index 92e647f93f..26d46bafdf 100644 --- a/2020/CVE-2020-25213.md +++ b/2020/CVE-2020-25213.md @@ -19,6 +19,7 @@ The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote - https://github.com/404notf0und/CVE-Flow - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Astrogeorgeonethree/Starred +- https://github.com/BraveLittleRoaster/wp-pwn - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/developer3000S/PoC-in-GitHub @@ -26,5 +27,6 @@ The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/mansoorr123/wp-file-manager-CVE-2020-25213 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability - https://github.com/w4fz5uck5/wp-file-manager-0day diff --git a/2020/CVE-2020-25223.md b/2020/CVE-2020-25223.md index 148da18827..cddd0c72dd 100644 --- a/2020/CVE-2020-25223.md +++ b/2020/CVE-2020-25223.md @@ -16,5 +16,7 @@ A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM be #### Github - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/darrenmartyn/sophucked - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/twentybel0w/CVE-2020-25223 diff --git a/2020/CVE-2020-25273.md b/2020/CVE-2020-25273.md index b4bdef9b73..82e7e9de6a 100644 --- a/2020/CVE-2020-25273.md +++ b/2020/CVE-2020-25273.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/Ko-kn3t/CVE-2020-25273 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-25483.md b/2020/CVE-2020-25483.md index 791d477b2d..f12bec009f 100644 --- a/2020/CVE-2020-25483.md +++ b/2020/CVE-2020-25483.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-25498.md b/2020/CVE-2020-25498.md index 8eb92cc132..fbbf23e383 100644 --- a/2020/CVE-2020-25498.md +++ b/2020/CVE-2020-25498.md @@ -15,4 +15,5 @@ Cross Site Scripting (XSS) vulnerability in Beetel router 777VR1 can be exploite #### Github - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/the-girl-who-lived/CVE-2020-25498 diff --git a/2020/CVE-2020-25506.md b/2020/CVE-2020-25506.md index 4d11d675f2..b3f25a8b87 100644 --- a/2020/CVE-2020-25506.md +++ b/2020/CVE-2020-25506.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-2551.md b/2020/CVE-2020-2551.md index b39db3416d..5748a687af 100644 --- a/2020/CVE-2020-2551.md +++ b/2020/CVE-2020-2551.md @@ -50,12 +50,16 @@ No PoCs from references. - https://github.com/jas502n/CVE-2020-2551 - https://github.com/jiangsir404/POC-S - https://github.com/koala2099/GitHub-Chinese-Top-Charts +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection +- https://github.com/lz2y/CVE-2021-2394 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +- https://github.com/neilzhang1/Chinese-Charts - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/pinkieli/GitHub-Chinese-Top-Charts - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qingyuanfeiniao/Chinese-Top-Charts - https://github.com/raystyle/paper +- https://github.com/severnake/Pentest-Tools - https://github.com/sobinge/nuclei-templates - https://github.com/taielab/awesome-hacking-lists - https://github.com/tdtc7/qps diff --git a/2020/CVE-2020-2555.md b/2020/CVE-2020-2555.md index 29be5d43ff..5e08e50788 100644 --- a/2020/CVE-2020-2555.md +++ b/2020/CVE-2020-2555.md @@ -48,12 +48,15 @@ Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (compo - https://github.com/huike007/poc - https://github.com/koala2099/GitHub-Chinese-Top-Charts - https://github.com/koutto/jok3r-pocs +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +- https://github.com/neilzhang1/Chinese-Charts - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/pinkieli/GitHub-Chinese-Top-Charts - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qingyuanfeiniao/Chinese-Top-Charts - https://github.com/raystyle/paper +- https://github.com/safe6Sec/wlsEnv - https://github.com/taielab/awesome-hacking-lists - https://github.com/tdtc7/qps - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2020/CVE-2020-25632.md b/2020/CVE-2020-25632.md index ca30c64b9a..bac044f1bc 100644 --- a/2020/CVE-2020-25632.md +++ b/2020/CVE-2020-25632.md @@ -13,8 +13,10 @@ A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation al No PoCs from references. #### Github +- https://github.com/amzdev0401/shim-review-backup - https://github.com/bitraser/shim-review-15.4 - https://github.com/jason-chang-atrust/shim-review +- https://github.com/luojc123/shim-nsdl - https://github.com/neverware/shim-review - https://github.com/puzzleos/uefi-shim_review - https://github.com/rhboot/shim-review diff --git a/2020/CVE-2020-25647.md b/2020/CVE-2020-25647.md index 56de903dd5..6948de2769 100644 --- a/2020/CVE-2020-25647.md +++ b/2020/CVE-2020-25647.md @@ -13,8 +13,10 @@ A flaw was found in grub2 in versions prior to 2.06. During USB device initializ No PoCs from references. #### Github +- https://github.com/amzdev0401/shim-review-backup - https://github.com/bitraser/shim-review-15.4 - https://github.com/jason-chang-atrust/shim-review +- https://github.com/luojc123/shim-nsdl - https://github.com/neverware/shim-review - https://github.com/puzzleos/uefi-shim_review - https://github.com/rhboot/shim-review diff --git a/2020/CVE-2020-25684.md b/2020/CVE-2020-25684.md index 4c32ab4d2f..dec86259e3 100644 --- a/2020/CVE-2020-25684.md +++ b/2020/CVE-2020-25684.md @@ -22,4 +22,5 @@ No PoCs from references. - https://github.com/klcheung99/CSCM28CW2 - https://github.com/knqyf263/dnspooq - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-25685.md b/2020/CVE-2020-25685.md index 22e15ee491..a41f4b65dc 100644 --- a/2020/CVE-2020-25685.md +++ b/2020/CVE-2020-25685.md @@ -20,4 +20,5 @@ No PoCs from references. - https://github.com/kaosagnt/ansible-everyday - https://github.com/klcheung99/CSCM28CW2 - https://github.com/knqyf263/dnspooq +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-25686.md b/2020/CVE-2020-25686.md index c94718dfa5..0e206e48f8 100644 --- a/2020/CVE-2020-25686.md +++ b/2020/CVE-2020-25686.md @@ -22,4 +22,5 @@ No PoCs from references. - https://github.com/klcheung99/CSCM28CW2 - https://github.com/knqyf263/dnspooq - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-25705.md b/2020/CVE-2020-25705.md index 7ba94812bd..71562fbc4b 100644 --- a/2020/CVE-2020-25705.md +++ b/2020/CVE-2020-25705.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tdwyer/CVE-2020-25705 diff --git a/2020/CVE-2020-26088.md b/2020/CVE-2020-26088.md index 42812c06de..373368deee 100644 --- a/2020/CVE-2020-26088.md +++ b/2020/CVE-2020-26088.md @@ -13,5 +13,5 @@ A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the L - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.2 #### Github -No PoCs found on GitHub currently. +- https://github.com/evdenis/cvehound diff --git a/2020/CVE-2020-26137.md b/2020/CVE-2020-26137.md index fa262b4828..f37f8c26af 100644 --- a/2020/CVE-2020-26137.md +++ b/2020/CVE-2020-26137.md @@ -13,5 +13,7 @@ urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP re No PoCs from references. #### Github +- https://github.com/asa1997/topgear_test +- https://github.com/noseka1/deep-dive-into-clair - https://github.com/twu/skjold diff --git a/2020/CVE-2020-26160.md b/2020/CVE-2020-26160.md new file mode 100644 index 0000000000..13277543f0 --- /dev/null +++ b/2020/CVE-2020-26160.md @@ -0,0 +1,19 @@ +### [CVE-2020-26160](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26160) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m["aud"] (which is allowed by the specification). Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lacks its own audience check. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/k1LoW/oshka +- https://github.com/naveensrinivasan/stunning-tribble +- https://github.com/novalagung/mypullrequests + diff --git a/2020/CVE-2020-26217.md b/2020/CVE-2020-26217.md index a63494a2e9..7bca6ea0f9 100644 --- a/2020/CVE-2020-26217.md +++ b/2020/CVE-2020-26217.md @@ -18,12 +18,15 @@ No PoCs from references. - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/SexyBeast233/SecBooks - https://github.com/SouthWind0/southwind0.github.io +- https://github.com/Veraxy00/XStream-vul-poc - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/fynch3r/Gadgets - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/hex0wn/learn-java-bug +- https://github.com/jas502n/CVE-2020-26259 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/novysodope/CVE-2020-26217-XStream-RCE-POC - https://github.com/superfish9/pt - https://github.com/x-poc/xstream-poc diff --git a/2020/CVE-2020-26233.md b/2020/CVE-2020-26233.md index 426492fa21..d0391383d6 100644 --- a/2020/CVE-2020-26233.md +++ b/2020/CVE-2020-26233.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-26238.md b/2020/CVE-2020-26238.md index 99bd312695..8971d7091b 100644 --- a/2020/CVE-2020-26238.md +++ b/2020/CVE-2020-26238.md @@ -15,4 +15,5 @@ Cron-utils is a Java library to parse, validate, migrate crons as well as get hu #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-26258.md b/2020/CVE-2020-26258.md index ed0c09fa23..9faef5ee77 100644 --- a/2020/CVE-2020-26258.md +++ b/2020/CVE-2020-26258.md @@ -18,8 +18,11 @@ No PoCs from references. - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/SexyBeast233/SecBooks +- https://github.com/Veraxy00/XStream-vul-poc - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/jas502n/CVE-2020-26259 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability - https://github.com/x-poc/xstream-poc diff --git a/2020/CVE-2020-26259.md b/2020/CVE-2020-26259.md index 1a0835509a..4e035fb0e1 100644 --- a/2020/CVE-2020-26259.md +++ b/2020/CVE-2020-26259.md @@ -17,10 +17,13 @@ No PoCs from references. - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/SexyBeast233/SecBooks +- https://github.com/Veraxy00/XStream-vul-poc - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/fynch3r/Gadgets - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/jas502n/CVE-2020-26259 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/taielab/awesome-hacking-lists +- https://github.com/tzwlhack/Vulnerability - https://github.com/x-poc/xstream-poc diff --git a/2020/CVE-2020-26297.md b/2020/CVE-2020-26297.md index ea48f66f6d..6f1717c940 100644 --- a/2020/CVE-2020-26297.md +++ b/2020/CVE-2020-26297.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/Artisan-Lab/Rust-memory-safety-bugs +- https://github.com/OtsuKotsu/daily_log - https://github.com/xxg1413/rust-security diff --git a/2020/CVE-2020-26413.md b/2020/CVE-2020-26413.md index d14212895c..a138e3360a 100644 --- a/2020/CVE-2020-26413.md +++ b/2020/CVE-2020-26413.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/H4ckTh3W0r1d/Goby_POC - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-26870.md b/2020/CVE-2020-26870.md new file mode 100644 index 0000000000..54fa3857dd --- /dev/null +++ b/2020/CVE-2020-26870.md @@ -0,0 +1,17 @@ +### [CVE-2020-26870](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26870) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/deepakdba/cve_checklist + diff --git a/2020/CVE-2020-26893.md b/2020/CVE-2020-26893.md new file mode 100644 index 0000000000..002bafefdd --- /dev/null +++ b/2020/CVE-2020-26893.md @@ -0,0 +1,17 @@ +### [CVE-2020-26893](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26893) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed copy of ClamXAV 2 (running with an injected malicious dylib) to communicate with ClamXAV 3's helper tool and perform privileged operations. This occurs because of inadequate client verification in the helper tool. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/V0lk3n/OSMR-CheatSheet + diff --git a/2020/CVE-2020-26935.md b/2020/CVE-2020-26935.md index f97ef17075..70527edc97 100644 --- a/2020/CVE-2020-26935.md +++ b/2020/CVE-2020-26935.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-27131.md b/2020/CVE-2020-27131.md index 8be55fef1c..dac8d72501 100644 --- a/2020/CVE-2020-27131.md +++ b/2020/CVE-2020-27131.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/SexyBeast233/SecBooks - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-27152.md b/2020/CVE-2020-27152.md index f9ff76a375..ddc0f9c944 100644 --- a/2020/CVE-2020-27152.md +++ b/2020/CVE-2020-27152.md @@ -13,5 +13,5 @@ An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in th - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.9.2 #### Github -No PoCs found on GitHub currently. +- https://github.com/evdenis/cvehound diff --git a/2020/CVE-2020-27192.md b/2020/CVE-2020-27192.md index 773c625522..8e236a4ac2 100644 --- a/2020/CVE-2020-27192.md +++ b/2020/CVE-2020-27192.md @@ -13,5 +13,6 @@ BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs.disable-li No PoCs from references. #### Github +- https://github.com/Traxes/Forklift_LPE - https://github.com/alphaSeclab/sec-daily-2020 diff --git a/2020/CVE-2020-27193.md b/2020/CVE-2020-27193.md new file mode 100644 index 0000000000..db4d26c7fc --- /dev/null +++ b/2020/CVE-2020-27193.md @@ -0,0 +1,17 @@ +### [CVE-2020-27193](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27193) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A cross-site scripting (XSS) vulnerability in the Color Dialog plugin for CKEditor 4.15.0 allows remote attackers to run arbitrary web script after persuading a user to copy and paste crafted HTML code into one of editor inputs. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/deepakdba/cve_checklist + diff --git a/2020/CVE-2020-27194.md b/2020/CVE-2020-27194.md index db845a11d0..4db5bca55e 100644 --- a/2020/CVE-2020-27194.md +++ b/2020/CVE-2020-27194.md @@ -19,8 +19,10 @@ An issue was discovered in the Linux kernel before 5.8.15. scalar32_min_max_or i - https://github.com/bsauce/kernel-exploit-factory - https://github.com/bsauce/kernel-security-learning - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/evdenis/cvehound - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/scannells/exploits - https://github.com/xairy/linux-kernel-exploitation +- https://github.com/xmzyshypnc/CVE-2020-27194 diff --git a/2020/CVE-2020-27223.md b/2020/CVE-2020-27223.md index 1a5b785142..65b96c70be 100644 --- a/2020/CVE-2020-27223.md +++ b/2020/CVE-2020-27223.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-27358.md b/2020/CVE-2020-27358.md index a3b867f53d..f5c65b1e49 100644 --- a/2020/CVE-2020-27358.md +++ b/2020/CVE-2020-27358.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/sebastian-mora/cve-2020-27358-27359 diff --git a/2020/CVE-2020-27372.md b/2020/CVE-2020-27372.md new file mode 100644 index 0000000000..f6f39e3cd0 --- /dev/null +++ b/2020/CVE-2020-27372.md @@ -0,0 +1,17 @@ +### [CVE-2020-27372](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27372) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A buffer overflow vulnerability exists in Brandy Basic V Interpreter 1.21 in the run_interpreter function. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/H4niz/CVE + diff --git a/2020/CVE-2020-27533.md b/2020/CVE-2020-27533.md index 4bacfee820..52921f9514 100644 --- a/2020/CVE-2020-27533.md +++ b/2020/CVE-2020-27533.md @@ -14,4 +14,5 @@ A Cross Site Scripting (XSS) issue was discovered in the search feature of DedeC #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-27575.md b/2020/CVE-2020-27575.md index 5aa7d267c9..922d9124e2 100644 --- a/2020/CVE-2020-27575.md +++ b/2020/CVE-2020-27575.md @@ -14,4 +14,5 @@ Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-27600.md b/2020/CVE-2020-27600.md index 40f01d12d5..e282ea9865 100644 --- a/2020/CVE-2020-27600.md +++ b/2020/CVE-2020-27600.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-27603.md b/2020/CVE-2020-27603.md index a8667dbf01..93c7865610 100644 --- a/2020/CVE-2020-27603.md +++ b/2020/CVE-2020-27603.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/hannob/CVE-2020-27603-bbb-libreoffice-poc - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-27618.md b/2020/CVE-2020-27618.md index 453b6a6b33..66d35df43c 100644 --- a/2020/CVE-2020-27618.md +++ b/2020/CVE-2020-27618.md @@ -14,6 +14,8 @@ No PoCs from references. #### Github - https://github.com/dispera/giant-squid +- https://github.com/domyrtille/interview_project +- https://github.com/epequeno/devops-demo - https://github.com/nedenwalker/spring-boot-app-using-gradle - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln - https://github.com/onzack/trivy-multiscanner diff --git a/2020/CVE-2020-27749.md b/2020/CVE-2020-27749.md index 0f74214b64..bc93fbcf54 100644 --- a/2020/CVE-2020-27749.md +++ b/2020/CVE-2020-27749.md @@ -13,8 +13,10 @@ A flaw was found in grub2 in versions prior to 2.06. Variable names present are No PoCs from references. #### Github +- https://github.com/amzdev0401/shim-review-backup - https://github.com/bitraser/shim-review-15.4 - https://github.com/jason-chang-atrust/shim-review +- https://github.com/luojc123/shim-nsdl - https://github.com/neverware/shim-review - https://github.com/puzzleos/uefi-shim_review - https://github.com/rhboot/shim-review diff --git a/2020/CVE-2020-27779.md b/2020/CVE-2020-27779.md index ce8017db22..4ca4d64bbd 100644 --- a/2020/CVE-2020-27779.md +++ b/2020/CVE-2020-27779.md @@ -13,8 +13,10 @@ A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not No PoCs from references. #### Github +- https://github.com/amzdev0401/shim-review-backup - https://github.com/bitraser/shim-review-15.4 - https://github.com/jason-chang-atrust/shim-review +- https://github.com/luojc123/shim-nsdl - https://github.com/neverware/shim-review - https://github.com/puzzleos/uefi-shim_review - https://github.com/rhboot/shim-review diff --git a/2020/CVE-2020-27813.md b/2020/CVE-2020-27813.md index 223101c387..a84fc69fc9 100644 --- a/2020/CVE-2020-27813.md +++ b/2020/CVE-2020-27813.md @@ -13,5 +13,5 @@ An integer overflow vulnerability exists with the length of websocket frames rec - https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh #### Github -No PoCs found on GitHub currently. +- https://github.com/PalindromeLabs/awesome-websocket-security diff --git a/2020/CVE-2020-27830.md b/2020/CVE-2020-27830.md new file mode 100644 index 0000000000..b36a489eef --- /dev/null +++ b/2020/CVE-2020-27830.md @@ -0,0 +1,17 @@ +### [CVE-2020-27830](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27830) +![](https://img.shields.io/static/v1?label=Product&message=kernel&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-476&color=brighgreen) + +### Description + +A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/evdenis/cvehound + diff --git a/2020/CVE-2020-27905.md b/2020/CVE-2020-27905.md new file mode 100644 index 0000000000..1ec3cebd9b --- /dev/null +++ b/2020/CVE-2020-27905.md @@ -0,0 +1,20 @@ +### [CVE-2020-27905](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27905) +![](https://img.shields.io/static/v1?label=Product&message=iOS%20and%20iPadOS&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=tvOS&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=watchOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2014.2%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%207.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=A%20malicious%20application%20may%20be%20able%20to%20execute%20arbitrary%20code%20with%20system%20privileges&color=brighgreen) + +### Description + +A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A malicious application may be able to execute arbitrary code with system privileges. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/0x36/oob_events + diff --git a/2020/CVE-2020-27935.md b/2020/CVE-2020-27935.md index 7304a27931..c32879795a 100644 --- a/2020/CVE-2020-27935.md +++ b/2020/CVE-2020-27935.md @@ -19,6 +19,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/LIJI32/SnatchBox - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/houjingyi233/macOS-iOS-system-security diff --git a/2020/CVE-2020-27949.md b/2020/CVE-2020-27949.md index 90f7bf700b..2b5e83c033 100644 --- a/2020/CVE-2020-27949.md +++ b/2020/CVE-2020-27949.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/houjingyi233/macOS-iOS-system-security - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/seemoo-lab/dtrace-memaccess_cve-2020-27949 diff --git a/2020/CVE-2020-27950.md b/2020/CVE-2020-27950.md index c69d8af5ca..3ddecd64eb 100644 --- a/2020/CVE-2020-27950.md +++ b/2020/CVE-2020-27950.md @@ -29,4 +29,5 @@ A memory initialization issue was addressed. This issue is fixed in macOS Big Su - https://github.com/houjingyi233/macOS-iOS-system-security - https://github.com/joydo/CVE-Writeups - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/synacktiv/CVE-2020-27950 diff --git a/2020/CVE-2020-27955.md b/2020/CVE-2020-27955.md index 2832818cba..958828dcd8 100644 --- a/2020/CVE-2020-27955.md +++ b/2020/CVE-2020-27955.md @@ -20,13 +20,21 @@ Git LFS 2.12.0 allows Remote Code Execution. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955 +- https://github.com/ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955-Go - https://github.com/NetW0rK1le3r/awesome-hacking-lists +- https://github.com/SSRemex/CVE-2020-27955-TEST - https://github.com/SexyBeast233/SecBooks - https://github.com/SouthWind0/southwind0.github.io +- https://github.com/TheTh1nk3r/cve-2020-27955 - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/githubfollow/ssh-reverse-git-RCE - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/r00t4dm/CVE-2020-27955 - https://github.com/taielab/awesome-hacking-lists +- https://github.com/tzwlhack/Vulnerability +- https://github.com/williamgoulois/git-lfs-RCE-exploit-CVE-2020-27955-revshell - https://github.com/ycdxsb/PocOrExp_in_Github diff --git a/2020/CVE-2020-27976.md b/2020/CVE-2020-27976.md index 2d8d401c42..dbcdb05043 100644 --- a/2020/CVE-2020-27976.md +++ b/2020/CVE-2020-27976.md @@ -16,5 +16,6 @@ osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Withi - https://github.com/ARPSyndicate/cvemon - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/k0rnh0li0/CVE-2020-27976 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-27986.md b/2020/CVE-2020-27986.md index 4091e6639e..a14edfeb8c 100644 --- a/2020/CVE-2020-27986.md +++ b/2020/CVE-2020-27986.md @@ -23,4 +23,5 @@ No PoCs from references. - https://github.com/bigblackhat/oFx - https://github.com/d-rn/vulBox - https://github.com/sobinge/nuclei-templates +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-28018.md b/2020/CVE-2020-28018.md index 06584818ef..d86eae75c8 100644 --- a/2020/CVE-2020-28018.md +++ b/2020/CVE-2020-28018.md @@ -15,8 +15,10 @@ Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations t #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Timirepo/CVE_Exploits - https://github.com/dorkerdevil/CVE-2020-28018 - https://github.com/lockedbyte/CVE-Exploits - https://github.com/lockedbyte/slides - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/zr0tt/CVE-2020-28018 diff --git a/2020/CVE-2020-28042.md b/2020/CVE-2020-28042.md index cd3dfaaeb0..45b01cfaed 100644 --- a/2020/CVE-2020-28042.md +++ b/2020/CVE-2020-28042.md @@ -15,5 +15,6 @@ ServiceStack before 5.9.2 mishandles JWT signature verification unless an applic #### Github - https://github.com/The-Cracker-Technology/jwt_tool - https://github.com/mishmashclone/ticarpi-jwt_tool +- https://github.com/puckiestyle/jwt_tool - https://github.com/ticarpi/jwt_tool diff --git a/2020/CVE-2020-28054.md b/2020/CVE-2020-28054.md index 4084a5c11a..e7e2aa9be9 100644 --- a/2020/CVE-2020-28054.md +++ b/2020/CVE-2020-28054.md @@ -15,6 +15,7 @@ JamoDat TSMManager Collector version up to 6.5.0.21 is vulnerable to an Authoriz #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/VoidSec/Tivoli-Madness - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2020/CVE-2020-28124.md b/2020/CVE-2020-28124.md new file mode 100644 index 0000000000..b909e71b37 --- /dev/null +++ b/2020/CVE-2020-28124.md @@ -0,0 +1,17 @@ +### [CVE-2020-28124](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28124) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Cross Site Scripting (XSS) in LavaLite 5.8.0 via the Address field. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ajmalabubakkr/CVE + diff --git a/2020/CVE-2020-28188.md b/2020/CVE-2020-28188.md index ced997b1c1..24b2cb14b6 100644 --- a/2020/CVE-2020-28188.md +++ b/2020/CVE-2020-28188.md @@ -15,7 +15,9 @@ Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= 4.2.06 allow #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Dark-Clown-Security/RCE_TOS - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-28243.md b/2020/CVE-2020-28243.md index dd5c8cebc4..cf4adce734 100644 --- a/2020/CVE-2020-28243.md +++ b/2020/CVE-2020-28243.md @@ -16,4 +16,5 @@ An issue was discovered in SaltStack Salt before 3002.5. The minion's restartche - https://github.com/ARPSyndicate/cvemon - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/stealthcopter/CVE-2020-28243 diff --git a/2020/CVE-2020-28328.md b/2020/CVE-2020-28328.md index 0b323c6d74..efe5154df2 100644 --- a/2020/CVE-2020-28328.md +++ b/2020/CVE-2020-28328.md @@ -19,5 +19,6 @@ SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system se - https://github.com/ARPSyndicate/cvemon - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/mcorybillington/SuiteCRM-RCE - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-28351.md b/2020/CVE-2020-28351.md index 5d82077550..bed322777e 100644 --- a/2020/CVE-2020-28351.md +++ b/2020/CVE-2020-28351.md @@ -16,6 +16,7 @@ The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/dievus/CVE-2020-28351 - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-28500.md b/2020/CVE-2020-28500.md index 4e86dd083d..db098203f0 100644 --- a/2020/CVE-2020-28500.md +++ b/2020/CVE-2020-28500.md @@ -19,5 +19,6 @@ Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of #### Github - https://github.com/engn33r/awesome-redos-security +- https://github.com/samoylenko/sample-vulnerable-app-nodejs-express - https://github.com/yetingli/PoCs diff --git a/2020/CVE-2020-2853.md b/2020/CVE-2020-2853.md index 6a857f6907..01b1a5163f 100644 --- a/2020/CVE-2020-2853.md +++ b/2020/CVE-2020-2853.md @@ -13,5 +13,6 @@ Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Se No PoCs from references. #### Github +- https://github.com/intrigueio/cve-2020-28653-poc - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2020/CVE-2020-28642.md b/2020/CVE-2020-28642.md index cbadbdb71f..97b211fabf 100644 --- a/2020/CVE-2020-28642.md +++ b/2020/CVE-2020-28642.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-28653.md b/2020/CVE-2020-28653.md index b58a85a4d7..8c13f4e48f 100644 --- a/2020/CVE-2020-28653.md +++ b/2020/CVE-2020-28653.md @@ -14,5 +14,6 @@ Zoho ManageEngine OpManager Stable build before 125203 (and Released build befor #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/intrigueio/cve-2020-28653-poc - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-2883.md b/2020/CVE-2020-2883.md index 5458e27b2e..fc08c840fb 100644 --- a/2020/CVE-2020-2883.md +++ b/2020/CVE-2020-2883.md @@ -16,6 +16,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/0xT11/CVE-POC - https://github.com/0xn0ne/weblogicScanner - https://github.com/ARPSyndicate/cvemon +- https://github.com/Al1ex/CVE-2020-2883 - https://github.com/CnHack3r/Penetration_PoC - https://github.com/DaBoQuan/CVE-2020-14645 - https://github.com/FancyDoesSecurity/CVE-2020-2883 @@ -41,9 +42,11 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/koala2099/GitHub-Chinese-Top-Charts - https://github.com/koutto/jok3r-pocs - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +- https://github.com/neilzhang1/Chinese-Charts - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/pinkieli/GitHub-Chinese-Top-Charts - https://github.com/qingyuanfeiniao/Chinese-Top-Charts +- https://github.com/safe6Sec/wlsEnv - https://github.com/taielab/awesome-hacking-lists - https://github.com/veo/vscan - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2020/CVE-2020-28928.md b/2020/CVE-2020-28928.md index 30b8f0b64c..67cc61d8d4 100644 --- a/2020/CVE-2020-28928.md +++ b/2020/CVE-2020-28928.md @@ -16,4 +16,6 @@ No PoCs from references. - https://github.com/chaimleib/maclfs - https://github.com/developer-guy/image-scanning-using-trivy-as-go-library - https://github.com/meldron/psonoci +- https://github.com/thecyberbaby/Trivy-by-aquaSecurity +- https://github.com/vinamra28/tekton-image-scan-trivy diff --git a/2020/CVE-2020-28948.md b/2020/CVE-2020-28948.md index 4473d7c726..a76c1eaf37 100644 --- a/2020/CVE-2020-28948.md +++ b/2020/CVE-2020-28948.md @@ -13,6 +13,7 @@ Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blo - https://github.com/pear/Archive_Tar/issues/33 #### Github +- https://github.com/0x240x23elu/CVE-2020-28948-and-CVE-2020-28949 - https://github.com/ARPSyndicate/cvemon - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2020/CVE-2020-28949.md b/2020/CVE-2020-28949.md index 3621c743da..282f97b543 100644 --- a/2020/CVE-2020-28949.md +++ b/2020/CVE-2020-28949.md @@ -14,6 +14,7 @@ Archive_Tar through 1.4.10 has :// filename sanitization only to address phar at - https://github.com/pear/Archive_Tar/issues/33 #### Github +- https://github.com/0x240x23elu/CVE-2020-28948-and-CVE-2020-28949 - https://github.com/ARPSyndicate/cvemon - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2020/CVE-2020-29070.md b/2020/CVE-2020-29070.md index 2023a1ba94..9b2eeeec69 100644 --- a/2020/CVE-2020-29070.md +++ b/2020/CVE-2020-29070.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/aslanemre/cve-2020-29070 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-29133.md b/2020/CVE-2020-29133.md index 37ca5cd300..90bab0d5b2 100644 --- a/2020/CVE-2020-29133.md +++ b/2020/CVE-2020-29133.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-29156.md b/2020/CVE-2020-29156.md index 6282e7e65d..e6a100b42a 100644 --- a/2020/CVE-2020-29156.md +++ b/2020/CVE-2020-29156.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Ko-kn3t/CVE-2020-29156 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-29228.md b/2020/CVE-2020-29228.md new file mode 100644 index 0000000000..bfcd45d906 --- /dev/null +++ b/2020/CVE-2020-29228.md @@ -0,0 +1,17 @@ +### [CVE-2020-29228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29228) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +EGavilanMedia User Registration and Login System With Admin Panel 1.0 is affected by SQL injection in the User Login Page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/hemantsolo/CVE-Reference + diff --git a/2020/CVE-2020-29230.md b/2020/CVE-2020-29230.md index 95da42589e..cf88b23217 100644 --- a/2020/CVE-2020-29230.md +++ b/2020/CVE-2020-29230.md @@ -13,5 +13,5 @@ EGavilanMedia User Registration and Login System With Admin Panel 1.0 is affecte - https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-29230.md #### Github -No PoCs found on GitHub currently. +- https://github.com/hemantsolo/CVE-Reference diff --git a/2020/CVE-2020-29231.md b/2020/CVE-2020-29231.md index 5a18c373ef..e028e38989 100644 --- a/2020/CVE-2020-29231.md +++ b/2020/CVE-2020-29231.md @@ -13,5 +13,5 @@ EGavilanMedia User Registration and Login System With Admin Panel 1.0 is affecte - https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-29231.md #### Github -No PoCs found on GitHub currently. +- https://github.com/hemantsolo/CVE-Reference diff --git a/2020/CVE-2020-29233.md b/2020/CVE-2020-29233.md index 6a1a43975b..0d29744261 100644 --- a/2020/CVE-2020-29233.md +++ b/2020/CVE-2020-29233.md @@ -13,5 +13,5 @@ WonderCMS 3.1.3 is affected by cross-site scripting (XSS) in the Page descriptio - https://www.exploit-db.com/exploits/49085 #### Github -No PoCs found on GitHub currently. +- https://github.com/hemantsolo/CVE-Reference diff --git a/2020/CVE-2020-29254.md b/2020/CVE-2020-29254.md index 5b1ba4d355..1ffb141fac 100644 --- a/2020/CVE-2020-29254.md +++ b/2020/CVE-2020-29254.md @@ -14,6 +14,7 @@ TikiWiki 21.2 allows templates to be edited without CSRF protection. This could #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/S1lkys/CVE-2020-29254 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-29371.md b/2020/CVE-2020-29371.md index 7dc05afe13..f759b80667 100644 --- a/2020/CVE-2020-29371.md +++ b/2020/CVE-2020-29371.md @@ -13,5 +13,5 @@ An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux ker - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.4 #### Github -No PoCs found on GitHub currently. +- https://github.com/evdenis/cvehound diff --git a/2020/CVE-2020-29436.md b/2020/CVE-2020-29436.md index d78f89e2b2..d5f5e212c7 100644 --- a/2020/CVE-2020-29436.md +++ b/2020/CVE-2020-29436.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks - https://github.com/SouthWind0/southwind0.github.io +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-29453.md b/2020/CVE-2020-29453.md index 36fe3d8b56..94a7545076 100644 --- a/2020/CVE-2020-29453.md +++ b/2020/CVE-2020-29453.md @@ -16,4 +16,5 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/sushantdhopat/JIRA_testing diff --git a/2020/CVE-2020-29469.md b/2020/CVE-2020-29469.md index 7fec87fb26..d8e026c2b3 100644 --- a/2020/CVE-2020-29469.md +++ b/2020/CVE-2020-29469.md @@ -13,5 +13,5 @@ WonderCMS 3.1.3 is affected by cross-site scripting (XSS) in the Menu component. - https://www.exploit-db.com/exploits/49164 #### Github -No PoCs found on GitHub currently. +- https://github.com/hemantsolo/CVE-Reference diff --git a/2020/CVE-2020-29470.md b/2020/CVE-2020-29470.md index eb05295fe0..be66285328 100644 --- a/2020/CVE-2020-29470.md +++ b/2020/CVE-2020-29470.md @@ -13,5 +13,5 @@ OpenCart 3.0.3.6 is affected by cross-site scripting (XSS) in the Subject field - https://www.exploit-db.com/exploits/49099 #### Github -No PoCs found on GitHub currently. +- https://github.com/hemantsolo/CVE-Reference diff --git a/2020/CVE-2020-29471.md b/2020/CVE-2020-29471.md index 980dea1f4a..01c1cbdd6b 100644 --- a/2020/CVE-2020-29471.md +++ b/2020/CVE-2020-29471.md @@ -13,5 +13,5 @@ OpenCart 3.0.3.6 is affected by cross-site scripting (XSS) in the Profile Image. - https://www.exploit-db.com/exploits/49098 #### Github -No PoCs found on GitHub currently. +- https://github.com/hemantsolo/CVE-Reference diff --git a/2020/CVE-2020-29475.md b/2020/CVE-2020-29475.md index 3c257e192f..168b8f3921 100644 --- a/2020/CVE-2020-29475.md +++ b/2020/CVE-2020-29475.md @@ -13,5 +13,5 @@ nopCommerce Store 4.30 is affected by cross-site scripting (XSS) in the Schedule - https://www.exploit-db.com/exploits/49093 #### Github -No PoCs found on GitHub currently. +- https://github.com/hemantsolo/CVE-Reference diff --git a/2020/CVE-2020-29477.md b/2020/CVE-2020-29477.md index 2b59605ec5..ad3fb4d661 100644 --- a/2020/CVE-2020-29477.md +++ b/2020/CVE-2020-29477.md @@ -13,5 +13,5 @@ Invision Community 4.5.4 is affected by cross-site scripting (XSS) in the Field - https://www.exploit-db.com/exploits/49188 #### Github -No PoCs found on GitHub currently. +- https://github.com/hemantsolo/CVE-Reference diff --git a/2020/CVE-2020-29562.md b/2020/CVE-2020-29562.md index 09e3ee3190..d4cb120ab6 100644 --- a/2020/CVE-2020-29562.md +++ b/2020/CVE-2020-29562.md @@ -13,6 +13,9 @@ The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when No PoCs from references. #### Github +- https://github.com/brandoncamenisch/release-the-code-litecoin - https://github.com/dispera/giant-squid +- https://github.com/domyrtille/interview_project +- https://github.com/epequeno/devops-demo - https://github.com/onzack/trivy-multiscanner diff --git a/2020/CVE-2020-29564.md b/2020/CVE-2020-29564.md index a8e8c4499b..84b41fc648 100644 --- a/2020/CVE-2020-29564.md +++ b/2020/CVE-2020-29564.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-29583.md b/2020/CVE-2020-29583.md index ddca2877f6..a15db5c947 100644 --- a/2020/CVE-2020-29583.md +++ b/2020/CVE-2020-29583.md @@ -18,5 +18,8 @@ No PoCs from references. - https://github.com/SexyBeast233/SecBooks - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/ruppde/scan_CVE-2020-29583 +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-29621.md b/2020/CVE-2020-29621.md new file mode 100644 index 0000000000..b993e49b0d --- /dev/null +++ b/2020/CVE-2020-29621.md @@ -0,0 +1,17 @@ +### [CVE-2020-29621](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29621) +![](https://img.shields.io/static/v1?label=Product&message=macOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2011.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=A%20malicious%20application%20may%20be%20able%20to%20bypass%20Privacy%20preferences&color=brighgreen) + +### Description + +This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may be able to bypass Privacy preferences. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/V0lk3n/OSMR-CheatSheet + diff --git a/2020/CVE-2020-29622.md b/2020/CVE-2020-29622.md new file mode 100644 index 0000000000..f71470c170 --- /dev/null +++ b/2020/CVE-2020-29622.md @@ -0,0 +1,17 @@ +### [CVE-2020-29622](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29622) +![](https://img.shields.io/static/v1?label=Product&message=Security%20Update%20-%20Catalina&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%202021%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Mounting%20a%20maliciously%20crafted%20NFS%20network%20share%20may%20lead%20to%20arbitrary%20code%20execution%20with%20system%20privileges&color=brighgreen) + +### Description + +A race condition was addressed with additional validation. This issue is fixed in Security Update 2021-005 Catalina. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/zanezhub/PIA-PC + diff --git a/2020/CVE-2020-29652.md b/2020/CVE-2020-29652.md new file mode 100644 index 0000000000..ff4034ac0f --- /dev/null +++ b/2020/CVE-2020-29652.md @@ -0,0 +1,17 @@ +### [CVE-2020-29652](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29652) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/k1LoW/oshka + diff --git a/2020/CVE-2020-29669.md b/2020/CVE-2020-29669.md index efb8e92c5f..9f69902e2f 100644 --- a/2020/CVE-2020-29669.md +++ b/2020/CVE-2020-29669.md @@ -15,6 +15,7 @@ In the Macally WIFISD2-2A82 Media and Travel Router 2.000.010, the Guest user is #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/code-byter/CVE-2020-29669 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2020/CVE-2020-2978.md b/2020/CVE-2020-2978.md index d47ecfa793..3ba937eca5 100644 --- a/2020/CVE-2020-2978.md +++ b/2020/CVE-2020-2978.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/emad-almousa/CVE-2020-2978 - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-3119.md b/2020/CVE-2020-3119.md index 88c100021d..fe740cb0b0 100644 --- a/2020/CVE-2020-3119.md +++ b/2020/CVE-2020-3119.md @@ -14,4 +14,5 @@ A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS S #### Github - https://github.com/epi052/CiscoNotes +- https://github.com/routetonull/opencheck diff --git a/2020/CVE-2020-3120.md b/2020/CVE-2020-3120.md index 28901abaf9..89e7a31e2b 100644 --- a/2020/CVE-2020-3120.md +++ b/2020/CVE-2020-3120.md @@ -13,5 +13,5 @@ A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS So - http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html #### Github -No PoCs found on GitHub currently. +- https://github.com/routetonull/opencheck diff --git a/2020/CVE-2020-3125.md b/2020/CVE-2020-3125.md new file mode 100644 index 0000000000..0729eac19e --- /dev/null +++ b/2020/CVE-2020-3125.md @@ -0,0 +1,17 @@ +### [CVE-2020-3125](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3125) +![](https://img.shields.io/static/v1?label=Product&message=Cisco%20Adaptive%20Security%20Appliance%20(ASA)%20Software%20&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-287&color=brighgreen) + +### Description + +A vulnerability in the Kerberos authentication feature of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to impersonate the Kerberos key distribution center (KDC) and bypass authentication on an affected device that is configured to perform Kerberos authentication for VPN or local device access. The vulnerability is due to insufficient identity verification of the KDC when a successful authentication response is received. An attacker could exploit this vulnerability by spoofing the KDC server response to the ASA device. This malicious response would not have been authenticated by the KDC. A successful attack could allow an attacker to bypass Kerberos authentication. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2020/CVE-2020-3153.md b/2020/CVE-2020-3153.md index a9f20e8b7a..c6e599af1a 100644 --- a/2020/CVE-2020-3153.md +++ b/2020/CVE-2020-3153.md @@ -24,6 +24,7 @@ A vulnerability in the installer component of Cisco AnyConnect Secure Mobility C - https://github.com/goichot/CVE-2020-3433 - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/r0eXpeR/supplier - https://github.com/raspberry-pie/CVE-2020-3153 - https://github.com/shubham0d/CVE-2020-3153 - https://github.com/taielab/awesome-hacking-lists diff --git a/2020/CVE-2020-3172.md b/2020/CVE-2020-3172.md new file mode 100644 index 0000000000..470be494bd --- /dev/null +++ b/2020/CVE-2020-3172.md @@ -0,0 +1,17 @@ +### [CVE-2020-3172](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3172) +![](https://img.shields.io/static/v1?label=Product&message=Cisco%20Unified%20Computing%20System%20(Managed)%20&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20&color=brighgreen) + +### Description + +A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/routetonull/opencheck + diff --git a/2020/CVE-2020-3187.md b/2020/CVE-2020-3187.md index a0976c50a3..b433182b9c 100644 --- a/2020/CVE-2020-3187.md +++ b/2020/CVE-2020-3187.md @@ -24,5 +24,6 @@ A vulnerability in the web services interface of Cisco Adaptive Security Applian - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/r0eXpeR/supplier - https://github.com/sobinge/nuclei-templates diff --git a/2020/CVE-2020-3433.md b/2020/CVE-2020-3433.md index 3ab061989e..e37836c295 100644 --- a/2020/CVE-2020-3433.md +++ b/2020/CVE-2020-3433.md @@ -20,4 +20,5 @@ A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConn - https://github.com/goichot/CVE-2020-3433 - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/r0eXpeR/supplier diff --git a/2020/CVE-2020-3451.md b/2020/CVE-2020-3451.md index 24724ee34e..30003f46b1 100644 --- a/2020/CVE-2020-3451.md +++ b/2020/CVE-2020-3451.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/404notf0und/CVE-Flow +- https://github.com/avboy1337/cisco-RV34x-RCE diff --git a/2020/CVE-2020-3452.md b/2020/CVE-2020-3452.md index 87cc501d3f..22cf8c855a 100644 --- a/2020/CVE-2020-3452.md +++ b/2020/CVE-2020-3452.md @@ -23,8 +23,10 @@ A vulnerability in the web services interface of Cisco Adaptive Security Applian - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Ares-X/VulWiki +- https://github.com/Aviksaikat/CVE-2020-3452 - https://github.com/CnHack3r/Penetration_PoC - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/Elsfa7-110/Elsfa7110-Oneliner-bughunting - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/Gh0st0ne/http-vuln-cve2020-3452.nse - https://github.com/Loneyers/cve-2020-3452 @@ -40,10 +42,13 @@ A vulnerability in the web services interface of Cisco Adaptive Security Applian - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/amcai/myscan +- https://github.com/cygenta/CVE-2020-3452 +- https://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/dinhbaouit/CISCO-Remove-File - https://github.com/dwisiswant0/awesome-oneliner-bugbounty - https://github.com/foulenzer/CVE-2020-3452 +- https://github.com/grim3/CVE-2020-3452 - https://github.com/hasee2018/Penetration_Testing_POC - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/huike007/penetration_poc @@ -56,8 +61,11 @@ A vulnerability in the web services interface of Cisco Adaptive Security Applian - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/paran0id34/CVE-2020-3452 - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/qeeqbox/falcon +- https://github.com/r0eXpeR/supplier - https://github.com/sobinge/nuclei-templates - https://github.com/toy0756428/CVE_2020_3452_Detect +- https://github.com/tzwlhack/Vulnerability - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/yedada-wei/- - https://github.com/yedada-wei/gongkaishouji diff --git a/2020/CVE-2020-35240.md b/2020/CVE-2020-35240.md new file mode 100644 index 0000000000..d0c3c7ad28 --- /dev/null +++ b/2020/CVE-2020-35240.md @@ -0,0 +1,17 @@ +### [CVE-2020-35240](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35240) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +FluxBB 1.5.11 is affected by cross-site scripting (XSS in the Blog Content component. This vulnerability can allow an attacker to inject the XSS payload in "Blog Content" and each time any user will visit the blog, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/hemantsolo/CVE-Reference + diff --git a/2020/CVE-2020-35241.md b/2020/CVE-2020-35241.md index 3555b5827a..ce8cdbee08 100644 --- a/2020/CVE-2020-35241.md +++ b/2020/CVE-2020-35241.md @@ -13,5 +13,5 @@ FlatPress 1.0.3 is affected by cross-site scripting (XSS) in the Blog Content co - https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-35241.md #### Github -No PoCs found on GitHub currently. +- https://github.com/hemantsolo/CVE-Reference diff --git a/2020/CVE-2020-35262.md b/2020/CVE-2020-35262.md index d73cc3e758..3fecc6a2d1 100644 --- a/2020/CVE-2020-35262.md +++ b/2020/CVE-2020-35262.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/the-girl-who-lived/CVE-2020-35262 diff --git a/2020/CVE-2020-35381.md b/2020/CVE-2020-35381.md new file mode 100644 index 0000000000..d17d619271 --- /dev/null +++ b/2020/CVE-2020-35381.md @@ -0,0 +1,18 @@ +### [CVE-2020-35381](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35381) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +jsonparser 1.0.0 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a GET call. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/k1LoW/oshka +- https://github.com/naveensrinivasan/stunning-tribble + diff --git a/2020/CVE-2020-35452.md b/2020/CVE-2020-35452.md new file mode 100644 index 0000000000..47de38959d --- /dev/null +++ b/2020/CVE-2020-35452.md @@ -0,0 +1,17 @@ +### [CVE-2020-35452](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452) +![](https://img.shields.io/static/v1?label=Product&message=Apache%20HTTP%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=2.4%3D%202.4.46%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=mod_auth_digest%20possible%20stack%20overflow%20by%20one%20nul%20byte&color=brighgreen) + +### Description + +Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network + diff --git a/2020/CVE-2020-35476.md b/2020/CVE-2020-35476.md index a7503f628f..41d2b34f86 100644 --- a/2020/CVE-2020-35476.md +++ b/2020/CVE-2020-35476.md @@ -22,4 +22,5 @@ No PoCs from references. - https://github.com/jweny/pocassistdb - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/sobinge/nuclei-templates +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-35489.md b/2020/CVE-2020-35489.md index d8059c17a2..c374a1005a 100644 --- a/2020/CVE-2020-35489.md +++ b/2020/CVE-2020-35489.md @@ -19,5 +19,6 @@ The contact-form-7 (aka Contact Form 7) plugin before 5.3.2 for WordPress allows - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/SexyBeast233/SecBooks - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/dn9uy3n/Check-WP-CVE-2020-35489 - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2020/CVE-2020-35576.md b/2020/CVE-2020-35576.md index 0041de5706..de49e081d7 100644 --- a/2020/CVE-2020-35576.md +++ b/2020/CVE-2020-35576.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/TesterCC/exp_poc_library +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-35584.md b/2020/CVE-2020-35584.md new file mode 100644 index 0000000000..fdc34328d7 --- /dev/null +++ b/2020/CVE-2020-35584.md @@ -0,0 +1,17 @@ +### [CVE-2020-35584](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35584) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In Solstice Pod before 3.0.3, the web services allow users to connect to them over unencrypted channels via the Browser Look-in feature. An attacker suitably positioned to view a legitimate user's network traffic could record and monitor their interactions with the web services and obtain any information the user supplies, including Administrator passwords and screen keys. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/aress31/solstice-pod-cves + diff --git a/2020/CVE-2020-35585.md b/2020/CVE-2020-35585.md new file mode 100644 index 0000000000..ac735e0c91 --- /dev/null +++ b/2020/CVE-2020-35585.md @@ -0,0 +1,17 @@ +### [CVE-2020-35585](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35585) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In Solstice Pod before 3.3.0 (or Open4.3), the screen key can be enumerated using brute-force attacks via the /lookin/info Solstice Open Control API because there are only 1.7 million possibilities. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/aress31/solstice-pod-cves + diff --git a/2020/CVE-2020-35586.md b/2020/CVE-2020-35586.md new file mode 100644 index 0000000000..ceee82f768 --- /dev/null +++ b/2020/CVE-2020-35586.md @@ -0,0 +1,17 @@ +### [CVE-2020-35586](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35586) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In Solstice Pod before 3.3.0 (or Open4.3), the Administrator password can be enumerated using brute-force attacks via the /Config/service/initModel?password= Solstice Open Control API because there is no complexity requirement (e.g., it might be all digits or all lowercase letters). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/aress31/solstice-pod-cves + diff --git a/2020/CVE-2020-35587.md b/2020/CVE-2020-35587.md new file mode 100644 index 0000000000..b2c7cd2be4 --- /dev/null +++ b/2020/CVE-2020-35587.md @@ -0,0 +1,17 @@ +### [CVE-2020-35587](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35587) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +** DISPUTED ** In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled. The decompiled/disassembled files contain non-obfuscated code. NOTE: it is unclear whether lack of obfuscation is directly associated with a negative impact, or instead only facilitates an attack technique. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/aress31/solstice-pod-cves + diff --git a/2020/CVE-2020-35590.md b/2020/CVE-2020-35590.md index 01c9d3badc..1577657d8b 100644 --- a/2020/CVE-2020-35590.md +++ b/2020/CVE-2020-35590.md @@ -14,6 +14,7 @@ LimitLoginAttempts.php in the limit-login-attempts-reloaded plugin before 2.17.4 #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/N4nj0/CVE-2020-35590 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2020/CVE-2020-35606.md b/2020/CVE-2020-35606.md index 6004b23e84..dc236d592a 100644 --- a/2020/CVE-2020-35606.md +++ b/2020/CVE-2020-35606.md @@ -19,6 +19,11 @@ Arbitrary command execution can occur in Webmin through 1.962. Any user authoriz - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks - https://github.com/alphaSeclab/sec-daily-2020 +- https://github.com/anasbousselham/webminscan - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/fofapro/vulfocus-java +- https://github.com/fofapro/vulfocus-py +- https://github.com/fofapro/vulfocus-spring-boot-starter - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-35616.md b/2020/CVE-2020-35616.md index b031b7ecf8..9bd4b16f49 100644 --- a/2020/CVE-2020-35616.md +++ b/2020/CVE-2020-35616.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks - https://github.com/alphaSeclab/sec-daily-2020 +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-35660.md b/2020/CVE-2020-35660.md index 2c36544b6b..10680b9636 100644 --- a/2020/CVE-2020-35660.md +++ b/2020/CVE-2020-35660.md @@ -13,5 +13,5 @@ Cross Site Scripting (XSS) in Monica before 2.19.1 via the journal page. - https://www.huntr.dev/bounties/1-other-monica/ #### Github -No PoCs found on GitHub currently. +- https://github.com/ajmalabubakkr/CVE diff --git a/2020/CVE-2020-35693.md b/2020/CVE-2020-35693.md new file mode 100644 index 0000000000..22dcf54618 --- /dev/null +++ b/2020/CVE-2020-35693.md @@ -0,0 +1,17 @@ +### [CVE-2020-35693](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35693) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +On some Samsung phones and tablets running Android through 7.1.1, it is possible for an attacker-controlled Bluetooth Low Energy (BLE) device to pair silently with a vulnerable target device, without any user interaction, when the target device's Bluetooth is on, and it is running an app that offers a connectable BLE advertisement. An example of such an app could be a Bluetooth-based contact tracing app, such as Australia's COVIDSafe app, Singapore's TraceTogether app, or France's TousAntiCovid (formerly StopCovid). As part of the pairing process, two pieces (among others) of personally identifiable information are exchanged: the Identity Address of the Bluetooth adapter of the target device, and its associated Identity Resolving Key (IRK). Either one of these identifiers can be used to perform re-identification of the target device for long term tracking. The list of affected devices includes (but is not limited to): Galaxy Note 5, Galaxy S6 Edge, Galaxy A3, Tab A (2017), J2 Pro (2018), Galaxy Note 4, and Galaxy S5. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/alwentiu/contact-tracing-research + diff --git a/2020/CVE-2020-35728.md b/2020/CVE-2020-35728.md index 1847007760..131f04f72c 100644 --- a/2020/CVE-2020-35728.md +++ b/2020/CVE-2020-35728.md @@ -14,9 +14,11 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Al1ex/CVE-2020-35728 - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/SexyBeast233/SecBooks - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-3580.md b/2020/CVE-2020-3580.md index 3a53a191ae..897b93aa99 100644 --- a/2020/CVE-2020-3580.md +++ b/2020/CVE-2020-3580.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/n1sh1th/CVE-POC - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/r0eXpeR/supplier diff --git a/2020/CVE-2020-35846.md b/2020/CVE-2020-35846.md index 7fc97f35d8..a853561fb1 100644 --- a/2020/CVE-2020-35846.md +++ b/2020/CVE-2020-35846.md @@ -16,4 +16,6 @@ Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.ph - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/JohnHammond/CVE-2020-35846 +- https://github.com/Konstantinos-Papanagnou/CMSpit diff --git a/2020/CVE-2020-35847.md b/2020/CVE-2020-35847.md index 46f266bfc5..077b57796a 100644 --- a/2020/CVE-2020-35847.md +++ b/2020/CVE-2020-35847.md @@ -17,4 +17,6 @@ Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.ph - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/Konstantinos-Papanagnou/CMSpit +- https://github.com/zmylml/yangzifun diff --git a/2020/CVE-2020-36079.md b/2020/CVE-2020-36079.md index cbc73355ff..c8c1e1f474 100644 --- a/2020/CVE-2020-36079.md +++ b/2020/CVE-2020-36079.md @@ -14,5 +14,6 @@ #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/F-Masood/ZenPhotoCMSv1.5.7-RCE - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-36179.md b/2020/CVE-2020-36179.md index c1cad081d3..560ca8cfb7 100644 --- a/2020/CVE-2020-36179.md +++ b/2020/CVE-2020-36179.md @@ -21,5 +21,6 @@ No PoCs from references. - https://github.com/SexyBeast233/SecBooks - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/huike007/penetration_poc +- https://github.com/tzwlhack/Vulnerability - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2020/CVE-2020-36184.md b/2020/CVE-2020-36184.md index f0f873903c..84e282b858 100644 --- a/2020/CVE-2020-36184.md +++ b/2020/CVE-2020-36184.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/Al1ex/Al1ex +- https://github.com/Al1ex/CVE-2020-36184 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/ycdxsb/PocOrExp_in_Github diff --git a/2020/CVE-2020-36188.md b/2020/CVE-2020-36188.md index 4db2258093..e4d98aacff 100644 --- a/2020/CVE-2020-36188.md +++ b/2020/CVE-2020-36188.md @@ -15,5 +15,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/Al1ex/Al1ex +- https://github.com/Al1ex/CVE-2020-36188 - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-36197.md b/2020/CVE-2020-36197.md index a8d5292326..c3d76e6af1 100644 --- a/2020/CVE-2020-36197.md +++ b/2020/CVE-2020-36197.md @@ -14,4 +14,5 @@ An improper access control vulnerability has been reported to affect earlier ver #### Github - https://github.com/ShielderSec/poc +- https://github.com/r0eXpeR/supplier diff --git a/2020/CVE-2020-36289.md b/2020/CVE-2020-36289.md index fbfe77adbd..b6456b8bac 100644 --- a/2020/CVE-2020-36289.md +++ b/2020/CVE-2020-36289.md @@ -16,4 +16,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/r0eXpeR/supplier +- https://github.com/sushantdhopat/JIRA_testing diff --git a/2020/CVE-2020-36317.md b/2020/CVE-2020-36317.md new file mode 100644 index 0000000000..030a67339c --- /dev/null +++ b/2020/CVE-2020-36317.md @@ -0,0 +1,18 @@ +### [CVE-2020-36317](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36317) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the same string. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Qwaz/rust-cve +- https://github.com/sslab-gatech/Rudra-Artifacts + diff --git a/2020/CVE-2020-36318.md b/2020/CVE-2020-36318.md new file mode 100644 index 0000000000..557fbf38a5 --- /dev/null +++ b/2020/CVE-2020-36318.md @@ -0,0 +1,17 @@ +### [CVE-2020-36318](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36318) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Qwaz/rust-cve + diff --git a/2020/CVE-2020-36323.md b/2020/CVE-2020-36323.md new file mode 100644 index 0000000000..59a48f8c45 --- /dev/null +++ b/2020/CVE-2020-36323.md @@ -0,0 +1,18 @@ +### [CVE-2020-36323](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36323) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Qwaz/rust-cve +- https://github.com/sslab-gatech/Rudra-Artifacts + diff --git a/2020/CVE-2020-36406.md b/2020/CVE-2020-36406.md new file mode 100644 index 0000000000..9989390c67 --- /dev/null +++ b/2020/CVE-2020-36406.md @@ -0,0 +1,17 @@ +### [CVE-2020-36406](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36406) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +** DISPUTED ** uWebSockets 18.11.0 and 18.12.0 has a stack-based buffer overflow in uWS::TopicTree::trimTree (called from uWS::TopicTree::unsubscribeAll). NOTE: the vendor's position is that this is "a minor issue or not even an issue at all" because the developer of an application (that uses uWebSockets) should not be allowing the large number of triggered topics to accumulate. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/PalindromeLabs/awesome-websocket-security + diff --git a/2020/CVE-2020-3762.md b/2020/CVE-2020-3762.md new file mode 100644 index 0000000000..ea0e8a75fd --- /dev/null +++ b/2020/CVE-2020-3762.md @@ -0,0 +1,17 @@ +### [CVE-2020-3762](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3762) +![](https://img.shields.io/static/v1?label=Product&message=Adobe%20Acrobat%20and%20Reader&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Privilege%20Escalation&color=brighgreen) + +### Description + +Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to arbitrary file system write. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/V0lk3n/OSMR-CheatSheet + diff --git a/2020/CVE-2020-3847.md b/2020/CVE-2020-3847.md index 707055f72b..b42a46a8a3 100644 --- a/2020/CVE-2020-3847.md +++ b/2020/CVE-2020-3847.md @@ -13,5 +13,6 @@ An out-of-bounds read was addressed with improved input validation. This issue i No PoCs from references. #### Github +- https://github.com/hac425xxx/heap-exploitation-in-real-world - https://github.com/houjingyi233/macOS-iOS-system-security diff --git a/2020/CVE-2020-3848.md b/2020/CVE-2020-3848.md index 60cb893e4e..d1e2ded14e 100644 --- a/2020/CVE-2020-3848.md +++ b/2020/CVE-2020-3848.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/Charmve/BLE-Security-Attack-Defence +- https://github.com/hac425xxx/heap-exploitation-in-real-world - https://github.com/houjingyi233/macOS-iOS-system-security diff --git a/2020/CVE-2020-3855.md b/2020/CVE-2020-3855.md new file mode 100644 index 0000000000..818dd3d613 --- /dev/null +++ b/2020/CVE-2020-3855.md @@ -0,0 +1,17 @@ +### [CVE-2020-3855](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3855) +![](https://img.shields.io/static/v1?label=Product&message=macOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2010.15%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=A%20malicious%20application%20may%20be%20able%20to%20overwrite%20arbitrary%20files&color=brighgreen) + +### Description + +An access issue was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. A malicious application may be able to overwrite arbitrary files. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/V0lk3n/OSMR-CheatSheet + diff --git a/2020/CVE-2020-3952.md b/2020/CVE-2020-3952.md index 583e57a605..10bdcf0d6e 100644 --- a/2020/CVE-2020-3952.md +++ b/2020/CVE-2020-3952.md @@ -28,8 +28,12 @@ Under certain conditions, vmdir that ships with VMware vCenter Server, as part o - https://github.com/gelim/CVE-2020-3952 - https://github.com/guardicore/vmware_vcenter_cve_2020_3952 - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/r0eXpeR/supplier +- https://github.com/severnake/Pentest-Tools - https://github.com/tdtc7/qps - https://github.com/theyoge/AD-Pentesting-Tools - https://github.com/tijldeneut/Security +- https://github.com/viksafe/Get-vSphereVersion diff --git a/2020/CVE-2020-3992.md b/2020/CVE-2020-3992.md index cc6c6d32ec..d7c909858c 100644 --- a/2020/CVE-2020-3992.md +++ b/2020/CVE-2020-3992.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/HynekPetrak/CVE-2019-5544_CVE-2020-3992 - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2020/CVE-2020-4006.md b/2020/CVE-2020-4006.md index c8d52c53b4..5f8dc82de5 100644 --- a/2020/CVE-2020-4006.md +++ b/2020/CVE-2020-4006.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/pen4uin/vulnerability-lab +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-4066.md b/2020/CVE-2020-4066.md index d589484103..0dad75c7e9 100644 --- a/2020/CVE-2020-4066.md +++ b/2020/CVE-2020-4066.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/ossf-cve-benchmark/CVE-2020-4066 +- https://github.com/ossf-cve-benchmark/ossf-cve-benchmark diff --git a/2020/CVE-2020-4280.md b/2020/CVE-2020-4280.md index d05d8a6336..2a55ed6606 100644 --- a/2020/CVE-2020-4280.md +++ b/2020/CVE-2020-4280.md @@ -18,4 +18,5 @@ IBM QRadar SIEM 7.3 and 7.4 could allow a remote attacker to execute arbitrary c - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-4463.md b/2020/CVE-2020-4463.md index 306284f5a6..9d0e3a0feb 100644 --- a/2020/CVE-2020-4463.md +++ b/2020/CVE-2020-4463.md @@ -24,4 +24,5 @@ No PoCs from references. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/sobinge/nuclei-templates +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-5135.md b/2020/CVE-2020-5135.md index f8c737ae17..22ce14f0eb 100644 --- a/2020/CVE-2020-5135.md +++ b/2020/CVE-2020-5135.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/alphaSeclab/sec-daily-2020 +- https://github.com/r0eXpeR/supplier diff --git a/2020/CVE-2020-5144.md b/2020/CVE-2020-5144.md new file mode 100644 index 0000000000..c3723c78b7 --- /dev/null +++ b/2020/CVE-2020-5144.md @@ -0,0 +1,17 @@ +### [CVE-2020-5144](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5144) +![](https://img.shields.io/static/v1?label=Product&message=SonicWall%20Global%20VPN%20Client&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-426%3A%20Untrusted%20Search%20Path&color=brighgreen) + +### Description + +SonicWall Global VPN client version 4.10.4.0314 and earlier allows unprivileged windows user to elevate privileges to SYSTEM through loaded process hijacking vulnerability. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2020/CVE-2020-5310.md b/2020/CVE-2020-5310.md new file mode 100644 index 0000000000..e767955480 --- /dev/null +++ b/2020/CVE-2020-5310.md @@ -0,0 +1,17 @@ +### [CVE-2020-5310](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5310) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/asa1997/topgear_test + diff --git a/2020/CVE-2020-5313.md b/2020/CVE-2020-5313.md index 917ca77269..b73de536b9 100644 --- a/2020/CVE-2020-5313.md +++ b/2020/CVE-2020-5313.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/Pad0y/Django2_dailyfresh +- https://github.com/asa1997/topgear_test diff --git a/2020/CVE-2020-5405.md b/2020/CVE-2020-5405.md index 055446a625..5fe8f53a6e 100644 --- a/2020/CVE-2020-5405.md +++ b/2020/CVE-2020-5405.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/SexyBeast233/SecBooks - https://github.com/amcai/myscan +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/shadowsock5/spring-cloud-config-starter - https://github.com/sobinge/nuclei-templates - https://github.com/tdtc7/qps diff --git a/2020/CVE-2020-5410.md b/2020/CVE-2020-5410.md index 522dae22cd..bb1a73d7fb 100644 --- a/2020/CVE-2020-5410.md +++ b/2020/CVE-2020-5410.md @@ -33,6 +33,7 @@ No PoCs from references. - https://github.com/huike007/poc - https://github.com/ilmila/J2EEScan - https://github.com/jweny/pocassistdb +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/missme3f/resource - https://github.com/mugisyahid/ki-vuln-cve-2020-5410 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-5421.md b/2020/CVE-2020-5421.md index 2e2a5fb5d7..07353422f5 100644 --- a/2020/CVE-2020-5421.md +++ b/2020/CVE-2020-5421.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/delaval-htps/ProjetDevJava - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/fulln/TIL - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-5509.md b/2020/CVE-2020-5509.md index 67eb16c8a5..c9f6317d3a 100644 --- a/2020/CVE-2020-5509.md +++ b/2020/CVE-2020-5509.md @@ -14,6 +14,7 @@ PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executabl #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/5l1v3r1/CVE-2020-5509 - https://github.com/ARPSyndicate/cvemon - https://github.com/CnHack3r/Penetration_PoC - https://github.com/FULLSHADE/CVE-2020-5509 diff --git a/2020/CVE-2020-5639.md b/2020/CVE-2020-5639.md new file mode 100644 index 0000000000..758680d793 --- /dev/null +++ b/2020/CVE-2020-5639.md @@ -0,0 +1,17 @@ +### [CVE-2020-5639](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5639) +![](https://img.shields.io/static/v1?label=Product&message=FileZen&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Directory%20traversal&color=brighgreen) + +### Description + +Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitrary OS command may be executed. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2020/CVE-2020-5902.md b/2020/CVE-2020-5902.md index 8e0297e5cd..3e8c783ff2 100644 --- a/2020/CVE-2020-5902.md +++ b/2020/CVE-2020-5902.md @@ -28,8 +28,11 @@ In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12. - https://github.com/AnonVulc/Pentest-Tools - https://github.com/Any3ite/CVE-2020-5902-F5BIG - https://github.com/Astrogeorgeonethree/Starred +- https://github.com/BitTheByte/BitTraversal - https://github.com/CnHack3r/Penetration_PoC +- https://github.com/Elsfa7-110/Elsfa7110-Oneliner-bughunting - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/EvilAnne/2020-Read-article - https://github.com/GovindPalakkal/EvilRip - https://github.com/JSec1337/RCE-CVE-2020-5902 - https://github.com/LearnGolang/LearnGolang @@ -56,6 +59,7 @@ In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12. - https://github.com/bhdresh/SnortRules - https://github.com/bigblackhat/oFx - https://github.com/byt3bl33d3r/WitnessMe +- https://github.com/chenjj/Awesome-HTTPRequestSmuggling - https://github.com/corelight/CVE-2020-5902-F5BigIP - https://github.com/cristiano-corrado/f5_scanner - https://github.com/cybersecurityworks553/scanner-CVE-2020-5902 @@ -76,6 +80,7 @@ In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/ibnufachrizal/bugbounty - https://github.com/ihebski/A-Red-Teamer-diaries - https://github.com/inho28/CVE-2020-5902-F5-BIGIP - https://github.com/itsjeffersonli/CVE-2020-5902 @@ -85,6 +90,7 @@ In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12. - https://github.com/k3nundrum/CVE-2020-5902 - https://github.com/lijiaxing1997/CVE-2020-5902-POC-EXP - https://github.com/litt1eb0yy/One-Liner-Scripts +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/ltvthang/CVE-2020-5903 - https://github.com/ludy-dev/BIG-IP-F5-TMUI-RCE-Vulnerability - https://github.com/momika233/cve-2020-5902 @@ -97,14 +103,17 @@ In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12. - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qiong-qi/CVE-2020-5902-POC - https://github.com/qlkwej/poc-CVE-2020-5902 +- https://github.com/r0eXpeR/supplier - https://github.com/r0ttenbeef/cve-2020-5902 - https://github.com/renanhsilva/checkvulnCVE20205902 - https://github.com/rockmelodies/CVE-2020-5902-rce-gui - https://github.com/rwincey/CVE-2020-5902-NSE +- https://github.com/severnake/Pentest-Tools - https://github.com/sobinge/nuclei-templates - https://github.com/superfish9/pt - https://github.com/superzerosec/cve-2020-5902 - https://github.com/sv3nbeast/CVE-2020-5902_RCE +- https://github.com/t31m0/awesome-oneliner-bugbounty - https://github.com/taielab/awesome-hacking-lists - https://github.com/tdtc7/qps - https://github.com/theLSA/f5-bigip-rce-cve-2020-5902 diff --git a/2020/CVE-2020-6019.md b/2020/CVE-2020-6019.md index 137cf14d6c..3c66e798e6 100644 --- a/2020/CVE-2020-6019.md +++ b/2020/CVE-2020-6019.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-6096.md b/2020/CVE-2020-6096.md index 570e81e657..aab71d8274 100644 --- a/2020/CVE-2020-6096.md +++ b/2020/CVE-2020-6096.md @@ -17,6 +17,8 @@ No PoCs from references. - https://github.com/anchore/grype - https://github.com/aymankhder/scanner-for-container - https://github.com/dispera/giant-squid +- https://github.com/domyrtille/interview_project +- https://github.com/epequeno/devops-demo - https://github.com/garethr/snykout - https://github.com/nedenwalker/spring-boot-app-using-gradle - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln diff --git a/2020/CVE-2020-6175.md b/2020/CVE-2020-6175.md new file mode 100644 index 0000000000..751612409d --- /dev/null +++ b/2020/CVE-2020-6175.md @@ -0,0 +1,17 @@ +### [CVE-2020-6175](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6175) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stratosphereips/nist-cve-search-tool + diff --git a/2020/CVE-2020-6207.md b/2020/CVE-2020-6207.md index a9be81cd1c..f8414a83cf 100644 --- a/2020/CVE-2020-6207.md +++ b/2020/CVE-2020-6207.md @@ -20,7 +20,9 @@ SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/Onapsis/vulnerability_advisories +- https://github.com/chipik/SAP_EEM_CVE-2020-6207 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/lmkalg/my_cves - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-6287.md b/2020/CVE-2020-6287.md index e75599e9be..2be76a9463 100644 --- a/2020/CVE-2020-6287.md +++ b/2020/CVE-2020-6287.md @@ -33,6 +33,7 @@ SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/huike007/penetration_poc - https://github.com/lmkalg/my_cves +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/murataydemir/CVE-2020-6287 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/sobinge/nuclei-templates diff --git a/2020/CVE-2020-6308.md b/2020/CVE-2020-6308.md index 3fde332cdd..d20ca45a64 100644 --- a/2020/CVE-2020-6308.md +++ b/2020/CVE-2020-6308.md @@ -16,8 +16,11 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/InitRoot/CVE-2020-6308-PoC - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/freeFV/CVE-2020-6308-mass-exploiter - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-6422.md b/2020/CVE-2020-6422.md new file mode 100644 index 0000000000..87e231417a --- /dev/null +++ b/2020/CVE-2020-6422.md @@ -0,0 +1,17 @@ +### [CVE-2020-6422](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6422) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2080.0.3987.149%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20after%20free&color=brighgreen) + +### Description + +Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/StarCrossPortal/bug-hunting-101 + diff --git a/2020/CVE-2020-6463.md b/2020/CVE-2020-6463.md new file mode 100644 index 0000000000..3cff8d56d9 --- /dev/null +++ b/2020/CVE-2020-6463.md @@ -0,0 +1,17 @@ +### [CVE-2020-6463](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6463) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2081.0.4044.122%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20after%20free&color=brighgreen) + +### Description + +Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/StarCrossPortal/bug-hunting-101 + diff --git a/2020/CVE-2020-6506.md b/2020/CVE-2020-6506.md index d839ea1e8e..2844788f23 100644 --- a/2020/CVE-2020-6506.md +++ b/2020/CVE-2020-6506.md @@ -13,5 +13,7 @@ Insufficient policy enforcement in WebView in Google Chrome on Android prior to No PoCs from references. #### Github +- https://github.com/Aucode-n/AndroidSec - https://github.com/RG-Belasco/Android-BugBounty +- https://github.com/iamsarvagyaa/AndroidSecNotes diff --git a/2020/CVE-2020-6542.md b/2020/CVE-2020-6542.md index 5a05bbbd43..bc822c0420 100644 --- a/2020/CVE-2020-6542.md +++ b/2020/CVE-2020-6542.md @@ -13,5 +13,5 @@ Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote - https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1127 #### Github -No PoCs found on GitHub currently. +- https://github.com/StarCrossPortal/bug-hunting-101 diff --git a/2020/CVE-2020-7048.md b/2020/CVE-2020-7048.md index 82982d819d..8989dc6cf7 100644 --- a/2020/CVE-2020-7048.md +++ b/2020/CVE-2020-7048.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/ElmouradiAmine/CVE-2020-7048 - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-7200.md b/2020/CVE-2020-7200.md index 016850bdd1..289251d908 100644 --- a/2020/CVE-2020-7200.md +++ b/2020/CVE-2020-7200.md @@ -16,7 +16,9 @@ A potential security vulnerability has been identified in HPE Systems Insight Ma - https://github.com/ARPSyndicate/cvemon - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/SexyBeast233/SecBooks +- https://github.com/alexfrancow/CVE-2020-7200 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/testanull/ProjectSIM diff --git a/2020/CVE-2020-7247.md b/2020/CVE-2020-7247.md index dfac7e2893..29e07d27a8 100644 --- a/2020/CVE-2020-7247.md +++ b/2020/CVE-2020-7247.md @@ -28,6 +28,7 @@ smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and oth - https://github.com/anoaghost/Localroot_Compile - https://github.com/bcoles/local-exploits - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/doanhnn/HTB-Tentacle - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/r0lh/CVE-2020-7247 diff --git a/2020/CVE-2020-7471.md b/2020/CVE-2020-7471.md index b95e235225..57e14fd189 100644 --- a/2020/CVE-2020-7471.md +++ b/2020/CVE-2020-7471.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/ARPSyndicate/cvemon - https://github.com/CnHack3r/Penetration_PoC +- https://github.com/HxDDD/CVE-PoC - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/Pad0y/Django2_dailyfresh - https://github.com/SNCKER/CVE-2020-7471 diff --git a/2020/CVE-2020-7473.md b/2020/CVE-2020-7473.md index f5d107b98f..14c5188483 100644 --- a/2020/CVE-2020-7473.md +++ b/2020/CVE-2020-7473.md @@ -22,4 +22,5 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/stratosphereips/nist-cve-search-tool diff --git a/2020/CVE-2020-7662.md b/2020/CVE-2020-7662.md index ad67b59f6d..1b4a1b8a6e 100644 --- a/2020/CVE-2020-7662.md +++ b/2020/CVE-2020-7662.md @@ -13,5 +13,6 @@ websocket-extensions npm module prior to 0.1.4 allows Denial of Service (DoS) vi - https://snyk.io/vuln/SNYK-JS-WEBSOCKETEXTENSIONS-570623 #### Github +- https://github.com/PalindromeLabs/awesome-websocket-security - https://github.com/engn33r/awesome-redos-security diff --git a/2020/CVE-2020-7663.md b/2020/CVE-2020-7663.md index 71927352b9..99dfb3e794 100644 --- a/2020/CVE-2020-7663.md +++ b/2020/CVE-2020-7663.md @@ -13,5 +13,5 @@ websocket-extensions ruby module prior to 0.1.5 allows Denial of Service (DoS) v - https://snyk.io/vuln/SNYK-RUBY-WEBSOCKETEXTENSIONS-570830 #### Github -No PoCs found on GitHub currently. +- https://github.com/PalindromeLabs/awesome-websocket-security diff --git a/2020/CVE-2020-7667.md b/2020/CVE-2020-7667.md index ab568cf22f..6a5f4cadd2 100644 --- a/2020/CVE-2020-7667.md +++ b/2020/CVE-2020-7667.md @@ -13,5 +13,5 @@ In package github.com/sassoftware/go-rpmutils/cpio before version 0.1.0, the CPI - https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMSASSOFTWAREGORPMUTILSCPIO-570427 #### Github -No PoCs found on GitHub currently. +- https://github.com/k1LoW/oshka diff --git a/2020/CVE-2020-7760.md b/2020/CVE-2020-7760.md index 6b973f4f25..6406e94a7e 100644 --- a/2020/CVE-2020-7760.md +++ b/2020/CVE-2020-7760.md @@ -20,6 +20,7 @@ This affects the package codemirror before 5.58.2; the package org.apache.marmot - https://snyk.io/vuln/SNYK-JS-CODEMIRROR-1016937 #### Github +- https://github.com/deepakdba/cve_checklist - https://github.com/engn33r/awesome-redos-security - https://github.com/yetingli/PoCs diff --git a/2020/CVE-2020-7799.md b/2020/CVE-2020-7799.md index 58e99595f4..323c8e411b 100644 --- a/2020/CVE-2020-7799.md +++ b/2020/CVE-2020-7799.md @@ -20,6 +20,7 @@ An issue was discovered in FusionAuth before 1.11.0. An authenticated user, allo - https://github.com/SexyBeast233/SecBooks - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/ianxtianxt/CVE-2020-7799 +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tdtc7/qps diff --git a/2020/CVE-2020-7961.md b/2020/CVE-2020-7961.md index 9f576c0dad..f8277f31cc 100644 --- a/2020/CVE-2020-7961.md +++ b/2020/CVE-2020-7961.md @@ -27,17 +27,22 @@ Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/Saidul-M-Khan/PENTESTING-BIBLE - https://github.com/SexyBeast233/SecBooks +- https://github.com/ShutdownRepo/CVE-2020-7961 - https://github.com/Spacial/awesome-csirt +- https://github.com/ThePirateWhoSmellsOfSunflowers/TheHackerLinks +- https://github.com/Udyz/CVE-2020-7961-Mass - https://github.com/bjknbrrr/PENTESTING-BIBLE - https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE - https://github.com/codereveryday/Programming-Hacking-Resources - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/erSubhashThapa/pentest-bible +- https://github.com/fofapro/vulfocus - https://github.com/gacontuyenchien1/Security - https://github.com/gobysec/Goby - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/iamrajivd/pentest - https://github.com/imNani4/PENTESTING-BIBLE +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/mathiznogoud/Liferay-Deserialize-POC - https://github.com/mishmashclone/qazbnm456-awesome-web-security - https://github.com/mzer0one/CVE-2020-7961-POC @@ -51,6 +56,7 @@ Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows - https://github.com/raystyle/paper - https://github.com/shacojx/GLiferay-CVE-2020-7961-golang - https://github.com/shacojx/LifeRCEJsonWSTool-POC-CVE-2020-7961-Gui +- https://github.com/shacojx/POC-CVE-2020-7961-Token-iterate - https://github.com/sobinge/nuclei-templates - https://github.com/t31m0/PENTESTING-BIBLE - https://github.com/tdtc7/qps diff --git a/2020/CVE-2020-7980.md b/2020/CVE-2020-7980.md index 6f0efceac3..c368736d01 100644 --- a/2020/CVE-2020-7980.md +++ b/2020/CVE-2020-7980.md @@ -18,6 +18,7 @@ Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS command - https://github.com/ARPSyndicate/cvemon - https://github.com/Xh4H/Satellian-CVE-2020-7980 - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tdtc7/qps diff --git a/2020/CVE-2020-7997.md b/2020/CVE-2020-7997.md index d0f20a260c..32abcd5b04 100644 --- a/2020/CVE-2020-7997.md +++ b/2020/CVE-2020-7997.md @@ -13,5 +13,5 @@ ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices allow XSS via the Client Name field t - https://gist.github.com/adeshkolte/983bcadd82cc1fd60333098eb646ef68 #### Github -No PoCs found on GitHub currently. +- https://github.com/adeshkolte/My-CVEs diff --git a/2020/CVE-2020-7998.md b/2020/CVE-2020-7998.md index 96b0fd8ecb..82b1a42766 100644 --- a/2020/CVE-2020-7998.md +++ b/2020/CVE-2020-7998.md @@ -13,5 +13,5 @@ An arbitrary file upload vulnerability has been discovered in the Super File Exp - https://gist.github.com/adeshkolte/9e60b2483d2f20d1951beac0fc917c6f #### Github -No PoCs found on GitHub currently. +- https://github.com/adeshkolte/My-CVEs diff --git a/2020/CVE-2020-8152.md b/2020/CVE-2020-8152.md index e4901c8da8..eab0aeaa59 100644 --- a/2020/CVE-2020-8152.md +++ b/2020/CVE-2020-8152.md @@ -14,4 +14,5 @@ Insufficient protection of the server-side encryption keys in Nextcloud Server 1 #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/geffner/CVE-2020-8290 diff --git a/2020/CVE-2020-8165.md b/2020/CVE-2020-8165.md index e638e8a347..2b1dd718c5 100644 --- a/2020/CVE-2020-8165.md +++ b/2020/CVE-2020-8165.md @@ -16,8 +16,10 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/0xsyr0/OSCP - https://github.com/ARPSyndicate/cvemon +- https://github.com/AssassinUKG/CVE-2020-8165 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/hybryx/CVE-2020-8165 - https://github.com/macosta-42/Exploit-Development - https://github.com/masahiro331/CVE-2020-8165 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-8187.md b/2020/CVE-2020-8187.md new file mode 100644 index 0000000000..0a2fdf309a --- /dev/null +++ b/2020/CVE-2020-8187.md @@ -0,0 +1,17 @@ +### [CVE-2020-8187](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8187) +![](https://img.shields.io/static/v1?label=Product&message=Citrix%20ADC%2C%20Citrix%20Gateway&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Input%20Validation%20(CWE-20)&color=brighgreen) + +### Description + +Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service attack. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stratosphereips/nist-cve-search-tool + diff --git a/2020/CVE-2020-8190.md b/2020/CVE-2020-8190.md new file mode 100644 index 0000000000..de83ccb8cf --- /dev/null +++ b/2020/CVE-2020-8190.md @@ -0,0 +1,17 @@ +### [CVE-2020-8190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8190) +![](https://img.shields.io/static/v1?label=Product&message=Citrix%20ADC%2C%20Citrix%20Gateway&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Privilege%20Escalation%20(CAPEC-233)&color=brighgreen) + +### Description + +Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stratosphereips/nist-cve-search-tool + diff --git a/2020/CVE-2020-8191.md b/2020/CVE-2020-8191.md index fc09ee45e5..16ab7f8c27 100644 --- a/2020/CVE-2020-8191.md +++ b/2020/CVE-2020-8191.md @@ -20,4 +20,5 @@ No PoCs from references. - https://github.com/amcai/myscan - https://github.com/jweny/pocassistdb - https://github.com/sobinge/nuclei-templates +- https://github.com/stratosphereips/nist-cve-search-tool diff --git a/2020/CVE-2020-8193.md b/2020/CVE-2020-8193.md index 11f40695eb..28e8837e64 100644 --- a/2020/CVE-2020-8193.md +++ b/2020/CVE-2020-8193.md @@ -20,6 +20,7 @@ Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58 - https://github.com/Airboi/Citrix-ADC-RCE-CVE-2020-8193 - https://github.com/CnHack3r/Penetration_PoC - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/EvilAnne/2020-Read-article - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/PR3R00T/CVE-2020-8193-Citrix-Scanner @@ -36,6 +37,7 @@ Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58 - https://github.com/jweny/pocassistdb - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/sobinge/nuclei-templates +- https://github.com/stratosphereips/nist-cve-search-tool - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/yedada-wei/- - https://github.com/yedada-wei/gongkaishouji diff --git a/2020/CVE-2020-8194.md b/2020/CVE-2020-8194.md index cb3c0815ac..fa4ab0f54f 100644 --- a/2020/CVE-2020-8194.md +++ b/2020/CVE-2020-8194.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/SexyBeast233/SecBooks - https://github.com/sobinge/nuclei-templates +- https://github.com/stratosphereips/nist-cve-search-tool diff --git a/2020/CVE-2020-8195.md b/2020/CVE-2020-8195.md index 6116246f68..0ddf4bea53 100644 --- a/2020/CVE-2020-8195.md +++ b/2020/CVE-2020-8195.md @@ -13,8 +13,11 @@ Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0- - http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.html #### Github +- https://github.com/EvilAnne/2020-Read-article - https://github.com/PR3R00T/CVE-2020-8193-Citrix-Scanner - https://github.com/SexyBeast233/SecBooks - https://github.com/Zeop-CyberSec/citrix_adc_netscaler_lfi - https://github.com/dnif/content +- https://github.com/r0eXpeR/supplier +- https://github.com/stratosphereips/nist-cve-search-tool diff --git a/2020/CVE-2020-8196.md b/2020/CVE-2020-8196.md index 6ec23fb01d..d76e995688 100644 --- a/2020/CVE-2020-8196.md +++ b/2020/CVE-2020-8196.md @@ -13,7 +13,10 @@ Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58 - http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.html #### Github +- https://github.com/EvilAnne/2020-Read-article - https://github.com/PR3R00T/CVE-2020-8193-Citrix-Scanner - https://github.com/SexyBeast233/SecBooks - https://github.com/Zeop-CyberSec/citrix_adc_netscaler_lfi +- https://github.com/r0eXpeR/supplier +- https://github.com/stratosphereips/nist-cve-search-tool diff --git a/2020/CVE-2020-8197.md b/2020/CVE-2020-8197.md new file mode 100644 index 0000000000..5b83a8c503 --- /dev/null +++ b/2020/CVE-2020-8197.md @@ -0,0 +1,17 @@ +### [CVE-2020-8197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8197) +![](https://img.shields.io/static/v1?label=Product&message=Citrix%20ADC%2C%20Citrix%20Gateway&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Privilege%20Escalation%20(CAPEC-233)&color=brighgreen) + +### Description + +Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low privileged user with management access to execute arbitrary commands. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stratosphereips/nist-cve-search-tool + diff --git a/2020/CVE-2020-8198.md b/2020/CVE-2020-8198.md index ad01ca4a77..550c4e552b 100644 --- a/2020/CVE-2020-8198.md +++ b/2020/CVE-2020-8198.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/SexyBeast233/SecBooks +- https://github.com/stratosphereips/nist-cve-search-tool diff --git a/2020/CVE-2020-8199.md b/2020/CVE-2020-8199.md new file mode 100644 index 0000000000..7a81c188db --- /dev/null +++ b/2020/CVE-2020-8199.md @@ -0,0 +1,17 @@ +### [CVE-2020-8199](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8199) +![](https://img.shields.io/static/v1?label=Product&message=Citrix%20Gateway%20Plug-in%20for%20Linux&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Privilege%20Escalation%20(CAPEC-233)&color=brighgreen) + +### Description + +Improper access control in Citrix ADC Gateway Linux client versions before 1.0.0.137 results in local privilege escalation to root. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stratosphereips/nist-cve-search-tool + diff --git a/2020/CVE-2020-8200.md b/2020/CVE-2020-8200.md new file mode 100644 index 0000000000..8285927b86 --- /dev/null +++ b/2020/CVE-2020-8200.md @@ -0,0 +1,17 @@ +### [CVE-2020-8200](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8200) +![](https://img.shields.io/static/v1?label=Product&message=Citrix%20StoreFront&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Authentication%20-%20Generic%20(CWE-287)&color=brighgreen) + +### Description + +Improper authentication in Citrix StoreFront Server < 1912.0.1000 allows an attacker who is authenticated on the same Microsoft Active Directory domain as a Citrix StoreFront server to read arbitrary files from that server. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stratosphereips/nist-cve-search-tool + diff --git a/2020/CVE-2020-8207.md b/2020/CVE-2020-8207.md index dfe7df08c6..7abd35db9f 100644 --- a/2020/CVE-2020-8207.md +++ b/2020/CVE-2020-8207.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/alphaSeclab/sec-daily-2020 +- https://github.com/stratosphereips/nist-cve-search-tool diff --git a/2020/CVE-2020-8208.md b/2020/CVE-2020-8208.md new file mode 100644 index 0000000000..c86f95cdd6 --- /dev/null +++ b/2020/CVE-2020-8208.md @@ -0,0 +1,17 @@ +### [CVE-2020-8208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8208) +![](https://img.shields.io/static/v1?label=Product&message=Citrix%20XenMobile%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Cross-site%20Scripting%20(XSS)%20-%20Reflected%20(CWE-79)&color=brighgreen) + +### Description + +Improper input validation in Citrix XenMobile Server 10.12 before RP1, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.11 before RP6 and Citrix XenMobile Server before 10.9 RP5 allows Cross-Site Scripting (XSS). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stratosphereips/nist-cve-search-tool + diff --git a/2020/CVE-2020-8209.md b/2020/CVE-2020-8209.md index 07e40c8be9..de7b8cccda 100644 --- a/2020/CVE-2020-8209.md +++ b/2020/CVE-2020-8209.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Ares-X/VulWiki +- https://github.com/B1anda0/CVE-2020-8209 - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/SexyBeast233/SecBooks @@ -23,6 +24,9 @@ No PoCs from references. - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/sobinge/nuclei-templates +- https://github.com/stratosphereips/nist-cve-search-tool +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-8210.md b/2020/CVE-2020-8210.md new file mode 100644 index 0000000000..e76059e42a --- /dev/null +++ b/2020/CVE-2020-8210.md @@ -0,0 +1,17 @@ +### [CVE-2020-8210](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8210) +![](https://img.shields.io/static/v1?label=Product&message=Citrix%20XenMobile%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure%20(CWE-200)&color=brighgreen) + +### Description + +Insufficient protection of secrets in Citrix XenMobile Server 10.12 before RP3, Citrix XenMobile Server 10.11 before RP6, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5 discloses credentials of a service account. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stratosphereips/nist-cve-search-tool + diff --git a/2020/CVE-2020-8211.md b/2020/CVE-2020-8211.md new file mode 100644 index 0000000000..ee200d81a2 --- /dev/null +++ b/2020/CVE-2020-8211.md @@ -0,0 +1,17 @@ +### [CVE-2020-8211](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8211) +![](https://img.shields.io/static/v1?label=Product&message=Citrix%20XenMobile%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Command%20Injection%20-%20Generic%20(CWE-77)&color=brighgreen) + +### Description + +Improper input validation in Citrix XenMobile Server 10.12 before RP3, Citrix XenMobile Server 10.11 before RP6, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5 allows SQL Injection. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stratosphereips/nist-cve-search-tool + diff --git a/2020/CVE-2020-8212.md b/2020/CVE-2020-8212.md new file mode 100644 index 0000000000..9485752d2a --- /dev/null +++ b/2020/CVE-2020-8212.md @@ -0,0 +1,17 @@ +### [CVE-2020-8212](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8212) +![](https://img.shields.io/static/v1?label=Product&message=Citrix%20XenMobile%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Exposed%20Dangerous%20Method%20or%20Function%20(CWE-749)&color=brighgreen) + +### Description + +Improper access control in Citrix XenMobile Server 10.12 before RP3, Citrix XenMobile Server 10.11 before RP6, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5 allows access to privileged functionality. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stratosphereips/nist-cve-search-tool + diff --git a/2020/CVE-2020-8217.md b/2020/CVE-2020-8217.md index 7d47a31102..b187ac637f 100644 --- a/2020/CVE-2020-8217.md +++ b/2020/CVE-2020-8217.md @@ -13,5 +13,5 @@ A cross site scripting (XSS) vulnerability in Pulse Connect Secure <9.1R8 allowe - https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516 #### Github -No PoCs found on GitHub currently. +- https://github.com/stratosphereips/nist-cve-search-tool diff --git a/2020/CVE-2020-8243.md b/2020/CVE-2020-8243.md index adf1725e72..8cfdd3d489 100644 --- a/2020/CVE-2020-8243.md +++ b/2020/CVE-2020-8243.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/alphaSeclab/sec-daily-2020 +- https://github.com/r0eXpeR/supplier - https://github.com/tom0li/collection-document diff --git a/2020/CVE-2020-8245.md b/2020/CVE-2020-8245.md new file mode 100644 index 0000000000..8df5cc0182 --- /dev/null +++ b/2020/CVE-2020-8245.md @@ -0,0 +1,17 @@ +### [CVE-2020-8245](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8245) +![](https://img.shields.io/static/v1?label=Product&message=Citrix%20ADC%2C%20Citrix%20Gateway&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Cross-site%20Scripting%20(XSS)%20-%20Generic%20(CWE-79)&color=brighgreen) + +### Description + +Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b leads to an HTML Injection attack against the SSL VPN web portal. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stratosphereips/nist-cve-search-tool + diff --git a/2020/CVE-2020-8246.md b/2020/CVE-2020-8246.md new file mode 100644 index 0000000000..51465675a2 --- /dev/null +++ b/2020/CVE-2020-8246.md @@ -0,0 +1,17 @@ +### [CVE-2020-8246](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8246) +![](https://img.shields.io/static/v1?label=Product&message=Citrix%20ADC%2C%20Citrix%20Gateway%2C%20Citrix%20SDWAN%20WAN-OP%20&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service%20(CWE-400)&color=brighgreen) + +### Description + +Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b are vulnerable to a denial of service attack originating from the management network. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stratosphereips/nist-cve-search-tool + diff --git a/2020/CVE-2020-8247.md b/2020/CVE-2020-8247.md new file mode 100644 index 0000000000..3cc6f816a6 --- /dev/null +++ b/2020/CVE-2020-8247.md @@ -0,0 +1,17 @@ +### [CVE-2020-8247](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8247) +![](https://img.shields.io/static/v1?label=Product&message=Citrix%20ADC%2C%20Citrix%20Gateway%2C%20Citrix%20SDWAN%20WAN-OP&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Privilege%20Management%20(CWE-269)&color=brighgreen) + +### Description + +Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b are vulnerable to escalation of privileges on the management interface. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stratosphereips/nist-cve-search-tool + diff --git a/2020/CVE-2020-8253.md b/2020/CVE-2020-8253.md new file mode 100644 index 0000000000..c103f26c4c --- /dev/null +++ b/2020/CVE-2020-8253.md @@ -0,0 +1,17 @@ +### [CVE-2020-8253](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8253) +![](https://img.shields.io/static/v1?label=Product&message=Citrix%20XenMobile%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Authentication%20-%20Generic%20(CWE-287)&color=brighgreen) + +### Description + +Improper authentication in Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6 and Citrix XenMobile Server before 10.9 RP5 leads to the ability to access sensitive files. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stratosphereips/nist-cve-search-tool + diff --git a/2020/CVE-2020-8255.md b/2020/CVE-2020-8255.md index 5f0a31cd97..6344d81824 100644 --- a/2020/CVE-2020-8255.md +++ b/2020/CVE-2020-8255.md @@ -15,4 +15,5 @@ A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could al #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/alphaSeclab/sec-daily-2020 +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-8260.md b/2020/CVE-2020-8260.md index 5eab15ecb6..da2b4bdb7e 100644 --- a/2020/CVE-2020-8260.md +++ b/2020/CVE-2020-8260.md @@ -15,4 +15,5 @@ A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could al #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/r0eXpeR/supplier diff --git a/2020/CVE-2020-8271.md b/2020/CVE-2020-8271.md new file mode 100644 index 0000000000..158faf21d2 --- /dev/null +++ b/2020/CVE-2020-8271.md @@ -0,0 +1,17 @@ +### [CVE-2020-8271](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8271) +![](https://img.shields.io/static/v1?label=Product&message=Citrix%20SD-WAN%20Center&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Relative%20Path%20Traversal%20(CWE-23)&color=brighgreen) + +### Description + +Unauthenticated remote code execution with root privileges in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8 + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stratosphereips/nist-cve-search-tool + diff --git a/2020/CVE-2020-8272.md b/2020/CVE-2020-8272.md new file mode 100644 index 0000000000..921bfcbc98 --- /dev/null +++ b/2020/CVE-2020-8272.md @@ -0,0 +1,17 @@ +### [CVE-2020-8272](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8272) +![](https://img.shields.io/static/v1?label=Product&message=Citrix%20SD-WAN%20Center&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Authentication%20-%20Generic%20(CWE-287)&color=brighgreen) + +### Description + +Authentication Bypass resulting in exposure of SD-WAN functionality in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8 + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stratosphereips/nist-cve-search-tool + diff --git a/2020/CVE-2020-8273.md b/2020/CVE-2020-8273.md new file mode 100644 index 0000000000..8e8726a6ff --- /dev/null +++ b/2020/CVE-2020-8273.md @@ -0,0 +1,17 @@ +### [CVE-2020-8273](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8273) +![](https://img.shields.io/static/v1?label=Product&message=Citrix%20SD-WAN%20Center&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=OS%20Command%20Injection%20(CWE-78)&color=brighgreen) + +### Description + +Privilege escalation of an authenticated user to root in Citrix SD-WAN center versions before 11.2.2, 11.1.2b and 10.2.8. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/stratosphereips/nist-cve-search-tool + diff --git a/2020/CVE-2020-8277.md b/2020/CVE-2020-8277.md index a5190fd7a9..4cbf8a9023 100644 --- a/2020/CVE-2020-8277.md +++ b/2020/CVE-2020-8277.md @@ -17,5 +17,7 @@ No PoCs from references. - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/masahiro331/CVE-2020-8277 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-8394.md b/2020/CVE-2020-8394.md index 9f02bb8a3e..0bb52aefec 100644 --- a/2020/CVE-2020-8394.md +++ b/2020/CVE-2020-8394.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2020/CVE-2020-8554.md b/2020/CVE-2020-8554.md index 4858a629b1..5596b5168c 100644 --- a/2020/CVE-2020-8554.md +++ b/2020/CVE-2020-8554.md @@ -25,6 +25,11 @@ Kubernetes API server in all versions allow an attacker who is able to create a - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/g3rzi/HackingKubernetes - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/k1LoW/oshka +- https://github.com/kubemod/kubemod - https://github.com/kubernetes-sigs/externalip-webhook - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/rancher/externalip-webhook +- https://github.com/reni2study/Cloud-Native-Security2 +- https://github.com/twistlock/k8s-cve-2020-8554-mitigations diff --git a/2020/CVE-2020-8555.md b/2020/CVE-2020-8555.md index 34470508d1..7e37447245 100644 --- a/2020/CVE-2020-8555.md +++ b/2020/CVE-2020-8555.md @@ -15,5 +15,6 @@ No PoCs from references. #### Github - https://github.com/Metarget/awesome-cloud-native-security - https://github.com/Metarget/metarget +- https://github.com/reni2study/Cloud-Native-Security2 - https://github.com/walidshaari/cks diff --git a/2020/CVE-2020-8558.md b/2020/CVE-2020-8558.md index b79f8a3767..f8099c34c2 100644 --- a/2020/CVE-2020-8558.md +++ b/2020/CVE-2020-8558.md @@ -24,6 +24,7 @@ No PoCs from references. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/jassics/awesome-aws-security - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/reni2study/Cloud-Native-Security2 - https://github.com/rhysemmas/martian-packets - https://github.com/tabbysable/POC-2020-8558 diff --git a/2020/CVE-2020-8564.md b/2020/CVE-2020-8564.md new file mode 100644 index 0000000000..aa2196c1df --- /dev/null +++ b/2020/CVE-2020-8564.md @@ -0,0 +1,17 @@ +### [CVE-2020-8564](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8564) +![](https://img.shields.io/static/v1?label=Product&message=Kubernetes&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-532%20Information%20Exposure%20Through%20Log%20Files&color=brighgreen) + +### Description + +In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects < v1.19.3, < v1.18.10, < v1.17.13. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/k1LoW/oshka + diff --git a/2020/CVE-2020-8565.md b/2020/CVE-2020-8565.md new file mode 100644 index 0000000000..a187544081 --- /dev/null +++ b/2020/CVE-2020-8565.md @@ -0,0 +1,17 @@ +### [CVE-2020-8565](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8565) +![](https://img.shields.io/static/v1?label=Product&message=Kubernetes&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-532%20Information%20Exposure%20Through%20Log%20Files&color=brighgreen) + +### Description + +In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.3, <= v1.18.10, <= v1.17.13, < v1.20.0-alpha2. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/k1LoW/oshka + diff --git a/2020/CVE-2020-8595.md b/2020/CVE-2020-8595.md index 2e31b02a5c..ecccd78300 100644 --- a/2020/CVE-2020-8595.md +++ b/2020/CVE-2020-8595.md @@ -14,5 +14,7 @@ No PoCs from references. #### Github - https://github.com/Metarget/awesome-cloud-native-security +- https://github.com/Metarget/cloud-native-security-book +- https://github.com/reni2study/Cloud-Native-Security2 - https://github.com/tom0li/collection-document diff --git a/2020/CVE-2020-8635.md b/2020/CVE-2020-8635.md index 757360ecc4..25862793ea 100644 --- a/2020/CVE-2020-8635.md +++ b/2020/CVE-2020-8635.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Al1ex/CVE-2020-8635 - https://github.com/CnHack3r/Penetration_PoC - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2020/CVE-2020-8654.md b/2020/CVE-2020-8654.md index 17784f9937..f297252eee 100644 --- a/2020/CVE-2020-8654.md +++ b/2020/CVE-2020-8654.md @@ -15,5 +15,6 @@ An issue was discovered in EyesOfNetwork 5.3. An authenticated web user with suf #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/ArianeBlow/EyesOfNetwork-vuln-checker - https://github.com/h4knet/eonrce diff --git a/2020/CVE-2020-8656.md b/2020/CVE-2020-8656.md index 16efc328b3..eec5b287f6 100644 --- a/2020/CVE-2020-8656.md +++ b/2020/CVE-2020-8656.md @@ -15,5 +15,6 @@ An issue was discovered in EyesOfNetwork 5.3. The EyesOfNetwork API 2.4.2 is pro #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/ArianeBlow/EyesOfNetwork-vuln-checker - https://github.com/h4knet/eonrce diff --git a/2020/CVE-2020-8657.md b/2020/CVE-2020-8657.md index 4d9cccf11f..a903c2b657 100644 --- a/2020/CVE-2020-8657.md +++ b/2020/CVE-2020-8657.md @@ -14,4 +14,5 @@ An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/ArianeBlow/EyesOfNetwork-vuln-checker diff --git a/2020/CVE-2020-8813.md b/2020/CVE-2020-8813.md index 5f1b764dc8..d240ab042b 100644 --- a/2020/CVE-2020-8813.md +++ b/2020/CVE-2020-8813.md @@ -30,6 +30,7 @@ graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary O - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc - https://github.com/jandersoncampelo/InfosecBookmarks +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/mhaskar/CVE-2020-8813 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tdtc7/qps diff --git a/2020/CVE-2020-8816.md b/2020/CVE-2020-8816.md index d7e06e1ebd..a901c76dcc 100644 --- a/2020/CVE-2020-8816.md +++ b/2020/CVE-2020-8816.md @@ -22,6 +22,7 @@ Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged das - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/pengusec/awesome-netsec-articles - https://github.com/stefanman125/CyberSci-pizzashop - https://github.com/team0se7en/CVE-2020-8816 diff --git a/2020/CVE-2020-8835.md b/2020/CVE-2020-8835.md index 55cca32727..22587788ee 100644 --- a/2020/CVE-2020-8835.md +++ b/2020/CVE-2020-8835.md @@ -29,5 +29,7 @@ In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) di - https://github.com/rakjong/LinuxElevation - https://github.com/snappyJack/Rick_write_exp_CVE-2020-8835 - https://github.com/xairy/linux-kernel-exploitation +- https://github.com/xmzyshypnc/CVE-2020-27194 +- https://github.com/yoniko/gctf21_ebpf - https://github.com/zilong3033/CVE-2020-8835 diff --git a/2020/CVE-2020-8840.md b/2020/CVE-2020-8840.md index 214404866e..4dd4a9499d 100644 --- a/2020/CVE-2020-8840.md +++ b/2020/CVE-2020-8840.md @@ -23,6 +23,7 @@ No PoCs from references. - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/SexyBeast233/SecBooks +- https://github.com/Veraxy00/CVE-2020-8840 - https://github.com/Wfzsec/FastJson1.2.62-RCE - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/developer3000S/PoC-in-GitHub @@ -38,6 +39,7 @@ No PoCs from references. - https://github.com/taielab/awesome-hacking-lists - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/yahoo/cubed - https://github.com/yedada-wei/- - https://github.com/yedada-wei/gongkaishouji diff --git a/2020/CVE-2020-8871.md b/2020/CVE-2020-8871.md index 45c5ed7da0..205bc93d9c 100644 --- a/2020/CVE-2020-8871.md +++ b/2020/CVE-2020-8871.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/alphaSeclab/sec-daily-2020 +- https://github.com/dlehgus1023/VirtualBox_IO-Fuzz diff --git a/2020/CVE-2020-8908.md b/2020/CVE-2020-8908.md index 0c0616b25f..31990f5174 100644 --- a/2020/CVE-2020-8908.md +++ b/2020/CVE-2020-8908.md @@ -13,5 +13,5 @@ A temp directory creation vulnerability exists in all versions of Guava, allowin - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415 #### Github -No PoCs found on GitHub currently. +- https://github.com/asa1997/topgear_test diff --git a/2020/CVE-2020-8982.md b/2020/CVE-2020-8982.md index eab22c6704..89d373b5d7 100644 --- a/2020/CVE-2020-8982.md +++ b/2020/CVE-2020-8982.md @@ -23,4 +23,5 @@ No PoCs from references. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/sobinge/nuclei-templates +- https://github.com/stratosphereips/nist-cve-search-tool diff --git a/2020/CVE-2020-8983.md b/2020/CVE-2020-8983.md index 54087ba40d..131bcbc395 100644 --- a/2020/CVE-2020-8983.md +++ b/2020/CVE-2020-8983.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/stratosphereips/nist-cve-search-tool diff --git a/2020/CVE-2020-9273.md b/2020/CVE-2020-9273.md index 998169a331..1123d969f4 100644 --- a/2020/CVE-2020-9273.md +++ b/2020/CVE-2020-9273.md @@ -14,6 +14,7 @@ In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Timirepo/CVE_Exploits - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/lockedbyte/CVE-Exploits diff --git a/2020/CVE-2020-9283.md b/2020/CVE-2020-9283.md index c65f16e861..ac7b77cde1 100644 --- a/2020/CVE-2020-9283.md +++ b/2020/CVE-2020-9283.md @@ -15,7 +15,9 @@ golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a pa #### Github - https://github.com/0xT11/CVE-POC - https://github.com/ARPSyndicate/cvemon +- https://github.com/asa1997/topgear_test - https://github.com/brompwnie/CVE-2020-9283 +- https://github.com/brompwnie/brompwnie - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-9296.md b/2020/CVE-2020-9296.md new file mode 100644 index 0000000000..85c49feb9c --- /dev/null +++ b/2020/CVE-2020-9296.md @@ -0,0 +1,17 @@ +### [CVE-2020-9296](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9296) +![](https://img.shields.io/static/v1?label=Product&message=Netflix%20Titus&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Server-Side%20Template%20Injection&color=brighgreen) + +### Description + +Netflix Titus uses Java Bean Validation (JSR 380) custom constraint validators. When building custom constraint violation error messages, different types of interpolation are supported, including Java EL expressions. If an attacker can inject arbitrary data in the error message template being passed to ConstraintValidatorContext.buildConstraintViolationWithTemplate() argument, they will be able to run arbitrary Java code. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/blirp/postnr + diff --git a/2020/CVE-2020-9465.md b/2020/CVE-2020-9465.md index 3fe233ccb4..a6e82d97b9 100644 --- a/2020/CVE-2020-9465.md +++ b/2020/CVE-2020-9465.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/ArianeBlow/EyesOfNetwork-vuln-checker - https://github.com/h4knet/eonrce diff --git a/2020/CVE-2020-9470.md b/2020/CVE-2020-9470.md index d99453fce4..95ac05ef02 100644 --- a/2020/CVE-2020-9470.md +++ b/2020/CVE-2020-9470.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Al1ex/CVE-2020-9470 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-9480.md b/2020/CVE-2020-9480.md index 4baad71576..13bb71b12e 100644 --- a/2020/CVE-2020-9480.md +++ b/2020/CVE-2020-9480.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/ayoul3/sparky +- https://github.com/yahoo/cubed diff --git a/2020/CVE-2020-9483.md b/2020/CVE-2020-9483.md index f12e02a7da..004c88f615 100644 --- a/2020/CVE-2020-9483.md +++ b/2020/CVE-2020-9483.md @@ -21,4 +21,5 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/jweny/pocassistdb - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/shanika04/apache_skywalking diff --git a/2020/CVE-2020-9484.md b/2020/CVE-2020-9484.md index 30017348fb..df7b17f5f9 100644 --- a/2020/CVE-2020-9484.md +++ b/2020/CVE-2020-9484.md @@ -22,14 +22,17 @@ When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8. - https://github.com/CnHack3r/Penetration_PoC - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet +- https://github.com/HxDDD/CVE-PoC - https://github.com/IdealDreamLast/CVE-2020-9484 - https://github.com/Kaizhe/attacker - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/PenTestical/CVE-2020-9484 - https://github.com/SexyBeast233/SecBooks - https://github.com/Spacial/awesome-csirt - https://github.com/Xslover/CVE-2020-9484-Scanner +- https://github.com/Y4tacker/JavaSec - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/anjai94/CVE-2020-9484-exploit @@ -38,6 +41,7 @@ When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8. - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/huike007/penetration_poc - https://github.com/huike007/poc +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/masahiro331/CVE-2020-9484 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/mklmfane/betvictor diff --git a/2020/CVE-2020-9490.md b/2020/CVE-2020-9490.md index cad6c48663..0123a70c0d 100644 --- a/2020/CVE-2020-9490.md +++ b/2020/CVE-2020-9490.md @@ -18,6 +18,7 @@ Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the - https://github.com/Dheia/sc-main - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/Solhack/Team_CSI_platform +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/vshaliii/Funbox2-rookie - https://github.com/vshaliii/Vegeta1-Vulhub-Walkthrough diff --git a/2020/CVE-2020-9496.md b/2020/CVE-2020-9496.md index 2e701946c4..52d838482a 100644 --- a/2020/CVE-2020-9496.md +++ b/2020/CVE-2020-9496.md @@ -16,6 +16,7 @@ XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scriptin #### Github - https://github.com/0xT11/CVE-POC +- https://github.com/0xaniketB/HackTheBox-Monitors - https://github.com/360quake/papers - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates @@ -25,8 +26,10 @@ XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scriptin - https://github.com/SexyBeast233/SecBooks - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/amcai/myscan +- https://github.com/cyber-niz/CVE-2020-9496 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/dwisiswant0/CVE-2020-9496 +- https://github.com/g33xter/CVE-2020-9496 - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2020/CVE-2020-9546.md b/2020/CVE-2020-9546.md index 4cb44accaa..f264ab6ddb 100644 --- a/2020/CVE-2020-9546.md +++ b/2020/CVE-2020-9546.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/yahoo/cubed diff --git a/2020/CVE-2020-9547.md b/2020/CVE-2020-9547.md index e9098aec4c..b657cd237d 100644 --- a/2020/CVE-2020-9547.md +++ b/2020/CVE-2020-9547.md @@ -31,6 +31,7 @@ No PoCs from references. - https://github.com/taielab/awesome-hacking-lists - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/yahoo/cubed - https://github.com/yedada-wei/- - https://github.com/yedada-wei/gongkaishouji diff --git a/2020/CVE-2020-9548.md b/2020/CVE-2020-9548.md index 2f4299406e..9ba022b810 100644 --- a/2020/CVE-2020-9548.md +++ b/2020/CVE-2020-9548.md @@ -29,6 +29,7 @@ No PoCs from references. - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/yahoo/cubed - https://github.com/yedada-wei/- - https://github.com/yedada-wei/gongkaishouji diff --git a/2020/CVE-2020-9714.md b/2020/CVE-2020-9714.md new file mode 100644 index 0000000000..59c3b0bbde --- /dev/null +++ b/2020/CVE-2020-9714.md @@ -0,0 +1,17 @@ +### [CVE-2020-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9714) +![](https://img.shields.io/static/v1?label=Product&message=Adobe%20Acrobat%20and%20Reader&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20bypass%20&color=brighgreen) + +### Description + +Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a security bypass vulnerability. Successful exploitation could lead to privilege escalation . + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/V0lk3n/OSMR-CheatSheet + diff --git a/2020/CVE-2020-9771.md b/2020/CVE-2020-9771.md index d71c4c789c..0f2ee36547 100644 --- a/2020/CVE-2020-9771.md +++ b/2020/CVE-2020-9771.md @@ -13,5 +13,6 @@ This issue was addressed with a new entitlement. This issue is fixed in macOS Ca No PoCs from references. #### Github +- https://github.com/amanszpapaya/MacPer - https://github.com/houjingyi233/macOS-iOS-system-security diff --git a/2020/CVE-2020-9794.md b/2020/CVE-2020-9794.md index e463b765c6..89090d3d9a 100644 --- a/2020/CVE-2020-9794.md +++ b/2020/CVE-2020-9794.md @@ -25,6 +25,7 @@ An out-of-bounds read was addressed with improved bounds checking. This issue is No PoCs from references. #### Github +- https://github.com/dgardella/KCC - https://github.com/dispera/giant-squid - https://github.com/garethr/snykout diff --git a/2020/CVE-2020-9934.md b/2020/CVE-2020-9934.md index 945e4ca605..d92a720715 100644 --- a/2020/CVE-2020-9934.md +++ b/2020/CVE-2020-9934.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/0xT11/CVE-POC - https://github.com/ARPSyndicate/cvemon - https://github.com/Spacial/awesome-csirt +- https://github.com/V0lk3n/OSMR-CheatSheet - https://github.com/alphaSeclab/sec-daily-2020 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub diff --git a/2020/CVE-2020-9939.md b/2020/CVE-2020-9939.md new file mode 100644 index 0000000000..b4ab34929e --- /dev/null +++ b/2020/CVE-2020-9939.md @@ -0,0 +1,17 @@ +### [CVE-2020-9939](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9939) +![](https://img.shields.io/static/v1?label=Product&message=macOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%20macOS%20Catalina%2010.15.6%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=A%20local%20user%20may%20be%20able%20to%20load%20unsigned%20kernel%20extensions&color=brighgreen) + +### Description + +This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to load unsigned kernel extensions. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/V0lk3n/OSMR-CheatSheet + diff --git a/2020/CVE-2020-9964.md b/2020/CVE-2020-9964.md index ca620bda29..2e7b39973e 100644 --- a/2020/CVE-2020-9964.md +++ b/2020/CVE-2020-9964.md @@ -13,6 +13,7 @@ A memory initialization issue was addressed with improved memory handling. This No PoCs from references. #### Github +- https://github.com/0x36/oob_events - https://github.com/SexyBeast233/SecBooks - https://github.com/houjingyi233/macOS-iOS-system-security diff --git a/2020/CVE-2020-9986.md b/2020/CVE-2020-9986.md index 1d7829a066..956c29b6ac 100644 --- a/2020/CVE-2020-9986.md +++ b/2020/CVE-2020-9986.md @@ -13,5 +13,6 @@ A file access issue existed with certain home folder files. This was addressed w No PoCs from references. #### Github +- https://github.com/T-jatesada/OpenHayStack - https://github.com/seemoo-lab/openhaystack diff --git a/2021/CVE-2021-0089.md b/2021/CVE-2021-0089.md index ec534cd927..68ede3c7bc 100644 --- a/2021/CVE-2021-0089.md +++ b/2021/CVE-2021-0089.md @@ -13,5 +13,6 @@ Observable response discrepancy in some Intel(R) Processors may allow an authori No PoCs from references. #### Github +- https://github.com/JUSDJTIN/Speculative-Code-Store-Bypass-POC - https://github.com/vusec/fpvi-scsb diff --git a/2021/CVE-2021-0186.md b/2021/CVE-2021-0186.md new file mode 100644 index 0000000000..84a8b5e96e --- /dev/null +++ b/2021/CVE-2021-0186.md @@ -0,0 +1,17 @@ +### [CVE-2021-0186](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0186) +![](https://img.shields.io/static/v1?label=Product&message=Intel(R)%20SGX%20SDK%20applications%20compiled%20for%20SGX2%20enabled%20processors&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=d%20processors%20may%20allow%20a%20privileged%20user%20to%20potentially%20escalation%20of%20privilege&color=brighgreen) + +### Description + +Improper input validation in the Intel(R) SGX SDK applications compiled for SGX2 enabled processors may allow a privileged user to potentially escalation of privilege via local access. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cimcs/poc-exploits-of-smashex + diff --git a/2021/CVE-2021-0223.md b/2021/CVE-2021-0223.md new file mode 100644 index 0000000000..72659319a4 --- /dev/null +++ b/2021/CVE-2021-0223.md @@ -0,0 +1,17 @@ +### [CVE-2021-0223](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0223) +![](https://img.shields.io/static/v1?label=Product&message=Junos%20OS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2015.1R7-S9%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-250%20Execution%20with%20Unnecessary%20Privileges&color=brighgreen) + +### Description + +A local privilege escalation vulnerability in telnetd.real of Juniper Networks Junos OS may allow a locally authenticated shell user to escalate privileges and execute arbitrary commands as root. telnetd.real is shipped with setuid permissions enabled and is owned by the root user, allowing local users to run telnetd.real with root privileges. This issue affects Juniper Networks Junos OS: all versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S12, 17.4R3-S3; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S6; 18.3 versions prior to 18.3R2-S4, 18.3R3-S4; 18.4 versions prior to 18.4R2-S7, 18.4R3-S6; 19.1 versions prior to 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S1; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R2-S2, 19.4R3; 20.1 versions prior to 20.1R1-S4, 20.1R2; 20.2 versions prior to 20.2R2. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2021/CVE-2021-0256.md b/2021/CVE-2021-0256.md new file mode 100644 index 0000000000..059874ea4a --- /dev/null +++ b/2021/CVE-2021-0256.md @@ -0,0 +1,17 @@ +### [CVE-2021-0256](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0256) +![](https://img.shields.io/static/v1?label=Product&message=Junos%20OS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=17.3%3C%2017.3R3-S12%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-250%20Execution%20with%20Unnecessary%20Privileges&color=brighgreen) + +### Description + +A sensitive information disclosure vulnerability in the mosquitto message broker of Juniper Networks Junos OS may allow a locally authenticated user with shell access the ability to read portions of sensitive files, such as the master.passwd file. Since mosquitto is shipped with setuid permissions enabled and is owned by the root user, this vulnerability may allow a local privileged user the ability to run mosquitto with root privileges and access sensitive information stored on the local filesystem. This issue affects Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S12, 17.4 versions prior to 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.3 versions prior to 18.3R3-S4; 19.1 versions prior to 19.1R3-S4; 19.3 versions prior to 19.3R3-S1, 19.3R3-S2; 19.4 versions prior to 19.4R2-S3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R1-S3, 20.2R2, 20.2R3. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2021/CVE-2021-0313.md b/2021/CVE-2021-0313.md index 008330921e..bf5e987f67 100644 --- a/2021/CVE-2021-0313.md +++ b/2021/CVE-2021-0313.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/TinyNiko/android_bulletin_notes +- https://github.com/konstantin890/konstantin890 diff --git a/2021/CVE-2021-0485.md b/2021/CVE-2021-0485.md index b8104e90b6..d0c6f37d06 100644 --- a/2021/CVE-2021-0485.md +++ b/2021/CVE-2021-0485.md @@ -13,5 +13,6 @@ In getMinimalSize of PipBoundsAlgorithm.java, there is a possible bypass of rest No PoCs from references. #### Github +- https://github.com/Ch0pin/CVE20210485 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups diff --git a/2021/CVE-2021-1090.md b/2021/CVE-2021-1090.md new file mode 100644 index 0000000000..f94a20f8ac --- /dev/null +++ b/2021/CVE-2021-1090.md @@ -0,0 +1,17 @@ +### [CVE-2021-1090](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1090) +![](https://img.shields.io/static/v1?label=Product&message=NVIDIA%20GPU%20Display%20Driver&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=denial%20of%20service%2C%20data%20tampering&color=brighgreen) + +### Description + +NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for control calls where the software reads or writes to a buffer by using an index or pointer that references a memory location after the end of the buffer, which may lead to data tampering or denial of service. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/0xf4b1/bsod-kernel-fuzzing + diff --git a/2021/CVE-2021-1095.md b/2021/CVE-2021-1095.md new file mode 100644 index 0000000000..7acda88f32 --- /dev/null +++ b/2021/CVE-2021-1095.md @@ -0,0 +1,17 @@ +### [CVE-2021-1095](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1095) +![](https://img.shields.io/static/v1?label=Product&message=NVIDIA%20GPU%20Display%20Driver&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=denial%20of%20service&color=brighgreen) + +### Description + +NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handlers for all control calls with embedded parameters where dereferencing an untrusted pointer may lead to denial of service. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/0xf4b1/bsod-kernel-fuzzing + diff --git a/2021/CVE-2021-1096.md b/2021/CVE-2021-1096.md new file mode 100644 index 0000000000..8d90417eda --- /dev/null +++ b/2021/CVE-2021-1096.md @@ -0,0 +1,17 @@ +### [CVE-2021-1096](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1096) +![](https://img.shields.io/static/v1?label=Product&message=NVIDIA%20GPU%20Display%20Driver&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=denial%20of%20service&color=brighgreen) + +### Description + +NVIDIA Windows GPU Display Driver for Windows contains a vulnerability in the NVIDIA kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where dereferencing a NULL pointer may lead to a system crash. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/0xf4b1/bsod-kernel-fuzzing + diff --git a/2021/CVE-2021-1366.md b/2021/CVE-2021-1366.md new file mode 100644 index 0000000000..b8e217b139 --- /dev/null +++ b/2021/CVE-2021-1366.md @@ -0,0 +1,17 @@ +### [CVE-2021-1366](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1366) +![](https://img.shields.io/static/v1?label=Product&message=Cisco%20AnyConnect%20Secure%20Mobility%20Client%20&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-347&color=brighgreen) + +### Description + +A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker needs valid credentials on the Windows system. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2021/CVE-2021-1472.md b/2021/CVE-2021-1472.md index 4f9c9ad38d..370c6ba841 100644 --- a/2021/CVE-2021-1472.md +++ b/2021/CVE-2021-1472.md @@ -15,4 +15,5 @@ Multiple vulnerabilities exist in the web-based management interface of Cisco Sm #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/Sohrabian/special-cyber-security-topic +- https://github.com/zmylml/yangzifun diff --git a/2021/CVE-2021-1497.md b/2021/CVE-2021-1497.md index 43c250fd5f..28eaaea99a 100644 --- a/2021/CVE-2021-1497.md +++ b/2021/CVE-2021-1497.md @@ -17,4 +17,5 @@ Multiple vulnerabilities in the web-based management interface of Cisco HyperFle - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-1498.md b/2021/CVE-2021-1498.md index 57ee0015af..5b30cf1818 100644 --- a/2021/CVE-2021-1498.md +++ b/2021/CVE-2021-1498.md @@ -16,4 +16,5 @@ Multiple vulnerabilities in the web-based management interface of Cisco HyperFle - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-1499.md b/2021/CVE-2021-1499.md index 08c53abfc1..5db7607fdd 100644 --- a/2021/CVE-2021-1499.md +++ b/2021/CVE-2021-1499.md @@ -17,4 +17,5 @@ A vulnerability in the web-based management interface of Cisco HyperFlex HX Data - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-1568.md b/2021/CVE-2021-1568.md new file mode 100644 index 0000000000..cc5dc313bd --- /dev/null +++ b/2021/CVE-2021-1568.md @@ -0,0 +1,17 @@ +### [CVE-2021-1568](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1568) +![](https://img.shields.io/static/v1?label=Product&message=Cisco%20AnyConnect%20Secure%20Mobility%20Client%20&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-789&color=brighgreen) + +### Description + +A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to uncontrolled memory allocation. An attacker could exploit this vulnerability by copying a crafted file to a specific folder on the system. A successful exploit could allow the attacker to crash the VPN Agent service when the affected application is launched, causing it to be unavailable to all users of the system. To exploit this vulnerability, the attacker must have valid credentials on a multiuser Windows system. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2021/CVE-2021-1675.md b/2021/CVE-2021-1675.md index 0258d3b82f..a3c0840da4 100644 --- a/2021/CVE-2021-1675.md +++ b/2021/CVE-2021-1675.md @@ -29,53 +29,118 @@ Windows Print Spooler Elevation of Privilege Vulnerability - http://packetstormsecurity.com/files/163351/PrintNightmare-Windows-Spooler-Service-Remote-Code-Execution.html #### Github +- https://github.com/0x727/usefull-elevation-of-privilege +- https://github.com/0xffee/Layer2HackerDao - https://github.com/0xsyr0/OSCP +- https://github.com/3gstudent/Invoke-BuildAnonymousSMBServer +- https://github.com/4RG0S/2021-Summer-Some-Day-Exploit - https://github.com/ARPSyndicate/cvemon - https://github.com/AndrewTrube/CVE-2021-1675 - https://github.com/BOFs/CobaltStrike +- https://github.com/BeetleChunks/SpoolSploit +- https://github.com/CharlesTheGreat77/FreddyKrueger +- https://github.com/CnOxx1/CVE-2021-34527-1675 +- https://github.com/D3Ext/PentestDictionary +- https://github.com/DenizSe/CVE-2021-34527 +- https://github.com/Falcon712/Windows_Hardening_Project - https://github.com/H0j3n/EzpzCheatSheet - https://github.com/Iveco/xknow_infosec - https://github.com/Jean-Francois-C/Windows-Penetration-Testing +- https://github.com/JohnHammond/CVE-2021-34527 +- https://github.com/JumpsecLabs/PrintNightmare - https://github.com/LaresLLC/CVE-2021-1675 +- https://github.com/Leonidus0x10/CVE-2021-1675-SCANNER - https://github.com/Mikasazero/Cobalt-Strike - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NickSanzotta/zeroscan +- https://github.com/OppressionBreedsResistance/CVE-2021-1675-PrintNightmare - https://github.com/Qazeer/OffensivePythonPipeline +- https://github.com/RarW0lf/PrintNightmare-BB-Payload - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet - https://github.com/S3cur3Th1sSh1t/PowerSharpPack - https://github.com/S3cur3Th1sSh1t/WinPwn - https://github.com/SexyBeast233/SecBooks +- https://github.com/Steels03/PrintNightmare-Driver-Checker +- https://github.com/Tomparte/PrintNightmare +- https://github.com/VK9D/PrintNightmare +- https://github.com/WidespreadPandemic/CVE-2021-34527_ACL_mitigation +- https://github.com/Winter3un/CVE-2021-1675 +- https://github.com/Wra7h/SharpPN - https://github.com/YangSirrr/YangsirStudyPlan +- https://github.com/aatharvauti/AD - https://github.com/afinepl/research +- https://github.com/alvesnet-suporte/microsoft-vulnerabilidades - https://github.com/b4rtik/SharpKatz +- https://github.com/bartimus-primed/CVE-2021-1675-Yara - https://github.com/bhassani/Recent-CVE - https://github.com/binganao/vulns-2022 - https://github.com/boh/RedCsharp +- https://github.com/byt3bl33d3r/ItWasAllADream +- https://github.com/calebstewart/CVE-2021-1675 +- https://github.com/cfalta/MicrosoftWontFixList +- https://github.com/ciwen3/PNPT +- https://github.com/corelight/CVE-2021-1675 +- https://github.com/crtaylor315/PrintNightmare-Before-Halloween +- https://github.com/cube0x0/CVE-2021-1675 - https://github.com/cyberfreaq/configs +- https://github.com/cybersecurityworks553/CVE-2021-1675_PrintNightMare +- https://github.com/demilson/spoolsv - https://github.com/dxnboy/redteam +- https://github.com/edsonjt81/CVE-2021-1675 +- https://github.com/edsonjt81/SpoolSploit +- https://github.com/eng-amarante/CyberSecurity - https://github.com/evilashz/CVE-2021-1675-LPE-EXP +- https://github.com/exploitblizzard/PrintNightmare-CVE-2021-1675 +- https://github.com/galoget/PrintNightmare-CVE-2021-1675-CVE-2021-34527 +- https://github.com/gohrenberg/CVE-2021-1675-Mitigation-For-Systems-That-Need-Spooler - https://github.com/goldenscale/GS_GithubMirror +- https://github.com/gyaansastra/Print-Nightmare-LPE - https://github.com/hahaleyile/my-CVE-2021-1675 +- https://github.com/hlldz/CVE-2021-1675-LPE - https://github.com/huike007/penetration_poc +- https://github.com/initconf/cve-2021-1675-printnightmare - https://github.com/izj007/wechat - https://github.com/k8gege/CVE-2021-40444 - https://github.com/k8gege/cve-2021-1675 +- https://github.com/killtr0/CVE-2021-1675-PrintNightmare +- https://github.com/kondah/patch-cve-2021-1675 +- https://github.com/kougyokugentou/CVE-2021-1675 - https://github.com/lawrenceamer/0xsp-Mongoose - https://github.com/ly4k/PrintNightmare +- https://github.com/mayormaier/printnightmare-fixes - https://github.com/mdecrevoisier/EVTX-to-MITRE-Attack - https://github.com/mdecrevoisier/SIGMA-detection-rules - https://github.com/morkin1792/security-tests +- https://github.com/mrezqi/CVE-2021-1675_CarbonBlack_HuntingQuery - https://github.com/mstxq17/CVE-2021-1675_RDL_LPE - https://github.com/n1sh1th/CVE-POC +- https://github.com/naujpr/printnightmare +- https://github.com/nemo-wq/PrintNightmare-CVE-2021-34527 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/numanturle/PrintNightmare - https://github.com/outflanknl/PrintNightmare +- https://github.com/ozergoker/PrintNightmare - https://github.com/penetrarnya-tm/WeaponizeKali.sh +- https://github.com/ptter23/CVE-2021-1675 +- https://github.com/puckiestyle/CVE-2021-1675 - https://github.com/pwninx/WinPwn +- https://github.com/raithedavion/PrintNightmare +- https://github.com/real-acmkan/docker-printernightmare +- https://github.com/rnbochsr/atlas +- https://github.com/sailay1996/PrintNightmare-LPE +- https://github.com/saurav2shukla/vulnerabilitiesPoC +- https://github.com/sinfulz/JustGetDA - https://github.com/taielab/awesome-hacking-lists - https://github.com/tanarchytan/CVE-2021-1675 +- https://github.com/thalpius/Microsoft-CVE-2021-1675 +- https://github.com/thomasgeens/CVE-2021-1675 - https://github.com/uhub/awesome-c-sharp - https://github.com/vanhohen/ADNinja - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/wsummerhill/CobaltStrike_RedTeam_CheatSheet +- https://github.com/xbufu/PrintNightmareCheck - https://github.com/yigitturak/Forensics +- https://github.com/yu2u/CVE-2021-1675 +- https://github.com/zeze-zeze/2021iThome +- https://github.com/zha0/Microsoft-CVE-2021-1675 diff --git a/2021/CVE-2021-1732.md b/2021/CVE-2021-1732.md index ecc3659046..286314c7ec 100644 --- a/2021/CVE-2021-1732.md +++ b/2021/CVE-2021-1732.md @@ -29,6 +29,7 @@ Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from C - https://github.com/ARPSyndicate/cvemon - https://github.com/Al1ex/WindowsElevation - https://github.com/Ascotbe/Kernelhub +- https://github.com/BeneficialCode/CVE-2021-1732 - https://github.com/ClassBluer/Exploit_Tools - https://github.com/CyberMonitor/somethingweneed - https://github.com/David-Honisch/CVE-2022-21882 @@ -61,6 +62,7 @@ Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from C - https://github.com/r1l4-i3pur1l4/CVE-2021-1732 - https://github.com/r1l4-i3pur1l4/CVE-2022-21882 - https://github.com/taielab/awesome-hacking-lists +- https://github.com/tzwlhack/Vulnerability - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/ycdxsb/WindowsPrivilegeEscalation - https://github.com/yisan1/hh diff --git a/2021/CVE-2021-1748.md b/2021/CVE-2021-1748.md index 7dc8fb2a92..18d0681ac4 100644 --- a/2021/CVE-2021-1748.md +++ b/2021/CVE-2021-1748.md @@ -16,5 +16,7 @@ A validation issue was addressed with improved input sanitization. This issue is No PoCs from references. #### Github +- https://github.com/ChiChou/mistune-patch-backport +- https://github.com/Ivanhoe76zzzz/itmsBlock - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-1779.md b/2021/CVE-2021-1779.md new file mode 100644 index 0000000000..47fd162ff2 --- /dev/null +++ b/2021/CVE-2021-1779.md @@ -0,0 +1,17 @@ +### [CVE-2021-1779](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1779) +![](https://img.shields.io/static/v1?label=Product&message=macOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2011.2%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=An%20application%20may%20be%20able%20to%20execute%20arbitrary%20code%20with%20system%20privileges&color=brighgreen) + +### Description + +A logic error in kext loading was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. An application may be able to execute arbitrary code with system privileges. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/V0lk3n/OSMR-CheatSheet + diff --git a/2021/CVE-2021-1782.md b/2021/CVE-2021-1782.md index 2c8ee90dcd..3fa50104e7 100644 --- a/2021/CVE-2021-1782.md +++ b/2021/CVE-2021-1782.md @@ -17,6 +17,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/H0aHuynh/LiRa - https://github.com/H0aHuynh/LiRa14 - https://github.com/ModernPwner/cicuta_virosa - https://github.com/Siguza/ios-resources diff --git a/2021/CVE-2021-1791.md b/2021/CVE-2021-1791.md index 7df74bb76b..ed6c0c61dd 100644 --- a/2021/CVE-2021-1791.md +++ b/2021/CVE-2021-1791.md @@ -18,4 +18,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/pwn0rz/fairplay_research +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-20016.md b/2021/CVE-2021-20016.md new file mode 100644 index 0000000000..bec97447e8 --- /dev/null +++ b/2021/CVE-2021-20016.md @@ -0,0 +1,17 @@ +### [CVE-2021-20016](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20016) +![](https://img.shields.io/static/v1?label=Product&message=SonicWall%20SMA100&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%3A%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen) + +### Description + +A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2021/CVE-2021-2021.md b/2021/CVE-2021-2021.md index 4c5165fd22..cc109dc812 100644 --- a/2021/CVE-2021-2021.md +++ b/2021/CVE-2021-2021.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/r0ckysec/CVE-2021-21985 +- https://github.com/r0eXpeR/supplier diff --git a/2021/CVE-2021-20225.md b/2021/CVE-2021-20225.md index 09700a893d..4d6c10fce1 100644 --- a/2021/CVE-2021-20225.md +++ b/2021/CVE-2021-20225.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/amzdev0401/shim-review-backup - https://github.com/bitraser/shim-review-15.4 - https://github.com/jason-chang-atrust/shim-review +- https://github.com/luojc123/shim-nsdl - https://github.com/neverware/shim-review - https://github.com/puzzleos/uefi-shim_review - https://github.com/rhboot/shim-review diff --git a/2021/CVE-2021-20231.md b/2021/CVE-2021-20231.md index e7c4c704f8..c336da5efe 100644 --- a/2021/CVE-2021-20231.md +++ b/2021/CVE-2021-20231.md @@ -15,5 +15,6 @@ No PoCs from references. #### Github - https://github.com/Azure/publish-security-assessments - https://github.com/GitHubForSnap/ssmtp-gael +- https://github.com/epequeno/devops-demo - https://github.com/onzack/trivy-multiscanner diff --git a/2021/CVE-2021-20232.md b/2021/CVE-2021-20232.md index f1ead24c32..230f703a05 100644 --- a/2021/CVE-2021-20232.md +++ b/2021/CVE-2021-20232.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/GitHubForSnap/ssmtp-gael +- https://github.com/epequeno/devops-demo - https://github.com/onzack/trivy-multiscanner diff --git a/2021/CVE-2021-20233.md b/2021/CVE-2021-20233.md index 7f1da44a45..f64e163328 100644 --- a/2021/CVE-2021-20233.md +++ b/2021/CVE-2021-20233.md @@ -13,8 +13,10 @@ A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the me No PoCs from references. #### Github +- https://github.com/amzdev0401/shim-review-backup - https://github.com/bitraser/shim-review-15.4 - https://github.com/jason-chang-atrust/shim-review +- https://github.com/luojc123/shim-nsdl - https://github.com/neverware/shim-review - https://github.com/puzzleos/uefi-shim_review - https://github.com/rhboot/shim-review diff --git a/2021/CVE-2021-20268.md b/2021/CVE-2021-20268.md new file mode 100644 index 0000000000..358b87fb24 --- /dev/null +++ b/2021/CVE-2021-20268.md @@ -0,0 +1,17 @@ +### [CVE-2021-20268](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20268) +![](https://img.shields.io/static/v1?label=Product&message=kernel&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20&color=brighgreen) + +### Description + +An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/dylandreimerink/gobpfld + diff --git a/2021/CVE-2021-20270.md b/2021/CVE-2021-20270.md new file mode 100644 index 0000000000..e997dc0940 --- /dev/null +++ b/2021/CVE-2021-20270.md @@ -0,0 +1,17 @@ +### [CVE-2021-20270](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270) +![](https://img.shields.io/static/v1?label=Product&message=python-pygments&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-835&color=brighgreen) + +### Description + +An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/asa1997/topgear_test + diff --git a/2021/CVE-2021-20291.md b/2021/CVE-2021-20291.md index 9da349e163..3530161435 100644 --- a/2021/CVE-2021-20291.md +++ b/2021/CVE-2021-20291.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/Metarget/awesome-cloud-native-security +- https://github.com/reni2study/Cloud-Native-Security2 diff --git a/2021/CVE-2021-20294.md b/2021/CVE-2021-20294.md new file mode 100644 index 0000000000..9e1d48095d --- /dev/null +++ b/2021/CVE-2021-20294.md @@ -0,0 +1,17 @@ +### [CVE-2021-20294](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20294) +![](https://img.shields.io/static/v1?label=Product&message=binutils&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-119&color=brighgreen) + +### Description + +A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fluidattacks/makes + diff --git a/2021/CVE-2021-20572.md b/2021/CVE-2021-20572.md new file mode 100644 index 0000000000..da851a32f9 --- /dev/null +++ b/2021/CVE-2021-20572.md @@ -0,0 +1,17 @@ +### [CVE-2021-20572](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20572) +![](https://img.shields.io/static/v1?label=Product&message=Security%20Identity%20Manager%20Adapters&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) + +### Description + +IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199247. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/STMCyber/CVEs + diff --git a/2021/CVE-2021-20573.md b/2021/CVE-2021-20573.md new file mode 100644 index 0000000000..76a145c36b --- /dev/null +++ b/2021/CVE-2021-20573.md @@ -0,0 +1,17 @@ +### [CVE-2021-20573](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20573) +![](https://img.shields.io/static/v1?label=Product&message=Security%20Identity%20Manager%20Adapters&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) + +### Description + +IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199249. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/STMCyber/CVEs + diff --git a/2021/CVE-2021-20574.md b/2021/CVE-2021-20574.md new file mode 100644 index 0000000000..702356baf3 --- /dev/null +++ b/2021/CVE-2021-20574.md @@ -0,0 +1,17 @@ +### [CVE-2021-20574](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20574) +![](https://img.shields.io/static/v1?label=Product&message=Security%20Identity%20Manager%20Adapters&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Gain%20Privileges&color=brighgreen) + +### Description + +IBM Security Identity Manager Adapters 6.0 and 7.0 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability and takeover other accounts. IBM X-Force ID: 199252. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/STMCyber/CVEs + diff --git a/2021/CVE-2021-20655.md b/2021/CVE-2021-20655.md new file mode 100644 index 0000000000..64f54b5bcd --- /dev/null +++ b/2021/CVE-2021-20655.md @@ -0,0 +1,17 @@ +### [CVE-2021-20655](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20655) +![](https://img.shields.io/static/v1?label=Product&message=FileZen&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=OS%20Command%20Injection&color=brighgreen) + +### Description + +FileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2021/CVE-2021-20717.md b/2021/CVE-2021-20717.md index f4e8f79286..cc3fc41feb 100644 --- a/2021/CVE-2021-20717.md +++ b/2021/CVE-2021-20717.md @@ -15,5 +15,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/s-index/CVE-2021-20717 - https://github.com/s-index/poc-list diff --git a/2021/CVE-2021-20837.md b/2021/CVE-2021-20837.md index bf392e04c0..d0d3b3e4a1 100644 --- a/2021/CVE-2021-20837.md +++ b/2021/CVE-2021-20837.md @@ -17,5 +17,9 @@ Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Type 6.8.2 an #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Cosemz/CVE-2021-20837 +- https://github.com/byteofjoshua/CVE-2021-20837 +- https://github.com/ghost-nemesis/cve-2021-20837-poc - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/ohnonoyesyes/CVE-2021-20837 diff --git a/2021/CVE-2021-2086.md b/2021/CVE-2021-2086.md index 6c3e4db78b..99559b9d03 100644 --- a/2021/CVE-2021-2086.md +++ b/2021/CVE-2021-2086.md @@ -14,5 +14,7 @@ No PoCs from references. #### Github - https://github.com/dlehgus1023/CVE +- https://github.com/dlehgus1023/VirtualBox_IO-Fuzz - https://github.com/dlehgus1023/dlehgus1023 +- https://github.com/erepspinos/CVE diff --git a/2021/CVE-2021-21017.md b/2021/CVE-2021-21017.md index 6ff6779a83..a7fcd36e1e 100644 --- a/2021/CVE-2021-21017.md +++ b/2021/CVE-2021-21017.md @@ -16,5 +16,6 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/ZeusBox/CVE-2021-21017 - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/dudacgf/ovr_convert - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-21042.md b/2021/CVE-2021-21042.md index 651851810e..f95373a687 100644 --- a/2021/CVE-2021-21042.md +++ b/2021/CVE-2021-21042.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/r1l4-i3pur1l4/CVE-2021-21042 diff --git a/2021/CVE-2021-21087.md b/2021/CVE-2021-21087.md index 81c27808b6..63df8ff475 100644 --- a/2021/CVE-2021-21087.md +++ b/2021/CVE-2021-21087.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-2109.md b/2021/CVE-2021-2109.md index ee1bb82def..8bb21d6256 100644 --- a/2021/CVE-2021-2109.md +++ b/2021/CVE-2021-2109.md @@ -23,6 +23,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/SexyBeast233/SecBooks - https://github.com/Yang0615777/PocList - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/dinosn/CVE-2021-2109 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups - https://github.com/huike007/penetration_poc - https://github.com/luck-ying/Library-POC @@ -34,6 +35,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/somatrasss/weblogic2021 - https://github.com/superfish9/pt - https://github.com/tijldeneut/Security +- https://github.com/tzwlhack/Vulnerability - https://github.com/veo/vscan - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xiaoyaovo/2021SecWinterTask diff --git a/2021/CVE-2021-21112.md b/2021/CVE-2021-21112.md new file mode 100644 index 0000000000..a60e7c1a74 --- /dev/null +++ b/2021/CVE-2021-21112.md @@ -0,0 +1,17 @@ +### [CVE-2021-21112](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21112) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2087.0.4280.141%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20after%20free&color=brighgreen) + +### Description + +Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/StarCrossPortal/bug-hunting-101 + diff --git a/2021/CVE-2021-21122.md b/2021/CVE-2021-21122.md new file mode 100644 index 0000000000..998e440510 --- /dev/null +++ b/2021/CVE-2021-21122.md @@ -0,0 +1,17 @@ +### [CVE-2021-21122](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21122) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2088.0.4324.96%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20after%20free&color=brighgreen) + +### Description + +Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/StarCrossPortal/bug-hunting-101 + diff --git a/2021/CVE-2021-21128.md b/2021/CVE-2021-21128.md new file mode 100644 index 0000000000..6f1ff4392b --- /dev/null +++ b/2021/CVE-2021-21128.md @@ -0,0 +1,17 @@ +### [CVE-2021-21128](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21128) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2088.0.4324.96%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Heap%20buffer%20overflow&color=brighgreen) + +### Description + +Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/StarCrossPortal/bug-hunting-101 + diff --git a/2021/CVE-2021-21155.md b/2021/CVE-2021-21155.md new file mode 100644 index 0000000000..b812f60f49 --- /dev/null +++ b/2021/CVE-2021-21155.md @@ -0,0 +1,17 @@ +### [CVE-2021-21155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21155) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2088.0.4324.182%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Heap%20buffer%20overflow&color=brighgreen) + +### Description + +Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/StarCrossPortal/bug-hunting-101 + diff --git a/2021/CVE-2021-21159.md b/2021/CVE-2021-21159.md new file mode 100644 index 0000000000..090c4a4395 --- /dev/null +++ b/2021/CVE-2021-21159.md @@ -0,0 +1,17 @@ +### [CVE-2021-21159](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21159) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2089.0.4389.72%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Heap%20buffer%20overflow&color=brighgreen) + +### Description + +Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/StarCrossPortal/bug-hunting-101 + diff --git a/2021/CVE-2021-21188.md b/2021/CVE-2021-21188.md new file mode 100644 index 0000000000..d993f90720 --- /dev/null +++ b/2021/CVE-2021-21188.md @@ -0,0 +1,17 @@ +### [CVE-2021-21188](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21188) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2089.0.4389.72%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20after%20free&color=brighgreen) + +### Description + +Use after free in Blink in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/StarCrossPortal/bug-hunting-101 + diff --git a/2021/CVE-2021-21190.md b/2021/CVE-2021-21190.md new file mode 100644 index 0000000000..9bdf957e1b --- /dev/null +++ b/2021/CVE-2021-21190.md @@ -0,0 +1,17 @@ +### [CVE-2021-21190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21190) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2089.0.4389.72%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Uninitialized%20Use&color=brighgreen) + +### Description + +Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/StarCrossPortal/bug-hunting-101 + diff --git a/2021/CVE-2021-21198.md b/2021/CVE-2021-21198.md index af50ebcc42..e04b078c43 100644 --- a/2021/CVE-2021-21198.md +++ b/2021/CVE-2021-21198.md @@ -13,5 +13,5 @@ Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remo - http://packetstormsecurity.com/files/162973/Chrome-Legacy-ipc-Message-Passed-Via-Shared-Memory.html #### Github -No PoCs found on GitHub currently. +- https://github.com/StarCrossPortal/bug-hunting-101 diff --git a/2021/CVE-2021-21202.md b/2021/CVE-2021-21202.md new file mode 100644 index 0000000000..23c940d682 --- /dev/null +++ b/2021/CVE-2021-21202.md @@ -0,0 +1,17 @@ +### [CVE-2021-21202](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21202) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2090.0.4430.72%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20after%20free&color=brighgreen) + +### Description + +Use after free in extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/StarCrossPortal/bug-hunting-101 + diff --git a/2021/CVE-2021-21203.md b/2021/CVE-2021-21203.md new file mode 100644 index 0000000000..ed8919c893 --- /dev/null +++ b/2021/CVE-2021-21203.md @@ -0,0 +1,17 @@ +### [CVE-2021-21203](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21203) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2090.0.4430.72%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20after%20free&color=brighgreen) + +### Description + +Use after free in Blink in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/StarCrossPortal/bug-hunting-101 + diff --git a/2021/CVE-2021-21204.md b/2021/CVE-2021-21204.md new file mode 100644 index 0000000000..488821fd87 --- /dev/null +++ b/2021/CVE-2021-21204.md @@ -0,0 +1,17 @@ +### [CVE-2021-21204](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21204) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2090.0.4430.72%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20after%20free&color=brighgreen) + +### Description + +Use after free in Blink in Google Chrome on OS X prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/StarCrossPortal/bug-hunting-101 + diff --git a/2021/CVE-2021-21207.md b/2021/CVE-2021-21207.md new file mode 100644 index 0000000000..0e3c7daa2e --- /dev/null +++ b/2021/CVE-2021-21207.md @@ -0,0 +1,17 @@ +### [CVE-2021-21207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21207) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2090.0.4430.72%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20after%20free&color=brighgreen) + +### Description + +Use after free in IndexedDB in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/StarCrossPortal/bug-hunting-101 + diff --git a/2021/CVE-2021-21220.md b/2021/CVE-2021-21220.md index 960f472e6b..7e6748fa53 100644 --- a/2021/CVE-2021-21220.md +++ b/2021/CVE-2021-21220.md @@ -15,4 +15,6 @@ Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/security-dbg/CVE-2021-21220 +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-21223.md b/2021/CVE-2021-21223.md new file mode 100644 index 0000000000..344de9368a --- /dev/null +++ b/2021/CVE-2021-21223.md @@ -0,0 +1,17 @@ +### [CVE-2021-21223](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21223) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2090.0.4430.85%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Integer%20overflow&color=brighgreen) + +### Description + +Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/StarCrossPortal/bug-hunting-101 + diff --git a/2021/CVE-2021-21224.md b/2021/CVE-2021-21224.md index 2e49c3b286..72449de972 100644 --- a/2021/CVE-2021-21224.md +++ b/2021/CVE-2021-21224.md @@ -15,7 +15,10 @@ No PoCs from references. #### Github - https://github.com/0x2l/0x2l_v8_exp - https://github.com/ARPSyndicate/cvemon +- https://github.com/StarCrossPortal/bug-hunting-101 - https://github.com/avboy1337/1195777-chrome0day +- https://github.com/c3l3si4n/malicious_nuclei_templates - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/ohnonoyesyes/CVE-2021-21224 - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-21226.md b/2021/CVE-2021-21226.md new file mode 100644 index 0000000000..3bb0370d0f --- /dev/null +++ b/2021/CVE-2021-21226.md @@ -0,0 +1,17 @@ +### [CVE-2021-21226](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21226) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2090.0.4430.85%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20after%20free&color=brighgreen) + +### Description + +Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/StarCrossPortal/bug-hunting-101 + diff --git a/2021/CVE-2021-21234.md b/2021/CVE-2021-21234.md index 704f02bb0d..790fa685a8 100644 --- a/2021/CVE-2021-21234.md +++ b/2021/CVE-2021-21234.md @@ -22,4 +22,5 @@ No PoCs from references. - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/pyn3rd/Spring-Boot-Vulnerability - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +- https://github.com/xiaojiangxl/CVE-2021-21234 diff --git a/2021/CVE-2021-21240.md b/2021/CVE-2021-21240.md index 40d9d2637e..f94e6e1813 100644 --- a/2021/CVE-2021-21240.md +++ b/2021/CVE-2021-21240.md @@ -15,4 +15,9 @@ No PoCs from references. #### Github - https://github.com/aquasecurity/trivy - https://github.com/doyensec/regexploit +- https://github.com/fhirfactory/pegacorn-scanner-trivy +- https://github.com/georgearce24/aquasecurity-trivy +- https://github.com/immydestiny/trivy-file +- https://github.com/justPray/1122 +- https://github.com/kaisenlinux/trivy diff --git a/2021/CVE-2021-21242.md b/2021/CVE-2021-21242.md index 8d9ac77864..97e69b3d2f 100644 --- a/2021/CVE-2021-21242.md +++ b/2021/CVE-2021-21242.md @@ -14,4 +14,5 @@ OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there i #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-21287.md b/2021/CVE-2021-21287.md index bafa6e85fb..b3dec7e95b 100644 --- a/2021/CVE-2021-21287.md +++ b/2021/CVE-2021-21287.md @@ -19,4 +19,6 @@ No PoCs from references. - https://github.com/Firebasky/Go - https://github.com/Metarget/awesome-cloud-native-security - https://github.com/SexyBeast233/SecBooks +- https://github.com/reni2study/Cloud-Native-Security2 +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-21300.md b/2021/CVE-2021-21300.md index a1e05d2ee3..45bb987235 100644 --- a/2021/CVE-2021-21300.md +++ b/2021/CVE-2021-21300.md @@ -25,5 +25,6 @@ Git is an open-source distributed revision control system. In affected versions - https://github.com/danshuizhangyu/CVE-2021-21300 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/erranfenech/CVE-2021-21300 +- https://github.com/fengzhouc/CVE-2021-21300 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-21311.md b/2021/CVE-2021-21311.md index b3b103c642..0afd2e5298 100644 --- a/2021/CVE-2021-21311.md +++ b/2021/CVE-2021-21311.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/bpsizemore/RedKing - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-21315.md b/2021/CVE-2021-21315.md index ff5a217553..3b3488ff6c 100644 --- a/2021/CVE-2021-21315.md +++ b/2021/CVE-2021-21315.md @@ -19,15 +19,24 @@ No PoCs from references. - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/FB-Sec/exploits - https://github.com/ForbiddenProgrammer/CVE-2021-21315-PoC +- https://github.com/Ki11i0n4ir3/CVE-2021-21315 +- https://github.com/MazX0p/CVE-2021-21315-exploit - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks +- https://github.com/alikarimi999/CVE-2021-21315 - https://github.com/bigblackhat/oFx - https://github.com/cherrera0001/CVE-2021-21315v2 - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/errorecho/CVEs-Collection - https://github.com/huike007/penetration_poc +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/n1sh1th/CVE-POC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/taielab/awesome-hacking-lists +- https://github.com/thelostvoice/global-takeover +- https://github.com/thelostvoice/inept-us-military +- https://github.com/tzwlhack/Vulnerability - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +- https://github.com/xMohamed0/CVE-2021-21315-POC diff --git a/2021/CVE-2021-21334.md b/2021/CVE-2021-21334.md new file mode 100644 index 0000000000..4897bea467 --- /dev/null +++ b/2021/CVE-2021-21334.md @@ -0,0 +1,17 @@ +### [CVE-2021-21334](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21334) +![](https://img.shields.io/static/v1?label=Product&message=containerd&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=%7B%22CWE-668%22%3A%22Exposure%20of%20Resource%20to%20Wrong%20Sphere%22%7D&color=brighgreen) + +### Description + +In containerd (an industry-standard container runtime) before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation (through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service) that share the same image may receive incorrect environment variables, including values that are defined for other containers. If the affected containers have different security contexts, this may allow sensitive information to be unintentionally shared. If you are not using containerd's CRI implementation (through one of the mechanisms described above), you are not vulnerable to this issue. If you are not launching multiple containers or Kubernetes pods from the same image which have different environment variables, you are not vulnerable to this issue. If you are not launching multiple containers or Kubernetes pods from the same image in rapid succession, you have reduced likelihood of being vulnerable to this issue This vulnerability has been fixed in containerd 1.3.10 and containerd 1.4.4. Users should update to these versions. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/joemcmanus/threatstackReport + diff --git a/2021/CVE-2021-21344.md b/2021/CVE-2021-21344.md index a055dc86c0..97f0e2ff5f 100644 --- a/2021/CVE-2021-21344.md +++ b/2021/CVE-2021-21344.md @@ -16,5 +16,6 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/fynch3r/Gadgets +- https://github.com/tzwlhack/Vulnerability - https://github.com/x-poc/xstream-poc diff --git a/2021/CVE-2021-2135.md b/2021/CVE-2021-2135.md index 1e7dcd1bcc..45362768a2 100644 --- a/2021/CVE-2021-2135.md +++ b/2021/CVE-2021-2135.md @@ -13,5 +13,6 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware No PoCs from references. #### Github +- https://github.com/R17a-17/JavaVulnSummary - https://github.com/SexyBeast233/SecBooks diff --git a/2021/CVE-2021-21351.md b/2021/CVE-2021-21351.md index ed3b5c6323..8930751569 100644 --- a/2021/CVE-2021-21351.md +++ b/2021/CVE-2021-21351.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/asa1997/topgear_test - https://github.com/fynch3r/Gadgets - https://github.com/wh1t3p1g/tabby - https://github.com/x-poc/xstream-poc diff --git a/2021/CVE-2021-21402.md b/2021/CVE-2021-21402.md index 6a6f95e040..062b487d66 100644 --- a/2021/CVE-2021-21402.md +++ b/2021/CVE-2021-21402.md @@ -26,6 +26,9 @@ No PoCs from references. - https://github.com/givemefivw/CVE-2021-21402 - https://github.com/gkhan496/WDIR - https://github.com/jiaocoll/CVE-2021-21402-Jellyfin +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/ltfafei/my_POC - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/somatrasss/CVE-2021-21402 +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-21425.md b/2021/CVE-2021-21425.md index f7adf052a4..7705830d55 100644 --- a/2021/CVE-2021-21425.md +++ b/2021/CVE-2021-21425.md @@ -16,7 +16,9 @@ Grav Admin Plugin is an HTML user interface that provides a way to configure Gra #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/CsEnox/CVE-2021-21425 - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/gkhan496/WDIR - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-21514.md b/2021/CVE-2021-21514.md index 5cf26d2d89..900c9530aa 100644 --- a/2021/CVE-2021-21514.md +++ b/2021/CVE-2021-21514.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/RhinoSecurityLabs/CVEs - https://github.com/SexyBeast233/SecBooks - https://github.com/sunzu94/AWS-CVEs +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-21551.md b/2021/CVE-2021-21551.md index c74f1864a7..a0ea4847b7 100644 --- a/2021/CVE-2021-21551.md +++ b/2021/CVE-2021-21551.md @@ -17,18 +17,22 @@ Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability - https://github.com/ARPSyndicate/cvemon - https://github.com/Ascotbe/Kernelhub - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/Kinsiinoo/PoshDellDBUtil - https://github.com/Purp1eW0lf/Blue-Team-Notes - https://github.com/SyncroScripting/Artichoke_Consulting - https://github.com/arnaudluti/PS-CVE-2021-21551 +- https://github.com/ashburndev/aws-sdk-s3-myapp - https://github.com/ch3rn0byl/CVE-2021-21551 - https://github.com/fsctcommunity/Policies - https://github.com/hfiref0x/KDU +- https://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551 - https://github.com/jbaines-r7/dellicious - https://github.com/mathisvickie/CVE-2021-21551 - https://github.com/mathisvickie/KMAC - https://github.com/mzakocs/CVE-2021-21551-POC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/taielab/awesome-hacking-lists +- https://github.com/tzwlhack/Vulnerability - https://github.com/waldo-irc/CVE-2021-21551 - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2021/CVE-2021-21677.md b/2021/CVE-2021-21677.md new file mode 100644 index 0000000000..41f260cf6e --- /dev/null +++ b/2021/CVE-2021-21677.md @@ -0,0 +1,17 @@ +### [CVE-2021-21677](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21677) +![](https://img.shields.io/static/v1?label=Product&message=Jenkins%20Code%20Coverage%20API%20Plugin&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%201.4.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) + +### Description + +Jenkins Code Coverage API Plugin 1.4.0 and earlier does not apply Jenkins JEP-200 deserialization protection to Java objects it deserializes from disk, resulting in a remote code execution vulnerability. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/R17a-17/JavaVulnSummary + diff --git a/2021/CVE-2021-21680.md b/2021/CVE-2021-21680.md new file mode 100644 index 0000000000..50c6ac21a8 --- /dev/null +++ b/2021/CVE-2021-21680.md @@ -0,0 +1,17 @@ +### [CVE-2021-21680](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21680) +![](https://img.shields.io/static/v1?label=Product&message=Jenkins%20Nested%20View%20Plugin&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%201.20%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-611%3A%20Improper%20Restriction%20of%20XML%20External%20Entity%20Reference&color=brighgreen) + +### Description + +Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity (XXE) attacks. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/R17a-17/JavaVulnSummary + diff --git a/2021/CVE-2021-21972.md b/2021/CVE-2021-21972.md index e85bb79e9f..ee616bc9a3 100644 --- a/2021/CVE-2021-21972.md +++ b/2021/CVE-2021-21972.md @@ -40,11 +40,13 @@ The vSphere Client (HTML5) contains a remote code execution vulnerability in a v - https://github.com/Whitehorse-rainbow/-Infiltration-summary - https://github.com/bhassani/Recent-CVE - https://github.com/bhdresh/SnortRules +- https://github.com/byteofjoshua/CVE-2021-21972 - https://github.com/conjojo/VMware_vCenter_UNAuthorized_RCE_CVE-2021-21972 - https://github.com/d3sh1n/cve-2021-21972 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/githubfoam/ubuntu_sandbox - https://github.com/gobysec/Goby +- https://github.com/haiclover/CVE-2021-21972 - https://github.com/halencarjunior/vcenter-rce-2021-21972 - https://github.com/horizon3ai/CVE-2021-21972 - https://github.com/huike007/penetration_poc @@ -52,6 +54,7 @@ The vSphere Client (HTML5) contains a remote code execution vulnerability in a v - https://github.com/joanbono/nuclei-templates - https://github.com/jweny/pocassistdb - https://github.com/k8gege/LadonGo +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/mdisec/mdisec-twitch-yayinlari - https://github.com/milo2012/CVE-2021-21972 - https://github.com/mstxq17/SecurityArticleLogger @@ -62,12 +65,15 @@ The vSphere Client (HTML5) contains a remote code execution vulnerability in a v - https://github.com/password520/LadonGo - https://github.com/pettyhacks/vSphereyeeter - https://github.com/psc4re/NSE-scripts +- https://github.com/r0eXpeR/supplier - https://github.com/renini/CVE-2021-21972 - https://github.com/robwillisinfo/VMware_vCenter_CVE-2021-21972 - https://github.com/saucer-man/exploit - https://github.com/stevenp322/cve-2021-21972 - https://github.com/tijldeneut/Security - https://github.com/tom0li/collection-document +- https://github.com/tzwlhack/Vulnerability +- https://github.com/viksafe/Get-vSphereVersion - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/yaunsky/CVE-2021-21972 - https://github.com/zhzyker/vulmap diff --git a/2021/CVE-2021-21973.md b/2021/CVE-2021-21973.md index b4e261d890..b08dd7da9b 100644 --- a/2021/CVE-2021-21973.md +++ b/2021/CVE-2021-21973.md @@ -19,8 +19,10 @@ No PoCs from references. - https://github.com/DaveCrown/vmware-kb82374 - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/byteofjoshua/CVE-2021-21972 - https://github.com/freakanonymous/CVE-2021-21973-Automateme - https://github.com/murataydemir/CVE-2021-21972 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/psc4re/NSE-scripts +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-21975.md b/2021/CVE-2021-21975.md index 133e255d89..2be01bb108 100644 --- a/2021/CVE-2021-21975.md +++ b/2021/CVE-2021-21975.md @@ -27,6 +27,7 @@ Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) - https://github.com/SexyBeast233/SecBooks - https://github.com/SouthWind0/southwind0.github.io - https://github.com/TheTh1nk3r/exp_hub +- https://github.com/Timirepo/CVE_Exploits - https://github.com/Vulnmachines/VMWare-CVE-2021-21975 - https://github.com/bigblackhat/oFx - https://github.com/dorkerdevil/CVE-2021-21975 @@ -36,6 +37,8 @@ Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) - https://github.com/murataydemir/CVE-2021-21975 - https://github.com/n1sh1th/CVE-POC - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/r0eXpeR/supplier - https://github.com/rabidwh0re/REALITY_SMASHER +- https://github.com/tzwlhack/Vulnerability - https://github.com/zhzyker/vulmap diff --git a/2021/CVE-2021-21978.md b/2021/CVE-2021-21978.md index 4216f177b8..afe3f53b4f 100644 --- a/2021/CVE-2021-21978.md +++ b/2021/CVE-2021-21978.md @@ -30,5 +30,6 @@ VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code exe - https://github.com/n1sh1th/CVE-POC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/skytina/CVE-2021-21978 +- https://github.com/tzwlhack/Vulnerability - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2021/CVE-2021-21979.md b/2021/CVE-2021-21979.md index 796ae5f41f..73870e362e 100644 --- a/2021/CVE-2021-21979.md +++ b/2021/CVE-2021-21979.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/ssst0n3/my_vulnerabilities +- https://github.com/ssst0n3/ssst0n3 diff --git a/2021/CVE-2021-21985.md b/2021/CVE-2021-21985.md index 3ea01c6937..776fe3b3b4 100644 --- a/2021/CVE-2021-21985.md +++ b/2021/CVE-2021-21985.md @@ -22,15 +22,21 @@ The vSphere Client (HTML5) contains a remote code execution vulnerability due to - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/Spacial/awesome-csirt +- https://github.com/aristosMiliaressis/CVE-2021-21985 +- https://github.com/bigbroke/CVE-2021-21985 - https://github.com/brandonshiyay/My-Security-Learning-Resources - https://github.com/daedalus/CVE-2021-21985 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups +- https://github.com/haiclover/CVE-2021-21985 - https://github.com/joydo/CVE-Writeups +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/mauricelambert/CVE-2021-21985 - https://github.com/n1sh1th/CVE-POC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/onSec-fr/CVE-2021-21985-Checker - https://github.com/r0ckysec/CVE-2021-21985 +- https://github.com/r0eXpeR/supplier +- https://github.com/sknux/CVE-2021-21985_PoC - https://github.com/testanull/Project_CVE-2021-21985_PoC - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xnianq/cve-2021-21985_exp diff --git a/2021/CVE-2021-22005.md b/2021/CVE-2021-22005.md index 02b98225d3..e03b55fbe5 100644 --- a/2021/CVE-2021-22005.md +++ b/2021/CVE-2021-22005.md @@ -13,11 +13,27 @@ The vCenter Server contains an arbitrary file upload vulnerability in the Analyt - http://packetstormsecurity.com/files/164439/VMware-vCenter-Server-Analytics-CEIP-Service-File-Upload.html #### Github +- https://github.com/1ZRR4H/CVE-2021-22005 +- https://github.com/5gstudent/CVE-2021-22005- - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/CHYbeta/Vuln100Topics20 +- https://github.com/FDlucifer/firece-fish +- https://github.com/Jun-5heng/CVE-2021-22005 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/RedTeamExp/CVE-2021-22005_PoC +- https://github.com/TaroballzChen/CVE-2021-22005-metasploit - https://github.com/TheTh1nk3r/exp_hub +- https://github.com/TiagoSergio/CVE-2021-22005 +- https://github.com/Timirepo/CVE_Exploits +- https://github.com/X1pe0/VMWare-CVE-Check - https://github.com/hanc00l/some_pocsuite +- https://github.com/nday-ldgz/ZoomEye-dork - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/pisut4152/Sigma-Rule-for-CVE-2021-22005-scanning-activity +- https://github.com/r0ckysec/CVE-2021-22005 +- https://github.com/r0eXpeR/supplier +- https://github.com/rwincey/CVE-2021-22005 +- https://github.com/viksafe/Get-vSphereVersion - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2021/CVE-2021-22053.md b/2021/CVE-2021-22053.md index 3b6153044f..04c8f59b62 100644 --- a/2021/CVE-2021-22053.md +++ b/2021/CVE-2021-22053.md @@ -15,6 +15,8 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/SecCoder-Security-Lab/spring-cloud-netflix-hystrix-dashboard-cve-2021-22053 +- https://github.com/Vulnmachines/CVE-2021-22053 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-22119.md b/2021/CVE-2021-22119.md index eb4b2daeba..f982f131b6 100644 --- a/2021/CVE-2021-22119.md +++ b/2021/CVE-2021-22119.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/mari6274/oauth-client-exploit - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-22123.md b/2021/CVE-2021-22123.md index 18fa39430a..3992ca048f 100644 --- a/2021/CVE-2021-22123.md +++ b/2021/CVE-2021-22123.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/murataydemir/CVE-2021-22123 +- https://github.com/r0eXpeR/supplier diff --git a/2021/CVE-2021-22146.md b/2021/CVE-2021-22146.md index c324e7b12d..237738c7a9 100644 --- a/2021/CVE-2021-22146.md +++ b/2021/CVE-2021-22146.md @@ -13,5 +13,6 @@ All versions of Elastic Cloud Enterprise has the Elasticsearch “anonymous” u - http://packetstormsecurity.com/files/163655/Elasticsearch-ECE-7.13.3-Database-Disclosure.html #### Github -No PoCs found on GitHub currently. +- https://github.com/errorecho/CVEs-Collection +- https://github.com/magichk/cve-2021-22146 diff --git a/2021/CVE-2021-22176.md b/2021/CVE-2021-22176.md index 6447d956e1..0ac60e2988 100644 --- a/2021/CVE-2021-22176.md +++ b/2021/CVE-2021-22176.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-22178.md b/2021/CVE-2021-22178.md index 064cb7c0d3..08cb974eb8 100644 --- a/2021/CVE-2021-22178.md +++ b/2021/CVE-2021-22178.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-22181.md b/2021/CVE-2021-22181.md new file mode 100644 index 0000000000..fb7f9276ca --- /dev/null +++ b/2021/CVE-2021-22181.md @@ -0,0 +1,17 @@ +### [CVE-2021-22181](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22181) +![](https://img.shields.io/static/v1?label=Product&message=GitLab&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Uncontrolled%20resource%20consumption%20in%20GitLab&color=brighgreen) + +### Description + +A denial of service vulnerability in GitLab CE/EE affecting all versions since 11.8 allows an attacker to create a recursive pipeline relationship and exhaust resources. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/righel/gitlab-version-nse + diff --git a/2021/CVE-2021-22188.md b/2021/CVE-2021-22188.md index 2c5eae6108..7880f0c7dc 100644 --- a/2021/CVE-2021-22188.md +++ b/2021/CVE-2021-22188.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-22192.md b/2021/CVE-2021-22192.md index 7a9d0b5bcb..8ebbb4aeb8 100644 --- a/2021/CVE-2021-22192.md +++ b/2021/CVE-2021-22192.md @@ -19,4 +19,5 @@ No PoCs from references. - https://github.com/lyy289065406/CVE-2021-22192 - https://github.com/lyy289065406/lyy289065406 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-22204.md b/2021/CVE-2021-22204.md index a04c25d05c..c401edf84d 100644 --- a/2021/CVE-2021-22204.md +++ b/2021/CVE-2021-22204.md @@ -18,19 +18,30 @@ Improper neutralization of user data in the DjVu file format in ExifTool version #### Github - https://github.com/0xsyr0/OSCP - https://github.com/ARPSyndicate/cvemon +- https://github.com/Al1ex/CVE-2021-22205 +- https://github.com/AssassinUKG/CVE-2021-22204 - https://github.com/CsEnox/Gitlab-Exiftool-RCE - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/Konstantinos-Papanagnou/CMSpit +- https://github.com/PenTestical/CVE-2021-22204 - https://github.com/SexyBeast233/SecBooks - https://github.com/bilkoh/POC-CVE-2021-22204 - https://github.com/binganao/vulns-2022 - https://github.com/convisolabs/CVE-2021-22204-exiftool +- https://github.com/devdanqtuan/CVE-2021-22205 - https://github.com/gkhan496/WDIR - https://github.com/harsh-bothra/learn365 - https://github.com/hongson97/ctf-challenges +- https://github.com/htrgouvea/research - https://github.com/mr-r3bot/Gitlab-CVE-2021-22205 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/oneoy/Gitlab-Exiftool-RCE +- https://github.com/ph-arm/CVE-2021-22204-Gitlab +- https://github.com/pizza-power/Golang-CVE-2021-22205-POC +- https://github.com/runsel/GitLab-CVE-2021-22205- - https://github.com/se162xg/CVE-2021-22204 - https://github.com/star-sg/CVE - https://github.com/szTheory/exifcleaner - https://github.com/trganda/CVE-2021-22204 +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-22205.md b/2021/CVE-2021-22205.md index d922358a22..c46868d2c6 100644 --- a/2021/CVE-2021-22205.md +++ b/2021/CVE-2021-22205.md @@ -14,14 +14,39 @@ An issue has been discovered in GitLab CE/EE affecting all versions starting fro - http://packetstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.html #### Github +- https://github.com/0x0021h/expbox - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/AkBanner/CVE-2021-22205 +- https://github.com/Al1ex/CVE-2021-22205 +- https://github.com/DIVD-NL/GitLab-cve-2021-22205-nse +- https://github.com/FDlucifer/firece-fish - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Qclover/Gitlab_RCE_CVE_2021_22205 +- https://github.com/Seals6/CVE-2021-22205 - https://github.com/SexyBeast233/SecBooks +- https://github.com/X1pe0/Automated-Gitlab-RCE +- https://github.com/XTeam-Wing/CVE-2021-22205 +- https://github.com/ahmad4fifz/CVE-2021-22205 +- https://github.com/antx-code/CVE-2021-22205 +- https://github.com/c0okB/CVE-2021-22205 +- https://github.com/devdanqtuan/CVE-2021-22205 +- https://github.com/faisalfs10x/GitLab-CVE-2021-22205-scanner +- https://github.com/findneo/GitLab-preauth-RCE_CVE-2021-22205 - https://github.com/hanc00l/some_pocsuite +- https://github.com/hh-hunter/cve-2021-22205 +- https://github.com/inspiringz/CVE-2021-22205 +- https://github.com/jas502n/GitlabVer +- https://github.com/jusk9527/GobyPoc - https://github.com/mr-r3bot/Gitlab-CVE-2021-22205 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/pizza-power/Golang-CVE-2021-22205-POC +- https://github.com/r0eXpeR/CVE-2021-22205 +- https://github.com/runsel/GitLab-CVE-2021-22205- +- https://github.com/sanqiushu-ns/POC-scan +- https://github.com/shang159/CVE-2021-22205-getshell - https://github.com/superfish9/pt +- https://github.com/whwlsfb/CVE-2021-22205 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/woods-sega/woodswiki diff --git a/2021/CVE-2021-22213.md b/2021/CVE-2021-22213.md new file mode 100644 index 0000000000..af10487447 --- /dev/null +++ b/2021/CVE-2021-22213.md @@ -0,0 +1,17 @@ +### [CVE-2021-22213](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22213) +![](https://img.shields.io/static/v1?label=Product&message=GitLab&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Insufficiently%20protected%20credentials%20in%20GitLab&color=brighgreen) + +### Description + +A cross-site leak vulnerability in the OAuth flow of all versions of GitLab CE/EE since 7.10 allowed an attacker to leak an OAuth access token by getting the victim to visit a malicious page with Safari + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/righel/gitlab-version-nse + diff --git a/2021/CVE-2021-22214.md b/2021/CVE-2021-22214.md index 5396a9c16b..ff0c4e65bd 100644 --- a/2021/CVE-2021-22214.md +++ b/2021/CVE-2021-22214.md @@ -16,8 +16,11 @@ When requests to the internal network for webhooks are enabled, a server-side re - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/SexyBeast233/SecBooks +- https://github.com/Vulnmachines/gitlab-cve-2021-22214 - https://github.com/YuraveON/YuraveON +- https://github.com/antx-code/CVE-2021-22214 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/r0ckysec/CVE-2021-22214 +- https://github.com/righel/gitlab-version-nse - https://github.com/vin01/CVEs diff --git a/2021/CVE-2021-2226.md b/2021/CVE-2021-2226.md new file mode 100644 index 0000000000..7f97d9f45e --- /dev/null +++ b/2021/CVE-2021-2226.md @@ -0,0 +1,17 @@ +### [CVE-2021-2226](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2226) +![](https://img.shields.io/static/v1?label=Product&message=MySQL%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%205.7.33%20and%20prior%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Easily%20exploitable%20vulnerability%20allows%20high%20privileged%20attacker%20with%20network%20access%20via%20multiple%20protocols%20to%20compromise%20MySQL%20Server.%20%20Successful%20attacks%20of%20this%20vulnerability%20can%20result%20in%20%20unauthorized%20access%20to%20critical%20data%20or%20complete%20access%20to%20all%20MySQL%20Server%20accessible%20data.&color=brighgreen) + +### Description + +Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ycamper/censys-scripts + diff --git a/2021/CVE-2021-22555.md b/2021/CVE-2021-22555.md index 8841738d08..75ba7749c4 100644 --- a/2021/CVE-2021-22555.md +++ b/2021/CVE-2021-22555.md @@ -19,15 +19,25 @@ A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in n #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/Al1ex/LinuxEelvation +- https://github.com/ChoKyuWon/exploit_articles +- https://github.com/EGI-Federation/SVG-advisories +- https://github.com/JoneyJunior/cve-2021-22555 - https://github.com/Metarget/awesome-cloud-native-security - https://github.com/Metarget/metarget - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/YunDingLab/struct_sanitizer - https://github.com/bcoles/kasld - https://github.com/bcoles/kernel-exploits - https://github.com/bsauce/kernel-exploit-factory - https://github.com/bsauce/kernel-security-learning +- https://github.com/cgwalters/container-cve-2021-22555 +- https://github.com/cpuu/LinuxKernelCVE +- https://github.com/ctrsploit/ctrsploit +- https://github.com/daletoniris/CVE-2021-22555-esc-priv - https://github.com/huike007/penetration_poc - https://github.com/joydo/CVE-Writeups +- https://github.com/reni2study/Cloud-Native-Security2 +- https://github.com/ssst0n3/ctrsploit_archived - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xairy/linux-kernel-exploitation diff --git a/2021/CVE-2021-22893.md b/2021/CVE-2021-22893.md index 51fd9409cb..00698e9741 100644 --- a/2021/CVE-2021-22893.md +++ b/2021/CVE-2021-22893.md @@ -17,7 +17,10 @@ No PoCs from references. - https://github.com/Mad-robot/CVE-2021-22893 - https://github.com/ZephrFish/CVE-2021-22893_HoneyPoC2 - https://github.com/bhassani/Recent-CVE +- https://github.com/byteofjoshua/CVE-2021-22893 - https://github.com/jipegit/IncidentsMindMaps +- https://github.com/mnatkin-splunk/pulse_connect_secure-splunk-csvs - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/r0eXpeR/supplier diff --git a/2021/CVE-2021-22898.md b/2021/CVE-2021-22898.md index 7991ad6bb8..796056e1b3 100644 --- a/2021/CVE-2021-22898.md +++ b/2021/CVE-2021-22898.md @@ -14,5 +14,6 @@ curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` com #### Github - https://github.com/GitHubForSnap/podcast-dl-gael +- https://github.com/devopstales/trivy-operator - https://github.com/falk-werner/cve-check diff --git a/2021/CVE-2021-22911.md b/2021/CVE-2021-22911.md index d090c38525..333a2acda0 100644 --- a/2021/CVE-2021-22911.md +++ b/2021/CVE-2021-22911.md @@ -16,5 +16,7 @@ A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3 #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/CsEnox/CVE-2021-22911 +- https://github.com/jayngng/CVE-2021-22911 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/optionalCTF/Rocket.Chat-Automated-Account-Takeover-RCE-CVE-2021-22911 diff --git a/2021/CVE-2021-22922.md b/2021/CVE-2021-22922.md index a9176da48a..f942952ed4 100644 --- a/2021/CVE-2021-22922.md +++ b/2021/CVE-2021-22922.md @@ -13,5 +13,6 @@ When curl is instructed to download content using the metalink feature, theconte No PoCs from references. #### Github +- https://github.com/Sudrien/metalink4-ruby - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-22941.md b/2021/CVE-2021-22941.md index 0a4549413f..3378800c22 100644 --- a/2021/CVE-2021-22941.md +++ b/2021/CVE-2021-22941.md @@ -14,6 +14,8 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/hoavt184/CVE-2021-22941 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/r0eXpeR/supplier diff --git a/2021/CVE-2021-22945.md b/2021/CVE-2021-22945.md index 51a4945953..e6164b323f 100644 --- a/2021/CVE-2021-22945.md +++ b/2021/CVE-2021-22945.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/GitHubForSnap/podcast-dl-gael +- https://github.com/devopstales/trivy-operator diff --git a/2021/CVE-2021-22946.md b/2021/CVE-2021-22946.md index 0028551609..157db6a0ef 100644 --- a/2021/CVE-2021-22946.md +++ b/2021/CVE-2021-22946.md @@ -14,4 +14,6 @@ No PoCs from references. #### Github - https://github.com/GitHubForSnap/podcast-dl-gael +- https://github.com/devopstales/trivy-operator +- https://github.com/hetmehtaa/bug-bounty-noob diff --git a/2021/CVE-2021-22947.md b/2021/CVE-2021-22947.md index 71218f1002..5c1a691b05 100644 --- a/2021/CVE-2021-22947.md +++ b/2021/CVE-2021-22947.md @@ -14,4 +14,6 @@ No PoCs from references. #### Github - https://github.com/GitHubForSnap/podcast-dl-gael +- https://github.com/devopstales/trivy-operator +- https://github.com/hetmehtaa/bug-bounty-noob diff --git a/2021/CVE-2021-22968.md b/2021/CVE-2021-22968.md new file mode 100644 index 0000000000..ef07eff6e8 --- /dev/null +++ b/2021/CVE-2021-22968.md @@ -0,0 +1,17 @@ +### [CVE-2021-22968](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22968) +![](https://img.shields.io/static/v1?label=Product&message=https%3A%2F%2Fgithub.com%2Fconcrete5%2Fconcrete5&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20File%20Inclusion%20(CWE-98)&color=brighgreen) + +### Description + +A bypass of adding remote files in Concrete CMS (previously concrete5) File Manager leads to remote code execution in Concrete CMS (concrete5) versions 8.5.6 and below.The external file upload feature stages files in the public directory even if they have disallowed file extensions. They are stored in a directory with a random name, but it's possible to stall the uploads and brute force the directory name. You have to be an admin with the ability to upload files, but this bug gives you the ability to upload restricted file types and execute them depending on server configuration.To fix this, a check for allowed file extensions was added before downloading files to a tmp directory.Concrete CMS Security Team gave this a CVSS v3.1 score of 5.4 AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:NThis fix is also in Concrete version 9.0.0 + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fortbridge/concrete-cms + diff --git a/2021/CVE-2021-22986.md b/2021/CVE-2021-22986.md index bcedfe7b1a..ea9e0009b2 100644 --- a/2021/CVE-2021-22986.md +++ b/2021/CVE-2021-22986.md @@ -34,15 +34,21 @@ On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before - https://github.com/bigblackhat/oFx - https://github.com/dorkerdevil/CVE-2021-22986-Poc - https://github.com/dotslashed/CVE-2021-22986 +- https://github.com/gmatuz/inthewilddb - https://github.com/huike007/penetration_poc +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/luck-ying/Library-POC - https://github.com/n1sh1th/CVE-POC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/papa-anniekey/CustomSignatures +- https://github.com/r0eXpeR/supplier - https://github.com/safesword/F5_RCE - https://github.com/saucer-man/exploit - https://github.com/superfish9/pt +- https://github.com/takeboy/https-github.com-taomujian-linbing - https://github.com/taomujian/linbing +- https://github.com/tzwlhack/Vulnerability - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/yaunsky/CVE-202122986-EXP +- https://github.com/zmylml/yangzifun diff --git a/2021/CVE-2021-22991.md b/2021/CVE-2021-22991.md index aa79a7583c..461d9f5680 100644 --- a/2021/CVE-2021-22991.md +++ b/2021/CVE-2021-22991.md @@ -16,4 +16,6 @@ No PoCs from references. - https://github.com/DNTYO/F5_Vulnerability - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/r0eXpeR/supplier +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-22992.md b/2021/CVE-2021-22992.md index 9a0248ecc2..27a4b3b3c8 100644 --- a/2021/CVE-2021-22992.md +++ b/2021/CVE-2021-22992.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/DNTYO/F5_Vulnerability +- https://github.com/r0eXpeR/supplier diff --git a/2021/CVE-2021-23008.md b/2021/CVE-2021-23008.md new file mode 100644 index 0000000000..fef82fd424 --- /dev/null +++ b/2021/CVE-2021-23008.md @@ -0,0 +1,17 @@ +### [CVE-2021-23008](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23008) +![](https://img.shields.io/static/v1?label=Product&message=BIG-IP%20APM&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Unauthorized%20access&color=brighgreen) + +### Description + +On version 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, 12.1.x before 12.1.6, and all versions of 16.0.x and 11.6.x., BIG-IP APM AD (Active Directory) authentication can be bypassed via a spoofed AS-REP (Kerberos Authentication Service Response) response sent over a hijacked KDC (Kerberos Key Distribution Center) connection or from an AD server compromised by an attacker. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2021/CVE-2021-2302.md b/2021/CVE-2021-2302.md index 7fc38a581c..9d37716447 100644 --- a/2021/CVE-2021-2302.md +++ b/2021/CVE-2021-2302.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/quynhle7821/CVE-2021-2302 diff --git a/2021/CVE-2021-2305.md b/2021/CVE-2021-2305.md new file mode 100644 index 0000000000..6f10f68198 --- /dev/null +++ b/2021/CVE-2021-2305.md @@ -0,0 +1,17 @@ +### [CVE-2021-2305](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2305) +![](https://img.shields.io/static/v1?label=Product&message=MySQL%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%208.0.23%20and%20prior%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Easily%20exploitable%20vulnerability%20allows%20high%20privileged%20attacker%20with%20network%20access%20via%20multiple%20protocols%20to%20compromise%20MySQL%20Server.%20%20Successful%20attacks%20of%20this%20vulnerability%20can%20result%20in%20unauthorized%20ability%20to%20cause%20a%20hang%20or%20frequently%20repeatable%20crash%20(complete%20DOS)%20of%20MySQL%20Server.&color=brighgreen) + +### Description + +Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ycamper/censys-scripts + diff --git a/2021/CVE-2021-23132.md b/2021/CVE-2021-23132.md index de3e6b2d8d..e3257276ea 100644 --- a/2021/CVE-2021-23132.md +++ b/2021/CVE-2021-23132.md @@ -21,6 +21,8 @@ No PoCs from references. - https://github.com/SexyBeast233/SecBooks - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/huike007/penetration_poc +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2021/CVE-2021-2328.md b/2021/CVE-2021-2328.md new file mode 100644 index 0000000000..192ad50a04 --- /dev/null +++ b/2021/CVE-2021-2328.md @@ -0,0 +1,17 @@ +### [CVE-2021-2328](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2328) +![](https://img.shields.io/static/v1?label=Product&message=Text&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2012.1.0.2%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Easily%20exploitable%20vulnerability%20allows%20high%20privileged%20attacker%20having%20Create%20Any%20Procedure%2C%20Alter%20Any%20Table%20privilege%20with%20network%20access%20via%20Oracle%20Net%20to%20compromise%20Oracle%20Text.%20%20Successful%20attacks%20of%20this%20vulnerability%20can%20result%20in%20takeover%20of%20Oracle%20Text.&color=brighgreen) + +### Description + +Vulnerability in the Oracle Text component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any Procedure, Alter Any Table privilege with network access via Oracle Net to compromise Oracle Text. Successful attacks of this vulnerability can result in takeover of Oracle Text. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/deepakdba/cve_checklist + diff --git a/2021/CVE-2021-2329.md b/2021/CVE-2021-2329.md new file mode 100644 index 0000000000..ddb4186ad9 --- /dev/null +++ b/2021/CVE-2021-2329.md @@ -0,0 +1,17 @@ +### [CVE-2021-2329](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2329) +![](https://img.shields.io/static/v1?label=Product&message=Database%20-%20Enterprise%20Edition&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2012.1.0.2%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Easily%20exploitable%20vulnerability%20allows%20high%20privileged%20attacker%20having%20Create%20Any%20Procedure%2C%20Create%20Public%20Synonym%20privilege%20with%20network%20access%20via%20Oracle%20Net%20to%20compromise%20Oracle%20XML%20DB.%20%20Successful%20attacks%20of%20this%20vulnerability%20can%20result%20in%20takeover%20of%20Oracle%20XML%20DB.&color=brighgreen) + +### Description + +Vulnerability in the Oracle XML DB component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any Procedure, Create Public Synonym privilege with network access via Oracle Net to compromise Oracle XML DB. Successful attacks of this vulnerability can result in takeover of Oracle XML DB. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/deepakdba/cve_checklist + diff --git a/2021/CVE-2021-2330.md b/2021/CVE-2021-2330.md new file mode 100644 index 0000000000..9f50a4db67 --- /dev/null +++ b/2021/CVE-2021-2330.md @@ -0,0 +1,17 @@ +### [CVE-2021-2330](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2330) +![](https://img.shields.io/static/v1?label=Product&message=Database%20-%20Enterprise%20Edition&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2019c%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Easily%20exploitable%20vulnerability%20allows%20low%20privileged%20attacker%20having%20Create%20Table%20privilege%20with%20network%20access%20via%20Oracle%20Net%20to%20compromise%20Core%20RDBMS.%20%20Successful%20attacks%20of%20this%20vulnerability%20can%20result%20in%20unauthorized%20ability%20to%20cause%20a%20partial%20denial%20of%20service%20(partial%20DOS)%20of%20Core%20RDBMS.&color=brighgreen) + +### Description + +Vulnerability in the Core RDBMS component of Oracle Database Server. The supported version that is affected is 19c. Easily exploitable vulnerability allows low privileged attacker having Create Table privilege with network access via Oracle Net to compromise Core RDBMS. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Core RDBMS. CVSS 3.1 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/deepakdba/cve_checklist + diff --git a/2021/CVE-2021-2333.md b/2021/CVE-2021-2333.md new file mode 100644 index 0000000000..a074c3dd07 --- /dev/null +++ b/2021/CVE-2021-2333.md @@ -0,0 +1,17 @@ +### [CVE-2021-2333](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2333) +![](https://img.shields.io/static/v1?label=Product&message=Database%20-%20Enterprise%20Edition&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2012.1.0.2%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Easily%20exploitable%20vulnerability%20allows%20high%20privileged%20attacker%20having%20Alter%20User%20privilege%20with%20network%20access%20via%20Oracle%20Net%20to%20compromise%20Oracle%20XML%20DB.%20%20Successful%20attacks%20of%20this%20vulnerability%20can%20result%20in%20%20unauthorized%20access%20to%20critical%20data%20or%20complete%20access%20to%20all%20Oracle%20XML%20DB%20accessible%20data.&color=brighgreen) + +### Description + +Vulnerability in the Oracle XML DB component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having Alter User privilege with network access via Oracle Net to compromise Oracle XML DB. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle XML DB accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/deepakdba/cve_checklist + diff --git a/2021/CVE-2021-23337.md b/2021/CVE-2021-23337.md index 9777d24b6d..85ba9a5208 100644 --- a/2021/CVE-2021-23337.md +++ b/2021/CVE-2021-23337.md @@ -22,4 +22,6 @@ Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the tem - https://github.com/andisfar/LaunchQtCreator - https://github.com/anthonykirby/lora-packet - https://github.com/marcosrg9/YouTubeTV +- https://github.com/p-rog/cve-analyser +- https://github.com/samoylenko/sample-vulnerable-app-nodejs-express diff --git a/2021/CVE-2021-23338.md b/2021/CVE-2021-23338.md index 190ff4f435..f3c673b80c 100644 --- a/2021/CVE-2021-23338.md +++ b/2021/CVE-2021-23338.md @@ -13,5 +13,5 @@ This affects all versions of package qlib. The workflow function in cli part of - https://github.com/418sec/huntr/pull/1329 #### Github -No PoCs found on GitHub currently. +- https://github.com/ajmalabubakkr/CVE diff --git a/2021/CVE-2021-23358.md b/2021/CVE-2021-23358.md index 682599f20e..c55db27d18 100644 --- a/2021/CVE-2021-23358.md +++ b/2021/CVE-2021-23358.md @@ -18,4 +18,5 @@ The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before #### Github - https://github.com/Ghifari160/splash - https://github.com/andisfar/LaunchQtCreator +- https://github.com/k1LoW/oshka diff --git a/2021/CVE-2021-2337.md b/2021/CVE-2021-2337.md new file mode 100644 index 0000000000..b6dba7e6a5 --- /dev/null +++ b/2021/CVE-2021-2337.md @@ -0,0 +1,17 @@ +### [CVE-2021-2337](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2337) +![](https://img.shields.io/static/v1?label=Product&message=Database%20-%20Enterprise%20Edition&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2012.1.0.2%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Easily%20exploitable%20vulnerability%20allows%20high%20privileged%20attacker%20having%20Create%20Any%20Procedure%2C%20Create%20Public%20Synonym%20privilege%20with%20network%20access%20via%20Oracle%20Net%20to%20compromise%20Oracle%20XML%20DB.%20%20Successful%20attacks%20of%20this%20vulnerability%20can%20result%20in%20takeover%20of%20Oracle%20XML%20DB.&color=brighgreen) + +### Description + +Vulnerability in the Oracle XML DB component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any Procedure, Create Public Synonym privilege with network access via Oracle Net to compromise Oracle XML DB. Successful attacks of this vulnerability can result in takeover of Oracle XML DB. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/deepakdba/cve_checklist + diff --git a/2021/CVE-2021-23383.md b/2021/CVE-2021-23383.md index 962d9f4644..790ac08174 100644 --- a/2021/CVE-2021-23383.md +++ b/2021/CVE-2021-23383.md @@ -17,5 +17,6 @@ The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when s #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/dn9uy3n/Check-CVE-2021-23383 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-23424.md b/2021/CVE-2021-23424.md index b3dc60849b..0729a05827 100644 --- a/2021/CVE-2021-23424.md +++ b/2021/CVE-2021-23424.md @@ -14,5 +14,5 @@ This affects all versions of package ansi-html. If an attacker provides a malici - https://snyk.io/vuln/SNYK-JS-ANSIHTML-1296849 #### Github -No PoCs found on GitHub currently. +- https://github.com/jra89/thethirdparty diff --git a/2021/CVE-2021-2351.md b/2021/CVE-2021-2351.md index 0a6154e985..4fcb5af967 100644 --- a/2021/CVE-2021-2351.md +++ b/2021/CVE-2021-2351.md @@ -16,5 +16,5 @@ Vulnerability in the Advanced Networking Option component of Oracle Database Ser - http://seclists.org/fulldisclosure/2021/Dec/20 #### Github -No PoCs found on GitHub currently. +- https://github.com/deepakdba/cve_checklist diff --git a/2021/CVE-2021-23839.md b/2021/CVE-2021-23839.md index 1723ad37f2..fddd071132 100644 --- a/2021/CVE-2021-23839.md +++ b/2021/CVE-2021-23839.md @@ -14,4 +14,7 @@ OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a ser #### Github - https://github.com/falk-werner/cve-check +- https://github.com/jntass/TASSL-1.1.1k +- https://github.com/thecyberbaby/Trivy-by-aquaSecurity +- https://github.com/vinamra28/tekton-image-scan-trivy diff --git a/2021/CVE-2021-23840.md b/2021/CVE-2021-23840.md index c0e3884382..059824f67b 100644 --- a/2021/CVE-2021-23840.md +++ b/2021/CVE-2021-23840.md @@ -18,4 +18,7 @@ Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow #### Github - https://github.com/falk-werner/cve-check +- https://github.com/jntass/TASSL-1.1.1k +- https://github.com/thecyberbaby/Trivy-by-aquaSecurity +- https://github.com/vinamra28/tekton-image-scan-trivy diff --git a/2021/CVE-2021-23841.md b/2021/CVE-2021-23841.md index 71a5a2e7a8..bf06f605d9 100644 --- a/2021/CVE-2021-23841.md +++ b/2021/CVE-2021-23841.md @@ -16,4 +16,7 @@ The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create #### Github - https://github.com/falk-werner/cve-check +- https://github.com/jntass/TASSL-1.1.1k +- https://github.com/thecyberbaby/Trivy-by-aquaSecurity +- https://github.com/vinamra28/tekton-image-scan-trivy diff --git a/2021/CVE-2021-2394.md b/2021/CVE-2021-2394.md index b544dff3c5..c949796a72 100644 --- a/2021/CVE-2021-2394.md +++ b/2021/CVE-2021-2394.md @@ -14,7 +14,10 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/BabyTeam1024/CVE-2021-2394 - https://github.com/SexyBeast233/SecBooks +- https://github.com/freeide/CVE-2021-2394 +- https://github.com/lz2y/CVE-2021-2394 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-24074.md b/2021/CVE-2021-24074.md index 3cbb41f5db..fa2ad7a7ea 100644 --- a/2021/CVE-2021-24074.md +++ b/2021/CVE-2021-24074.md @@ -28,4 +28,5 @@ No PoCs from references. #### Github - https://github.com/0vercl0k/CVE-2021-24086 - https://github.com/Spacial/awesome-csirt +- https://github.com/lisinan988/CVE-2021-24086-exp diff --git a/2021/CVE-2021-24084.md b/2021/CVE-2021-24084.md index a6e06063d7..7c18caa3be 100644 --- a/2021/CVE-2021-24084.md +++ b/2021/CVE-2021-24084.md @@ -27,6 +27,8 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/exploitblizzard/WindowsMDM-LPE-0Day - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/ohnonoyesyes/CVE-2021-24084 - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-24086.md b/2021/CVE-2021-24086.md index 965bb619be..9cac7ad3b8 100644 --- a/2021/CVE-2021-24086.md +++ b/2021/CVE-2021-24086.md @@ -32,6 +32,8 @@ Windows TCP/IP Denial of Service Vulnerability - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks - https://github.com/Spacial/awesome-csirt +- https://github.com/lisinan988/CVE-2021-24086-exp - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/secdev/awesome-scapy +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-24093.md b/2021/CVE-2021-24093.md index 55f3bd594a..dc68407135 100644 --- a/2021/CVE-2021-24093.md +++ b/2021/CVE-2021-24093.md @@ -28,5 +28,6 @@ Windows Graphics Component Remote Code Execution Vulnerability #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability - https://github.com/xm88628/AfternoonTea diff --git a/2021/CVE-2021-24145.md b/2021/CVE-2021-24145.md index 16e0a790de..c874f38b8e 100644 --- a/2021/CVE-2021-24145.md +++ b/2021/CVE-2021-24145.md @@ -16,5 +16,6 @@ Arbitrary file upload in the Modern Events Calendar Lite WordPress plugin, versi #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/Hacker5preme/Exploits +- https://github.com/dnr6419/CVE-2021-24145 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-24155.md b/2021/CVE-2021-24155.md index 1935a233d3..d95f1b2213 100644 --- a/2021/CVE-2021-24155.md +++ b/2021/CVE-2021-24155.md @@ -14,6 +14,7 @@ The WordPress Backup and Migrate Plugin – Backup Guard WordPress plugin before - http://packetstormsecurity.com/files/163623/WordPress-Backup-Guard-Authenticated-Remote-Code-Execution.html #### Github +- https://github.com/0dayNinja/CVE-2021-24155.rb - https://github.com/ARPSyndicate/cvemon - https://github.com/Hacker5preme/Exploits diff --git a/2021/CVE-2021-24175.md b/2021/CVE-2021-24175.md index 39eac8741f..da6941dde9 100644 --- a/2021/CVE-2021-24175.md +++ b/2021/CVE-2021-24175.md @@ -14,4 +14,5 @@ The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.7 was bei #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-24186.md b/2021/CVE-2021-24186.md index 35239536a7..bdb9c81627 100644 --- a/2021/CVE-2021-24186.md +++ b/2021/CVE-2021-24186.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-24209.md b/2021/CVE-2021-24209.md index f37c09e389..25c7450bf2 100644 --- a/2021/CVE-2021-24209.md +++ b/2021/CVE-2021-24209.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-24213.md b/2021/CVE-2021-24213.md index 5fdb64f56e..79c135b8ab 100644 --- a/2021/CVE-2021-24213.md +++ b/2021/CVE-2021-24213.md @@ -14,4 +14,5 @@ The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin before #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-24347.md b/2021/CVE-2021-24347.md index 09cb670e84..93341b01d5 100644 --- a/2021/CVE-2021-24347.md +++ b/2021/CVE-2021-24347.md @@ -16,4 +16,5 @@ The SP Project & Document Manager WordPress plugin before 4.22 allows users to u #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/Hacker5preme/Exploits +- https://github.com/huydoppa/CVE-2021-24347- diff --git a/2021/CVE-2021-24379.md b/2021/CVE-2021-24379.md new file mode 100644 index 0000000000..beb98bbcde --- /dev/null +++ b/2021/CVE-2021-24379.md @@ -0,0 +1,17 @@ +### [CVE-2021-24379](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24379) +![](https://img.shields.io/static/v1?label=Product&message=Comments%20Like%20Dislike&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=1.1.4%3C%201.1.4%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-863%20Incorrect%20Authorization&color=brighgreen) + +### Description + +The Comments Like Dislike WordPress plugin before 1.1.4 allows users to like/dislike posted comments, however does not prevent them from replaying the AJAX request to add a like. This allows any user (even unauthenticated) to add unlimited like/dislike to any comment. The plugin appears to have some Restriction modes, such as Cookie Restriction, IP Restrictions, Logged In User Restriction, however, they do not prevent such attack as they only check client side + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/phutr4n/CVE-Collection + diff --git a/2021/CVE-2021-2438.md b/2021/CVE-2021-2438.md new file mode 100644 index 0000000000..897821c27e --- /dev/null +++ b/2021/CVE-2021-2438.md @@ -0,0 +1,17 @@ +### [CVE-2021-2438](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2438) +![](https://img.shields.io/static/v1?label=Product&message=Database%20-%20Enterprise%20Edition&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2012.1.0.2%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Easily%20exploitable%20vulnerability%20allows%20low%20privileged%20attacker%20having%20Create%20Procedure%20privilege%20with%20network%20access%20via%20Oracle%20Net%20to%20compromise%20Java%20VM.%20%20Successful%20attacks%20of%20this%20vulnerability%20can%20result%20in%20unauthorized%20ability%20to%20cause%20a%20partial%20denial%20of%20service%20(partial%20DOS)%20of%20Java%20VM.&color=brighgreen) + +### Description + +Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java VM. CVSS 3.1 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/deepakdba/cve_checklist + diff --git a/2021/CVE-2021-24429.md b/2021/CVE-2021-24429.md new file mode 100644 index 0000000000..12f7fc4a75 --- /dev/null +++ b/2021/CVE-2021-24429.md @@ -0,0 +1,17 @@ +### [CVE-2021-24429](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24429) +![](https://img.shields.io/static/v1?label=Product&message=Salon%20booking%20system&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=6.3.1%3C%206.3.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross-site%20Scripting%20(XSS)&color=brighgreen) + +### Description + +The Salon booking system WordPress plugin before 6.3.1 does not properly sanitise and escape the First Name field when booking an appointment, allowing low privilege users such as subscriber to set JavaScript in them, leading to a Stored Cross-Site Scripting (XSS) vulnerability. The Payload will then be triggered when an admin visits the "Calendar" page and the malicious script is executed in the admin context. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/phutr4n/CVE-Collection + diff --git a/2021/CVE-2021-24443.md b/2021/CVE-2021-24443.md new file mode 100644 index 0000000000..659317f51c --- /dev/null +++ b/2021/CVE-2021-24443.md @@ -0,0 +1,17 @@ +### [CVE-2021-24443](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24443) +![](https://img.shields.io/static/v1?label=Product&message=Youzify%20%E2%80%93%20BuddyPress%20Community%2C%20User%20Profile%2C%20Social%20Network%20%26%20Membership%20Plugin%20for%20WordPress&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=1.0.7%3C%201.0.7%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross-site%20Scripting%20(XSS)&color=brighgreen) + +### Description + +The About Me widget of the Youzify – BuddyPress Community, User Profile, Social Network & Membership WordPress plugin before 1.0.7 does not properly sanitise its Biography field, allowing any authenticated user to set Cross-Site Scripting payloads in it, which will be executed when viewing the affected user profile. This could allow a low privilege user to gain unauthorised access to the admin side of the blog by targeting an admin, inducing them to view their profile with a malicious payload adding a rogue account for example. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/phutr4n/CVE-Collection + diff --git a/2021/CVE-2021-24455.md b/2021/CVE-2021-24455.md new file mode 100644 index 0000000000..c930741211 --- /dev/null +++ b/2021/CVE-2021-24455.md @@ -0,0 +1,17 @@ +### [CVE-2021-24455](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24455) +![](https://img.shields.io/static/v1?label=Product&message=Tutor%20LMS%20%E2%80%93%20eLearning%20and%20online%20course%20solution&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=1.9.2%3C%201.9.2%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross-site%20Scripting%20(XSS)&color=brighgreen) + +### Description + +The Tutor LMS – eLearning and online course solution WordPress plugin before 1.9.2 did not escape the Summary field of Announcements (when outputting it in an attribute), which can be created by users as low as Tutor Instructor. This lead to a Stored Cross-Site Scripting issue, which is triggered when viewing the Announcements list, and could result in privilege escalation when viewed by an admin. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/phutr4n/CVE-Collection + diff --git a/2021/CVE-2021-24499.md b/2021/CVE-2021-24499.md index aba58eb93d..e8b93e6cf0 100644 --- a/2021/CVE-2021-24499.md +++ b/2021/CVE-2021-24499.md @@ -16,5 +16,7 @@ The Workreap WordPress theme before 2.2.2 AJAX actions workreap_award_temp_file_ - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/RyouYoo/CVE-2021-24499 +- https://github.com/hh-hunter/cve-2021-24499 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2021/CVE-2021-24545.md b/2021/CVE-2021-24545.md index 37e7a56996..55575b2d9e 100644 --- a/2021/CVE-2021-24545.md +++ b/2021/CVE-2021-24545.md @@ -14,6 +14,8 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/V35HR4J/CVE-2021-24545 +- https://github.com/dnr6419/CVE-2021-24545 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-2456.md b/2021/CVE-2021-2456.md index 05ea2721d8..26aa78f1b8 100644 --- a/2021/CVE-2021-2456.md +++ b/2021/CVE-2021-2456.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/peterjson31337/CVE-2021-2456 - https://github.com/r00t4dm/r00t4dm diff --git a/2021/CVE-2021-24563.md b/2021/CVE-2021-24563.md index 8666976f8b..8dedf7d938 100644 --- a/2021/CVE-2021-24563.md +++ b/2021/CVE-2021-24563.md @@ -13,5 +13,5 @@ The Frontend Uploader WordPress plugin through 1.3.2 does not prevent HTML files - http://packetstormsecurity.com/files/165515/WordPress-Frontend-Uploader-1.3.2-Cross-Site-Scripting.html #### Github -No PoCs found on GitHub currently. +- https://github.com/V35HR4J/CVE-2021-24563 diff --git a/2021/CVE-2021-2460.md b/2021/CVE-2021-2460.md new file mode 100644 index 0000000000..b0566db0ff --- /dev/null +++ b/2021/CVE-2021-2460.md @@ -0,0 +1,17 @@ +### [CVE-2021-2460](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2460) +![](https://img.shields.io/static/v1?label=Product&message=Application%20Express%20(APEX)&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2021.1.0.00.04%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Easily%20exploitable%20vulnerability%20allows%20low%20privileged%20attacker%20having%20Valid%20User%20Account%20privilege%20with%20network%20access%20via%20HTTP%20to%20compromise%20Oracle%20Application%20Express%20Data%20Reporter.%20%20Successful%20attacks%20require%20human%20interaction%20from%20a%20person%20other%20than%20the%20attacker%20and%20while%20the%20vulnerability%20is%20in%20Oracle%20Application%20Express%20Data%20Reporter%2C%20attacks%20may%20significantly%20impact%20additional%20products.%20Successful%20attacks%20of%20this%20vulnerability%20can%20result%20in%20%20unauthorized%20update%2C%20insert%20or%20delete%20access%20to%20some%20of%20Oracle%20Application%20Express%20Data%20Reporter%20accessible%20data%20as%20well%20as%20%20unauthorized%20read%20access%20to%20a%20subset%20of%20Oracle%20Application%20Express%20Data%20Reporter%20accessible%20data.&color=brighgreen) + +### Description + +Vulnerability in the Oracle Application Express Data Reporter component of Oracle Database Server. The supported version that is affected is Prior to 21.1.0.00.04. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromise Oracle Application Express Data Reporter. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Application Express Data Reporter, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Application Express Data Reporter accessible data as well as unauthorized read access to a subset of Oracle Application Express Data Reporter accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/deepakdba/cve_checklist + diff --git a/2021/CVE-2021-24610.md b/2021/CVE-2021-24610.md index e98f2492c8..1ce59e96ac 100644 --- a/2021/CVE-2021-24610.md +++ b/2021/CVE-2021-24610.md @@ -13,5 +13,5 @@ The TranslatePress WordPress plugin before 2.0.9 does not implement a proper san - http://packetstormsecurity.com/files/164306/WordPress-TranslatePress-2.0.8-Cross-Site-Scripting.html #### Github -No PoCs found on GitHub currently. +- https://github.com/apapedulimu/Learn-Source-Code-Review diff --git a/2021/CVE-2021-2471.md b/2021/CVE-2021-2471.md index a4304d4aba..6dacc11101 100644 --- a/2021/CVE-2021-2471.md +++ b/2021/CVE-2021-2471.md @@ -14,7 +14,11 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/DrunkenShells/CVE-2021-2471 +- https://github.com/SecCoder-Security-Lab/jdbc-sqlxml-xxe - https://github.com/SummerSec/learning-codeql +- https://github.com/Y4tacker/JavaSec +- https://github.com/cckuailong/CVE-2021-2471 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-24741.md b/2021/CVE-2021-24741.md index 655537e14f..c087e5fb1c 100644 --- a/2021/CVE-2021-24741.md +++ b/2021/CVE-2021-24741.md @@ -13,5 +13,5 @@ The Support Board WordPress plugin before 3.3.4 does not escape multiple POST pa - https://medium.com/@lijohnjefferson/multiple-sql-injection-unauthenticated-in-support-board-v-3-3-3-3e9b4214a4f9 #### Github -No PoCs found on GitHub currently. +- https://github.com/itsjeffersonli/CVE-2021-24741 diff --git a/2021/CVE-2021-25162.md b/2021/CVE-2021-25162.md index 3b2cb61cf2..107b7fb6fc 100644 --- a/2021/CVE-2021-25162.md +++ b/2021/CVE-2021-25162.md @@ -13,5 +13,5 @@ A remote execution of arbitrary commands vulnerability was discovered in some Ar - http://packetstormsecurity.com/files/163522/Aruba-Instant-IAP-Remote-Code-Execution.html #### Github -No PoCs found on GitHub currently. +- https://github.com/twentybel0w/CVE-2021-25162 diff --git a/2021/CVE-2021-25281.md b/2021/CVE-2021-25281.md index 2056379006..ee64e2f574 100644 --- a/2021/CVE-2021-25281.md +++ b/2021/CVE-2021-25281.md @@ -20,4 +20,5 @@ An issue was discovered in through SaltStack Salt before 3002.5. salt-api does n - https://github.com/Immersive-Labs-Sec/CVE-2021-25281 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-25289.md b/2021/CVE-2021-25289.md index 044dfc1989..7081920c1d 100644 --- a/2021/CVE-2021-25289.md +++ b/2021/CVE-2021-25289.md @@ -13,5 +13,6 @@ An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buff No PoCs from references. #### Github +- https://github.com/asa1997/topgear_test - https://github.com/nnrogers515/discord-coderbot diff --git a/2021/CVE-2021-25290.md b/2021/CVE-2021-25290.md index c154142d0e..70c95529d7 100644 --- a/2021/CVE-2021-25290.md +++ b/2021/CVE-2021-25290.md @@ -13,5 +13,6 @@ An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a nega No PoCs from references. #### Github +- https://github.com/asa1997/topgear_test - https://github.com/nnrogers515/discord-coderbot diff --git a/2021/CVE-2021-25296.md b/2021/CVE-2021-25296.md index 7e14172f83..64aaa956c5 100644 --- a/2021/CVE-2021-25296.md +++ b/2021/CVE-2021-25296.md @@ -16,4 +16,5 @@ Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerabilit - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs - https://github.com/r0eXpeR/redteam_vul +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-25310.md b/2021/CVE-2021-25310.md index a332b92f33..40a956e609 100644 --- a/2021/CVE-2021-25310.md +++ b/2021/CVE-2021-25310.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-25641.md b/2021/CVE-2021-25641.md index 2217a58fe4..40a4eca153 100644 --- a/2021/CVE-2021-25641.md +++ b/2021/CVE-2021-25641.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/Dor-Tumarkin/CVE-2021-25641-Proof-of-Concept +- https://github.com/lz2y/DubboPOC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/taielab/awesome-hacking-lists diff --git a/2021/CVE-2021-25646.md b/2021/CVE-2021-25646.md index 797eb43b20..f48c2bca62 100644 --- a/2021/CVE-2021-25646.md +++ b/2021/CVE-2021-25646.md @@ -19,6 +19,7 @@ Apache Druid includes the ability to execute user-provided JavaScript code embed - https://github.com/Astrogeorgeonethree/Starred - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/FDlucifer/firece-fish - https://github.com/Ormicron/CVE-2021-25646-GUI - https://github.com/SexyBeast233/SecBooks - https://github.com/SouthWind0/southwind0.github.io @@ -26,6 +27,8 @@ Apache Druid includes the ability to execute user-provided JavaScript code embed - https://github.com/W4nde3/toolkits - https://github.com/Yang0615777/PocList - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/dnr6419/Druid_docker +- https://github.com/errorecho/CVEs-Collection - https://github.com/fardeen-ahmed/Bug-bounty-Writeups - https://github.com/givemefivw/CVE-2021-25646 - https://github.com/gobysec/Goby @@ -33,6 +36,7 @@ Apache Druid includes the ability to execute user-provided JavaScript code embed - https://github.com/ltfafei/my_POC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/sobinge/nuclei-templates +- https://github.com/tzwlhack/Vulnerability - https://github.com/xm88628/AfternoonTea - https://github.com/yaunsky/cve-2021-25646 diff --git a/2021/CVE-2021-25735.md b/2021/CVE-2021-25735.md index f201dee446..1d2309e34e 100644 --- a/2021/CVE-2021-25735.md +++ b/2021/CVE-2021-25735.md @@ -19,5 +19,7 @@ No PoCs from references. - https://github.com/darryk10/CVE-2021-25735 - https://github.com/developer-guy/awesome-falco - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/reni2study/Cloud-Native-Security2 - https://github.com/taielab/awesome-hacking-lists +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-25737.md b/2021/CVE-2021-25737.md index 1d528ec552..a4651e8ef4 100644 --- a/2021/CVE-2021-25737.md +++ b/2021/CVE-2021-25737.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/Metarget/awesome-cloud-native-security - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/reni2study/Cloud-Native-Security2 diff --git a/2021/CVE-2021-25829.md b/2021/CVE-2021-25829.md index edcccd0efd..a2053be390 100644 --- a/2021/CVE-2021-25829.md +++ b/2021/CVE-2021-25829.md @@ -13,5 +13,5 @@ An improper binary stream data handling issue was found in the [core] module of - https://github.com/merrychap/poc_exploits/tree/master/ONLYOFFICE/CVE-2021-25829 #### Github -No PoCs found on GitHub currently. +- https://github.com/merrychap/POC-onlyoffice diff --git a/2021/CVE-2021-25830.md b/2021/CVE-2021-25830.md index da028cc081..a08df4e4a4 100644 --- a/2021/CVE-2021-25830.md +++ b/2021/CVE-2021-25830.md @@ -13,5 +13,5 @@ A file extension handling issue was found in [core] module of ONLYOFFICE Documen - https://github.com/merrychap/poc_exploits/tree/master/ONLYOFFICE/CVE-2021-25830 #### Github -No PoCs found on GitHub currently. +- https://github.com/merrychap/POC-onlyoffice diff --git a/2021/CVE-2021-25831.md b/2021/CVE-2021-25831.md index 47b306f8a9..edf3eb5946 100644 --- a/2021/CVE-2021-25831.md +++ b/2021/CVE-2021-25831.md @@ -13,5 +13,5 @@ A file extension handling issue was found in [core] module of ONLYOFFICE Documen - https://github.com/merrychap/poc_exploits/tree/master/ONLYOFFICE/CVE-2021-25831 #### Github -No PoCs found on GitHub currently. +- https://github.com/merrychap/POC-onlyoffice diff --git a/2021/CVE-2021-25832.md b/2021/CVE-2021-25832.md index 447ada15ab..7a977f7241 100644 --- a/2021/CVE-2021-25832.md +++ b/2021/CVE-2021-25832.md @@ -13,5 +13,5 @@ A heap buffer overflow vulnerability inside of BMP image processing was found at - https://github.com/merrychap/poc_exploits/tree/master/ONLYOFFICE/CVE-2021-25832 #### Github -No PoCs found on GitHub currently. +- https://github.com/merrychap/POC-onlyoffice diff --git a/2021/CVE-2021-25833.md b/2021/CVE-2021-25833.md index 11f034c0e6..b37cf64646 100644 --- a/2021/CVE-2021-25833.md +++ b/2021/CVE-2021-25833.md @@ -13,5 +13,5 @@ A file extension handling issue was found in [server] module of ONLYOFFICE Docum - https://github.com/merrychap/poc_exploits/tree/master/ONLYOFFICE/CVE-2021-25833 #### Github -No PoCs found on GitHub currently. +- https://github.com/merrychap/POC-onlyoffice diff --git a/2021/CVE-2021-25863.md b/2021/CVE-2021-25863.md index 0ddb358cb9..c6b46a8a78 100644 --- a/2021/CVE-2021-25863.md +++ b/2021/CVE-2021-25863.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-26084.md b/2021/CVE-2021-26084.md index a7972cf7cf..db2a8b5131 100644 --- a/2021/CVE-2021-26084.md +++ b/2021/CVE-2021-26084.md @@ -16,27 +16,64 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul #### Github - https://github.com/0x727/ShuiZe_0x727 +- https://github.com/0xf4n9x/CVE-2021-26084 - https://github.com/0xsyr0/OSCP +- https://github.com/1ZRR4H/CVE-2021-26084 - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/BeRserKerSec/CVE-2021-26084-Nuclei-template +- https://github.com/FDlucifer/firece-fish +- https://github.com/GlennPegden2/cve-2021-26084-confluence +- https://github.com/JKme/CVE-2021-26084 +- https://github.com/Jun-5heng/CVE-2021-26084 +- https://github.com/Loneyers/CVE-2021-26084 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Osyanina/westone-CVE-2021-26084-scanner - https://github.com/S3cur3Th1sSh1t/Pentest-Tools - https://github.com/Sma11New/PocList - https://github.com/TesterCC/exp_poc_library +- https://github.com/Udyz/CVE-2021-26084 +- https://github.com/Vulnmachines/Confluence_CVE-2021-26084 +- https://github.com/Xc1Ym/cve_2021_26084 +- https://github.com/ZZ-SOCMAP/pocs - https://github.com/antx-code/CVE-2021-26084 +- https://github.com/b1gw00d/CVE-2021-26084 +- https://github.com/bcdannyboy/CVE-2021-26084_GoPOC - https://github.com/bigblackhat/oFx - https://github.com/binganao/vulns-2022 +- https://github.com/byteofjoshua/CVE-2021-26084 +- https://github.com/carlosevieira/CVE-2021-26084 - https://github.com/curated-intel/Log4Shell-IOCs +- https://github.com/dinhbaouit/CVE-2021-26084 +- https://github.com/dock0d1/CVE-2021-26084_Confluence +- https://github.com/dorkerdevil/CVE-2021-26084 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups +- https://github.com/h3v0x/CVE-2021-26084_Confluence - https://github.com/harsh-bothra/learn365 - https://github.com/huike007/penetration_poc - https://github.com/joydo/CVE-Writeups +- https://github.com/lleavesl/CVE-2021-26084 - https://github.com/luck-ying/Library-POC +- https://github.com/ludy-dev/CVE-2021-26084_PoC +- https://github.com/march0s1as/CVE-2021-26084 +- https://github.com/maskerTUI/CVE-2021-26084 - https://github.com/mdisec/mdisec-twitch-yayinlari +- https://github.com/nizarbamida/CVE-2021-26084-patch- - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/p0nymc1/CVE-2021-26084 - https://github.com/pen4uin/pentest-note - https://github.com/pipiscrew/timeline +- https://github.com/quesodipesto/conflucheck +- https://github.com/r0ckysec/CVE-2021-26084_Confluence +- https://github.com/r0eXpeR/supplier +- https://github.com/rootsmadi/CVE-2021-26084 - https://github.com/rudrapwn/source-code-review +- https://github.com/smallpiggy/cve-2021-26084-confluence +- https://github.com/taythebot/CVE-2021-26084 +- https://github.com/toowoxx/docker-confluence-patched +- https://github.com/wdjcy/CVE-2021-26084 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +- https://github.com/wolf1892/confluence-rce-poc - https://github.com/woods-sega/woodswiki +- https://github.com/z0edff0x3d/CVE-2021-26084-Confluence-OGNL diff --git a/2021/CVE-2021-26085.md b/2021/CVE-2021-26085.md index b628409454..e750eabbed 100644 --- a/2021/CVE-2021-26085.md +++ b/2021/CVE-2021-26085.md @@ -17,5 +17,7 @@ Affected versions of Atlassian Confluence Server allow remote attackers to view - https://github.com/0xsyr0/OSCP - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/ColdFusionX/CVE-2021-26085 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/zeroc00I/CVE-2021-26085 diff --git a/2021/CVE-2021-26086.md b/2021/CVE-2021-26086.md index 4da50d0bb6..406e37a504 100644 --- a/2021/CVE-2021-26086.md +++ b/2021/CVE-2021-26086.md @@ -16,7 +16,9 @@ Affected versions of Atlassian Jira Server and Data Center allow remote attacker #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/ColdFusionX/CVE-2021-26086 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/sushantdhopat/JIRA_testing - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2021/CVE-2021-26293.md b/2021/CVE-2021-26293.md index 7ad6bbc653..d8aa57262b 100644 --- a/2021/CVE-2021-26293.md +++ b/2021/CVE-2021-26293.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/E3SEC/AfterLogic - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-26294.md b/2021/CVE-2021-26294.md index 89d0c5d9bd..f2f1805089 100644 --- a/2021/CVE-2021-26294.md +++ b/2021/CVE-2021-26294.md @@ -17,6 +17,8 @@ No PoCs from references. - https://github.com/E3SEC/AfterLogic - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/dorkerdevil/CVE-2021-26294 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-26295.md b/2021/CVE-2021-26295.md index a20adbfbc7..c4d95e97c3 100644 --- a/2021/CVE-2021-26295.md +++ b/2021/CVE-2021-26295.md @@ -25,17 +25,21 @@ Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated at - https://github.com/SexyBeast233/SecBooks - https://github.com/SouthWind0/southwind0.github.io - https://github.com/TheTh1nk3r/exp_hub +- https://github.com/Timirepo/CVE_Exploits - https://github.com/YinWC/2021hvv_vul - https://github.com/coolyin001/CVE-2021-26295-- - https://github.com/gobysec/Goby - https://github.com/huike007/penetration_poc +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/ltfafei/my_POC - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/r00t4dm/r00t4dm - https://github.com/r0ckysec/CVE-2021-26295 - https://github.com/rakjong/CVE-2021-26295-Apache-OFBiz +- https://github.com/tzwlhack/Vulnerability - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/yuaneuro/ofbiz-poc - https://github.com/yumusb/CVE-2021-26295 +- https://github.com/zmylml/yangzifun diff --git a/2021/CVE-2021-26411.md b/2021/CVE-2021-26411.md index 8d163d050b..fa2117a4f1 100644 --- a/2021/CVE-2021-26411.md +++ b/2021/CVE-2021-26411.md @@ -50,7 +50,9 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/CrackerCat/CVE-2021-26411 - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-26412.md b/2021/CVE-2021-26412.md index 6df143582f..d03d8252f1 100644 --- a/2021/CVE-2021-26412.md +++ b/2021/CVE-2021-26412.md @@ -19,4 +19,5 @@ No PoCs from references. #### Github - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/vehemont/nvdlib diff --git a/2021/CVE-2021-26419.md b/2021/CVE-2021-26419.md index 323156d605..6a219405bc 100644 --- a/2021/CVE-2021-26419.md +++ b/2021/CVE-2021-26419.md @@ -25,4 +25,5 @@ Scripting Engine Memory Corruption Vulnerability #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-26420.md b/2021/CVE-2021-26420.md new file mode 100644 index 0000000000..91422d581c --- /dev/null +++ b/2021/CVE-2021-26420.md @@ -0,0 +1,19 @@ +### [CVE-2021-26420](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26420) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Enterprise%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Foundation&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) + +### Description + +Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31963, CVE-2021-31966. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2021/CVE-2021-26431.md b/2021/CVE-2021-26431.md new file mode 100644 index 0000000000..d89c7b1724 --- /dev/null +++ b/2021/CVE-2021-26431.md @@ -0,0 +1,27 @@ +### [CVE-2021-26431](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26431) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2020H2%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2020H2%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2020H2%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H1%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H1%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H1%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%202004%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%2020H2%20(Server%20Core%20Installation)&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) + +### Description + +Windows Recovery Environment Agent Elevation of Privilege Vulnerability + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2021/CVE-2021-26690.md b/2021/CVE-2021-26690.md index 469162772d..aaeea6c431 100644 --- a/2021/CVE-2021-26690.md +++ b/2021/CVE-2021-26690.md @@ -13,5 +13,6 @@ Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header ha No PoCs from references. #### Github +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/fkm75P8YjLkb/CVE-2021-26690 diff --git a/2021/CVE-2021-26691.md b/2021/CVE-2021-26691.md index aa0e31c7b2..2c833407d8 100644 --- a/2021/CVE-2021-26691.md +++ b/2021/CVE-2021-26691.md @@ -13,5 +13,6 @@ In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader No PoCs from references. #### Github +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network - https://github.com/fkm75P8YjLkb/CVE-2021-26691 diff --git a/2021/CVE-2021-26700.md b/2021/CVE-2021-26700.md index 114cbaf304..07727a7d80 100644 --- a/2021/CVE-2021-26700.md +++ b/2021/CVE-2021-26700.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/jackadamson/CVE-2021-26700 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-26777.md b/2021/CVE-2021-26777.md new file mode 100644 index 0000000000..d0f0f5b418 --- /dev/null +++ b/2021/CVE-2021-26777.md @@ -0,0 +1,17 @@ +### [CVE-2021-26777](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26777) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Buffer overflow vulnerability in function SetFirewall in index.cgi in CIRCUTOR COMPACT DC-S BASIC smart metering concentrator Firwmare version CIR_CDC_v1.2.17, allows attackers to execute arbitrary code. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Ell0/plc_concentrator_vulns + diff --git a/2021/CVE-2021-26814.md b/2021/CVE-2021-26814.md index cc60edcd1a..1b7b3327c0 100644 --- a/2021/CVE-2021-26814.md +++ b/2021/CVE-2021-26814.md @@ -20,4 +20,6 @@ No PoCs from references. - https://github.com/cyllective/CVEs - https://github.com/joydo/CVE-Writeups - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/paolorabbito/Internet-Security-Project---CVE-2021-26814 +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-26827.md b/2021/CVE-2021-26827.md index 22fa5ce971..14d2dde3fa 100644 --- a/2021/CVE-2021-26827.md +++ b/2021/CVE-2021-26827.md @@ -14,4 +14,5 @@ Buffer Overflow in TP-Link WR2041 v1 firmware for the TL-WR2041+ router allows r #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-26854.md b/2021/CVE-2021-26854.md index e7c51f51dc..ee328a0b46 100644 --- a/2021/CVE-2021-26854.md +++ b/2021/CVE-2021-26854.md @@ -19,4 +19,5 @@ No PoCs from references. #### Github - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/vehemont/nvdlib diff --git a/2021/CVE-2021-26855.md b/2021/CVE-2021-26855.md index 84c29f2c22..21b52adf23 100644 --- a/2021/CVE-2021-26855.md +++ b/2021/CVE-2021-26855.md @@ -38,9 +38,12 @@ Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is uni - https://github.com/Dutch-Technology-eXperts/CSIRT - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/FDlucifer/Proxy-Attackchain +- https://github.com/FDlucifer/firece-fish - https://github.com/Flangvik/SharpProxyLogon - https://github.com/H0j3n/EzpzCheatSheet - https://github.com/Immersive-Labs-Sec/ProxyLogon +- https://github.com/JERRY5410/HOMEWORK-FOR-ProxyLogon - https://github.com/KotSec/CVE-2021-26855-Scanner - https://github.com/LearnGolang/LearnGolang - https://github.com/Mr-xn/CVE-2021-26855-d @@ -64,7 +67,9 @@ Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is uni - https://github.com/avi8892/CVE-2021-26856 - https://github.com/bhassani/Recent-CVE - https://github.com/binganao/vulns-2022 +- https://github.com/boson87225/111 - https://github.com/cert-lv/exchange_webshell_detection +- https://github.com/certat/exchange-scans - https://github.com/charlottelatest/CVE-2021-26855 - https://github.com/conjojo/Microsoft_Exchange_Server_SSRF_CVE-2021-26855 - https://github.com/cryptolakk/ProxyLogon-Mass-RCE @@ -84,10 +89,12 @@ Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is uni - https://github.com/itscio/LadonGo - https://github.com/jweny/pocassistdb - https://github.com/k8gege/LadonGo +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/mauricelambert/ExchangeWeaknessTest - https://github.com/mekhalleh/exchange_proxylogon - https://github.com/mil1200/ProxyLogon-CVE-2021-26855 - https://github.com/mysticwayfarer1/Exchange-HAFNIUM +- https://github.com/netlas-io/MsExchangeServerVersionCheck - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p0wershe11/ProxyLogon - https://github.com/password520/LadonGo @@ -95,8 +102,10 @@ Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is uni - https://github.com/pussycat0x/CVE-2021-26855-SSRF - https://github.com/r0ckysec/CVE-2021-26855_Exchange - https://github.com/r0eXpeR/redteam_vul +- https://github.com/r0eXpeR/supplier - https://github.com/raheel0x01/CVE-2021-26855 - https://github.com/saucer-man/exploit +- https://github.com/seanjosee/NTUT_HOMEWORK - https://github.com/sgnls/exchange-0days-202103 - https://github.com/shacojx/CVE-2021-26855-exploit-Exchange - https://github.com/shacojx/CVE_2021_26855_SSRF @@ -106,6 +115,9 @@ Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is uni - https://github.com/stressboi/hafnium-exchange-splunk-csvs - https://github.com/superfish9/pt - https://github.com/taielab/awesome-hacking-lists +- https://github.com/tzwlhack/Vulnerability +- https://github.com/vehemont/nvdlib - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +- https://github.com/yaoxiaoangry3/Flangvik - https://github.com/zhzyker/vulmap diff --git a/2021/CVE-2021-26857.md b/2021/CVE-2021-26857.md index cdf6fbee15..0e4262e77c 100644 --- a/2021/CVE-2021-26857.md +++ b/2021/CVE-2021-26857.md @@ -46,9 +46,11 @@ No PoCs from references. - https://github.com/herwonowr/exprolog - https://github.com/huike007/penetration_poc - https://github.com/mysticwayfarer1/Exchange-HAFNIUM +- https://github.com/netlas-io/MsExchangeServerVersionCheck - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/sgnls/exchange-0days-202103 - https://github.com/sirpedrotavares/Proxylogon-exploit - https://github.com/soteria-security/HAFNIUM-IOC +- https://github.com/vehemont/nvdlib - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2021/CVE-2021-26858.md b/2021/CVE-2021-26858.md index 406a1d1e31..b54118ab6f 100644 --- a/2021/CVE-2021-26858.md +++ b/2021/CVE-2021-26858.md @@ -41,8 +41,10 @@ No PoCs from references. - https://github.com/herwonowr/exprolog - https://github.com/huike007/penetration_poc - https://github.com/mysticwayfarer1/Exchange-HAFNIUM +- https://github.com/netlas-io/MsExchangeServerVersionCheck - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/sgnls/exchange-0days-202103 - https://github.com/soteria-security/HAFNIUM-IOC +- https://github.com/vehemont/nvdlib - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2021/CVE-2021-26919.md b/2021/CVE-2021-26919.md index 4514774860..e03998e916 100644 --- a/2021/CVE-2021-26919.md +++ b/2021/CVE-2021-26919.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-26920.md b/2021/CVE-2021-26920.md index 82dd0a98e1..4450ab0668 100644 --- a/2021/CVE-2021-26920.md +++ b/2021/CVE-2021-26920.md @@ -13,5 +13,6 @@ In the Druid ingestion system, the InputSource is used for reading data from a c No PoCs from references. #### Github +- https://github.com/dorkerdevil/CVE-2021-36749 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-27047.md b/2021/CVE-2021-27047.md new file mode 100644 index 0000000000..96030ecec8 --- /dev/null +++ b/2021/CVE-2021-27047.md @@ -0,0 +1,17 @@ +### [CVE-2021-27047](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27047) +![](https://img.shields.io/static/v1?label=Product&message=HEVC%20Video%20Extensions&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) + +### Description + +HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24089, CVE-2021-24110, CVE-2021-26902, CVE-2021-27048, CVE-2021-27049, CVE-2021-27050, CVE-2021-27051, CVE-2021-27061, CVE-2021-27062. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2021/CVE-2021-27065.md b/2021/CVE-2021-27065.md index 0986cee198..24364c48ca 100644 --- a/2021/CVE-2021-27065.md +++ b/2021/CVE-2021-27065.md @@ -29,6 +29,7 @@ Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is uni - https://github.com/Ahsanzia/Exchange-Exploit - https://github.com/Astrogeorgeonethree/Starred - https://github.com/DCScoder/Exchange_IOC_Hunter +- https://github.com/FDlucifer/Proxy-Attackchain - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NTUTtopicBryan/NTUT_HomeWork - https://github.com/Nick-Yin12/106362522 @@ -40,6 +41,7 @@ Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is uni - https://github.com/ZephrFish/Exch-CVE-2021-26855 - https://github.com/adamrpostjr/cve-2021-27065 - https://github.com/bhassani/Recent-CVE +- https://github.com/boson87225/111 - https://github.com/cert-lv/exchange_webshell_detection - https://github.com/charlottelatest/CVE-2021-26855 - https://github.com/cryptolakk/ProxyLogon-Mass-RCE @@ -58,14 +60,17 @@ Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is uni - https://github.com/l3shyyy/ProxyLogon-Useful-PowershellScripts - https://github.com/mekhalleh/exchange_proxylogon - https://github.com/mysticwayfarer1/Exchange-HAFNIUM +- https://github.com/netlas-io/MsExchangeServerVersionCheck - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p0wershe11/ProxyLogon - https://github.com/praetorian-inc/proxylogon-exploit - https://github.com/r0ckysec/CVE-2021-26855_Exchange - https://github.com/raheel0x01/CVE-2021-26855 +- https://github.com/seanjosee/NTUT_HOMEWORK - https://github.com/sgnls/exchange-0days-202103 - https://github.com/srvaccount/CVE-2021-26855-PoC - https://github.com/superfish9/pt +- https://github.com/vehemont/nvdlib - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/zhzyker/vulmap diff --git a/2021/CVE-2021-27076.md b/2021/CVE-2021-27076.md new file mode 100644 index 0000000000..5906187f89 --- /dev/null +++ b/2021/CVE-2021-27076.md @@ -0,0 +1,20 @@ +### [CVE-2021-27076](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27076) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Business%20Productivity%20Servers&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Enterprise%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Foundation&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) + +### Description + +Microsoft SharePoint Server Remote Code Execution Vulnerability + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/H0j3n/EzpzSharepoint + diff --git a/2021/CVE-2021-27078.md b/2021/CVE-2021-27078.md index b2042b8c27..faa2236531 100644 --- a/2021/CVE-2021-27078.md +++ b/2021/CVE-2021-27078.md @@ -19,4 +19,5 @@ No PoCs from references. #### Github - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/vehemont/nvdlib diff --git a/2021/CVE-2021-27080.md b/2021/CVE-2021-27080.md new file mode 100644 index 0000000000..72af1b26d0 --- /dev/null +++ b/2021/CVE-2021-27080.md @@ -0,0 +1,17 @@ +### [CVE-2021-27080](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27080) +![](https://img.shields.io/static/v1?label=Product&message=Azure%20Sphere&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) + +### Description + +Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is unique from CVE-2021-27074. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2021/CVE-2021-27101.md b/2021/CVE-2021-27101.md new file mode 100644 index 0000000000..098e0337e6 --- /dev/null +++ b/2021/CVE-2021-27101.md @@ -0,0 +1,17 @@ +### [CVE-2021-27101](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27101) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. The fixed version is FTA_9_12_380 and later. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/dudacgf/ovr_convert + diff --git a/2021/CVE-2021-27102.md b/2021/CVE-2021-27102.md new file mode 100644 index 0000000000..4ec7caeaca --- /dev/null +++ b/2021/CVE-2021-27102.md @@ -0,0 +1,17 @@ +### [CVE-2021-27102](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27102) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call. The fixed version is FTA_9_12_416 and later. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/dudacgf/ovr_convert + diff --git a/2021/CVE-2021-27103.md b/2021/CVE-2021-27103.md new file mode 100644 index 0000000000..cd13675049 --- /dev/null +++ b/2021/CVE-2021-27103.md @@ -0,0 +1,17 @@ +### [CVE-2021-27103](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27103) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. The fixed version is FTA_9_12_416 and later. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/dudacgf/ovr_convert + diff --git a/2021/CVE-2021-27104.md b/2021/CVE-2021-27104.md new file mode 100644 index 0000000000..746a65a029 --- /dev/null +++ b/2021/CVE-2021-27104.md @@ -0,0 +1,17 @@ +### [CVE-2021-27104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27104) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. The fixed version is FTA_9_12_380 and later. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/vulsio/go-kev + diff --git a/2021/CVE-2021-27129.md b/2021/CVE-2021-27129.md index 72922544a2..733e712db3 100644 --- a/2021/CVE-2021-27129.md +++ b/2021/CVE-2021-27129.md @@ -13,5 +13,5 @@ CASAP Automated Enrollment System version 1.0 contains a cross-site scripting (X - https://packetstormsecurity.com/files/161080/CASAP-Automated-Enrollment-System-1.0-Cross-Site-Scripting.html #### Github -No PoCs found on GitHub currently. +- https://github.com/AssassinUKG/AssassinUKG diff --git a/2021/CVE-2021-27130.md b/2021/CVE-2021-27130.md index 5949ace44b..a2f36ba37a 100644 --- a/2021/CVE-2021-27130.md +++ b/2021/CVE-2021-27130.md @@ -13,5 +13,5 @@ Online Reviewer System 1.0 contains a SQL injection vulnerability through authen - https://packetstormsecurity.com/files/161219/Online-Reviewer-System-1.0-SQL-Injection-Shell-Upload.html #### Github -No PoCs found on GitHub currently. +- https://github.com/AssassinUKG/AssassinUKG diff --git a/2021/CVE-2021-27211.md b/2021/CVE-2021-27211.md index 64d1144d31..a5135fbadb 100644 --- a/2021/CVE-2021-27211.md +++ b/2021/CVE-2021-27211.md @@ -17,5 +17,6 @@ steghide 0.5.1 relies on a certain 32-bit seed value, which makes it easier for - https://github.com/RickdeJager/stegseek - https://github.com/b4shfire/stegcrack - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/gitonga-stealth/stegseek - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-27246.md b/2021/CVE-2021-27246.md index 87273e316f..5b8f4bb119 100644 --- a/2021/CVE-2021-27246.md +++ b/2021/CVE-2021-27246.md @@ -19,4 +19,5 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/synacktiv/CVE-2021-27246_Pwn2Own2020 +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-27249.md b/2021/CVE-2021-27249.md index a7e287be71..2875e21276 100644 --- a/2021/CVE-2021-27249.md +++ b/2021/CVE-2021-27249.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-27291.md b/2021/CVE-2021-27291.md index f4b9454126..c6dfde2f31 100644 --- a/2021/CVE-2021-27291.md +++ b/2021/CVE-2021-27291.md @@ -13,6 +13,7 @@ In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages No PoCs from references. #### Github +- https://github.com/asa1997/topgear_test - https://github.com/doyensec/regexploit - https://github.com/engn33r/awesome-redos-security diff --git a/2021/CVE-2021-27328.md b/2021/CVE-2021-27328.md index 4384acf803..269be9836c 100644 --- a/2021/CVE-2021-27328.md +++ b/2021/CVE-2021-27328.md @@ -20,4 +20,6 @@ Yeastar NeoGate TG400 91.3.0.3 devices are affected by Directory Traversal. An a - https://github.com/SouthWind0/southwind0.github.io - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/somatrasss/Yeastar-NeoGate +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-27365.md b/2021/CVE-2021-27365.md index 54fc461f66..b05701b604 100644 --- a/2021/CVE-2021-27365.md +++ b/2021/CVE-2021-27365.md @@ -14,6 +14,7 @@ An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data s - https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html #### Github +- https://github.com/EGI-Federation/SVG-advisories - https://github.com/aaronxie55/Presentation2_Markdown - https://github.com/bollwarm/SecToolSet - https://github.com/c4pt000/kernel-5.11.6-expSEHDsec-HAXM-cgroup-virtio-nvidia-amd-kaliwifi diff --git a/2021/CVE-2021-27370.md b/2021/CVE-2021-27370.md index c62c93485b..afe2971068 100644 --- a/2021/CVE-2021-27370.md +++ b/2021/CVE-2021-27370.md @@ -13,5 +13,5 @@ The Contact page in Monica 2.19.1 allows stored XSS via the Last Name field. - http://packetstormsecurity.com/files/161501/Monica-2.19.1-Cross-Site-Scripting.html #### Github -No PoCs found on GitHub currently. +- https://github.com/ajmalabubakkr/CVE diff --git a/2021/CVE-2021-27513.md b/2021/CVE-2021-27513.md index 9aae3eca0e..86fb168d40 100644 --- a/2021/CVE-2021-27513.md +++ b/2021/CVE-2021-27513.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/ArianeBlow/CVE-2021-27513 - https://github.com/ArianeBlow/CVE-2021-27513-CVE-2021-27514 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-27514.md b/2021/CVE-2021-27514.md index 69cd55f08b..a2975ecf14 100644 --- a/2021/CVE-2021-27514.md +++ b/2021/CVE-2021-27514.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ArianeBlow/CVE-2021-27513-CVE-2021-27514 +- https://github.com/ArianeBlow/EyesOfNetwork-vuln-checker - https://github.com/Tjohn42/Markdown - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-27550.md b/2021/CVE-2021-27550.md index df196ca86d..bfec6c63fe 100644 --- a/2021/CVE-2021-27550.md +++ b/2021/CVE-2021-27550.md @@ -14,4 +14,5 @@ Polaris Office v9.102.66 is affected by a divide-by-zero error in PolarisOffice. #### Github - https://github.com/dlehgus1023/CVE +- https://github.com/erepspinos/CVE diff --git a/2021/CVE-2021-27624.md b/2021/CVE-2021-27624.md index 59aac33e3e..1d4ad3dc1e 100644 --- a/2021/CVE-2021-27624.md +++ b/2021/CVE-2021-27624.md @@ -13,5 +13,6 @@ SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allow - http://packetstormsecurity.com/files/164598/SAP-NetWeaver-ABAP-IGS-Memory-Corruption.html #### Github +- https://github.com/0xInfection/PewSWITCH - https://github.com/Onapsis/vulnerability_advisories diff --git a/2021/CVE-2021-27645.md b/2021/CVE-2021-27645.md index b589a327c9..fef7d25744 100644 --- a/2021/CVE-2021-27645.md +++ b/2021/CVE-2021-27645.md @@ -14,5 +14,7 @@ No PoCs from references. #### Github - https://github.com/dispera/giant-squid +- https://github.com/domyrtille/interview_project +- https://github.com/epequeno/devops-demo - https://github.com/onzack/trivy-multiscanner diff --git a/2021/CVE-2021-27651.md b/2021/CVE-2021-27651.md index 50c806e800..6a8b20bfa7 100644 --- a/2021/CVE-2021-27651.md +++ b/2021/CVE-2021-27651.md @@ -18,7 +18,9 @@ No PoCs from references. - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/Vulnmachines/CVE-2021-27651 +- https://github.com/byteofjoshua/CVE-2021-27651 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/samwcyo/CVE-2021-27651-PoC +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-27670.md b/2021/CVE-2021-27670.md index e39ff02440..4da2f9c51c 100644 --- a/2021/CVE-2021-27670.md +++ b/2021/CVE-2021-27670.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-27850.md b/2021/CVE-2021-27850.md index 9f0e0edeb5..a312adf574 100644 --- a/2021/CVE-2021-27850.md +++ b/2021/CVE-2021-27850.md @@ -16,5 +16,8 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Ovi3/CVE_2021_27850_POC +- https://github.com/dorkerdevil/CVE-2021-27850_POC +- https://github.com/kahla-sec/CVE-2021-27850_POC - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-27890.md b/2021/CVE-2021-27890.md index 50002f8f26..2c2c171b9a 100644 --- a/2021/CVE-2021-27890.md +++ b/2021/CVE-2021-27890.md @@ -19,5 +19,6 @@ SQL Injection vulnerablity in MyBB before 1.8.26 via theme properties included i - https://github.com/SouthWind0/southwind0.github.io - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/scannells/exploits +- https://github.com/tzwlhack/Vulnerability - https://github.com/xiaopan233/Mybb-XSS_SQL_RCE-POC diff --git a/2021/CVE-2021-27905.md b/2021/CVE-2021-27905.md index 6401e606a8..08093a2806 100644 --- a/2021/CVE-2021-27905.md +++ b/2021/CVE-2021-27905.md @@ -21,9 +21,11 @@ No PoCs from references. - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/W2Ning/Solr-SSRF - https://github.com/YinWC/2021hvv_vul +- https://github.com/errorecho/CVEs-Collection - https://github.com/joydo/CVE-Writeups - https://github.com/murataydemir/CVE-2021-27905 - https://github.com/n1sh1th/CVE-POC - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2021/CVE-2021-27921.md b/2021/CVE-2021-27921.md new file mode 100644 index 0000000000..74e1da4663 --- /dev/null +++ b/2021/CVE-2021-27921.md @@ -0,0 +1,17 @@ +### [CVE-2021-27921](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27921) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/asa1997/topgear_test + diff --git a/2021/CVE-2021-27941.md b/2021/CVE-2021-27941.md new file mode 100644 index 0000000000..35572b8142 --- /dev/null +++ b/2021/CVE-2021-27941.md @@ -0,0 +1,17 @@ +### [CVE-2021-27941](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27941) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application (through 4.9.2 on Android and through 4.9.1 on iOS) allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during a device pairing process. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/salgio/eWeLink-QR-Code + diff --git a/2021/CVE-2021-27965.md b/2021/CVE-2021-27965.md index 84773fb774..da60125879 100644 --- a/2021/CVE-2021-27965.md +++ b/2021/CVE-2021-27965.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Crystalware/CVE-2021-27965 - https://github.com/mathisvickie/CVE-2021-27965 - https://github.com/mathisvickie/KMAC - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-28041.md b/2021/CVE-2021-28041.md new file mode 100644 index 0000000000..b9d75250c2 --- /dev/null +++ b/2021/CVE-2021-28041.md @@ -0,0 +1,17 @@ +### [CVE-2021-28041](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28041) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network + diff --git a/2021/CVE-2021-28079.md b/2021/CVE-2021-28079.md index b107239dbb..1f3cc14fd2 100644 --- a/2021/CVE-2021-28079.md +++ b/2021/CVE-2021-28079.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/g33xter/CVE-2021-28079 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/theart42/cves diff --git a/2021/CVE-2021-28143.md b/2021/CVE-2021-28143.md index 8c57f1e2c7..9853824d05 100644 --- a/2021/CVE-2021-28143.md +++ b/2021/CVE-2021-28143.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-28149.md b/2021/CVE-2021-28149.md index 5556365cb7..c66c4d8cdc 100644 --- a/2021/CVE-2021-28149.md +++ b/2021/CVE-2021-28149.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-28162.md b/2021/CVE-2021-28162.md index 5adcf69f32..a38892a7a7 100644 --- a/2021/CVE-2021-28162.md +++ b/2021/CVE-2021-28162.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-28166.md b/2021/CVE-2021-28166.md new file mode 100644 index 0000000000..ebe7adccc1 --- /dev/null +++ b/2021/CVE-2021-28166.md @@ -0,0 +1,17 @@ +### [CVE-2021-28166](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28166) +![](https://img.shields.io/static/v1?label=Product&message=Eclipse%20Mosquitto&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3E%3D%202.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-476%3A%20NULL%20Pointer%20Dereference&color=brighgreen) + +### Description + +In Eclipse Mosquitto version 2.0.0 to 2.0.9, if an authenticated client that had connected with MQTT v5 sent a crafted CONNACK message to the broker, a NULL pointer dereference would occur. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/PBearson/FUME-Fuzzing-MQTT-Brokers + diff --git a/2021/CVE-2021-28216.md b/2021/CVE-2021-28216.md new file mode 100644 index 0000000000..54f9be360e --- /dev/null +++ b/2021/CVE-2021-28216.md @@ -0,0 +1,17 @@ +### [CVE-2021-28216](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28216) +![](https://img.shields.io/static/v1?label=Product&message=EDK%20II&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20EDK%20II%20Master%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=A%20case%20of%20CWE-587%20occurs%20in%20function%20FpdtStatusCodeListenerPei().&color=brighgreen) + +### Description + +BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/CERTCC/UEFI-Analysis-Resources + diff --git a/2021/CVE-2021-28313.md b/2021/CVE-2021-28313.md index e4d3feebe1..0d1c2d2910 100644 --- a/2021/CVE-2021-28313.md +++ b/2021/CVE-2021-28313.md @@ -32,5 +32,5 @@ Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability - http://seclists.org/fulldisclosure/2021/Apr/40 #### Github -No PoCs found on GitHub currently. +- https://github.com/irsl/microsoft-diaghub-case-sensitivity-eop-cve diff --git a/2021/CVE-2021-28321.md b/2021/CVE-2021-28321.md index 63707bb774..0db8bac92c 100644 --- a/2021/CVE-2021-28321.md +++ b/2021/CVE-2021-28321.md @@ -32,5 +32,5 @@ Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability - http://seclists.org/fulldisclosure/2021/Apr/40 #### Github -No PoCs found on GitHub currently. +- https://github.com/irsl/microsoft-diaghub-case-sensitivity-eop-cve diff --git a/2021/CVE-2021-28322.md b/2021/CVE-2021-28322.md index 74ef7d5da8..2a518a3800 100644 --- a/2021/CVE-2021-28322.md +++ b/2021/CVE-2021-28322.md @@ -32,5 +32,5 @@ Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability - http://seclists.org/fulldisclosure/2021/Apr/40 #### Github -No PoCs found on GitHub currently. +- https://github.com/irsl/microsoft-diaghub-case-sensitivity-eop-cve diff --git a/2021/CVE-2021-28323.md b/2021/CVE-2021-28323.md index b8aa190832..6ae70d2639 100644 --- a/2021/CVE-2021-28323.md +++ b/2021/CVE-2021-28323.md @@ -27,5 +27,5 @@ Windows DNS Information Disclosure Vulnerability This CVE ID is unique from CVE- - http://seclists.org/fulldisclosure/2021/Apr/40 #### Github -No PoCs found on GitHub currently. +- https://github.com/irsl/microsoft-diaghub-case-sensitivity-eop-cve diff --git a/2021/CVE-2021-28363.md b/2021/CVE-2021-28363.md index 811c4d357c..c8ea5632f1 100644 --- a/2021/CVE-2021-28363.md +++ b/2021/CVE-2021-28363.md @@ -13,5 +13,6 @@ The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate valida No PoCs from references. #### Github +- https://github.com/noseka1/deep-dive-into-clair - https://github.com/tern-tools/tern diff --git a/2021/CVE-2021-28474.md b/2021/CVE-2021-28474.md new file mode 100644 index 0000000000..004b468040 --- /dev/null +++ b/2021/CVE-2021-28474.md @@ -0,0 +1,19 @@ +### [CVE-2021-28474](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28474) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Enterprise%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Foundation&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) + +### Description + +Microsoft SharePoint Server Remote Code Execution Vulnerability + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2021/CVE-2021-28476.md b/2021/CVE-2021-28476.md index 713141c077..9c6e956b8f 100644 --- a/2021/CVE-2021-28476.md +++ b/2021/CVE-2021-28476.md @@ -23,8 +23,10 @@ Hyper-V Remote Code Execution Vulnerability - https://github.com/0vercl0k/0vercl0k - https://github.com/0vercl0k/CVE-2021-28476 - https://github.com/ARPSyndicate/cvemon +- https://github.com/LaCeeKa/CVE-2021-28476-tools-env - https://github.com/bhassani/Recent-CVE - https://github.com/bluefrostsecurity/CVE-2021-28476 - https://github.com/joydo/CVE-Writeups - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/r0eXpeR/supplier diff --git a/2021/CVE-2021-28482.md b/2021/CVE-2021-28482.md index 4f3624a427..574f59bb4c 100644 --- a/2021/CVE-2021-28482.md +++ b/2021/CVE-2021-28482.md @@ -26,4 +26,5 @@ No PoCs from references. - https://github.com/n1sh1th/CVE-POC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-28550.md b/2021/CVE-2021-28550.md index e3754a0234..5e41bbed36 100644 --- a/2021/CVE-2021-28550.md +++ b/2021/CVE-2021-28550.md @@ -13,5 +13,6 @@ Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 No PoCs from references. #### Github +- https://github.com/dudacgf/ovr_convert - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-28663.md b/2021/CVE-2021-28663.md index 89ffd004a6..56dce39c2b 100644 --- a/2021/CVE-2021-28663.md +++ b/2021/CVE-2021-28663.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/lntrx/CVE-2021-28663 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/xairy/linux-kernel-exploitation diff --git a/2021/CVE-2021-28797.md b/2021/CVE-2021-28797.md index 54f42e170f..77fa2602ab 100644 --- a/2021/CVE-2021-28797.md +++ b/2021/CVE-2021-28797.md @@ -14,4 +14,6 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/r0eXpeR/supplier +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-28799.md b/2021/CVE-2021-28799.md new file mode 100644 index 0000000000..f554ee8da8 --- /dev/null +++ b/2021/CVE-2021-28799.md @@ -0,0 +1,20 @@ +### [CVE-2021-28799](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28799) +![](https://img.shields.io/static/v1?label=Product&message=HBS%201.3&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=HBS%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=HBS%203&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=!%20all%20versions%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%20v16.0.0415%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-285%20Improper%20Authorization&color=brighgreen) + +### Description + +An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. ) If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2; versions prior to v3.0.210412 on QTS 4.3.6; versions prior to v3.0.210411 on QTS 4.3.4; versions prior to v3.0.210411 on QTS 4.3.3; versions prior to v16.0.0419 on QuTS hero h4.5.1; versions prior to v16.0.0419 on QuTScloud c4.5.1~c4.5.4. This issue does not affect: QNAP Systems Inc. HBS 2 . QNAP Systems Inc. HBS 1.3 . + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2021/CVE-2021-28831.md b/2021/CVE-2021-28831.md new file mode 100644 index 0000000000..92ae0cc9da --- /dev/null +++ b/2021/CVE-2021-28831.md @@ -0,0 +1,17 @@ +### [CVE-2021-28831](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/thecyberbaby/Trivy-by-aquaSecurity + diff --git a/2021/CVE-2021-28875.md b/2021/CVE-2021-28875.md new file mode 100644 index 0000000000..825fb51b39 --- /dev/null +++ b/2021/CVE-2021-28875.md @@ -0,0 +1,18 @@ +### [CVE-2021-28875](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28875) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Qwaz/rust-cve +- https://github.com/sslab-gatech/Rudra-Artifacts + diff --git a/2021/CVE-2021-28876.md b/2021/CVE-2021-28876.md new file mode 100644 index 0000000000..ab34b5557c --- /dev/null +++ b/2021/CVE-2021-28876.md @@ -0,0 +1,17 @@ +### [CVE-2021-28876](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28876) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Qwaz/rust-cve + diff --git a/2021/CVE-2021-28877.md b/2021/CVE-2021-28877.md new file mode 100644 index 0000000000..a8ca14c532 --- /dev/null +++ b/2021/CVE-2021-28877.md @@ -0,0 +1,17 @@ +### [CVE-2021-28877](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28877) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In the standard library in Rust before 1.51.0, the Zip implementation calls __iterator_get_unchecked() for the same index more than once when nested. This bug can lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Qwaz/rust-cve + diff --git a/2021/CVE-2021-28878.md b/2021/CVE-2021-28878.md new file mode 100644 index 0000000000..2c8165da44 --- /dev/null +++ b/2021/CVE-2021-28878.md @@ -0,0 +1,17 @@ +### [CVE-2021-28878](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28878) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In the standard library in Rust before 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Qwaz/rust-cve + diff --git a/2021/CVE-2021-28879.md b/2021/CVE-2021-28879.md new file mode 100644 index 0000000000..0ba74f9050 --- /dev/null +++ b/2021/CVE-2021-28879.md @@ -0,0 +1,17 @@ +### [CVE-2021-28879](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28879) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Qwaz/rust-cve + diff --git a/2021/CVE-2021-28925.md b/2021/CVE-2021-28925.md index ed81f82cd0..f802cd5208 100644 --- a/2021/CVE-2021-28925.md +++ b/2021/CVE-2021-28925.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/YinWC/2021hvv_vul +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-28958.md b/2021/CVE-2021-28958.md index 06df2883f1..fa3064593e 100644 --- a/2021/CVE-2021-28958.md +++ b/2021/CVE-2021-28958.md @@ -14,5 +14,5 @@ Zoho ManageEngine ADSelfService Plus through 6101 is vulnerable to unauthenticat - https://www.manageengine.com #### Github -No PoCs found on GitHub currently. +- https://github.com/STMCyber/CVEs diff --git a/2021/CVE-2021-28966.md b/2021/CVE-2021-28966.md index 78d628b04e..e86feea78f 100644 --- a/2021/CVE-2021-28966.md +++ b/2021/CVE-2021-28966.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-29003.md b/2021/CVE-2021-29003.md index 7aa0a644a0..2c4a27d3a4 100644 --- a/2021/CVE-2021-29003.md +++ b/2021/CVE-2021-29003.md @@ -13,5 +13,5 @@ Genexis PLATINUM 4410 2.1 P4410-V2-1.28 devices allow remote attackers to execut - http://packetstormsecurity.com/files/162174/Genexis-PLATINUM-4410-2.1-P4410-V2-1.28-Remote-Command-Execution.html #### Github -No PoCs found on GitHub currently. +- https://github.com/jaysharma786/CVE-2021-29003 diff --git a/2021/CVE-2021-29004.md b/2021/CVE-2021-29004.md index 39479fdc8f..9091130e85 100644 --- a/2021/CVE-2021-29004.md +++ b/2021/CVE-2021-29004.md @@ -14,5 +14,5 @@ rConfig 3.9.6 is affected by SQL Injection. A user must be authenticated to expl - https://github.com/mrojz/rconfig-exploit/blob/main/README.md #### Github -No PoCs found on GitHub currently. +- https://github.com/mrojz/rconfig-exploit diff --git a/2021/CVE-2021-29156.md b/2021/CVE-2021-29156.md index 12a2021452..38c99caad5 100644 --- a/2021/CVE-2021-29156.md +++ b/2021/CVE-2021-29156.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/guidepointsecurity/CVE-2021-29156 - https://github.com/kubearmor/policy-templates - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-29200.md b/2021/CVE-2021-29200.md index 5f2e04fc16..1cbd7b8805 100644 --- a/2021/CVE-2021-29200.md +++ b/2021/CVE-2021-29200.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/r00t4dm/r00t4dm - https://github.com/r0ckysec/CVE-2021-29200 +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-29302.md b/2021/CVE-2021-29302.md index aea5882a30..783b9e8320 100644 --- a/2021/CVE-2021-29302.md +++ b/2021/CVE-2021-29302.md @@ -15,4 +15,5 @@ TP-Link TL-WR802N(US), Archer_C50v5_US v4_200 <= 2020.06 contains a buffer overf #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/liyansong2018/CVE +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-29379.md b/2021/CVE-2021-29379.md index e65eefc40b..1c3a7653f5 100644 --- a/2021/CVE-2021-29379.md +++ b/2021/CVE-2021-29379.md @@ -14,4 +14,5 @@ #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-29441.md b/2021/CVE-2021-29441.md index 2b1c869298..d73d2f036f 100644 --- a/2021/CVE-2021-29441.md +++ b/2021/CVE-2021-29441.md @@ -16,5 +16,6 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/hh-hunter/nacos-cve-2021-29441 - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-29447.md b/2021/CVE-2021-29447.md index a8f17b9ce2..b347d3145f 100644 --- a/2021/CVE-2021-29447.md +++ b/2021/CVE-2021-29447.md @@ -16,6 +16,8 @@ Wordpress is an open source CMS. A user with the ability to upload files (like a #### Github - https://github.com/0xjukai/Web-security - https://github.com/ARPSyndicate/cvemon +- https://github.com/AssassinUKG/CVE-2021-29447 +- https://github.com/AssassinUKG/Writeups - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/H0j3n/EzpzCheatSheet - https://github.com/SexyBeast233/SecBooks @@ -25,4 +27,5 @@ Wordpress is an open source CMS. A user with the ability to upload files (like a - https://github.com/motikan2010/CVE-2021-29447 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/taielab/awesome-hacking-lists +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-29472.md b/2021/CVE-2021-29472.md index b4fe73bb0e..e9b2cc36d4 100644 --- a/2021/CVE-2021-29472.md +++ b/2021/CVE-2021-29472.md @@ -16,4 +16,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/mdisec/mdisec-twitch-yayinlari +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-29482.md b/2021/CVE-2021-29482.md new file mode 100644 index 0000000000..b2fa9ea6db --- /dev/null +++ b/2021/CVE-2021-29482.md @@ -0,0 +1,18 @@ +### [CVE-2021-29482](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29482) +![](https://img.shields.io/static/v1?label=Product&message=xz&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=%7B%22CWE-835%22%3A%22Loop%20with%20Unreachable%20Exit%20Condition%20('Infinite%20Loop')%22%7D&color=brighgreen) + +### Description + +xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malicous input. The problem has been fixed in release v0.5.8. As a workaround users can limit the size of the compressed file input to a reasonable size for their use case. The standard library had recently the same issue and got the CVE-2020-16845 allocated. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/k1LoW/oshka +- https://github.com/naveensrinivasan/stunning-tribble + diff --git a/2021/CVE-2021-29505.md b/2021/CVE-2021-29505.md index 93b83524f4..d4a019e5fc 100644 --- a/2021/CVE-2021-29505.md +++ b/2021/CVE-2021-29505.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/MyBlackManba/CVE-2021-29505 - https://github.com/SexyBeast233/SecBooks +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/superfish9/pt diff --git a/2021/CVE-2021-29628.md b/2021/CVE-2021-29628.md new file mode 100644 index 0000000000..88bd89ec73 --- /dev/null +++ b/2021/CVE-2021-29628.md @@ -0,0 +1,17 @@ +### [CVE-2021-29628](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29628) +![](https://img.shields.io/static/v1?label=Product&message=FreeBSD&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Privilege%20Context%20Switching%20Error&color=brighgreen) + +### Description + +In FreeBSD 13.0-STABLE before n245764-876ffe28796c, 12.2-STABLE before r369857, 13.0-RELEASE before p1, and 12.2-RELEASE before p7, a system call triggering a fault could cause SMAP protections to be disabled for the duration of the system call. This weakness could be combined with other kernel bugs to craft an exploit. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r3dg0d/pspwn5 + diff --git a/2021/CVE-2021-29923.md b/2021/CVE-2021-29923.md new file mode 100644 index 0000000000..1c7e36f189 --- /dev/null +++ b/2021/CVE-2021-29923.md @@ -0,0 +1,17 @@ +### [CVE-2021-29923](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29923) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/aojea/funny-ip-etcd-detector + diff --git a/2021/CVE-2021-29996.md b/2021/CVE-2021-29996.md index da54b9a856..c4adb6f6f2 100644 --- a/2021/CVE-2021-29996.md +++ b/2021/CVE-2021-29996.md @@ -14,4 +14,5 @@ Mark Text through 0.16.3 allows attackers arbitrary command execution. This coul #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-30003.md b/2021/CVE-2021-30003.md index 27d85cbba2..6d88b6a4c6 100644 --- a/2021/CVE-2021-30003.md +++ b/2021/CVE-2021-30003.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-3007.md b/2021/CVE-2021-3007.md index 5f3836e630..7d2cc666d8 100644 --- a/2021/CVE-2021-3007.md +++ b/2021/CVE-2021-3007.md @@ -18,5 +18,6 @@ No PoCs from references. - https://github.com/KOKAProduktion/KokaCrud - https://github.com/Vulnmachines/ZF3_CVE-2021-3007 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability - https://github.com/vlp443/pickled-zend diff --git a/2021/CVE-2021-30109.md b/2021/CVE-2021-30109.md index c450d91fb4..a914f436f2 100644 --- a/2021/CVE-2021-30109.md +++ b/2021/CVE-2021-30109.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Hackdwerg/CVE-2021-30109 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-30128.md b/2021/CVE-2021-30128.md index fa396b4620..15007e8de6 100644 --- a/2021/CVE-2021-30128.md +++ b/2021/CVE-2021-30128.md @@ -19,4 +19,5 @@ No PoCs from references. - https://github.com/gobysec/Goby - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/r0ckysec/CVE-2021-30128 +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-30139.md b/2021/CVE-2021-30139.md index a72c9bfee4..3be6cdf8c1 100644 --- a/2021/CVE-2021-30139.md +++ b/2021/CVE-2021-30139.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/indece-official/clair-client +- https://github.com/thecyberbaby/Trivy-by-aquaSecurity diff --git a/2021/CVE-2021-30146.md b/2021/CVE-2021-30146.md index 4df7e1aaf5..9cacee1a8e 100644 --- a/2021/CVE-2021-30146.md +++ b/2021/CVE-2021-30146.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Security-AVS/CVE-2021-30146 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-30157.md b/2021/CVE-2021-30157.md index ce616f64cd..f2bf1dc0a0 100644 --- a/2021/CVE-2021-30157.md +++ b/2021/CVE-2021-30157.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-30179.md b/2021/CVE-2021-30179.md index 605ab3c837..d8af4520c5 100644 --- a/2021/CVE-2021-30179.md +++ b/2021/CVE-2021-30179.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/SexyBeast233/SecBooks +- https://github.com/lz2y/DubboPOC diff --git a/2021/CVE-2021-3019.md b/2021/CVE-2021-3019.md index 538cb51111..9d14399711 100644 --- a/2021/CVE-2021-3019.md +++ b/2021/CVE-2021-3019.md @@ -27,5 +27,6 @@ No PoCs from references. - https://github.com/murataydemir/CVE-2021-3019 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/qiezi-maozi/CVE-2021-3019-Lanproxy - https://github.com/sobinge/nuclei-templates diff --git a/2021/CVE-2021-3045.md b/2021/CVE-2021-3045.md new file mode 100644 index 0000000000..269fe68ac1 --- /dev/null +++ b/2021/CVE-2021-3045.md @@ -0,0 +1,17 @@ +### [CVE-2021-3045](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3045) +![](https://img.shields.io/static/v1?label=Product&message=PAN-OS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=8.1%3C%208.1.19%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-88%20Argument%20Injection%20or%20Modification&color=brighgreen) + +### Description + +An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.19; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.10. PAN-OS 10.0 and later versions are not impacted. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2021/CVE-2021-30461.md b/2021/CVE-2021-30461.md index 29e0e9998f..a44dc472c2 100644 --- a/2021/CVE-2021-30461.md +++ b/2021/CVE-2021-30461.md @@ -23,4 +23,6 @@ No PoCs from references. - https://github.com/bigblackhat/oFx - https://github.com/daedalus/CVE-2021-30461 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/puckiestyle/CVE-2021-30461 +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-30465.md b/2021/CVE-2021-30465.md index 6faa14c75e..7dd2688c24 100644 --- a/2021/CVE-2021-30465.md +++ b/2021/CVE-2021-30465.md @@ -16,7 +16,9 @@ No PoCs from references. - https://github.com/Metarget/awesome-cloud-native-security - https://github.com/Metarget/metarget - https://github.com/UCloudDocs/uk8s +- https://github.com/asa1997/topgear_test - https://github.com/champtar/blog - https://github.com/kaosagnt/ansible-everyday +- https://github.com/reni2study/Cloud-Native-Security2 - https://github.com/superfish9/pt diff --git a/2021/CVE-2021-30481.md b/2021/CVE-2021-30481.md index 9be728ee03..4e2f176c5c 100644 --- a/2021/CVE-2021-30481.md +++ b/2021/CVE-2021-30481.md @@ -17,4 +17,5 @@ Valve Steam through 2021-04-10, when a Source engine game is installed, allows r - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/floesen/CVE-2021-30481 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-30565.md b/2021/CVE-2021-30565.md new file mode 100644 index 0000000000..80a6e77b29 --- /dev/null +++ b/2021/CVE-2021-30565.md @@ -0,0 +1,17 @@ +### [CVE-2021-30565](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30565) +![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2092.0.4515.107%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Out%20of%20bounds%20write&color=brighgreen) + +### Description + +Out of bounds write in Tab Groups in Google Chrome on Linux and ChromeOS prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/StarCrossPortal/bug-hunting-101 + diff --git a/2021/CVE-2021-30573.md b/2021/CVE-2021-30573.md index e31dbe7d3f..5085f74451 100644 --- a/2021/CVE-2021-30573.md +++ b/2021/CVE-2021-30573.md @@ -14,6 +14,9 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/byteofjoshua/CVE-2021-30573 +- https://github.com/kh4sh3i/CVE-2021-30573 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/s4e-lab/CVE-2021-30573-PoC-Google-Chrome diff --git a/2021/CVE-2021-30623.md b/2021/CVE-2021-30623.md index 74dd0e6f00..0b1e58732a 100644 --- a/2021/CVE-2021-30623.md +++ b/2021/CVE-2021-30623.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/CrackerCat/CVE-2021-30632 +- https://github.com/dev-fff/cve-win - https://github.com/rfcxv/CVE-2021-40444-POC diff --git a/2021/CVE-2021-30632.md b/2021/CVE-2021-30632.md index f71c36233b..1768da2852 100644 --- a/2021/CVE-2021-30632.md +++ b/2021/CVE-2021-30632.md @@ -14,7 +14,10 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/CrackerCat/CVE-2021-30632 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Phuong39/PoC-CVE-2021-30632 +- https://github.com/dev-fff/cve-win - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2021/CVE-2021-30655.md b/2021/CVE-2021-30655.md index 9f8060c6ef..6a181b857d 100644 --- a/2021/CVE-2021-30655.md +++ b/2021/CVE-2021-30655.md @@ -14,5 +14,6 @@ An application may be able to execute arbitrary code with system privileges. Thi No PoCs from references. #### Github +- https://github.com/amanszpapaya/MacPer - https://github.com/houjingyi233/macOS-iOS-system-security diff --git a/2021/CVE-2021-30657.md b/2021/CVE-2021-30657.md index d057952ca0..8f9fe55a89 100644 --- a/2021/CVE-2021-30657.md +++ b/2021/CVE-2021-30657.md @@ -20,4 +20,5 @@ No PoCs from references. - https://github.com/joydo/CVE-Writeups - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/shubham0d/CVE-2021-30657 diff --git a/2021/CVE-2021-30666.md b/2021/CVE-2021-30666.md new file mode 100644 index 0000000000..98e97ec031 --- /dev/null +++ b/2021/CVE-2021-30666.md @@ -0,0 +1,17 @@ +### [CVE-2021-30666](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30666) +![](https://img.shields.io/static/v1?label=Product&message=iOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2012.5%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Processing%20maliciously%20crafted%20web%20content%20may%20lead%20to%20arbitrary%20code%20execution.%C2%A0Apple%20is%20aware%20of%20a%20report%20that%20this%20issue%20may%20have%20been%20actively%20exploited.&color=brighgreen) + +### Description + +A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/gmatuz/inthewilddb + diff --git a/2021/CVE-2021-30682.md b/2021/CVE-2021-30682.md index 24ad63dcb1..67d60f55bf 100644 --- a/2021/CVE-2021-30682.md +++ b/2021/CVE-2021-30682.md @@ -20,4 +20,5 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/threatnix/csp-playground diff --git a/2021/CVE-2021-30740.md b/2021/CVE-2021-30740.md index 4336eed4c5..98762ac830 100644 --- a/2021/CVE-2021-30740.md +++ b/2021/CVE-2021-30740.md @@ -16,5 +16,9 @@ A logic issue was addressed with improved validation. This issue is fixed in mac No PoCs from references. #### Github +- https://github.com/LinusHenze/Fugu14 +- https://github.com/evilcorp1311/kkkk +- https://github.com/gfam2801/fugu14-online - https://github.com/houjingyi233/macOS-iOS-system-security +- https://github.com/nanerasingh/fugu14 diff --git a/2021/CVE-2021-30768.md b/2021/CVE-2021-30768.md index c37d95a959..c7d3f067d5 100644 --- a/2021/CVE-2021-30768.md +++ b/2021/CVE-2021-30768.md @@ -18,6 +18,10 @@ A logic issue was addressed with improved validation. This issue is fixed in iOS No PoCs from references. #### Github +- https://github.com/LinusHenze/Fugu14 +- https://github.com/evilcorp1311/kkkk +- https://github.com/gfam2801/fugu14-online - https://github.com/houjingyi233/macOS-iOS-system-security +- https://github.com/nanerasingh/fugu14 - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-30769.md b/2021/CVE-2021-30769.md index 37089470ef..b2a77f2c3b 100644 --- a/2021/CVE-2021-30769.md +++ b/2021/CVE-2021-30769.md @@ -16,5 +16,9 @@ A logic issue was addressed with improved state management. This issue is fixed No PoCs from references. #### Github +- https://github.com/LinusHenze/Fugu14 +- https://github.com/evilcorp1311/kkkk +- https://github.com/gfam2801/fugu14-online - https://github.com/houjingyi233/macOS-iOS-system-security +- https://github.com/nanerasingh/fugu14 diff --git a/2021/CVE-2021-30770.md b/2021/CVE-2021-30770.md index dc5dd9c365..bda2ceaa66 100644 --- a/2021/CVE-2021-30770.md +++ b/2021/CVE-2021-30770.md @@ -16,5 +16,9 @@ A logic issue was addressed with improved validation. This issue is fixed in iOS No PoCs from references. #### Github +- https://github.com/LinusHenze/Fugu14 +- https://github.com/evilcorp1311/kkkk +- https://github.com/gfam2801/fugu14-online - https://github.com/houjingyi233/macOS-iOS-system-security +- https://github.com/nanerasingh/fugu14 diff --git a/2021/CVE-2021-30773.md b/2021/CVE-2021-30773.md index 2a63020b7d..c5447ac4b9 100644 --- a/2021/CVE-2021-30773.md +++ b/2021/CVE-2021-30773.md @@ -16,6 +16,10 @@ An issue in code signature validation was addressed with improved checks. This i No PoCs from references. #### Github +- https://github.com/LinusHenze/Fugu14 +- https://github.com/evilcorp1311/kkkk +- https://github.com/gfam2801/fugu14-online - https://github.com/houjingyi233/macOS-iOS-system-security +- https://github.com/nanerasingh/fugu14 - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-30800.md b/2021/CVE-2021-30800.md new file mode 100644 index 0000000000..6d8335d56a --- /dev/null +++ b/2021/CVE-2021-30800.md @@ -0,0 +1,17 @@ +### [CVE-2021-30800](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30800) +![](https://img.shields.io/static/v1?label=Product&message=iOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2014.7%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Joining%20a%20malicious%20Wi-Fi%20network%20may%20result%20in%20a%20denial%20of%20service%20or%20arbitrary%20code%20execution&color=brighgreen) + +### Description + +This issue was addressed with improved checks. This issue is fixed in iOS 14.7. Joining a malicious Wi-Fi network may result in a denial of service or arbitrary code execution. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/vmcall/vmcall + diff --git a/2021/CVE-2021-30807.md b/2021/CVE-2021-30807.md index 195af4d7e1..b1acc52449 100644 --- a/2021/CVE-2021-30807.md +++ b/2021/CVE-2021-30807.md @@ -15,10 +15,13 @@ A memory corruption issue was addressed with improved memory handling. This issu No PoCs from references. #### Github +- https://github.com/30440r/gex - https://github.com/ARPSyndicate/cvemon - https://github.com/b1n4r1b01/n-days - https://github.com/houjingyi233/macOS-iOS-system-security - https://github.com/joydo/CVE-Writeups +- https://github.com/jsherman212/iomfb-exploit - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/saaramar/IOMobileFrameBuffer_LPE_POC diff --git a/2021/CVE-2021-30827.md b/2021/CVE-2021-30827.md new file mode 100644 index 0000000000..492a886eb7 --- /dev/null +++ b/2021/CVE-2021-30827.md @@ -0,0 +1,18 @@ +### [CVE-2021-30827](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30827) +![](https://img.shields.io/static/v1?label=Product&message=macOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2011.6%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%202021%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=A%20local%20attacker%20may%20be%20able%20to%20elevate%20their%20privileges&color=brighgreen) + +### Description + +A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local attacker may be able to elevate their privileges. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/zanezhub/PIA-PC + diff --git a/2021/CVE-2021-30828.md b/2021/CVE-2021-30828.md new file mode 100644 index 0000000000..f99b8cadfd --- /dev/null +++ b/2021/CVE-2021-30828.md @@ -0,0 +1,18 @@ +### [CVE-2021-30828](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30828) +![](https://img.shields.io/static/v1?label=Product&message=macOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2011.6%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3C%202021%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=A%20local%20user%20may%20be%20able%20to%20read%20arbitrary%20files%20as%20root&color=brighgreen) + +### Description + +This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local user may be able to read arbitrary files as root. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/zanezhub/PIA-PC + diff --git a/2021/CVE-2021-30845.md b/2021/CVE-2021-30845.md new file mode 100644 index 0000000000..983a722a04 --- /dev/null +++ b/2021/CVE-2021-30845.md @@ -0,0 +1,17 @@ +### [CVE-2021-30845](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30845) +![](https://img.shields.io/static/v1?label=Product&message=macOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2011.6%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=A%20local%20user%20may%20be%20able%20to%20read%20kernel%20memory&color=brighgreen) + +### Description + +An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6. A local user may be able to read kernel memory. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/zanezhub/PIA-PC + diff --git a/2021/CVE-2021-30858.md b/2021/CVE-2021-30858.md index 614566eddb..2567c0de30 100644 --- a/2021/CVE-2021-30858.md +++ b/2021/CVE-2021-30858.md @@ -16,6 +16,11 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/FitTerminator/PS4-CVE-202130858 +- https://github.com/FitTerminator/iOS-CVE-202130858 +- https://github.com/Jeromeyoung/ps4_8.00_vuln_poc +- https://github.com/Nazky/PS4CVE202130858 +- https://github.com/kmeps4/CVEREV3 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-30860.md b/2021/CVE-2021-30860.md index ca19e17a49..f78c95c49e 100644 --- a/2021/CVE-2021-30860.md +++ b/2021/CVE-2021-30860.md @@ -18,7 +18,9 @@ An integer overflow was addressed with improved input validation. This issue is No PoCs from references. #### Github +- https://github.com/30440r/gex - https://github.com/ARPSyndicate/cvemon +- https://github.com/Levilutz/CVE-2021-30860 - https://github.com/houjingyi233/macOS-iOS-system-security - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-30883.md b/2021/CVE-2021-30883.md index f3af4ec675..d53affa254 100644 --- a/2021/CVE-2021-30883.md +++ b/2021/CVE-2021-30883.md @@ -20,4 +20,7 @@ No PoCs from references. #### Github - https://github.com/houjingyi233/macOS-iOS-system-security +- https://github.com/nanerasingh/IOMFB_integer_overflow_poc +- https://github.com/nanerasingh/IOMFB_integer_overflow_poc1 +- https://github.com/saaramar/IOMFB_integer_overflow_poc diff --git a/2021/CVE-2021-30924.md b/2021/CVE-2021-30924.md new file mode 100644 index 0000000000..a72bb3f002 --- /dev/null +++ b/2021/CVE-2021-30924.md @@ -0,0 +1,17 @@ +### [CVE-2021-30924](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30924) +![](https://img.shields.io/static/v1?label=Product&message=macOS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%2012.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=A%20remote%20attacker%20can%20cause%20a%20device%20to%20unexpectedly%20restart&color=brighgreen) + +### Description + +A denial of service issue was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1. A remote attacker can cause a device to unexpectedly restart. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/darling-x0r/0day_dos_apple + diff --git a/2021/CVE-2021-31159.md b/2021/CVE-2021-31159.md index cedae64972..fed882fc56 100644 --- a/2021/CVE-2021-31159.md +++ b/2021/CVE-2021-31159.md @@ -17,5 +17,6 @@ Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enum #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/r0eXpeR/supplier - https://github.com/ricardojoserf/CVE-2021-31159 diff --git a/2021/CVE-2021-31162.md b/2021/CVE-2021-31162.md index aa9c2d1ba9..d6fdf172ee 100644 --- a/2021/CVE-2021-31162.md +++ b/2021/CVE-2021-31162.md @@ -13,5 +13,5 @@ In the standard library in Rust before 1.52.0, a double free can occur in the Ve - https://github.com/rust-lang/rust/issues/83618 #### Github -No PoCs found on GitHub currently. +- https://github.com/Qwaz/rust-cve diff --git a/2021/CVE-2021-31166.md b/2021/CVE-2021-31166.md index e0835af6bb..3da965ce3d 100644 --- a/2021/CVE-2021-31166.md +++ b/2021/CVE-2021-31166.md @@ -38,6 +38,9 @@ HTTP Protocol Stack Remote Code Execution Vulnerability - https://github.com/n1sh1th/CVE-POC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p0dalirius/CVE-2022-21907-http.sys +- https://github.com/pathcl/oldnews +- https://github.com/r0eXpeR/supplier +- https://github.com/tzwlhack/Vulnerability - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/wrlu/Vulnerabilities - https://github.com/y0g3sh-99/CVE-2021-31166-Exploit diff --git a/2021/CVE-2021-31169.md b/2021/CVE-2021-31169.md index d427d583e4..f9e9abb8b4 100644 --- a/2021/CVE-2021-31169.md +++ b/2021/CVE-2021-31169.md @@ -21,4 +21,5 @@ Windows Container Manager Service Elevation of Privilege Vulnerability This CVE #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-31178.md b/2021/CVE-2021-31178.md new file mode 100644 index 0000000000..2f5c4e286a --- /dev/null +++ b/2021/CVE-2021-31178.md @@ -0,0 +1,22 @@ +### [CVE-2021-31178](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31178) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20365%20Apps%20for%20Enterprise%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20365%20Apps%20for%20Enterprise%20for%2064-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Excel&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%20Online%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%20Web%20Apps&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) + +### Description + +Microsoft Office Information Disclosure Vulnerability + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2021/CVE-2021-31181.md b/2021/CVE-2021-31181.md index 39d1de9e42..877f19cec8 100644 --- a/2021/CVE-2021-31181.md +++ b/2021/CVE-2021-31181.md @@ -16,4 +16,5 @@ Microsoft SharePoint Remote Code Execution Vulnerability #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/H0j3n/EzpzSharepoint diff --git a/2021/CVE-2021-31195.md b/2021/CVE-2021-31195.md index a4242004fd..8b71ad712b 100644 --- a/2021/CVE-2021-31195.md +++ b/2021/CVE-2021-31195.md @@ -18,5 +18,7 @@ No PoCs from references. #### Github - https://github.com/Astrogeorgeonethree/Starred +- https://github.com/DIVD-NL/ProxyOracleNSE +- https://github.com/FDlucifer/Proxy-Attackchain - https://github.com/hosch3n/ProxyVulns diff --git a/2021/CVE-2021-31196.md b/2021/CVE-2021-31196.md index cde966cdad..5e7ee67b8b 100644 --- a/2021/CVE-2021-31196.md +++ b/2021/CVE-2021-31196.md @@ -18,6 +18,7 @@ No PoCs from references. #### Github - https://github.com/Astrogeorgeonethree/Starred +- https://github.com/FDlucifer/Proxy-Attackchain - https://github.com/hosch3n/ProxyVulns - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-31200.md b/2021/CVE-2021-31200.md new file mode 100644 index 0000000000..0426147b85 --- /dev/null +++ b/2021/CVE-2021-31200.md @@ -0,0 +1,17 @@ +### [CVE-2021-31200](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31200) +![](https://img.shields.io/static/v1?label=Product&message=common_utils.py&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) + +### Description + +Common Utilities Remote Code Execution Vulnerability + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ajmalabubakkr/CVE + diff --git a/2021/CVE-2021-31207.md b/2021/CVE-2021-31207.md index 7fbab75f1c..dc8b8a7be1 100644 --- a/2021/CVE-2021-31207.md +++ b/2021/CVE-2021-31207.md @@ -17,7 +17,15 @@ Microsoft Exchange Server Security Feature Bypass Vulnerability - http://packetstormsecurity.com/files/163895/Microsoft-Exchange-ProxyShell-Remote-Code-Execution.html #### Github +- https://github.com/0x3n0/redeam - https://github.com/ARPSyndicate/cvemon - https://github.com/Astrogeorgeonethree/Starred +- https://github.com/FDlucifer/Proxy-Attackchain +- https://github.com/aravazhimdr/ProxyShell-POC-Mod +- https://github.com/cyberheartmi9/Proxyshell-Scanner +- https://github.com/horizon3ai/proxyshell - https://github.com/hosch3n/ProxyVulns +- https://github.com/mithridates1313/ProxyShell_POC +- https://github.com/r0eXpeR/supplier +- https://github.com/signorrayan/RedTeam_toolkit diff --git a/2021/CVE-2021-3121.md b/2021/CVE-2021-3121.md index 41aac85b96..c51421c701 100644 --- a/2021/CVE-2021-3121.md +++ b/2021/CVE-2021-3121.md @@ -13,5 +13,6 @@ An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarsha No PoCs from references. #### Github +- https://github.com/k1LoW/oshka - https://github.com/sonatype-nexus-community/nancy diff --git a/2021/CVE-2021-31215.md b/2021/CVE-2021-31215.md new file mode 100644 index 0000000000..297644e1ba --- /dev/null +++ b/2021/CVE-2021-31215.md @@ -0,0 +1,17 @@ +### [CVE-2021-31215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31215) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/EGI-Federation/SVG-advisories + diff --git a/2021/CVE-2021-3129.md b/2021/CVE-2021-3129.md index 9dc05a0bb0..24c0e50ca3 100644 --- a/2021/CVE-2021-3129.md +++ b/2021/CVE-2021-3129.md @@ -16,13 +16,16 @@ Ignition before 2.5.2, as used in Laravel and other products, allows unauthentic #### Github - https://github.com/0day666/Vulnerability-verification - https://github.com/0xsyr0/OSCP +- https://github.com/1111one/laravel-CVE-2021-3129-EXP - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Dheia/sc-main - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/Elsfa7-110/kenzer-templates +- https://github.com/Erikten/CVE-2021-3129 - https://github.com/FunPhishing/Laravel-8.4.2-rce-CVE-2021-3129 - https://github.com/H0j3n/EzpzCheatSheet +- https://github.com/M00nBack/vulnerability - https://github.com/Maskhe/evil_ftp - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SNCKER/CVE-2021-3129 @@ -34,10 +37,14 @@ Ignition before 2.5.2, as used in Laravel and other products, allows unauthentic - https://github.com/crisprss/Laravel_CVE-2021-3129_EXP - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/iBotPeaches/ctf-2021 +- https://github.com/karimmuya/laravel-exploit-tricks +- https://github.com/knqyf263/CVE-2021-3129 +- https://github.com/lanmarc77/CVE-2021-33831 - https://github.com/mstxq17/SecurityArticleLogger - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/nth347/CVE-2021-3129_exploit - https://github.com/simonlee-hello/CVE-2021-3129 +- https://github.com/tzwlhack/Vulnerability - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/zhzyker/CVE-2021-3129 - https://github.com/zhzyker/vulmap diff --git a/2021/CVE-2021-31440.md b/2021/CVE-2021-31440.md index 187af1456b..56ce2db552 100644 --- a/2021/CVE-2021-31440.md +++ b/2021/CVE-2021-31440.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/Al1ex/LinuxEelvation +- https://github.com/ChoKyuWon/exploit_articles - https://github.com/bsauce/kernel-exploit-factory - https://github.com/bsauce/kernel-security-learning - https://github.com/digamma-ai/CVE-2020-8835-verification diff --git a/2021/CVE-2021-31474.md b/2021/CVE-2021-31474.md index 4f4190da82..738a26597a 100644 --- a/2021/CVE-2021-31474.md +++ b/2021/CVE-2021-31474.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/SexyBeast233/SecBooks +- https://github.com/Y4er/CVE-2021-35215 - https://github.com/n1sh1th/CVE-POC diff --git a/2021/CVE-2021-31535.md b/2021/CVE-2021-31535.md index f8d7158f66..db5d74d30c 100644 --- a/2021/CVE-2021-31535.md +++ b/2021/CVE-2021-31535.md @@ -16,6 +16,8 @@ LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remot - https://unparalleled.eu/publications/2021/advisory-unpar-2021-1.txt #### Github +- https://github.com/ciwei100000/libx11-debian - https://github.com/freedesktop/xorg-libX11 +- https://github.com/janisozaur/libx11 - https://github.com/mirror/libX11 diff --git a/2021/CVE-2021-3156.md b/2021/CVE-2021-3156.md index 0263bc7aa7..dceebda1be 100644 --- a/2021/CVE-2021-3156.md +++ b/2021/CVE-2021-3156.md @@ -16,18 +16,24 @@ Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based - http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html #### Github +- https://github.com/0x7183/CVE-2021-3156 - https://github.com/0xdevil/CVE-2021-3156 +- https://github.com/0xsakthi/my-pentest-notes - https://github.com/1N53C/CVE-2021-3156-PoC - https://github.com/ARGOeu/secmon-probes - https://github.com/ARPSyndicate/cvemon - https://github.com/AbdullahRizwan101/Baron-Samedit - https://github.com/Al1ex/LinuxEelvation - https://github.com/Ashish-dawani/CVE-2021-3156-Patch +- https://github.com/Bubleh21/CVE-2021-3156 - https://github.com/ClassBluer/Exploit_Tools - https://github.com/CptGibbon/CVE-2021-3156 - https://github.com/CrackerCat/cve-2021-3157 +- https://github.com/CyberCommands/CVE-2021-3156 - https://github.com/CyberCommands/exploit-sudoedit +- https://github.com/EGI-Federation/SVG-advisories - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/Exodusro/CVE-2021-3156 - https://github.com/Floodnut/papers_documents_Analysis - https://github.com/Gutem/scans-exploits - https://github.com/HynekPetrak/HynekPetrak @@ -42,8 +48,13 @@ Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based - https://github.com/SPXcz/IC1_projekt - https://github.com/SantiagoSerrao/ScannerCVE-2021-3156 - https://github.com/SexyBeast233/SecBooks +- https://github.com/TheFlash2k/CVE-2021-3156 - https://github.com/TheSerialiZator/CTF-2021 +- https://github.com/Timirepo/CVE_Exploits +- https://github.com/Toufupi/CVE_Collection +- https://github.com/Y3A/CVE-2021-3156 - https://github.com/ajtech-hue/CVE-2021-3156-Mitigation-ShellScript-Build +- https://github.com/amanszpapaya/MacPer - https://github.com/apogiatzis/docker-CVE-2021-3156 - https://github.com/baka9moe/CVE-2021-3156-Exp - https://github.com/binw2018/CVE-2021-3156-SCRIPT @@ -51,15 +62,21 @@ Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based - https://github.com/bollwarm/SecToolSet - https://github.com/bsauce/kernel-exploit-factory - https://github.com/bsauce/kernel-security-learning +- https://github.com/capturingcats/CVE-2021-3156 +- https://github.com/d3c3ptic0n/CVE-2021-3156 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/dinhbaouit/CVE-2021-3156 +- https://github.com/donghyunlee00/CVE-2021-3156 - https://github.com/dyne/sud - https://github.com/elbee-cyber/CVE-2021-3156-PATCHER - https://github.com/fei9747/LinuxEelvation +- https://github.com/foyjog/shocker-attack - https://github.com/freeFV/CVE-2021-3156 - https://github.com/freitzzz/tpas-binary-exploitation +- https://github.com/gamblingmaster2020/vCenterExp - https://github.com/gmldbd94/cve-2021-3156 - https://github.com/greg-workspace/my_sudo_heap_overflow_exploit +- https://github.com/hac425xxx/heap-exploitation-in-real-world - https://github.com/harsh-bothra/learn365 - https://github.com/hilbix/suid - https://github.com/huike007/penetration_poc @@ -75,16 +92,20 @@ Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based - https://github.com/lockedbyte/slides - https://github.com/lognoz/puppet-freebsd-workstation - https://github.com/loong576/ansible-production-practice-6 +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/ltfafei/my_POC - https://github.com/mbcrump/CVE-2021-3156 - https://github.com/mr-r3b00t/CVE-2021-3156 - https://github.com/mstxq17/SecurityArticleLogger +- https://github.com/musergi/CVE-2021-3156 +- https://github.com/neolin-ms/LinuxDocLinks - https://github.com/nexcess/sudo_cve-2021-3156 - https://github.com/njahrckstr/exploits- - https://github.com/nobodyatall648/CVE-2021-3156 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/oneoy/CVE-2021-3156 - https://github.com/oneoy/exploits1 +- https://github.com/oriolOrnaque/TFG-Binary-exploitation - https://github.com/password520/CVE-2021-3156 - https://github.com/pathakabhi24/Awesome-C - https://github.com/perlun/sudo-1.8.3p1-patched @@ -94,15 +115,18 @@ Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based - https://github.com/r0eXpeR/pentest - https://github.com/r3k4t/how-to-solve-sudo-heap-based-bufferoverflow-vulnerability - https://github.com/r4j0x00/exploits +- https://github.com/redhawkeye/sudo-exploit - https://github.com/reverse-ex/CVE-2021-3156 - https://github.com/sandesvitor/simple-ansible-lab - https://github.com/saucer-man/exploit +- https://github.com/sharkmoos/Baron-Samedit - https://github.com/siddicky/yotjf - https://github.com/stong/CVE-2021-3156 - https://github.com/stressboi/TA-Samedit - https://github.com/taielab/awesome-hacking-lists - https://github.com/tainguyenbp/linux-cve - https://github.com/teamtopkarl/CVE-2021-3156 +- https://github.com/tzwlhack/Vulnerability - https://github.com/uhub/awesome-c - https://github.com/unauth401/CVE-2021-3156 - https://github.com/usdogu/awesome-stars diff --git a/2021/CVE-2021-31599.md b/2021/CVE-2021-31599.md index 46bc1cec51..9569f4ff4b 100644 --- a/2021/CVE-2021-31599.md +++ b/2021/CVE-2021-31599.md @@ -13,5 +13,5 @@ An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Busin - http://packetstormsecurity.com/files/164772/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-Remote-Code-Execution.html #### Github -No PoCs found on GitHub currently. +- https://github.com/iamaldi/publications diff --git a/2021/CVE-2021-31600.md b/2021/CVE-2021-31600.md index f873a04aad..250ddf2152 100644 --- a/2021/CVE-2021-31600.md +++ b/2021/CVE-2021-31600.md @@ -13,5 +13,5 @@ An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Busin - http://packetstormsecurity.com/files/164787/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-User-Enumeration.html #### Github -No PoCs found on GitHub currently. +- https://github.com/iamaldi/publications diff --git a/2021/CVE-2021-31601.md b/2021/CVE-2021-31601.md index 111f1a292d..e9b8c03cff 100644 --- a/2021/CVE-2021-31601.md +++ b/2021/CVE-2021-31601.md @@ -13,5 +13,5 @@ An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Busin - http://packetstormsecurity.com/files/164779/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-Insufficient-Access-Control.html #### Github -No PoCs found on GitHub currently. +- https://github.com/iamaldi/publications diff --git a/2021/CVE-2021-31602.md b/2021/CVE-2021-31602.md index 45597a66bb..3a6c71d727 100644 --- a/2021/CVE-2021-31602.md +++ b/2021/CVE-2021-31602.md @@ -15,4 +15,5 @@ An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Busin #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/iamaldi/publications diff --git a/2021/CVE-2021-31605.md b/2021/CVE-2021-31605.md index 0a0d52d051..c0c5eb430a 100644 --- a/2021/CVE-2021-31605.md +++ b/2021/CVE-2021-31605.md @@ -13,5 +13,5 @@ furlongm openvpn-monitor through 1.1.3 allows %0a command injection via the Open - http://packetstormsecurity.com/files/164278/OpenVPN-Monitor-1.1.3-Command-Injection.html #### Github -No PoCs found on GitHub currently. +- https://github.com/nday-ldgz/ZoomEye-dork diff --git a/2021/CVE-2021-31607.md b/2021/CVE-2021-31607.md index fcfb0a712c..0e5e2ea767 100644 --- a/2021/CVE-2021-31607.md +++ b/2021/CVE-2021-31607.md @@ -14,4 +14,5 @@ In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exist #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-31630.md b/2021/CVE-2021-31630.md index 00b91dfa57..29a5fec7fb 100644 --- a/2021/CVE-2021-31630.md +++ b/2021/CVE-2021-31630.md @@ -14,5 +14,5 @@ Command Injection in Open PLC Webserver v3 allows remote attackers to execute ar - https://www.youtube.com/watch?v=l08DHB08Gow #### Github -No PoCs found on GitHub currently. +- https://github.com/h3v0x/CVE-2021-31630-OpenPLC_RCE diff --git a/2021/CVE-2021-31698.md b/2021/CVE-2021-31698.md new file mode 100644 index 0000000000..ac7220d7a4 --- /dev/null +++ b/2021/CVE-2021-31698.md @@ -0,0 +1,17 @@ +### [CVE-2021-31698](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31698) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Quectel EG25-G devices through 202006130814 allow executing arbitrary code remotely by using an AT command to place shell metacharacters in quectel_handle_fumo_cfg input in atfwd_daemon. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/nnsee/jekyll-cve-badge + diff --git a/2021/CVE-2021-31737.md b/2021/CVE-2021-31737.md index e5fe30cf0a..57870b98c3 100644 --- a/2021/CVE-2021-31737.md +++ b/2021/CVE-2021-31737.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-31758.md b/2021/CVE-2021-31758.md index ac287a1e5e..db44de699d 100644 --- a/2021/CVE-2021-31758.md +++ b/2021/CVE-2021-31758.md @@ -15,4 +15,5 @@ An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104 #### Github - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/Yu3H0/IoT_CVE +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-31760.md b/2021/CVE-2021-31760.md index a36940317b..b1927c8cb4 100644 --- a/2021/CVE-2021-31760.md +++ b/2021/CVE-2021-31760.md @@ -18,4 +18,5 @@ Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote - https://github.com/Mesh3l911/CVE-2021-31760 - https://github.com/electronicbots/CVE-2021-31760 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-31762.md b/2021/CVE-2021-31762.md index 55fe116fec..4c09b06c73 100644 --- a/2021/CVE-2021-31762.md +++ b/2021/CVE-2021-31762.md @@ -15,6 +15,7 @@ Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privil #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Mesh3l911/CVE-2021-31762 - https://github.com/electronicbots/CVE-2021-31762 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-31799.md b/2021/CVE-2021-31799.md index 826663d736..d3b1201996 100644 --- a/2021/CVE-2021-31799.md +++ b/2021/CVE-2021-31799.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-31802.md b/2021/CVE-2021-31802.md index 0c203cf914..804408e4e6 100644 --- a/2021/CVE-2021-31802.md +++ b/2021/CVE-2021-31802.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-31856.md b/2021/CVE-2021-31856.md index e78f3ab821..a078a0bc25 100644 --- a/2021/CVE-2021-31856.md +++ b/2021/CVE-2021-31856.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/ssst0n3/CVE-2021-31856 - https://github.com/ssst0n3/my_vulnerabilities +- https://github.com/ssst0n3/ssst0n3 diff --git a/2021/CVE-2021-31862.md b/2021/CVE-2021-31862.md index 18d5c7f20c..219140b408 100644 --- a/2021/CVE-2021-31862.md +++ b/2021/CVE-2021-31862.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/RobertDra/CVE-2021-31862 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-31879.md b/2021/CVE-2021-31879.md new file mode 100644 index 0000000000..6dc136547e --- /dev/null +++ b/2021/CVE-2021-31879.md @@ -0,0 +1,18 @@ +### [CVE-2021-31879](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/dgardella/KCC +- https://github.com/epequeno/devops-demo + diff --git a/2021/CVE-2021-31950.md b/2021/CVE-2021-31950.md index 12fb688f9b..3cae857dac 100644 --- a/2021/CVE-2021-31950.md +++ b/2021/CVE-2021-31950.md @@ -15,5 +15,5 @@ Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CV - http://packetstormsecurity.com/files/163080/Microsoft-SharePoint-Server-16.0.10372.20060-Server-Side-Request-Forgery.html #### Github -No PoCs found on GitHub currently. +- https://github.com/r0eXpeR/supplier diff --git a/2021/CVE-2021-32030.md b/2021/CVE-2021-32030.md index f0047b7eb2..c65e7a5ea6 100644 --- a/2021/CVE-2021-32030.md +++ b/2021/CVE-2021-32030.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/koronkowy/koronkowy +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-32202.md b/2021/CVE-2021-32202.md index 301161ea6b..c59f20c5cd 100644 --- a/2021/CVE-2021-32202.md +++ b/2021/CVE-2021-32202.md @@ -13,5 +13,6 @@ In CS-Cart version 4.11.1, it is possible to induce copy-paste XSS by manipulati No PoCs from references. #### Github +- https://github.com/l00neyhacker/CVE-2021-32202 - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-3223.md b/2021/CVE-2021-3223.md index e1a00584b2..12c1502da4 100644 --- a/2021/CVE-2021-3223.md +++ b/2021/CVE-2021-3223.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/SexyBeast233/SecBooks +- https://github.com/errorecho/CVEs-Collection diff --git a/2021/CVE-2021-32471.md b/2021/CVE-2021-32471.md index c160f22e6b..9085240d0a 100644 --- a/2021/CVE-2021-32471.md +++ b/2021/CVE-2021-32471.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/Spacial/awesome-csirt +- https://github.com/intrinsic-propensity/intrinsic-propensity.github.io - https://github.com/intrinsic-propensity/turing-machine - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-32527.md b/2021/CVE-2021-32527.md new file mode 100644 index 0000000000..d8e4a62ad6 --- /dev/null +++ b/2021/CVE-2021-32527.md @@ -0,0 +1,17 @@ +### [CVE-2021-32527](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32527) +![](https://img.shields.io/static/v1?label=Product&message=Storage%20Manager&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%203.3.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brighgreen) + +### Description + +Path traversal vulnerability in QSAN Storage Manager allows remote unauthenticated attackers to download arbitrary files thru injecting file path in download function. Suggest contacting with QSAN and refer to recommendations in QSAN Document. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/4RG0S/2021-Summer-Some-Day-Exploit + diff --git a/2021/CVE-2021-32588.md b/2021/CVE-2021-32588.md index 48ddeb6536..e96fce6b1c 100644 --- a/2021/CVE-2021-32588.md +++ b/2021/CVE-2021-32588.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/izj007/wechat +- https://github.com/r0eXpeR/supplier diff --git a/2021/CVE-2021-32605.md b/2021/CVE-2021-32605.md index 36133ffda7..5e8e2b5c62 100644 --- a/2021/CVE-2021-32605.md +++ b/2021/CVE-2021-32605.md @@ -14,4 +14,5 @@ zzzcms zzzphp before 2.0.4 allows remote attackers to execute arbitrary OS comma #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-32635.md b/2021/CVE-2021-32635.md new file mode 100644 index 0000000000..e5803b972f --- /dev/null +++ b/2021/CVE-2021-32635.md @@ -0,0 +1,18 @@ +### [CVE-2021-32635](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32635) +![](https://img.shields.io/static/v1?label=Product&message=singularity&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%20Improper%20Input%20Validation&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-923%3A%20Improper%20Restriction%20of%20Communication%20Channel%20to%20Intended%20Endpoints&color=brighgreen) + +### Description + +Singularity is an open source container platform. In verions 3.7.2 and 3.7.3, Dde to incorrect use of a default URL, `singularity` action commands (`run`/`shell`/`exec`) specifying a container using a `library://` URI will always attempt to retrieve the container from the default remote endpoint (`cloud.sylabs.io`) rather than the configured remote endpoint. An attacker may be able to push a malicious container to the default remote endpoint with a URI that is identical to the URI used by a victim with a non-default remote endpoint, thus executing the malicious container. Only action commands (`run`/`shell`/`exec`) against `library://` URIs are affected. Other commands such as `pull` / `push` respect the configured remote endpoint. The vulnerability is patched in Singularity version 3.7.4. Two possible workarounds exist: Users can only interact with the default remote endpoint, or an installation can have an execution control list configured to restrict execution to containers signed with specific secure keys. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/EGI-Federation/SVG-advisories + diff --git a/2021/CVE-2021-32640.md b/2021/CVE-2021-32640.md index 02af3e236b..c2ccf10616 100644 --- a/2021/CVE-2021-32640.md +++ b/2021/CVE-2021-32640.md @@ -14,6 +14,8 @@ ws is an open source WebSocket client and server library for Node.js. A speciall - https://github.com/websockets/ws/security/advisories/GHSA-6fc8-4gx4-v693 #### Github +- https://github.com/PalindromeLabs/awesome-websocket-security - https://github.com/anthonykirby/lora-packet - https://github.com/engn33r/awesome-redos-security +- https://github.com/luiz-meireles/Redes-EP4 diff --git a/2021/CVE-2021-32644.md b/2021/CVE-2021-32644.md index fb11b7edfe..4dbbcf36bf 100644 --- a/2021/CVE-2021-32644.md +++ b/2021/CVE-2021-32644.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/dnr6419/CVE-2021-32644 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-3273.md b/2021/CVE-2021-3273.md index 0f676e4718..ce162cabcb 100644 --- a/2021/CVE-2021-3273.md +++ b/2021/CVE-2021-3273.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks - https://github.com/r0eXpeR/redteam_vul +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-32760.md b/2021/CVE-2021-32760.md new file mode 100644 index 0000000000..02d3a4af56 --- /dev/null +++ b/2021/CVE-2021-32760.md @@ -0,0 +1,17 @@ +### [CVE-2021-32760](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32760) +![](https://img.shields.io/static/v1?label=Product&message=containerd&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-668%3A%20Exposure%20of%20Resource%20to%20Wrong%20Sphere&color=brighgreen) + +### Description + +containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in containerd 1.5.4 and 1.4.8. As a workaround, ensure that users only pull images from trusted sources. Linux security modules (LSMs) like SELinux and AppArmor can limit the files potentially affected by this bug through policies and profiles that prevent containerd from interacting with specific files. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/k1LoW/oshka + diff --git a/2021/CVE-2021-32797.md b/2021/CVE-2021-32797.md new file mode 100644 index 0000000000..13621973b7 --- /dev/null +++ b/2021/CVE-2021-32797.md @@ -0,0 +1,17 @@ +### [CVE-2021-32797](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32797) +![](https://img.shields.io/static/v1?label=Product&message=jupyterlab&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%3A%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +JupyterLab is a user interface for Project Jupyter which will eventually replace the classic Jupyter Notebook. In affected versions untrusted notebook can execute code on load. In particular JupyterLab doesn’t sanitize the action attribute of html `
`. Using this it is possible to trigger the form validation outside of the form itself. This is a remote code execution, but requires user action to open a notebook. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/EGI-Federation/SVG-advisories + diff --git a/2021/CVE-2021-32798.md b/2021/CVE-2021-32798.md new file mode 100644 index 0000000000..261ee179cb --- /dev/null +++ b/2021/CVE-2021-32798.md @@ -0,0 +1,17 @@ +### [CVE-2021-32798](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32798) +![](https://img.shields.io/static/v1?label=Product&message=notebook&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%3A%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Google Caja to sanitize user inputs. A public Caja bypass can be used to trigger an XSS when a victim opens a malicious ipynb document in Jupyter Notebook. The XSS allows an attacker to execute arbitrary code on the victim computer using Jupyter APIs. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/EGI-Federation/SVG-advisories + diff --git a/2021/CVE-2021-3281.md b/2021/CVE-2021-3281.md index 346772a251..c237205fd7 100644 --- a/2021/CVE-2021-3281.md +++ b/2021/CVE-2021-3281.md @@ -13,5 +13,6 @@ In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django No PoCs from references. #### Github +- https://github.com/HxDDD/CVE-PoC - https://github.com/lwzSoviet/CVE-2021-3281 diff --git a/2021/CVE-2021-32819.md b/2021/CVE-2021-32819.md index 1c38e55739..577909ee50 100644 --- a/2021/CVE-2021-32819.md +++ b/2021/CVE-2021-32819.md @@ -16,5 +16,6 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Abady0x1/CVE-2021-32819 +- https://github.com/hlong12042/INCTF2021_web_writeup - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-32822.md b/2021/CVE-2021-32822.md index 76cdd0b181..4de60c08e8 100644 --- a/2021/CVE-2021-32822.md +++ b/2021/CVE-2021-32822.md @@ -13,5 +13,5 @@ The npm hbs package is an Express view engine wrapper for Handlebars. Depending - https://securitylab.github.com/advisories/GHSL-2021-020-pillarjs-hbs/ #### Github -No PoCs found on GitHub currently. +- https://github.com/tddouglas/tylerdouglas.co diff --git a/2021/CVE-2021-32849.md b/2021/CVE-2021-32849.md index 3d95f9dc4f..409f756c45 100644 --- a/2021/CVE-2021-32849.md +++ b/2021/CVE-2021-32849.md @@ -13,7 +13,9 @@ Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an No PoCs from references. #### Github +- https://github.com/0x0021h/expbox - https://github.com/ARPSyndicate/cvemon - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/ohnonoyesyes/CVE-2021-32849 - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-3291.md b/2021/CVE-2021-3291.md index 23e29e2bc4..512db82086 100644 --- a/2021/CVE-2021-3291.md +++ b/2021/CVE-2021-3291.md @@ -18,4 +18,5 @@ Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an - https://github.com/ImHades101/CVE-2021-3291 - https://github.com/MucahitSaratar/zencart_auth_rce_poc - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-3297.md b/2021/CVE-2021-3297.md index 342072b547..9f3ab4992c 100644 --- a/2021/CVE-2021-3297.md +++ b/2021/CVE-2021-3297.md @@ -18,4 +18,6 @@ No PoCs from references. - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/SexyBeast233/SecBooks - https://github.com/SouthWind0/southwind0.github.io +- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-33026.md b/2021/CVE-2021-33026.md index 51e40f8334..fcaa53529f 100644 --- a/2021/CVE-2021-33026.md +++ b/2021/CVE-2021-33026.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/CarlosG13/CVE-2021-33026 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-33044.md b/2021/CVE-2021-33044.md index 3a213484b5..1eaf2a0212 100644 --- a/2021/CVE-2021-33044.md +++ b/2021/CVE-2021-33044.md @@ -17,6 +17,9 @@ The identity authentication bypass vulnerability found in some Dahua products du - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/bp2008/DahuaLoginBypass +- https://github.com/dorkerdevil/CVE-2021-33044 +- https://github.com/mcw0/DahuaConsole - https://github.com/mcw0/PoC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2021/CVE-2021-33045.md b/2021/CVE-2021-33045.md index 3af5befd13..c4514fb1b6 100644 --- a/2021/CVE-2021-33045.md +++ b/2021/CVE-2021-33045.md @@ -16,6 +16,9 @@ The identity authentication bypass vulnerability found in some Dahua products du #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/bp2008/DahuaLoginBypass +- https://github.com/dongpohezui/cve-2021-33045 +- https://github.com/mcw0/DahuaConsole - https://github.com/mcw0/PoC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2021/CVE-2021-33055.md b/2021/CVE-2021-33055.md index 144913b959..4cbf25b0d1 100644 --- a/2021/CVE-2021-33055.md +++ b/2021/CVE-2021-33055.md @@ -13,5 +13,5 @@ Zoho ManageEngine ADSelfService Plus through 6102 allows unauthenticated remote - https://blog.stmcyber.com/vulns/cve-2021-33055/ #### Github -No PoCs found on GitHub currently. +- https://github.com/STMCyber/CVEs diff --git a/2021/CVE-2021-33193.md b/2021/CVE-2021-33193.md index 753da685b1..1c3c904aa0 100644 --- a/2021/CVE-2021-33193.md +++ b/2021/CVE-2021-33193.md @@ -13,5 +13,6 @@ A crafted method sent through HTTP/2 will bypass validation and be forwarded by - https://portswigger.net/research/http2 #### Github -No PoCs found on GitHub currently. +- https://github.com/CHYbeta/OddProxyDemo +- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network diff --git a/2021/CVE-2021-3326.md b/2021/CVE-2021-3326.md index a0e61ac05b..ede1d1fd1f 100644 --- a/2021/CVE-2021-3326.md +++ b/2021/CVE-2021-3326.md @@ -14,6 +14,8 @@ No PoCs from references. #### Github - https://github.com/dispera/giant-squid +- https://github.com/domyrtille/interview_project +- https://github.com/epequeno/devops-demo - https://github.com/nedenwalker/spring-boot-app-using-gradle - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln - https://github.com/onzack/trivy-multiscanner diff --git a/2021/CVE-2021-3336.md b/2021/CVE-2021-3336.md new file mode 100644 index 0000000000..fc871b9bc9 --- /dev/null +++ b/2021/CVE-2021-3336.md @@ -0,0 +1,19 @@ +### [CVE-2021-3336](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3336) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +DoTls13CertificateVerify in tls13.c in wolfSSL before 4.7.0 does not cease processing for certain anomalous peer behavior (sending an ED22519, ED448, ECC, or RSA signature without the corresponding certificate). The client side is affected because man-in-the-middle attackers can impersonate TLS 1.3 servers. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/boschresearch/pq-wolfSSL +- https://github.com/onelife/Arduino_wolfssl +- https://github.com/wolfssl-jp/wolfssl-private + diff --git a/2021/CVE-2021-33430.md b/2021/CVE-2021-33430.md index 5891576134..f595074973 100644 --- a/2021/CVE-2021-33430.md +++ b/2021/CVE-2021-33430.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/Daybreak2019/PolyCruise +- https://github.com/baltsers/polycruise diff --git a/2021/CVE-2021-33503.md b/2021/CVE-2021-33503.md index c639088685..db8c11ed92 100644 --- a/2021/CVE-2021-33503.md +++ b/2021/CVE-2021-33503.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/dbrennand/virustotal-python - https://github.com/engn33r/awesome-redos-security +- https://github.com/p-rog/cve-analyser diff --git a/2021/CVE-2021-33505.md b/2021/CVE-2021-33505.md new file mode 100644 index 0000000000..aa7e727cf9 --- /dev/null +++ b/2021/CVE-2021-33505.md @@ -0,0 +1,17 @@ +### [CVE-2021-33505](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33505) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A local malicious user can circumvent the Falco detection engine through 0.28.1 by running a program that alters arguments of system calls being executed. Issue is fixed in Falco versions >= 0.29.1. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/leodido/demo-cloud-native-ebpf-day + diff --git a/2021/CVE-2021-33525.md b/2021/CVE-2021-33525.md index d453a0dca0..905fb0757a 100644 --- a/2021/CVE-2021-33525.md +++ b/2021/CVE-2021-33525.md @@ -13,5 +13,6 @@ EyesOfNetwork eonweb through 5.3-11 allows Remote Command Execution (by authenti No PoCs from references. #### Github +- https://github.com/ArianeBlow/EyesOfNetwork-vuln-checker - https://github.com/ArianeBlow/LilacPathVUln diff --git a/2021/CVE-2021-3355.md b/2021/CVE-2021-3355.md index 0175551db6..8098942e8a 100644 --- a/2021/CVE-2021-3355.md +++ b/2021/CVE-2021-3355.md @@ -15,4 +15,5 @@ A stored-self XSS exists in LightCMS v1.3.4, allowing an attacker to execute HTM #### Github - https://github.com/EdgeSecurityTeam/Vulnerability +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-33560.md b/2021/CVE-2021-33560.md index edb996b3b6..a690955350 100644 --- a/2021/CVE-2021-33560.md +++ b/2021/CVE-2021-33560.md @@ -13,6 +13,9 @@ Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption beca No PoCs from references. #### Github +- https://github.com/IBM/PGP-client-checker-CVE-2021-33560 +- https://github.com/brandoncamenisch/release-the-code-litecoin +- https://github.com/epequeno/devops-demo - https://github.com/onzack/trivy-multiscanner - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-33574.md b/2021/CVE-2021-33574.md index da4e087413..0e796d2902 100644 --- a/2021/CVE-2021-33574.md +++ b/2021/CVE-2021-33574.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/Azure/publish-security-assessments - https://github.com/dispera/giant-squid +- https://github.com/madchap/opa-tests - https://github.com/nedenwalker/spring-boot-app-using-gradle - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln - https://github.com/ruzickap/cks-notes diff --git a/2021/CVE-2021-33624.md b/2021/CVE-2021-33624.md index 9a6aa0cd05..d8f7883533 100644 --- a/2021/CVE-2021-33624.md +++ b/2021/CVE-2021-33624.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Kakashiiiiy/CVE-2021-33624 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-33677.md b/2021/CVE-2021-33677.md new file mode 100644 index 0000000000..ab693bfcd0 --- /dev/null +++ b/2021/CVE-2021-33677.md @@ -0,0 +1,17 @@ +### [CVE-2021-33677](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33677) +![](https://img.shields.io/static/v1?label=Product&message=SAP%20NetWeaver%20AS%20ABAP%20and%20ABAP%20Platform&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C700%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) + +### Description + +SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 702, 730, 731, 804, 740, 750, 784, expose functions to external which can lead to information disclosure. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/certat/exchange-scans + diff --git a/2021/CVE-2021-33739.md b/2021/CVE-2021-33739.md index 788e61c446..049c7820a2 100644 --- a/2021/CVE-2021-33739.md +++ b/2021/CVE-2021-33739.md @@ -33,6 +33,7 @@ No PoCs from references. - https://github.com/asr511/windows-kernel-exploits - https://github.com/demilson/Windows - https://github.com/freeide2017/CVE-2021-33739-POC +- https://github.com/giwon9977/CVE-2021-33739_PoC_Analysis - https://github.com/mishmashclone/SecWiki-windows-kernel-exploits - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-33766.md b/2021/CVE-2021-33766.md index 5a9b26d4d0..9c3c31e12f 100644 --- a/2021/CVE-2021-33766.md +++ b/2021/CVE-2021-33766.md @@ -19,7 +19,12 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/Astrogeorgeonethree/Starred +- https://github.com/FDlucifer/Proxy-Attackchain - https://github.com/bhdresh/About +- https://github.com/bhdresh/CVE-2021-33766 +- https://github.com/certat/exchange-scans +- https://github.com/demossl/CVE-2021-33766-ProxyToken - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/r0eXpeR/supplier diff --git a/2021/CVE-2021-33767.md b/2021/CVE-2021-33767.md new file mode 100644 index 0000000000..4dd328d2fd --- /dev/null +++ b/2021/CVE-2021-33767.md @@ -0,0 +1,17 @@ +### [CVE-2021-33767](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33767) +![](https://img.shields.io/static/v1?label=Product&message=Open%20Enclave%20SDK&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) + +### Description + +Open Enclave SDK Elevation of Privilege Vulnerability + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cimcs/poc-exploits-of-smashex + diff --git a/2021/CVE-2021-3378.md b/2021/CVE-2021-3378.md index 0471c83f94..98b5968096 100644 --- a/2021/CVE-2021-3378.md +++ b/2021/CVE-2021-3378.md @@ -21,4 +21,5 @@ FortiLogger 4.4.2.2 is affected by Arbitrary File Upload by sending a "Content-T - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/erberkan/fortilogger_arbitrary_fileupload - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tzwlhack/Vulnerability diff --git a/2021/CVE-2021-33840.md b/2021/CVE-2021-33840.md index 729d1c8fa4..c6e370e733 100644 --- a/2021/CVE-2021-33840.md +++ b/2021/CVE-2021-33840.md @@ -13,5 +13,5 @@ The server in Luca through 1.1.14 allows remote attackers to cause a denial of s - https://gitlab.com/lucaapp/web/-/issues/1#note_560963608 #### Github -No PoCs found on GitHub currently. +- https://github.com/lanmarc77/CVE-2021-33831 diff --git a/2021/CVE-2021-33879.md b/2021/CVE-2021-33879.md index c627e9d5d3..064e780e4d 100644 --- a/2021/CVE-2021-33879.md +++ b/2021/CVE-2021-33879.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/mmiszczyk/cve-2021-33879 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-33880.md b/2021/CVE-2021-33880.md new file mode 100644 index 0000000000..05c1823ee2 --- /dev/null +++ b/2021/CVE-2021-33880.md @@ -0,0 +1,17 @@ +### [CVE-2021-33880](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33880) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The aaugustin websockets library before 9.1 for Python has an Observable Timing Discrepancy on servers when HTTP Basic Authentication is enabled with basic_auth_protocol_factory(credentials=...). An attacker may be able to guess a password via a timing attack. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/PalindromeLabs/awesome-websocket-security + diff --git a/2021/CVE-2021-33909.md b/2021/CVE-2021-33909.md index 8db1d105d0..cc3008ebbe 100644 --- a/2021/CVE-2021-33909.md +++ b/2021/CVE-2021-33909.md @@ -18,11 +18,20 @@ fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not pro - https://www.openwall.com/lists/oss-security/2021/07/20/1 #### Github +- https://github.com/ChoKyuWon/exploit_articles +- https://github.com/ChrisTheCoolHut/CVE-2021-33909 +- https://github.com/EGI-Federation/SVG-advisories - https://github.com/H0j3n/EzpzCheatSheet +- https://github.com/Liang2580/CVE-2021-33909 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/baerwolf/cve-2021-33909 +- https://github.com/bbinfosec43/CVE-2021-33909 +- https://github.com/gitezri/LinuxVulnerabilities +- https://github.com/hac425xxx/heap-exploitation-in-real-world - https://github.com/huike007/penetration_poc - https://github.com/joydo/CVE-Writeups - https://github.com/kaosagnt/ansible-everyday +- https://github.com/sfowl/deep-directory - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xairy/linux-kernel-exploitation diff --git a/2021/CVE-2021-3418.md b/2021/CVE-2021-3418.md index 01d00c4d4c..7739c359ee 100644 --- a/2021/CVE-2021-3418.md +++ b/2021/CVE-2021-3418.md @@ -13,8 +13,10 @@ If certificates that signed grub are installed into db, grub can be booted direc No PoCs from references. #### Github +- https://github.com/amzdev0401/shim-review-backup - https://github.com/bitraser/shim-review-15.4 - https://github.com/jason-chang-atrust/shim-review +- https://github.com/luojc123/shim-nsdl - https://github.com/neverware/shim-review - https://github.com/puzzleos/uefi-shim_review - https://github.com/rhboot/shim-review diff --git a/2021/CVE-2021-34280.md b/2021/CVE-2021-34280.md index 3aaa50462f..08c97a6a72 100644 --- a/2021/CVE-2021-34280.md +++ b/2021/CVE-2021-34280.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/dlehgus1023/CVE - https://github.com/dlehgus1023/dlehgus1023 +- https://github.com/erepspinos/CVE diff --git a/2021/CVE-2021-34371.md b/2021/CVE-2021-34371.md index cbc91903dc..164ca3955d 100644 --- a/2021/CVE-2021-34371.md +++ b/2021/CVE-2021-34371.md @@ -15,4 +15,5 @@ Neo4j through 3.4.18 (with the shell server enabled) exposes an RMI service that #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/zwjjustdoit/CVE-2021-34371.jar diff --git a/2021/CVE-2021-3441.md b/2021/CVE-2021-3441.md index 8d58785141..ccdf3feebc 100644 --- a/2021/CVE-2021-3441.md +++ b/2021/CVE-2021-3441.md @@ -15,5 +15,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/obsrva/obsrva.org - https://github.com/tcbutler320/CVE-2021-3441-check diff --git a/2021/CVE-2021-34423.md b/2021/CVE-2021-34423.md index bee9f0fd10..d69280b1c7 100644 --- a/2021/CVE-2021-34423.md +++ b/2021/CVE-2021-34423.md @@ -49,5 +49,5 @@ A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for - http://packetstormsecurity.com/files/165417/Zoom-Chat-Message-Processing-Buffer-Overflow.html #### Github -No PoCs found on GitHub currently. +- https://github.com/cyberheartmi9/Proxyshell-Scanner diff --git a/2021/CVE-2021-34429.md b/2021/CVE-2021-34429.md index 49408baea7..3510b307df 100644 --- a/2021/CVE-2021-34429.md +++ b/2021/CVE-2021-34429.md @@ -16,6 +16,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/ColdFusionX/CVE-2021-34429 - https://github.com/SexyBeast233/SecBooks - https://github.com/bigblackhat/oFx - https://github.com/izj007/wechat diff --git a/2021/CVE-2021-34432.md b/2021/CVE-2021-34432.md new file mode 100644 index 0000000000..1c9adb176b --- /dev/null +++ b/2021/CVE-2021-34432.md @@ -0,0 +1,17 @@ +### [CVE-2021-34432](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34432) +![](https://img.shields.io/static/v1?label=Product&message=Eclipse%20Mosquitto&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%202.07%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) + +### Description + +In Eclipse Mosquitto versions 2.07 and earlier, the server will crash if the client tries to send a PUBLISH packet with topic length = 0. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/PBearson/FUME-Fuzzing-MQTT-Brokers + diff --git a/2021/CVE-2021-34470.md b/2021/CVE-2021-34470.md index 65f3839c5b..1e280d4d24 100644 --- a/2021/CVE-2021-34470.md +++ b/2021/CVE-2021-34470.md @@ -15,5 +15,5 @@ Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is un - http://packetstormsecurity.com/files/163706/Microsoft-Exchange-AD-Schema-Misconfiguration-Privilege-Escalation.html #### Github -No PoCs found on GitHub currently. +- https://github.com/technion/CVE-2021-34470scanner diff --git a/2021/CVE-2021-34473.md b/2021/CVE-2021-34473.md index e65edd8b84..613e8e85ec 100644 --- a/2021/CVE-2021-34473.md +++ b/2021/CVE-2021-34473.md @@ -17,16 +17,30 @@ Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is uni - http://packetstormsecurity.com/files/163895/Microsoft-Exchange-ProxyShell-Remote-Code-Execution.html #### Github +- https://github.com/0x3n0/redeam - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Astrogeorgeonethree/Starred +- https://github.com/FDlucifer/Proxy-Attackchain - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/RaouzRouik/CVE-2021-34473-scanner +- https://github.com/RomanRII/proxyshell2rce +- https://github.com/aravazhimdr/ProxyShell-POC-Mod +- https://github.com/but43r/ProxyShell +- https://github.com/certat/exchange-scans - https://github.com/curated-intel/Log4Shell-IOCs +- https://github.com/cyberheartmi9/Proxyshell-Scanner - https://github.com/gobysec/Goby +- https://github.com/horizon3ai/proxyshell - https://github.com/hosch3n/ProxyVulns - https://github.com/huike007/penetration_poc - https://github.com/izj007/wechat +- https://github.com/je6k/CVE-2021-34473-Exchange-ProxyShell +- https://github.com/mithridates1313/ProxyShell_POC - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/phamphuqui1998/CVE-2021-34473 - https://github.com/psc4re/NSE-scripts +- https://github.com/r0eXpeR/supplier +- https://github.com/signorrayan/RedTeam_toolkit - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2021/CVE-2021-34481.md b/2021/CVE-2021-34481.md index 811bfe9b34..e525a7a49a 100644 --- a/2021/CVE-2021-34481.md +++ b/2021/CVE-2021-34481.md @@ -13,6 +13,9 @@ Windows Print Spooler Elevation of Privilege Vulnerability No PoCs from references. #### Github +- https://github.com/SSBhaumik/Printnightmare-safetool +- https://github.com/cfalta/MicrosoftWontFixList +- https://github.com/cquresphere/Remote-Install-Printers - https://github.com/jacob-baines/concealed_position - https://github.com/vanpn/CVE-2021-34481 diff --git a/2021/CVE-2021-34483.md b/2021/CVE-2021-34483.md new file mode 100644 index 0000000000..7d432c8b06 --- /dev/null +++ b/2021/CVE-2021-34483.md @@ -0,0 +1,32 @@ +### [CVE-2021-34483](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34483) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2020H2%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2020H2%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2020H2%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H1%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H1%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H1%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%202004%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%2020H2%20(Server%20Core%20Installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) + +### Description + +Windows Print Spooler Elevation of Privilege Vulnerability + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cfalta/MicrosoftWontFixList + diff --git a/2021/CVE-2021-34486.md b/2021/CVE-2021-34486.md index 16bace79bc..d89e34e7c3 100644 --- a/2021/CVE-2021-34486.md +++ b/2021/CVE-2021-34486.md @@ -30,6 +30,8 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/Ascotbe/Kernelhub +- https://github.com/KaLendsi/CVE-2021-34486 +- https://github.com/b1tg/CVE-2021-34486-exp - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2021/CVE-2021-3449.md b/2021/CVE-2021-3449.md index 2631e0ff18..89158164d1 100644 --- a/2021/CVE-2021-3449.md +++ b/2021/CVE-2021-3449.md @@ -18,12 +18,17 @@ An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation Clie #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/AliceMongodin/NSAPool-PenTest - https://github.com/EdgeSecurityTeam/Vulnerability - https://github.com/GitHubForSnap/podcast-dl-gael - https://github.com/falk-werner/cve-check +- https://github.com/jntass/TASSL-1.1.1k - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/rnbochsr/yr_of_the_jellyfish - https://github.com/scriptzteam/glFTPd-v2.11ab-STABLE - https://github.com/taielab/awesome-hacking-lists - https://github.com/terorie/cve-2021-3449 +- https://github.com/thecyberbaby/Trivy-by-aquaSecurity +- https://github.com/tzwlhack/Vulnerability +- https://github.com/vinamra28/tekton-image-scan-trivy diff --git a/2021/CVE-2021-3450.md b/2021/CVE-2021-3450.md index f5bfdf24c3..3d47a2235c 100644 --- a/2021/CVE-2021-3450.md +++ b/2021/CVE-2021-3450.md @@ -17,6 +17,9 @@ The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certi #### Github - https://github.com/DNTYO/F5_Vulnerability - https://github.com/bollwarm/SecToolSet +- https://github.com/jntass/TASSL-1.1.1k - https://github.com/rnbochsr/yr_of_the_jellyfish - https://github.com/scriptzteam/glFTPd-v2.11ab-STABLE +- https://github.com/thecyberbaby/Trivy-by-aquaSecurity +- https://github.com/vinamra28/tekton-image-scan-trivy diff --git a/2021/CVE-2021-34523.md b/2021/CVE-2021-34523.md index 8b05e53396..d093caae4c 100644 --- a/2021/CVE-2021-34523.md +++ b/2021/CVE-2021-34523.md @@ -17,7 +17,14 @@ Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is un - http://packetstormsecurity.com/files/163895/Microsoft-Exchange-ProxyShell-Remote-Code-Execution.html #### Github +- https://github.com/0x3n0/redeam - https://github.com/ARPSyndicate/cvemon - https://github.com/Astrogeorgeonethree/Starred +- https://github.com/FDlucifer/Proxy-Attackchain +- https://github.com/aravazhimdr/ProxyShell-POC-Mod +- https://github.com/horizon3ai/proxyshell - https://github.com/hosch3n/ProxyVulns +- https://github.com/mithridates1313/ProxyShell_POC +- https://github.com/r0eXpeR/supplier +- https://github.com/signorrayan/RedTeam_toolkit diff --git a/2021/CVE-2021-34527.md b/2021/CVE-2021-34527.md index 338dadb663..39394e0818 100644 --- a/2021/CVE-2021-34527.md +++ b/2021/CVE-2021-34527.md @@ -29,34 +29,76 @@ No PoCs from references. #### Github - https://github.com/0x6d69636b/windows_hardening +- https://github.com/0x727/usefull-elevation-of-privilege +- https://github.com/0xirison/PrintNightmare-Patcher +- https://github.com/3gstudent/Invoke-BuildAnonymousSMBServer - https://github.com/ARPSyndicate/cvemon - https://github.com/AdamAmicro/CAHard +- https://github.com/AdamPumphrey/PowerShell - https://github.com/Alssi-consulting/HardeningKitty - https://github.com/Ascotbe/Kernelhub +- https://github.com/BeetleChunks/SpoolSploit +- https://github.com/CnOxx1/CVE-2021-34527-1675 +- https://github.com/DenizSe/CVE-2021-34527 +- https://github.com/Eutectico/Printnightmare - https://github.com/H0j3n/EzpzCheatSheet - https://github.com/Iveco/xknow_infosec - https://github.com/Jean-Francois-C/Windows-Penetration-Testing +- https://github.com/JohnHammond/CVE-2021-34527 - https://github.com/LaresLLC/CVE-2021-1675 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet - https://github.com/S3cur3Th1sSh1t/PowerSharpPack - https://github.com/S3cur3Th1sSh1t/WinPwn +- https://github.com/SSBhaumik/Printnightmare-safetool +- https://github.com/Tomparte/PrintNightmare +- https://github.com/VK9D/PrintNightmare +- https://github.com/WidespreadPandemic/CVE-2021-34527_ACL_mitigation +- https://github.com/WiredPulse/Invoke-PrinterNightmareResponse +- https://github.com/alvesnet-suporte/microsoft-vulnerabilidades - https://github.com/b4rtik/SharpKatz - https://github.com/boh/RedCsharp +- https://github.com/byt3bl33d3r/ItWasAllADream - https://github.com/carloslacasa/cyber-ansible +- https://github.com/cfalta/MicrosoftWontFixList +- https://github.com/chdav/offensive-cybersec-toolkit +- https://github.com/corelight/CVE-2021-1675 +- https://github.com/crtaylor315/PrintNightmare-Before-Halloween +- https://github.com/cube0x0/CVE-2021-1675 +- https://github.com/dywhoami/CVE-2021-34527-Scanner-Based-On-cube0x0-POC +- https://github.com/edsonjt81/CVE-2021-1675 +- https://github.com/edsonjt81/SpoolSploit +- https://github.com/eng-amarante/CyberSecurity - https://github.com/evilashz/CVE-2021-1675-LPE-EXP +- https://github.com/fardinbarashi/Fix-CVE-2021-34527 +- https://github.com/floridop/serviceflipper +- https://github.com/galoget/PrintNightmare-CVE-2021-1675-CVE-2021-34527 +- https://github.com/geekbrett/CVE-2021-34527-PrintNightmare-Workaround +- https://github.com/glorisonlai/printnightmare - https://github.com/glshnu/PrintNightmare +- https://github.com/hlldz/CVE-2021-1675-LPE - https://github.com/ly4k/PrintNightmare +- https://github.com/mayormaier/printnightmare-fixes - https://github.com/mdecrevoisier/EVTX-to-MITRE-Attack - https://github.com/mdecrevoisier/SIGMA-detection-rules +- https://github.com/nemo-wq/PrintNightmare-CVE-2021-34527 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/outflanknl/PrintNightmare +- https://github.com/ozergoker/PrintNightmare - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/powershellpr0mpt/PrintNightmare-CVE-2021-34527 - https://github.com/pwninx/WinPwn +- https://github.com/raithedavion/PrintNightmare +- https://github.com/rdboboia/disable-RegisterSpoolerRemoteRpcEndPoint +- https://github.com/romarroca/random-scripts - https://github.com/scipag/HardeningKitty +- https://github.com/syntaxbearror/PowerShell-PrintNightmare +- https://github.com/synth3sis/PrintNightmare - https://github.com/taielab/awesome-hacking-lists +- https://github.com/thangnguyenchien/CVE - https://github.com/uhub/awesome-c-sharp +- https://github.com/vinaysudheer/Disable-Spooler-Service-PrintNightmare-CVE-2021-34527 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +- https://github.com/xbufu/PrintNightmareCheck - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2021/CVE-2021-34547.md b/2021/CVE-2021-34547.md new file mode 100644 index 0000000000..d0f12321b0 --- /dev/null +++ b/2021/CVE-2021-34547.md @@ -0,0 +1,17 @@ +### [CVE-2021-34547](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34547) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +PRTG Network Monitor 20.1.55.1775 allows /editsettings CSRF for user account creation. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/likhihcv/PRTG_Network_Monitor_20.1.55.1775_CSRF + diff --git a/2021/CVE-2021-34558.md b/2021/CVE-2021-34558.md index 98c4acedbe..8ec066d203 100644 --- a/2021/CVE-2021-34558.md +++ b/2021/CVE-2021-34558.md @@ -13,5 +13,6 @@ The crypto/tls package of Go through 1.16.5 does not properly assert that the ty No PoCs from references. #### Github +- https://github.com/alexzorin/cve-2021-34558 - https://github.com/taielab/awesome-hacking-lists diff --git a/2021/CVE-2021-34621.md b/2021/CVE-2021-34621.md index d19c7300bf..faa5bbb850 100644 --- a/2021/CVE-2021-34621.md +++ b/2021/CVE-2021-34621.md @@ -15,4 +15,5 @@ A vulnerability in the user registration component found in the ~/src/Classes/Re #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/nmmcon/Exploits diff --git a/2021/CVE-2021-34646.md b/2021/CVE-2021-34646.md index a6688b8af0..40f3e6955e 100644 --- a/2021/CVE-2021-34646.md +++ b/2021/CVE-2021-34646.md @@ -13,5 +13,6 @@ Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress p No PoCs from references. #### Github +- https://github.com/motikan2010/CVE-2021-34646 - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-34684.md b/2021/CVE-2021-34684.md index 99e4ff3f3e..e5f6d63cb8 100644 --- a/2021/CVE-2021-34684.md +++ b/2021/CVE-2021-34684.md @@ -13,5 +13,5 @@ Hitachi Vantara Pentaho Business Analytics through 9.1 allows an unauthenticated - http://packetstormsecurity.com/files/164791/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-SQL-Injection.html #### Github -No PoCs found on GitHub currently. +- https://github.com/iamaldi/publications diff --git a/2021/CVE-2021-34685.md b/2021/CVE-2021-34685.md index 851293bf48..05fdbda25d 100644 --- a/2021/CVE-2021-34685.md +++ b/2021/CVE-2021-34685.md @@ -13,5 +13,5 @@ UploadService in Hitachi Vantara Pentaho Business Analytics through 9.1 does not - http://packetstormsecurity.com/files/164775/Pentaho-Business-Analytics-Pentaho-Business-Server-9.1-Filename-Bypass.html #### Github -No PoCs found on GitHub currently. +- https://github.com/iamaldi/publications diff --git a/2021/CVE-2021-3487.md b/2021/CVE-2021-3487.md new file mode 100644 index 0000000000..845d50ecad --- /dev/null +++ b/2021/CVE-2021-3487.md @@ -0,0 +1,17 @@ +### [CVE-2021-3487](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3487) +![](https://img.shields.io/static/v1?label=Product&message=binutils&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20-%3ECWE-400&color=brighgreen) + +### Description + +There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a crafted file to an application linked with BFD, and using the DWARF functionality, could cause an impact to system availability by way of excessive memory consumption. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fluidattacks/makes + diff --git a/2021/CVE-2021-3490.md b/2021/CVE-2021-3490.md index 274e3d884b..d7be8016c0 100644 --- a/2021/CVE-2021-3490.md +++ b/2021/CVE-2021-3490.md @@ -20,6 +20,7 @@ The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux ke - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/bsauce/kernel-exploit-factory - https://github.com/bsauce/kernel-security-learning +- https://github.com/chompie1337/Linux_LPE_eBPF_CVE-2021-3490 - https://github.com/goldenscale/GS_GithubMirror - https://github.com/huike007/penetration_poc - https://github.com/joydo/CVE-Writeups diff --git a/2021/CVE-2021-3492.md b/2021/CVE-2021-3492.md index 98577e8847..77d8df6562 100644 --- a/2021/CVE-2021-3492.md +++ b/2021/CVE-2021-3492.md @@ -15,7 +15,9 @@ Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, d #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/hac425xxx/heap-exploitation-in-real-world - https://github.com/joydo/CVE-Writeups - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/synacktiv/CVE-2021-3492 - https://github.com/xairy/linux-kernel-exploitation diff --git a/2021/CVE-2021-3493.md b/2021/CVE-2021-3493.md index c740c0b52f..f36e6e048f 100644 --- a/2021/CVE-2021-3493.md +++ b/2021/CVE-2021-3493.md @@ -24,9 +24,15 @@ The overlayfs implementation in the linux kernel did not properly validate with - https://github.com/Ishan3011/CVE-2021-3493 - https://github.com/SexyBeast233/SecBooks - https://github.com/briskets/CVE-2021-3493 +- https://github.com/cerodah/overlayFS-CVE-2021-3493 +- https://github.com/ctrsploit/ctrsploit +- https://github.com/derek-turing/CVE-2021-3493 - https://github.com/fei9747/LinuxEelvation +- https://github.com/inspiringz/CVE-2021-3493 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/oneoy/CVE-2021-3493 +- https://github.com/puckiestyle/CVE-2021-3493 - https://github.com/taielab/awesome-hacking-lists +- https://github.com/tzwlhack/Vulnerability - https://github.com/xairy/linux-kernel-exploitation diff --git a/2021/CVE-2021-35042.md b/2021/CVE-2021-35042.md index 035b7abaab..d5c964e28a 100644 --- a/2021/CVE-2021-35042.md +++ b/2021/CVE-2021-35042.md @@ -15,4 +15,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/SexyBeast233/SecBooks +- https://github.com/errorecho/CVEs-Collection +- https://github.com/mrlihd/CVE-2021-35042 +- https://github.com/r4vi/CVE-2021-35042 diff --git a/2021/CVE-2021-35061.md b/2021/CVE-2021-35061.md index 7f1aa9f99c..205afdfa69 100644 --- a/2021/CVE-2021-35061.md +++ b/2021/CVE-2021-35061.md @@ -13,5 +13,5 @@ Multiple cross-site scripting (XSS) vulnerabilities in DRK Odenwaldkreis Testerf - https://github.com/sthierolf/security/blob/main/CVE-2021-35061.md #### Github -No PoCs found on GitHub currently. +- https://github.com/sthierolf/security diff --git a/2021/CVE-2021-35062.md b/2021/CVE-2021-35062.md index 8ee69c1ae7..24ecc11c2c 100644 --- a/2021/CVE-2021-35062.md +++ b/2021/CVE-2021-35062.md @@ -13,5 +13,5 @@ A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis - https://github.com/sthierolf/security/blob/main/CVE-2021-35062.md #### Github -No PoCs found on GitHub currently. +- https://github.com/sthierolf/security diff --git a/2021/CVE-2021-35211.md b/2021/CVE-2021-35211.md index 4171560041..34dfa17d05 100644 --- a/2021/CVE-2021-35211.md +++ b/2021/CVE-2021-35211.md @@ -15,5 +15,7 @@ Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWin #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections +- https://github.com/NattiSamson/Serv-U-CVE-2021-35211 +- https://github.com/Panopticon-Project/panopticon-TA505 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-35215.md b/2021/CVE-2021-35215.md index 70f6025860..3bc93193ba 100644 --- a/2021/CVE-2021-35215.md +++ b/2021/CVE-2021-35215.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Y4er/CVE-2021-35215 - https://github.com/harsh-bothra/learn365 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-35296.md b/2021/CVE-2021-35296.md index dc5056677b..ae539708c9 100644 --- a/2021/CVE-2021-35296.md +++ b/2021/CVE-2021-35296.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/afaq1337/CVE-2021-35296 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-35464.md b/2021/CVE-2021-35464.md index dc39893851..35e503982c 100644 --- a/2021/CVE-2021-35464.md +++ b/2021/CVE-2021-35464.md @@ -16,8 +16,10 @@ ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the j #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Y4er/openam-CVE-2021-35464 - https://github.com/gkhan496/WDIR - https://github.com/harsh-bothra/learn365 - https://github.com/n1sh1th/CVE-POC +- https://github.com/rood8008/CVE-2021-35464 - https://github.com/rudrapwn/source-code-review diff --git a/2021/CVE-2021-35492.md b/2021/CVE-2021-35492.md index a9eaffb8d0..83363fc8d9 100644 --- a/2021/CVE-2021-35492.md +++ b/2021/CVE-2021-35492.md @@ -14,5 +14,5 @@ Wowza Streaming Engine through 4.8.11+5 could allow an authenticated, remote att - https://www.gruppotim.it/redteam #### Github -No PoCs found on GitHub currently. +- https://github.com/N4nj0/CVE-2021-35492 diff --git a/2021/CVE-2021-35540.md b/2021/CVE-2021-35540.md index 8f3a4cd129..950b8ef5ee 100644 --- a/2021/CVE-2021-35540.md +++ b/2021/CVE-2021-35540.md @@ -14,5 +14,6 @@ No PoCs from references. #### Github - https://github.com/dlehgus1023/CVE +- https://github.com/dlehgus1023/VirtualBox_IO-Fuzz - https://github.com/dlehgus1023/dlehgus1023 diff --git a/2021/CVE-2021-3560.md b/2021/CVE-2021-3560.md index 5544dc86ba..16b69901a6 100644 --- a/2021/CVE-2021-3560.md +++ b/2021/CVE-2021-3560.md @@ -13,11 +13,16 @@ It was found that polkit could be tricked into bypassing the credential checks f - https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/ #### Github +- https://github.com/0dayNinja/CVE-2021-3560 - https://github.com/0xsyr0/OSCP - https://github.com/ARPSyndicate/cvemon - https://github.com/Almorabea/Polkit-exploit +- https://github.com/AssassinUKG/Polkit-CVE-2021-3560 +- https://github.com/BizarreLove/CVE-2021-3560 +- https://github.com/EGI-Federation/SVG-advisories - https://github.com/Ignitetechnologies/Linux-Privilege-Escalation - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/STEALTH-Z/CVE-2021-3560 - https://github.com/aancw/polkit-auto-exploit - https://github.com/aasphixie/aasphixie.github.io - https://github.com/binganao/vulns-2022 @@ -26,6 +31,7 @@ It was found that polkit could be tricked into bypassing the credential checks f - https://github.com/huike007/penetration_poc - https://github.com/iSTARLabs/CVE-2021-3560_PoC - https://github.com/liamg/traitor +- https://github.com/mr-nobody20/CVE-2021-3560 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/oxagast/oxasploits - https://github.com/puckiestyle/CVE-2021-4034 diff --git a/2021/CVE-2021-35617.md b/2021/CVE-2021-35617.md new file mode 100644 index 0000000000..9ed681d3fa --- /dev/null +++ b/2021/CVE-2021-35617.md @@ -0,0 +1,17 @@ +### [CVE-2021-35617](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35617) +![](https://img.shields.io/static/v1?label=Product&message=WebLogic%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2012.1.3.0.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Easily%20exploitable%20vulnerability%20allows%20unauthenticated%20attacker%20with%20network%20access%20via%20IIOP%20to%20compromise%20Oracle%20WebLogic%20Server.%20%20Successful%20attacks%20of%20this%20vulnerability%20can%20result%20in%20takeover%20of%20Oracle%20WebLogic%20Server.&color=brighgreen) + +### Description + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Coherence Container). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/hktalent/weblogic1411 + diff --git a/2021/CVE-2021-35635.md b/2021/CVE-2021-35635.md new file mode 100644 index 0000000000..16743f7adb --- /dev/null +++ b/2021/CVE-2021-35635.md @@ -0,0 +1,17 @@ +### [CVE-2021-35635](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35635) +![](https://img.shields.io/static/v1?label=Product&message=MySQL%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%208.0.26%20and%20prior%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Easily%20exploitable%20vulnerability%20allows%20high%20privileged%20attacker%20with%20network%20access%20via%20multiple%20protocols%20to%20compromise%20MySQL%20Server.%20%20Successful%20attacks%20of%20this%20vulnerability%20can%20result%20in%20unauthorized%20ability%20to%20cause%20a%20hang%20or%20frequently%20repeatable%20crash%20(complete%20DOS)%20of%20MySQL%20Server.&color=brighgreen) + +### Description + +Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ycamper/censys-scripts + diff --git a/2021/CVE-2021-35645.md b/2021/CVE-2021-35645.md new file mode 100644 index 0000000000..b7f86b68d5 --- /dev/null +++ b/2021/CVE-2021-35645.md @@ -0,0 +1,17 @@ +### [CVE-2021-35645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35645) +![](https://img.shields.io/static/v1?label=Product&message=MySQL%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%208.0.26%20and%20prior%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Easily%20exploitable%20vulnerability%20allows%20high%20privileged%20attacker%20with%20network%20access%20via%20multiple%20protocols%20to%20compromise%20MySQL%20Server.%20%20Successful%20attacks%20of%20this%20vulnerability%20can%20result%20in%20unauthorized%20ability%20to%20cause%20a%20hang%20or%20frequently%20repeatable%20crash%20(complete%20DOS)%20of%20MySQL%20Server.&color=brighgreen) + +### Description + +Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ycamper/censys-scripts + diff --git a/2021/CVE-2021-35942.md b/2021/CVE-2021-35942.md index 77fe95fd06..0084146074 100644 --- a/2021/CVE-2021-35942.md +++ b/2021/CVE-2021-35942.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/dispera/giant-squid +- https://github.com/madchap/opa-tests - https://github.com/nedenwalker/spring-boot-app-using-gradle - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln - https://github.com/ruzickap/cks-notes diff --git a/2021/CVE-2021-35956.md b/2021/CVE-2021-35956.md index 21a833a4b9..faedf8827b 100644 --- a/2021/CVE-2021-35956.md +++ b/2021/CVE-2021-35956.md @@ -14,5 +14,6 @@ Stored cross-site scripting (XSS) in the embedded webserver of AKCP sensorProbe - https://tbutler.org/2021/06/28/cve-2021-35956 #### Github -No PoCs found on GitHub currently. +- https://github.com/obsrva/obsrva.org +- https://github.com/tcbutler320/CVE-2021-35956 diff --git a/2021/CVE-2021-3612.md b/2021/CVE-2021-3612.md index dea1635bbd..e2dc90321f 100644 --- a/2021/CVE-2021-3612.md +++ b/2021/CVE-2021-3612.md @@ -13,5 +13,5 @@ An out-of-bounds memory write flaw was found in the Linux kernel's joystick devi - https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/ #### Github -No PoCs found on GitHub currently. +- https://github.com/doshyt/cve-monitor diff --git a/2021/CVE-2021-36159.md b/2021/CVE-2021-36159.md index bff68af74d..ddda4af291 100644 --- a/2021/CVE-2021-36159.md +++ b/2021/CVE-2021-36159.md @@ -14,4 +14,5 @@ libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mish #### Github - https://github.com/anchore/grype +- https://github.com/thecyberbaby/Trivy-by-aquaSecurity diff --git a/2021/CVE-2021-36198.md b/2021/CVE-2021-36198.md new file mode 100644 index 0000000000..119029bbcc --- /dev/null +++ b/2021/CVE-2021-36198.md @@ -0,0 +1,17 @@ +### [CVE-2021-36198](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36198) +![](https://img.shields.io/static/v1?label=Product&message=Entrapass&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=all%20versions%20prior%20to%208.40%3C%208.40%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-200%20Information%20Exposure&color=brighgreen) + +### Description + +Successful exploitation of this vulnerability could allow an unauthorized user to access sensitive data. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/r0eXpeR/supplier + diff --git a/2021/CVE-2021-36222.md b/2021/CVE-2021-36222.md index 4f12284aa0..26b4d094c0 100644 --- a/2021/CVE-2021-36222.md +++ b/2021/CVE-2021-36222.md @@ -13,5 +13,7 @@ ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Ke No PoCs from references. #### Github +- https://github.com/brandoncamenisch/release-the-code-litecoin +- https://github.com/dgardella/KCC - https://github.com/dispera/giant-squid diff --git a/2021/CVE-2021-3625.md b/2021/CVE-2021-3625.md index 134bdcc263..32f4347e9c 100644 --- a/2021/CVE-2021-3625.md +++ b/2021/CVE-2021-3625.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/szymonh/szymonh +- https://github.com/szymonh/zephyr_cve-2021-3625 diff --git a/2021/CVE-2021-36260.md b/2021/CVE-2021-36260.md index 6fa2f27f48..2d0ca6f391 100644 --- a/2021/CVE-2021-36260.md +++ b/2021/CVE-2021-36260.md @@ -16,8 +16,12 @@ A command injection vulnerability in the web server of some Hikvision product. D - https://github.com/4n4nk3/HikPwn - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Aiminsun/CVE-2021-36260 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/TaroballzChen/CVE-2021-36260-metasploit - https://github.com/mcw0/PoC - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/rabbitsafe/CVE-2021-36260 +- https://github.com/s0duku/PocSelenium - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2021/CVE-2021-36387.md b/2021/CVE-2021-36387.md index e6fe135058..ba61645f48 100644 --- a/2021/CVE-2021-36387.md +++ b/2021/CVE-2021-36387.md @@ -14,5 +14,5 @@ In Yellowfin before 9.6.1 there is a Stored Cross-Site Scripting vulnerability i - https://packetstormsecurity.com/files/164515/Yellowfin-Cross-Site-Scripting-Insecure-Direct-Object-Reference.html #### Github -No PoCs found on GitHub currently. +- https://github.com/cyberaz0r/Yellowfin-Multiple-Vulnerabilities diff --git a/2021/CVE-2021-36388.md b/2021/CVE-2021-36388.md index 40d3528862..05fdaa9618 100644 --- a/2021/CVE-2021-36388.md +++ b/2021/CVE-2021-36388.md @@ -13,5 +13,5 @@ In Yellowfin before 9.6.1 it is possible to enumerate and download users profile - https://packetstormsecurity.com/files/164515/Yellowfin-Cross-Site-Scripting-Insecure-Direct-Object-Reference.html #### Github -No PoCs found on GitHub currently. +- https://github.com/cyberaz0r/Yellowfin-Multiple-Vulnerabilities diff --git a/2021/CVE-2021-36389.md b/2021/CVE-2021-36389.md index be399cb6be..0aaa645dba 100644 --- a/2021/CVE-2021-36389.md +++ b/2021/CVE-2021-36389.md @@ -13,5 +13,5 @@ In Yellowfin before 9.6.1 it is possible to enumerate and download uploaded imag - http://packetstormsecurity.com/files/164515/Yellowfin-Cross-Site-Scripting-Insecure-Direct-Object-Reference.html #### Github -No PoCs found on GitHub currently. +- https://github.com/cyberaz0r/Yellowfin-Multiple-Vulnerabilities diff --git a/2021/CVE-2021-3646.md b/2021/CVE-2021-3646.md index 12d4b09cab..c4e16e4797 100644 --- a/2021/CVE-2021-3646.md +++ b/2021/CVE-2021-3646.md @@ -13,5 +13,5 @@ btcpayserver is vulnerable to Improper Neutralization of Input During Web Page G - https://huntr.dev/bounties/32e30ecf-31fa-45f6-8552-47250ef0e613 #### Github -No PoCs found on GitHub currently. +- https://github.com/ajmalabubakkr/CVE diff --git a/2021/CVE-2021-36563.md b/2021/CVE-2021-36563.md index 9d3cfd8fab..de26055b4b 100644 --- a/2021/CVE-2021-36563.md +++ b/2021/CVE-2021-36563.md @@ -13,5 +13,6 @@ The CheckMK management web console (versions 1.5.0 to 2.0.0) does not sanitise u No PoCs from references. #### Github +- https://github.com/Edgarloyola/CVE-2021-36563 - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-36581.md b/2021/CVE-2021-36581.md index 860546527b..f8b6a0db87 100644 --- a/2021/CVE-2021-36581.md +++ b/2021/CVE-2021-36581.md @@ -13,5 +13,6 @@ Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. It is possible to uplo No PoCs from references. #### Github +- https://github.com/l00neyhacker/CVE-2021-36581 - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-36582.md b/2021/CVE-2021-36582.md index 609e9acc04..b84b09e2f2 100644 --- a/2021/CVE-2021-36582.md +++ b/2021/CVE-2021-36582.md @@ -13,5 +13,6 @@ In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., aspx) to t No PoCs from references. #### Github +- https://github.com/l00neyhacker/CVE-2021-36582 - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-36740.md b/2021/CVE-2021-36740.md index fd9b2ddc71..8fa5b9a72d 100644 --- a/2021/CVE-2021-36740.md +++ b/2021/CVE-2021-36740.md @@ -13,5 +13,6 @@ Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorizati No PoCs from references. #### Github +- https://github.com/aakindur/Awesome-Vulnerable-Apps - https://github.com/vavkamil/awesome-vulnerable-apps diff --git a/2021/CVE-2021-36749.md b/2021/CVE-2021-36749.md index 8c4e4bc9a9..346b28f93c 100644 --- a/2021/CVE-2021-36749.md +++ b/2021/CVE-2021-36749.md @@ -15,9 +15,13 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/BrucessKING/CVE-2021-36749 - https://github.com/Sma11New/PocList - https://github.com/bigblackhat/oFx - https://github.com/d-rn/vulBox +- https://github.com/dnr6419/Druid_docker +- https://github.com/dorkerdevil/CVE-2021-36749 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/zwlsix/apache_druid_CVE-2021-36749 diff --git a/2021/CVE-2021-3679.md b/2021/CVE-2021-3679.md index 326dace759..c953ddf232 100644 --- a/2021/CVE-2021-3679.md +++ b/2021/CVE-2021-3679.md @@ -13,5 +13,5 @@ A lack of CPU resource in the Linux kernel tracing module functionality in versi - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=67f0d6d9883c13174669f88adac4f0ee656cc16a #### Github -No PoCs found on GitHub currently. +- https://github.com/aegistudio/RingBufferDetonator diff --git a/2021/CVE-2021-36798.md b/2021/CVE-2021-36798.md index 613fbf25e5..5ddc8d7d99 100644 --- a/2021/CVE-2021-36798.md +++ b/2021/CVE-2021-36798.md @@ -13,5 +13,6 @@ A Denial-of-Service (DoS) vulnerability was discovered in Team Server in HelpSys - https://labs.sentinelone.com/hotcobalt-new-cobalt-strike-dos-vulnerability-that-lets-you-halt-operations/ #### Github -No PoCs found on GitHub currently. +- https://github.com/JamVayne/CobaltStrikeDos +- https://github.com/M-Kings/CVE-2021-36798 diff --git a/2021/CVE-2021-36799.md b/2021/CVE-2021-36799.md index 0696559f97..f2a1e4d482 100644 --- a/2021/CVE-2021-36799.md +++ b/2021/CVE-2021-36799.md @@ -15,4 +15,5 @@ #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/robertguetzkow/ets5-password-recovery diff --git a/2021/CVE-2021-36808.md b/2021/CVE-2021-36808.md index e78b3e0935..696aaff6e2 100644 --- a/2021/CVE-2021-36808.md +++ b/2021/CVE-2021-36808.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/ctuIhu/CVE-2021-36808 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-36934.md b/2021/CVE-2021-36934.md index 9ed98896f8..fffb07939a 100644 --- a/2021/CVE-2021-36934.md +++ b/2021/CVE-2021-36934.md @@ -28,23 +28,56 @@ Windows Elevation of Privilege Vulnerability - http://packetstormsecurity.com/files/164006/HiveNightmare-AKA-SeriousSAM.html #### Github +- https://github.com/0x0D1n/CVE-2021-36934 +- https://github.com/0xsyk0/GoHiveShadow - https://github.com/0xsyr0/OSCP - https://github.com/ARPSyndicate/cvemon - https://github.com/Ascotbe/Kernelhub +- https://github.com/CrackerCat/HiveNightmare +- https://github.com/GossiTheDog/HiveNightmare +- https://github.com/HuskyHacks/ShadowSteal +- https://github.com/JoranSlingerland/CVE-2021-36934 - https://github.com/Mikasazero/Cobalt-Strike - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/OlivierLaflamme/CVE-2021-36934-export-shadow-volume-POC +- https://github.com/Operational-Sciences-Group/Project-Beewolf - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet - https://github.com/SexyBeast233/SecBooks +- https://github.com/Sp00p64/PyNightmare +- https://github.com/VertigoRay/CVE-2021-36934 +- https://github.com/Wh04m1001/VSSCopy +- https://github.com/WiredPulse/Invoke-HiveDreams +- https://github.com/WiredPulse/Invoke-HiveNightmare - https://github.com/YangSirrr/YangsirStudyPlan - https://github.com/b4rtik/SharpKatz +- https://github.com/bytesizedalex/CVE-2021-36934 +- https://github.com/cfalta/MicrosoftWontFixList +- https://github.com/chron1k/oxide_hive +- https://github.com/creeper-exe/creeper-exe +- https://github.com/cube0x0/CVE-2021-36934 +- https://github.com/exploitblizzard/CVE-2021-36934 - https://github.com/geeksniper/windows-privilege-escalation +- https://github.com/grishinpv/poc_CVE-2021-36934 - https://github.com/guervild/BOFs - https://github.com/huike007/penetration_poc +- https://github.com/irissentinel/CVE-2021-36934 - https://github.com/izj007/wechat +- https://github.com/jmaddington/Serious-Sam---CVE-2021-36934-Mitigation-for-Datto-RMM - https://github.com/kas0n/RedTeam-Articles +- https://github.com/mr-r3b00t/HiveNigtmare +- https://github.com/mwarnerblu/GoHN +- https://github.com/n3tsurge/CVE-2021-36934 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/pyonghe/HiveNightmareChecker +- https://github.com/rnbochsr/atlas +- https://github.com/romarroca/SeriousSam +- https://github.com/shaktavist/SeriousSam - https://github.com/taielab/awesome-hacking-lists +- https://github.com/tda90/CVE-2021-36934 +- https://github.com/websecnl/CVE-2021-36934 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +- https://github.com/wolf0x/HiveNightmare +- https://github.com/wolf0x/PSHiveNightmare - https://github.com/wsummerhill/CobaltStrike_RedTeam_CheatSheet - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2021/CVE-2021-36936.md b/2021/CVE-2021-36936.md new file mode 100644 index 0000000000..7e258f6740 --- /dev/null +++ b/2021/CVE-2021-36936.md @@ -0,0 +1,32 @@ +### [CVE-2021-36936](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36936) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2020H2%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2020H2%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2020H2%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H1%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H1%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H1%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%202004%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%2020H2%20(Server%20Core%20Installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) + +### Description + +Windows Print Spooler Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-36947, CVE-2021-36958. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cfalta/MicrosoftWontFixList + diff --git a/2021/CVE-2021-36942.md b/2021/CVE-2021-36942.md index c6245adef5..62684c9479 100644 --- a/2021/CVE-2021-36942.md +++ b/2021/CVE-2021-36942.md @@ -16,5 +16,9 @@ Windows LSA Spoofing Vulnerability #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/cfalta/MicrosoftWontFixList +- https://github.com/crisprss/PetitPotam - https://github.com/ly4k/PetitPotam +- https://github.com/r0eXpeR/supplier +- https://github.com/topotam/PetitPotam diff --git a/2021/CVE-2021-36947.md b/2021/CVE-2021-36947.md new file mode 100644 index 0000000000..f428a6b812 --- /dev/null +++ b/2021/CVE-2021-36947.md @@ -0,0 +1,32 @@ +### [CVE-2021-36947](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36947) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2020H2%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2020H2%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2020H2%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H1%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H1%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H1%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%202004%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%2020H2%20(Server%20Core%20Installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) + +### Description + +Windows Print Spooler Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-36936, CVE-2021-36958. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/cfalta/MicrosoftWontFixList + diff --git a/2021/CVE-2021-36949.md b/2021/CVE-2021-36949.md index 6397d9ae6f..646ae79e60 100644 --- a/2021/CVE-2021-36949.md +++ b/2021/CVE-2021-36949.md @@ -16,4 +16,5 @@ No PoCs from references. #### Github - https://github.com/Maxwitat/Check-AAD-Connect-for-CVE-2021-36949-vulnerability +- https://github.com/r0eXpeR/supplier diff --git a/2021/CVE-2021-36958.md b/2021/CVE-2021-36958.md index 5ef014e693..00b9c454b0 100644 --- a/2021/CVE-2021-36958.md +++ b/2021/CVE-2021-36958.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/Tomparte/PrintNightmare +- https://github.com/xbufu/Mimispool diff --git a/2021/CVE-2021-3706.md b/2021/CVE-2021-3706.md index 68c4a44312..d3f3872ef8 100644 --- a/2021/CVE-2021-3706.md +++ b/2021/CVE-2021-3706.md @@ -13,5 +13,5 @@ adminlte is vulnerable to Sensitive Cookie Without 'HttpOnly' Flag - https://huntr.dev/bounties/ac7fd77b-b31b-4d02-aebd-f89ecbae3fce #### Github -No PoCs found on GitHub currently. +- https://github.com/ajmalabubakkr/CVE diff --git a/2021/CVE-2021-3711.md b/2021/CVE-2021-3711.md index dfe5bbf6b9..8709ac21a4 100644 --- a/2021/CVE-2021-3711.md +++ b/2021/CVE-2021-3711.md @@ -15,5 +15,6 @@ No PoCs from references. #### Github - https://github.com/anchore/grype - https://github.com/aymankhder/scanner-for-container +- https://github.com/jntass/TASSL-1.1.1k - https://github.com/leonov-av/scanvus diff --git a/2021/CVE-2021-3712.md b/2021/CVE-2021-3712.md index 0498622b83..ad9fb64440 100644 --- a/2021/CVE-2021-3712.md +++ b/2021/CVE-2021-3712.md @@ -14,5 +14,7 @@ ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING struct #### Github - https://github.com/anchore/grype +- https://github.com/giantswarm/starboard-exporter - https://github.com/leonov-av/scanvus +- https://github.com/lucky-sideburn/secpod_wrap diff --git a/2021/CVE-2021-37144.md b/2021/CVE-2021-37144.md index e7181c60c1..33bb1b009d 100644 --- a/2021/CVE-2021-37144.md +++ b/2021/CVE-2021-37144.md @@ -14,4 +14,5 @@ CSZ CMS 1.2.9 is vulnerable to Arbitrary File Deletion. This occurs in PHP when #### Github - https://github.com/faisalfs10x/CVE-IDs +- https://github.com/nightfury99/CVE-IDs diff --git a/2021/CVE-2021-37475.md b/2021/CVE-2021-37475.md new file mode 100644 index 0000000000..0296363789 --- /dev/null +++ b/2021/CVE-2021-37475.md @@ -0,0 +1,17 @@ +### [CVE-2021-37475](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37475) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In NavigateCMS version 2.9.4 and below, function in `templates.php` is vulnerable to sql injection on parameter `template-properties-order`, which results in arbitrary sql query execution in the backend database. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/anhquan99/DetectSQLInjectionPyshark + diff --git a/2021/CVE-2021-37580.md b/2021/CVE-2021-37580.md index 58dec85c89..e17a2c3a53 100644 --- a/2021/CVE-2021-37580.md +++ b/2021/CVE-2021-37580.md @@ -13,11 +13,19 @@ A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in ShenyuAdmin No PoCs from references. #### Github +- https://github.com/0x0021h/expbox - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Liang2580/CVE-2021-37580 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Osyanina/westone-CVE-2021-37580-scanner +- https://github.com/Wing-song/CVE-2021-37580 +- https://github.com/ZororoZ/CVE-2021-37580 +- https://github.com/fengwenhua/CVE-2021-37580 - https://github.com/githublihaha/vul +- https://github.com/langligelang/langligelang - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/rabbitsafe/CVE-2021-37580 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2021/CVE-2021-37593.md b/2021/CVE-2021-37593.md index 5cfb1149c7..dc6b432fd8 100644 --- a/2021/CVE-2021-37593.md +++ b/2021/CVE-2021-37593.md @@ -14,4 +14,5 @@ PEEL Shopping version 9.4.0 allows remote SQL injection. A public user/guest (un #### Github - https://github.com/faisalfs10x/CVE-IDs +- https://github.com/nightfury99/CVE-IDs diff --git a/2021/CVE-2021-37624.md b/2021/CVE-2021-37624.md index 0bd9323476..97e74f5418 100644 --- a/2021/CVE-2021-37624.md +++ b/2021/CVE-2021-37624.md @@ -13,6 +13,7 @@ FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformati - http://packetstormsecurity.com/files/164628/FreeSWITCH-1.10.6-Missing-SIP-MESSAGE-Authentication.html #### Github +- https://github.com/0xInfection/PewSWITCH - https://github.com/ARPSyndicate/cvemon - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/taielab/awesome-hacking-lists diff --git a/2021/CVE-2021-37678.md b/2021/CVE-2021-37678.md index 5a8d69ab1b..e0a75b775f 100644 --- a/2021/CVE-2021-37678.md +++ b/2021/CVE-2021-37678.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/fran-CICS/ExploitTensorflowCVE-2021-37678 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-37748.md b/2021/CVE-2021-37748.md index dcf000b065..6d682e8003 100644 --- a/2021/CVE-2021-37748.md +++ b/2021/CVE-2021-37748.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/SECFORCE/CVE-2021-37748 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-37761.md b/2021/CVE-2021-37761.md index 3ad2f65d43..c93de54493 100644 --- a/2021/CVE-2021-37761.md +++ b/2021/CVE-2021-37761.md @@ -13,5 +13,5 @@ Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to unrestr - https://www.manageengine.com #### Github -No PoCs found on GitHub currently. +- https://github.com/r0eXpeR/supplier diff --git a/2021/CVE-2021-37832.md b/2021/CVE-2021-37832.md index c62104b434..ef49ac519b 100644 --- a/2021/CVE-2021-37832.md +++ b/2021/CVE-2021-37832.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/dievus/CVE-2021-37832 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-37833.md b/2021/CVE-2021-37833.md index 8ebb38f0b1..db504ec6db 100644 --- a/2021/CVE-2021-37833.md +++ b/2021/CVE-2021-37833.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/dievus/CVE-2021-37833 diff --git a/2021/CVE-2021-37927.md b/2021/CVE-2021-37927.md index 0deb30ed0a..b64dd746a3 100644 --- a/2021/CVE-2021-37927.md +++ b/2021/CVE-2021-37927.md @@ -13,5 +13,5 @@ Zoho ManageEngine ADManager Plus version 7110 and prior allows account takeover - https://www.manageengine.com #### Github -No PoCs found on GitHub currently. +- https://github.com/r0eXpeR/supplier diff --git a/2021/CVE-2021-37980.md b/2021/CVE-2021-37980.md index cbe90afe02..733e2b02f4 100644 --- a/2021/CVE-2021-37980.md +++ b/2021/CVE-2021-37980.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/ZeusBox/CVE-2021-37980 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2021/CVE-2021-38001.md b/2021/CVE-2021-38001.md index 2e58f8a6af..a629c5f2ac 100644 --- a/2021/CVE-2021-38001.md +++ b/2021/CVE-2021-38001.md @@ -14,6 +14,8 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Peterpan0927/TFC-Chrome-v8-bug-CVE-2021-38001-poc +- https://github.com/maldiohead/TFC-Chrome-v8-bug-CVE-2021-38001-poc - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/vngkv123/aSiagaming diff --git a/2021/CVE-2021-38114.md b/2021/CVE-2021-38114.md new file mode 100644 index 0000000000..777fb7b55d --- /dev/null +++ b/2021/CVE-2021-38114.md @@ -0,0 +1,17 @@ +### [CVE-2021-38114](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38114) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/meweez/meweez + diff --git a/2021/CVE-2021-38115.md b/2021/CVE-2021-38115.md new file mode 100644 index 0000000000..811143c387 --- /dev/null +++ b/2021/CVE-2021-38115.md @@ -0,0 +1,17 @@ +### [CVE-2021-38115](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38115) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/meweez/meweez + diff --git a/2021/CVE-2021-38165.md b/2021/CVE-2021-38165.md new file mode 100644 index 0000000000..99e0ba41a8 --- /dev/null +++ b/2021/CVE-2021-38165.md @@ -0,0 +1,17 @@ +### [CVE-2021-38165](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38165) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/yiffOS/patches + diff --git a/2021/CVE-2021-38171.md b/2021/CVE-2021-38171.md new file mode 100644 index 0000000000..70662866be --- /dev/null +++ b/2021/CVE-2021-38171.md @@ -0,0 +1,17 @@ +### [CVE-2021-38171](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38171) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/meweez/meweez + diff --git a/2021/CVE-2021-38295.md b/2021/CVE-2021-38295.md index c01655d194..61a440ff92 100644 --- a/2021/CVE-2021-38295.md +++ b/2021/CVE-2021-38295.md @@ -16,6 +16,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/ProfessionallyEvil/CVE-2021-38295-PoC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-38603.md b/2021/CVE-2021-38603.md index 3c1359dd45..a3a107bd65 100644 --- a/2021/CVE-2021-38603.md +++ b/2021/CVE-2021-38603.md @@ -13,5 +13,5 @@ PluXML 5.8.7 allows core/admin/profil.php stored XSS via the Information field. - http://packetstormsecurity.com/files/163823/PluXML-5.8.7-Cross-Site-Scripting.html #### Github -No PoCs found on GitHub currently. +- https://github.com/KielVaughn/CVE-2021-38603 diff --git a/2021/CVE-2021-38639.md b/2021/CVE-2021-38639.md index 0fc21a967e..17d86e36d8 100644 --- a/2021/CVE-2021-38639.md +++ b/2021/CVE-2021-38639.md @@ -30,6 +30,7 @@ Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021- No PoCs from references. #### Github +- https://github.com/DarkSprings/CVE-2021-38639 - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2021/CVE-2021-38645.md b/2021/CVE-2021-38645.md new file mode 100644 index 0000000000..2fd9ccddc7 --- /dev/null +++ b/2021/CVE-2021-38645.md @@ -0,0 +1,19 @@ +### [CVE-2021-38645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38645) +![](https://img.shields.io/static/v1?label=Product&message=Azure%20Open%20Management%20Infrastructure&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) + +### Description + +Open Management Infrastructure Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38648, CVE-2021-38649. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/joshhighet/omi +- https://github.com/rcarboneras/OMIGOD-OMSAgentInfo +- https://github.com/sbiqbe/omigod-check + diff --git a/2021/CVE-2021-38647.md b/2021/CVE-2021-38647.md index 7228efcf6b..3979f9811d 100644 --- a/2021/CVE-2021-38647.md +++ b/2021/CVE-2021-38647.md @@ -15,11 +15,29 @@ Open Management Infrastructure Remote Code Execution Vulnerability #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/AlteredSecurity/CVE-2021-38647 - https://github.com/Astrogeorgeonethree/Starred +- https://github.com/FDlucifer/firece-fish +- https://github.com/Immersive-Labs-Sec/cve-2021-38647 - https://github.com/Iveco/xknow_infosec +- https://github.com/Metarget/awesome-cloud-security +- https://github.com/SimenBai/CVE-2021-38647-POC-and-Demo-environment +- https://github.com/Vulnmachines/OMIGOD_cve-2021-38647 - https://github.com/abousteif/cve-2021-38647 - https://github.com/cisagov/Malcolm - https://github.com/corelight/CVE-2021-38647 +- https://github.com/craig-m-unsw/omigod-lab +- https://github.com/fr34kyy/omigod +- https://github.com/hetmehtaa/bug-bounty-noob +- https://github.com/horizon3ai/CVE-2021-38647 +- https://github.com/joshhighet/omi +- https://github.com/m1thryn/CVE-2021-38647 +- https://github.com/marcosimioni/omigood +- https://github.com/midoxnet/CVE-2021-38647 +- https://github.com/nday-ldgz/ZoomEye-dork - https://github.com/neolin-ms/AzureDocLinks - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/r0eXpeR/supplier +- https://github.com/rcarboneras/OMIGOD-OMSAgentInfo +- https://github.com/sbiqbe/omigod-check diff --git a/2021/CVE-2021-38648.md b/2021/CVE-2021-38648.md index 9de22073eb..2bdfeb50a2 100644 --- a/2021/CVE-2021-38648.md +++ b/2021/CVE-2021-38648.md @@ -14,4 +14,7 @@ Open Management Infrastructure Elevation of Privilege Vulnerability This CVE ID #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/joshhighet/omi +- https://github.com/rcarboneras/OMIGOD-OMSAgentInfo +- https://github.com/sbiqbe/omigod-check diff --git a/2021/CVE-2021-38649.md b/2021/CVE-2021-38649.md new file mode 100644 index 0000000000..4615ab19fb --- /dev/null +++ b/2021/CVE-2021-38649.md @@ -0,0 +1,19 @@ +### [CVE-2021-38649](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38649) +![](https://img.shields.io/static/v1?label=Product&message=Azure%20Open%20Management%20Infrastructure&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) + +### Description + +Open Management Infrastructure Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38645, CVE-2021-38648. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/joshhighet/omi +- https://github.com/rcarboneras/OMIGOD-OMSAgentInfo +- https://github.com/sbiqbe/omigod-check + diff --git a/2021/CVE-2021-38666.md b/2021/CVE-2021-38666.md index 37ee3a326c..40921997d4 100644 --- a/2021/CVE-2021-38666.md +++ b/2021/CVE-2021-38666.md @@ -34,6 +34,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/DarkSprings/CVE-2021-38666-poc - https://github.com/fardeen-ahmed/Bug-bounty-Writeups - https://github.com/googleprojectzero/winafl - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-38699.md b/2021/CVE-2021-38699.md index 46e602fe08..51ab0cd042 100644 --- a/2021/CVE-2021-38699.md +++ b/2021/CVE-2021-38699.md @@ -13,5 +13,7 @@ TastyIgniter 3.0.7 allows XSS via /account, /reservation, /admin/dashboard, and - http://packetstormsecurity.com/files/163843/TastyIgniter-3.0.7-Cross-Site-Scripting.html #### Github -No PoCs found on GitHub currently. +- https://github.com/HuskyHacks/CVE-2021-38699-Reflected-XSS +- https://github.com/HuskyHacks/CVE-2021-38699-Stored-XSS +- https://github.com/Justin-1993/CVE-2021-38699 diff --git a/2021/CVE-2021-38704.md b/2021/CVE-2021-38704.md index fa8f1a9cad..f1c163167d 100644 --- a/2021/CVE-2021-38704.md +++ b/2021/CVE-2021-38704.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/sudonoodle/CVE-2021-38704 diff --git a/2021/CVE-2021-38705.md b/2021/CVE-2021-38705.md index 3c9603cf2c..b2612978e1 100644 --- a/2021/CVE-2021-38705.md +++ b/2021/CVE-2021-38705.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/sudonoodle/CVE-2021-38705 diff --git a/2021/CVE-2021-38706.md b/2021/CVE-2021-38706.md index 6d10dda38e..d4d38209da 100644 --- a/2021/CVE-2021-38706.md +++ b/2021/CVE-2021-38706.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/sudonoodle/CVE-2021-38706 diff --git a/2021/CVE-2021-38833.md b/2021/CVE-2021-38833.md index eca619ae3d..86f28dec19 100644 --- a/2021/CVE-2021-38833.md +++ b/2021/CVE-2021-38833.md @@ -13,5 +13,5 @@ SQL injection vulnerability in PHPGurukul Apartment Visitors Management System ( - https://www.exploit-db.com/exploits/50288 #### Github -No PoCs found on GitHub currently. +- https://github.com/mari0x00/AVMS-exploit diff --git a/2021/CVE-2021-39115.md b/2021/CVE-2021-39115.md index 6a40a99b22..a08acfec51 100644 --- a/2021/CVE-2021-39115.md +++ b/2021/CVE-2021-39115.md @@ -14,5 +14,6 @@ Affected versions of Atlassian Jira Service Management Server and Data Center al No PoCs from references. #### Github +- https://github.com/PetrusViet/CVE-2021-39115 - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-39137.md b/2021/CVE-2021-39137.md new file mode 100644 index 0000000000..2029a57c44 --- /dev/null +++ b/2021/CVE-2021-39137.md @@ -0,0 +1,17 @@ +### [CVE-2021-39137](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39137) +![](https://img.shields.io/static/v1?label=Product&message=go-ethereum&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-436%3A%20Interpretation%20Conflict&color=brighgreen) + +### Description + +go-ethereum is the official Go implementation of the Ethereum protocol. In affected versions a consensus-vulnerability in go-ethereum (Geth) could cause a chain split, where vulnerable versions refuse to accept the canonical chain. Further details about the vulnerability will be disclosed at a later date. A patch is included in the upcoming `v1.10.8` release. No workaround are available. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/gnc-project/galaxynetwork + diff --git a/2021/CVE-2021-39152.md b/2021/CVE-2021-39152.md index 80fb5b0caa..76182e9dc7 100644 --- a/2021/CVE-2021-39152.md +++ b/2021/CVE-2021-39152.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/wh1t3p1g/tabby +- https://github.com/zwjjustdoit/Xstream-1.4.17 diff --git a/2021/CVE-2021-39433.md b/2021/CVE-2021-39433.md index cc8e4b3a77..f9df0ae59a 100644 --- a/2021/CVE-2021-39433.md +++ b/2021/CVE-2021-39433.md @@ -15,5 +15,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/PinkDraconian/CVE-2021-39433 - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-3945.md b/2021/CVE-2021-3945.md index 53f5d1ed1b..2253c10263 100644 --- a/2021/CVE-2021-3945.md +++ b/2021/CVE-2021-3945.md @@ -13,5 +13,6 @@ django-helpdesk is vulnerable to Improper Neutralization of Input During Web Pag - https://huntr.dev/bounties/745f483c-70ed-441f-ab2e-7ac1305439a4 #### Github +- https://github.com/0x0021h/expbox - https://github.com/noobpk/noobpk diff --git a/2021/CVE-2021-39659.md b/2021/CVE-2021-39659.md new file mode 100644 index 0000000000..572b5484c8 --- /dev/null +++ b/2021/CVE-2021-39659.md @@ -0,0 +1,17 @@ +### [CVE-2021-39659](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39659) +![](https://img.shields.io/static/v1?label=Product&message=Android&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20service&color=brighgreen) + +### Description + +In sortSimPhoneAccountsForEmergency of CreateConnectionProcessor.java, there is a possible prevention of access to emergency calling due to an unhandled exception. In rare instances, this could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-208267659 + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/kris-classes/restart + diff --git a/2021/CVE-2021-40154.md b/2021/CVE-2021-40154.md index 5281ce3b35..3bc6f84cb6 100644 --- a/2021/CVE-2021-40154.md +++ b/2021/CVE-2021-40154.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Xen1thLabs-AE/CVE-2021-40154 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-40239.md b/2021/CVE-2021-40239.md new file mode 100644 index 0000000000..8fbb0229aa --- /dev/null +++ b/2021/CVE-2021-40239.md @@ -0,0 +1,17 @@ +### [CVE-2021-40239](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40239) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A Buffer Overflow vulnerability exists in the latest version of Miniftpd in the do_retr function in ftpproto.c + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/H4niz/CVE + diff --git a/2021/CVE-2021-40292.md b/2021/CVE-2021-40292.md new file mode 100644 index 0000000000..0f9967f348 --- /dev/null +++ b/2021/CVE-2021-40292.md @@ -0,0 +1,17 @@ +### [CVE-2021-40292](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40292) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A Stored Cross Site Sripting (XSS) vulnerability exists in DzzOffice 2.02.1 via the settingnew parameter. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/minhgalaxy/CVE + diff --git a/2021/CVE-2021-4034.md b/2021/CVE-2021-4034.md index e21a82cc5d..fce750c560 100644 --- a/2021/CVE-2021-4034.md +++ b/2021/CVE-2021-4034.md @@ -23,6 +23,8 @@ No PoCs from references. - https://github.com/BachoSeven/stellestelline - https://github.com/CYB3RK1D/CVE-2021-4034-POC - https://github.com/DosAmp/pkwned +- https://github.com/Hiimsonkul/Hiimsonkul +- https://github.com/IBM-Cloud/vpc-ha-iac - https://github.com/Ignitetechnologies/Linux-Privilege-Escalation - https://github.com/Kirill89/CVE-2021-4034 - https://github.com/MedKH1684/Pwnkit-CVE-2021-4034 @@ -55,6 +57,7 @@ No PoCs from references. - https://github.com/hohn/codeql-sample-polkit - https://github.com/jostmart/-CVE-2021-4034 - https://github.com/kaosagnt/ansible-everyday +- https://github.com/learner-ing/changeTools - https://github.com/liamg/traitor - https://github.com/luckythandel/CVE-2021-4034 - https://github.com/ly4k/PwnKit @@ -70,6 +73,7 @@ No PoCs from references. - https://github.com/robemmerson/CVE-2021-4034 - https://github.com/san3ncrypt3d/CVE-2021-4034-POC - https://github.com/sanchez-anthony/ansible_pwnkit_mitigation +- https://github.com/sarutobi12/sarutobi12 - https://github.com/scent2d/PoC-CVE-2021-4034 - https://github.com/slange-dev/slange-dev - https://github.com/sofire/polkit-0.96-CVE-2021-4034 @@ -82,5 +86,6 @@ No PoCs from references. - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/wongwaituck/CVE-2021-4034 - https://github.com/xymeng16/security +- https://github.com/zetaemme/b4d_p3n6u1n - https://github.com/ziadsaleemi/polkit_CVE-2021-4034 diff --git a/2021/CVE-2021-40346.md b/2021/CVE-2021-40346.md index 3dcdb8428e..89ce6b26fa 100644 --- a/2021/CVE-2021-40346.md +++ b/2021/CVE-2021-40346.md @@ -14,7 +14,14 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/CHYbeta/OddProxyDemo +- https://github.com/D4rkP0w4r/INTENT-CTF-2021 +- https://github.com/Vulnmachines/HAProxy_CVE-2021-40346 +- https://github.com/alikarimi999/CVE-2021-40346 +- https://github.com/chenjj/Awesome-HTTPRequestSmuggling +- https://github.com/donky16/CVE-2021-40346-POC - https://github.com/izj007/wechat +- https://github.com/knqyf263/CVE-2021-40346 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/taielab/awesome-hacking-lists diff --git a/2021/CVE-2021-40352.md b/2021/CVE-2021-40352.md index fe53bd44b7..f40095d559 100644 --- a/2021/CVE-2021-40352.md +++ b/2021/CVE-2021-40352.md @@ -13,5 +13,7 @@ OpenEMR 6.0.0 has a pnotes_print.php?noteid= Insecure Direct Object Reference vu - http://packetstormsecurity.com/files/164011/OpenEMR-6.0.0-Insecure-Direct-Object-Reference.html #### Github -No PoCs found on GitHub currently. +- https://github.com/allenenosh/CVE-2021-40352 +- https://github.com/allenenosh/allenenosh +- https://github.com/zeroc00I/CVE-2021-09-03 diff --git a/2021/CVE-2021-40353.md b/2021/CVE-2021-40353.md index 0938248cd9..96e76c1e3f 100644 --- a/2021/CVE-2021-40353.md +++ b/2021/CVE-2021-40353.md @@ -13,5 +13,6 @@ A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or Mar No PoCs from references. #### Github +- https://github.com/5qu1n7/CVE-2021-40353 - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-40438.md b/2021/CVE-2021-40438.md index df8584cb82..727496dbce 100644 --- a/2021/CVE-2021-40438.md +++ b/2021/CVE-2021-40438.md @@ -16,8 +16,16 @@ No PoCs from references. - https://github.com/0day666/Vulnerability-verification - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/BabyTeam1024/CVE-2021-40438 +- https://github.com/CHYbeta/OddProxyDemo +- https://github.com/HxDDD/CVE-PoC +- https://github.com/ericmann/apache-cve-poc - https://github.com/harsh-bothra/learn365 - https://github.com/litt1eb0yy/One-Liner-Scripts - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/pisut4152/Sigma-Rule-for-CVE-2021-40438-exploitation-attempt +- https://github.com/sixpacksecurity/CVE-2021-40438 +- https://github.com/vsh00t/BB-PoC +- https://github.com/xiaojiangxl/CVE-2021-40438 diff --git a/2021/CVE-2021-40444.md b/2021/CVE-2021-40444.md index 717d9d1c87..515707f3bf 100644 --- a/2021/CVE-2021-40444.md +++ b/2021/CVE-2021-40444.md @@ -31,23 +31,63 @@ Microsoft MSHTML Remote Code Execution Vulnerability - http://packetstormsecurity.com/files/165214/Microsoft-Office-Word-MSHTML-Remote-Code-Execution.html #### Github +- https://github.com/0xK4gura/CVE-2021-40444-POC - https://github.com/0xsyr0/OSCP - https://github.com/ARPSyndicate/cvemon +- https://github.com/Alexcot25051999/CVE-2021-40444 - https://github.com/Ascotbe/Kernelhub +- https://github.com/DarkSprings/CVE-2021-40444 +- https://github.com/Edubr2020/CVE-2021-40444--CABless +- https://github.com/H0j3n/CVE-2021-40444 +- https://github.com/Immersive-Labs-Sec/cve-2021-40444-analysis - https://github.com/Iveco/xknow_infosec +- https://github.com/Jeromeyoung/MSHTMHell +- https://github.com/KnoooW/CVE-2021-40444-docx-Generate +- https://github.com/LazarusReborn/Docx-Exploit-2021 - https://github.com/LumaKernel/awesome-stars - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Panopticon-Project/panopticon-WizardSpider - https://github.com/Spacial/awesome-csirt +- https://github.com/TiagoSergio/CVE-2021-40444 +- https://github.com/Udyz/CVE-2021-40444-CAB +- https://github.com/Udyz/CVE-2021-40444-Sample - https://github.com/VilNE-Scanner/VilNE - https://github.com/YangSirrr/YangsirStudyPlan +- https://github.com/Zeop-CyberSec/word_mshtml +- https://github.com/aslitsecurity/CVE-2021-40444_builders +- https://github.com/aydianosec/CVE2021-40444 +- https://github.com/ba0jy/awesome-intelligence +- https://github.com/bambooqj/CVE-2021-40444_EXP_JS - https://github.com/carloslacasa/cyber-ansible +- https://github.com/eduardomcm/VelociraptorCompetition - https://github.com/eminunal1453/Various-Malware-Hashes +- https://github.com/endrazine/cnam-tp5-sec108 +- https://github.com/factionsypho/TIC4301_Project +- https://github.com/fengjixuchui/CVE-2021-40444-docx-Generate +- https://github.com/gh0stxplt/CVE-2021-40444-URL-Extractor - https://github.com/izj007/wechat +- https://github.com/jamesrep/cve-2021-40444 +- https://github.com/js-on/CVE-2021-40444 - https://github.com/k8gege/CVE-2021-40444 +- https://github.com/kal1gh0st/CVE-2021-40444_CAB_archives +- https://github.com/klezVirus/CVE-2021-40444 +- https://github.com/lisinan988/CVE-2021-40444-exp +- https://github.com/lockedbyte/CVE-2021-40444 +- https://github.com/mahesh-0369/my-project-2 +- https://github.com/mansk1es/Caboom +- https://github.com/nightrelax/Exploit-PoC-CVE-2021-40444-inject-ma-doc-vao-docx - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/ozergoker/CVE-2021-40444 +- https://github.com/r0eXpeR/supplier +- https://github.com/ramirezversion/winwordexfil +- https://github.com/rfcxv/CVE-2021-40444-POC +- https://github.com/slaughterjames/Dridex_17092021 - https://github.com/taielab/awesome-hacking-lists - https://github.com/ulexec/Exploits - https://github.com/vanhohen/ADNinja +- https://github.com/vanhohen/MSHTML-CVE-2021-40444 +- https://github.com/vysecurity/CVE-2021-40444 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/ycdxsb/WindowsPrivilegeEscalation +- https://github.com/zaneGittins/CVE-2021-40444-evtx diff --git a/2021/CVE-2021-40449.md b/2021/CVE-2021-40449.md index ff13a504e8..8f34d4157e 100644 --- a/2021/CVE-2021-40449.md +++ b/2021/CVE-2021-40449.md @@ -35,12 +35,18 @@ Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021- - https://github.com/ARPSyndicate/cvemon - https://github.com/Al1ex/WindowsElevation - https://github.com/Ascotbe/Kernelhub +- https://github.com/CppXL/cve-2021-40449-poc - https://github.com/FunnyWolf/Viper +- https://github.com/KaLendsi/CVE-2021-40449-Exploit +- https://github.com/Kristal-g/CVE-2021-40449_poc - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/S3cur3Th1sSh1t/WinPwn +- https://github.com/hakivvi/CVE-2021-40449 +- https://github.com/ly4k/CallbackHell - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/pipiscrew/timeline - https://github.com/taielab/awesome-hacking-lists +- https://github.com/timwhitez/Git-Daily - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2021/CVE-2021-40492.md b/2021/CVE-2021-40492.md index 6e0a79d7aa..30cd442bed 100644 --- a/2021/CVE-2021-40492.md +++ b/2021/CVE-2021-40492.md @@ -13,5 +13,6 @@ A reflected XSS vulnerability exists in multiple pages in version 22 of the Gibb No PoCs from references. #### Github +- https://github.com/5qu1n7/CVE-2021-40492 - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-40528.md b/2021/CVE-2021-40528.md index 38447ee773..a1004aecb0 100644 --- a/2021/CVE-2021-40528.md +++ b/2021/CVE-2021-40528.md @@ -13,5 +13,5 @@ The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery b - https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1 #### Github -No PoCs found on GitHub currently. +- https://github.com/brandoncamenisch/release-the-code-litecoin diff --git a/2021/CVE-2021-40531.md b/2021/CVE-2021-40531.md index 14e51f32b6..b6cef8377c 100644 --- a/2021/CVE-2021-40531.md +++ b/2021/CVE-2021-40531.md @@ -14,5 +14,6 @@ Sketch before 75 allows library feeds to be used to bypass file quarantine. File #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/jonpalmisc/CVE-2021-40531 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-40539.md b/2021/CVE-2021-40539.md index 1699046fbf..1d7d56c10b 100644 --- a/2021/CVE-2021-40539.md +++ b/2021/CVE-2021-40539.md @@ -16,7 +16,10 @@ Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to RES #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/DarkSprings/CVE-2021-40539 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/r0eXpeR/supplier +- https://github.com/synacktiv/CVE-2021-40539 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2021/CVE-2021-40617.md b/2021/CVE-2021-40617.md new file mode 100644 index 0000000000..4613c629aa --- /dev/null +++ b/2021/CVE-2021-40617.md @@ -0,0 +1,17 @@ +### [CVE-2021-40617](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40617) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An SQL Injection vulnerability exists in openSIS Community Edition version 8.0 via ForgotPassUserName.php. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/H4niz/CVE + diff --git a/2021/CVE-2021-40618.md b/2021/CVE-2021-40618.md new file mode 100644 index 0000000000..777be38bfe --- /dev/null +++ b/2021/CVE-2021-40618.md @@ -0,0 +1,17 @@ +### [CVE-2021-40618](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40618) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An SQL Injection vulnerability exists in openSIS Classic 8.0 via the 1) ADDR_CONT_USRN, 2) ADDR_CONT_PSWD, 3) SECN_CONT_USRN or 4) SECN_CONT_PSWD parameters in HoldAddressFields.php. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/minhgalaxy/CVE + diff --git a/2021/CVE-2021-40728.md b/2021/CVE-2021-40728.md new file mode 100644 index 0000000000..b78d924431 --- /dev/null +++ b/2021/CVE-2021-40728.md @@ -0,0 +1,17 @@ +### [CVE-2021-40728](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40728) +![](https://img.shields.io/static/v1?label=Product&message=Acrobat%20Reader&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%2021.007.20095%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20After%20Free%20(CWE-416)&color=brighgreen) + +### Description + +Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a use-after-free vulnerability in the processing of the GetURL function on a global object window that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/zanezhub/PIA-PC + diff --git a/2021/CVE-2021-40812.md b/2021/CVE-2021-40812.md new file mode 100644 index 0000000000..45849a2ea3 --- /dev/null +++ b/2021/CVE-2021-40812.md @@ -0,0 +1,17 @@ +### [CVE-2021-40812](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40812) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/meweez/meweez + diff --git a/2021/CVE-2021-40845.md b/2021/CVE-2021-40845.md index 3edbfc065e..c74ac3c161 100644 --- a/2021/CVE-2021-40845.md +++ b/2021/CVE-2021-40845.md @@ -15,5 +15,6 @@ The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called Alpha - https://ricardojoserf.github.io/CVE-2021-40845/ #### Github -No PoCs found on GitHub currently. +- https://github.com/FDlucifer/firece-fish +- https://github.com/ricardojoserf/CVE-2021-40845 diff --git a/2021/CVE-2021-40847.md b/2021/CVE-2021-40847.md index 5f7db0c928..1a55c57a21 100644 --- a/2021/CVE-2021-40847.md +++ b/2021/CVE-2021-40847.md @@ -13,5 +13,5 @@ The update process of the Circle Parental Control Service on various NETGEAR rou - https://blog.grimm-co.com/2021/09/mama-always-told-me-not-to-trust.html #### Github -No PoCs found on GitHub currently. +- https://github.com/hetmehtaa/bug-bounty-noob diff --git a/2021/CVE-2021-40865.md b/2021/CVE-2021-40865.md index 784346c695..c7b8943707 100644 --- a/2021/CVE-2021-40865.md +++ b/2021/CVE-2021-40865.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/hktalent/CVE-2021-40865 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-40870.md b/2021/CVE-2021-40870.md index 7d917c0a3e..c62076af5b 100644 --- a/2021/CVE-2021-40870.md +++ b/2021/CVE-2021-40870.md @@ -14,7 +14,11 @@ An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestr - https://wearetradecraft.com/advisories/tc-2021-0002/ #### Github +- https://github.com/0xAgun/CVE-2021-40870 - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/FDlucifer/firece-fish +- https://github.com/JoyGhoshs/CVE-2021-40870 +- https://github.com/byteofjoshua/CVE-2021-40870 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-40875.md b/2021/CVE-2021-40875.md index 0a7de25a51..a755622cca 100644 --- a/2021/CVE-2021-40875.md +++ b/2021/CVE-2021-40875.md @@ -15,4 +15,5 @@ Improper Access Control in Gurock TestRail versions < 7.2.0.3014 resulted in sen #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/SakuraSamuraii/derailed diff --git a/2021/CVE-2021-40978.md b/2021/CVE-2021-40978.md index c3e5fd0602..47c1ea0eac 100644 --- a/2021/CVE-2021-40978.md +++ b/2021/CVE-2021-40978.md @@ -15,5 +15,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/nisdn/CVE-2021-40978 - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-4104.md b/2021/CVE-2021-4104.md index 974c6f79a0..e7a4bd7c88 100644 --- a/2021/CVE-2021-4104.md +++ b/2021/CVE-2021-4104.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Diablo5G/Certification-Prep - https://github.com/GGongnanE/TodayILearned - https://github.com/HackJava/Log4j2 - https://github.com/HynekPetrak/log4shell-finder diff --git a/2021/CVE-2021-41089.md b/2021/CVE-2021-41089.md index f5cef8b886..dd2cd85edf 100644 --- a/2021/CVE-2021-41089.md +++ b/2021/CVE-2021-41089.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/ssst0n3/my_vulnerabilities +- https://github.com/ssst0n3/ssst0n3 diff --git a/2021/CVE-2021-41157.md b/2021/CVE-2021-41157.md index c82dd08de6..f47329c113 100644 --- a/2021/CVE-2021-41157.md +++ b/2021/CVE-2021-41157.md @@ -13,6 +13,7 @@ FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformati No PoCs from references. #### Github +- https://github.com/0xInfection/PewSWITCH - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/taielab/awesome-hacking-lists diff --git a/2021/CVE-2021-41174.md b/2021/CVE-2021-41174.md index dca68352ed..cd35038ddd 100644 --- a/2021/CVE-2021-41174.md +++ b/2021/CVE-2021-41174.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/we45/nuclei-appsec-workflows diff --git a/2021/CVE-2021-41196.md b/2021/CVE-2021-41196.md new file mode 100644 index 0000000000..778cae2f48 --- /dev/null +++ b/2021/CVE-2021-41196.md @@ -0,0 +1,17 @@ +### [CVE-2021-41196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41196) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-191%3A%20Integer%20Underflow%20(Wrap%20or%20Wraparound)&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions the Keras pooling layers can trigger a segfault if the size of the pool is 0 or if a dimension is negative. This is due to the TensorFlow's implementation of pooling operations where the values in the sliding window are not checked to be strictly positive. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41197.md b/2021/CVE-2021-41197.md new file mode 100644 index 0000000000..4c04dcee6c --- /dev/null +++ b/2021/CVE-2021-41197.md @@ -0,0 +1,17 @@ +### [CVE-2021-41197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41197) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions TensorFlow allows tensor to have a large number of dimensions and each dimension can be as large as desired. However, the total number of elements in a tensor must fit within an `int64_t`. If an overflow occurs, `MultiplyWithoutOverflow` would return a negative result. In the majority of TensorFlow codebase this then results in a `CHECK`-failure. Newer constructs exist which return a `Status` instead of crashing the binary. This is similar to CVE-2021-29584. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41198.md b/2021/CVE-2021-41198.md new file mode 100644 index 0000000000..ab29967aae --- /dev/null +++ b/2021/CVE-2021-41198.md @@ -0,0 +1,17 @@ +### [CVE-2021-41198](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41198) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions if `tf.tile` is called with a large input argument then the TensorFlow process will crash due to a `CHECK`-failure caused by an overflow. The number of elements in the output tensor is too much for the `int64_t` type and the overflow is detected via a `CHECK` statement. This aborts the process. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41199.md b/2021/CVE-2021-41199.md new file mode 100644 index 0000000000..476830b6ff --- /dev/null +++ b/2021/CVE-2021-41199.md @@ -0,0 +1,17 @@ +### [CVE-2021-41199](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41199) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions if `tf.image.resize` is called with a large input argument then the TensorFlow process will crash due to a `CHECK`-failure caused by an overflow. The number of elements in the output tensor is too much for the `int64_t` type and the overflow is detected via a `CHECK` statement. This aborts the process. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41200.md b/2021/CVE-2021-41200.md new file mode 100644 index 0000000000..f0f2226dd8 --- /dev/null +++ b/2021/CVE-2021-41200.md @@ -0,0 +1,17 @@ +### [CVE-2021-41200](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41200) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-617%3A%20Reachable%20Assertion&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions if `tf.summary.create_file_writer` is called with non-scalar arguments code crashes due to a `CHECK`-fail. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41201.md b/2021/CVE-2021-41201.md new file mode 100644 index 0000000000..660d0f8c7d --- /dev/null +++ b/2021/CVE-2021-41201.md @@ -0,0 +1,17 @@ +### [CVE-2021-41201](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41201) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-824%3A%20Access%20of%20Uninitialized%20Pointer&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affeced versions during execution, `EinsumHelper::ParseEquation()` is supposed to set the flags in `input_has_ellipsis` vector and `*output_has_ellipsis` boolean to indicate whether there is ellipsis in the corresponding inputs and output. However, the code only changes these flags to `true` and never assigns `false`. This results in unitialized variable access if callers assume that `EinsumHelper::ParseEquation()` always sets these flags. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41202.md b/2021/CVE-2021-41202.md new file mode 100644 index 0000000000..bbe409152c --- /dev/null +++ b/2021/CVE-2021-41202.md @@ -0,0 +1,17 @@ +### [CVE-2021-41202](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41202) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-681%3A%20Incorrect%20Conversion%20between%20Numeric%20Types&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions while calculating the size of the output within the `tf.range` kernel, there is a conditional statement of type `int64 = condition ? int64 : double`. Due to C++ implicit conversion rules, both branches of the condition will be cast to `double` and the result would be truncated before the assignment. This result in overflows. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41203.md b/2021/CVE-2021-41203.md new file mode 100644 index 0000000000..60f8d7897a --- /dev/null +++ b/2021/CVE-2021-41203.md @@ -0,0 +1,17 @@ +### [CVE-2021-41203](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41203) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-345%3A%20Insufficient%20Verification%20of%20Data%20Authenticity&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions an attacker can trigger undefined behavior, integer overflows, segfaults and `CHECK`-fail crashes if they can change saved checkpoints from outside of TensorFlow. This is because the checkpoints loading infrastructure is missing validation for invalid file formats. The fixes will be included in TensorFlow 2.7.0. We will also cherrypick these commits on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41204.md b/2021/CVE-2021-41204.md new file mode 100644 index 0000000000..a5e280c28c --- /dev/null +++ b/2021/CVE-2021-41204.md @@ -0,0 +1,17 @@ +### [CVE-2021-41204](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41204) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-824%3A%20Access%20of%20Uninitialized%20Pointer&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions during TensorFlow's Grappler optimizer phase, constant folding might attempt to deep copy a resource tensor. This results in a segfault, as these tensors are supposed to not change. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41205.md b/2021/CVE-2021-41205.md new file mode 100644 index 0000000000..982abcdb04 --- /dev/null +++ b/2021/CVE-2021-41205.md @@ -0,0 +1,17 @@ +### [CVE-2021-41205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41205) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for the `QuantizeAndDequantizeV*` operations can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41207.md b/2021/CVE-2021-41207.md new file mode 100644 index 0000000000..6f7d9f0fc8 --- /dev/null +++ b/2021/CVE-2021-41207.md @@ -0,0 +1,17 @@ +### [CVE-2021-41207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41207) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-369%3A%20Divide%20By%20Zero&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions the implementation of `ParallelConcat` misses some input validation and can produce a division by 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41208.md b/2021/CVE-2021-41208.md new file mode 100644 index 0000000000..a1e131f7d0 --- /dev/null +++ b/2021/CVE-2021-41208.md @@ -0,0 +1,18 @@ +### [CVE-2021-41208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41208) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-476%3A%20NULL%20Pointer%20Dereference&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-824%3A%20Access%20of%20Uninitialized%20Pointer&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service (via dereferencing `nullptr`s or via `CHECK`-failures) as well as abuse undefined behavior (binding references to `nullptr`s). An attacker can also read and write from heap buffers, depending on the API that gets used and the arguments that are passed to the call. Given that the boosted trees implementation in TensorFlow is unmaintained, it is recommend to no longer use these APIs. We will deprecate TensorFlow's boosted trees APIs in subsequent releases. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41209.md b/2021/CVE-2021-41209.md new file mode 100644 index 0000000000..5d0cd41029 --- /dev/null +++ b/2021/CVE-2021-41209.md @@ -0,0 +1,17 @@ +### [CVE-2021-41209](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41209) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-369%3A%20Divide%20By%20Zero&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions the implementations for convolution operators trigger a division by 0 if passed empty filter tensor arguments. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41210.md b/2021/CVE-2021-41210.md new file mode 100644 index 0000000000..c0b9f963b4 --- /dev/null +++ b/2021/CVE-2021-41210.md @@ -0,0 +1,17 @@ +### [CVE-2021-41210](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41210) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for `SparseCountSparseOutput` can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41211.md b/2021/CVE-2021-41211.md new file mode 100644 index 0000000000..4f11865a04 --- /dev/null +++ b/2021/CVE-2021-41211.md @@ -0,0 +1,17 @@ +### [CVE-2021-41211](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41211) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `QuantizeV2` can trigger a read outside of bounds of heap allocated array. This occurs whenever `axis` is a negative value less than `-1`. In this case, we are accessing data before the start of a heap buffer. The code allows `axis` to be an optional argument (`s` would contain an `error::NOT_FOUND` error code). Otherwise, it assumes that `axis` is a valid index into the dimensions of the `input` tensor. If `axis` is less than `-1` then this results in a heap OOB read. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, as this version is the only one that is also affected. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41212.md b/2021/CVE-2021-41212.md new file mode 100644 index 0000000000..8c26988ef6 --- /dev/null +++ b/2021/CVE-2021-41212.md @@ -0,0 +1,17 @@ +### [CVE-2021-41212](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41212) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `tf.ragged.cross` can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41213.md b/2021/CVE-2021-41213.md new file mode 100644 index 0000000000..8323892e62 --- /dev/null +++ b/2021/CVE-2021-41213.md @@ -0,0 +1,17 @@ +### [CVE-2021-41213](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41213) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-667%3A%20Improper%20Locking&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions the code behind `tf.function` API can be made to deadlock when two `tf.function` decorated Python functions are mutually recursive. This occurs due to using a non-reentrant `Lock` Python object. Loading any model which contains mutually recursive functions is vulnerable. An attacker can cause denial of service by causing users to load such models and calling a recursive `tf.function`, although this is not a frequent scenario. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41214.md b/2021/CVE-2021-41214.md new file mode 100644 index 0000000000..c2b068cc91 --- /dev/null +++ b/2021/CVE-2021-41214.md @@ -0,0 +1,17 @@ +### [CVE-2021-41214](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41214) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-824%3A%20Access%20of%20Uninitialized%20Pointer&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `tf.ragged.cross` has an undefined behavior due to binding a reference to `nullptr`. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41215.md b/2021/CVE-2021-41215.md new file mode 100644 index 0000000000..9149fac674 --- /dev/null +++ b/2021/CVE-2021-41215.md @@ -0,0 +1,17 @@ +### [CVE-2021-41215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41215) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-476%3A%20NULL%20Pointer%20Dereference&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `DeserializeSparse` can trigger a null pointer dereference. This is because the shape inference function assumes that the `serialize_sparse` tensor is a tensor with positive rank (and having `3` as the last dimension). The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41216.md b/2021/CVE-2021-41216.md new file mode 100644 index 0000000000..89df9e3640 --- /dev/null +++ b/2021/CVE-2021-41216.md @@ -0,0 +1,17 @@ +### [CVE-2021-41216](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41216) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-120%3A%20Buffer%20Copy%20without%20Checking%20Size%20of%20Input%20('Classic%20Buffer%20Overflow')&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions the shape inference function for `Transpose` is vulnerable to a heap buffer overflow. This occurs whenever `perm` contains negative elements. The shape inference function does not validate that the indices in `perm` are all valid. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41219.md b/2021/CVE-2021-41219.md new file mode 100644 index 0000000000..ba8ad6f69a --- /dev/null +++ b/2021/CVE-2021-41219.md @@ -0,0 +1,17 @@ +### [CVE-2021-41219](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41219) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-824%3A%20Access%20of%20Uninitialized%20Pointer&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to `nullptr`. This occurs whenever the dimensions of `a` or `b` are 0 or less. In the case on one of these is 0, an empty output tensor should be allocated (to conserve the invariant that output tensors are always allocated when the operation is successful) but nothing should be written to it (that is, we should return early from the kernel implementation). Otherwise, attempts to write to this empty tensor would result in heap OOB access. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41221.md b/2021/CVE-2021-41221.md new file mode 100644 index 0000000000..4f70a103b0 --- /dev/null +++ b/2021/CVE-2021-41221.md @@ -0,0 +1,17 @@ +### [CVE-2021-41221](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41221) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-120%3A%20Buffer%20Copy%20without%20Checking%20Size%20of%20Input%20('Classic%20Buffer%20Overflow')&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for the `Cudnn*` operations in TensorFlow can be tricked into accessing invalid memory, via a heap buffer overflow. This occurs because the ranks of the `input`, `input_h` and `input_c` parameters are not validated, but code assumes they have certain values. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41223.md b/2021/CVE-2021-41223.md new file mode 100644 index 0000000000..9f21703348 --- /dev/null +++ b/2021/CVE-2021-41223.md @@ -0,0 +1,17 @@ +### [CVE-2021-41223](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41223) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions the implementation of `FusedBatchNorm` kernels is vulnerable to a heap OOB access. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41224.md b/2021/CVE-2021-41224.md new file mode 100644 index 0000000000..6a09a5a29d --- /dev/null +++ b/2021/CVE-2021-41224.md @@ -0,0 +1,17 @@ +### [CVE-2021-41224](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41224) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SparseFillEmptyRows` can be made to trigger a heap OOB access. This occurs whenever the size of `indices` does not match the size of `values`. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41227.md b/2021/CVE-2021-41227.md new file mode 100644 index 0000000000..40454adf6d --- /dev/null +++ b/2021/CVE-2021-41227.md @@ -0,0 +1,17 @@ +### [CVE-2021-41227](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41227) +![](https://img.shields.io/static/v1?label=Product&message=tensorflow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) + +### Description + +TensorFlow is an open source platform for machine learning. In affected versions the `ImmutableConst` operation in TensorFlow can be tricked into reading arbitrary memory contents. This is because the `tstring` TensorFlow string class has a special case for memory mapped strings but the operation itself does not offer any support for this datatype. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/adwisatya/SnykVulndb + diff --git a/2021/CVE-2021-41277.md b/2021/CVE-2021-41277.md index 608e8786c2..8f72b73d91 100644 --- a/2021/CVE-2021-41277.md +++ b/2021/CVE-2021-41277.md @@ -13,12 +13,22 @@ Metabase is an open source data analytics platform. In affected versions a secur No PoCs from references. #### Github +- https://github.com/0x0021h/expbox - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/FDlucifer/firece-fish +- https://github.com/Henry4E36/Metabase-cve-2021-41277 - https://github.com/LeakIX/l9explore - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Seals6/CVE-2021-41277 +- https://github.com/TheLastVvV/CVE-2021-41277 +- https://github.com/Vulnmachines/Metabase_CVE-2021-41277 - https://github.com/bigblackhat/oFx +- https://github.com/kaizensecurity/CVE-2021-41277 +- https://github.com/kap1ush0n/CVE-2021-41277 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/tahtaciburak/CVE-2021-41277 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +- https://github.com/z3n70/CVE-2021-41277 diff --git a/2021/CVE-2021-41335.md b/2021/CVE-2021-41335.md new file mode 100644 index 0000000000..c4d185cc26 --- /dev/null +++ b/2021/CVE-2021-41335.md @@ -0,0 +1,32 @@ +### [CVE-2021-41335](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41335) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%202004%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2020H2%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2020H2%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2020H2%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H1%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H1%20for%20ARM64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H1%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%202004%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%2020H2%20(Server%20Core%20Installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) + +### Description + +Windows Kernel Elevation of Privilege Vulnerability + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/waleedassar/ObpCreateSymbolicLinkName_EoP + diff --git a/2021/CVE-2021-41349.md b/2021/CVE-2021-41349.md index d7da94a2c5..4516e6cd76 100644 --- a/2021/CVE-2021-41349.md +++ b/2021/CVE-2021-41349.md @@ -17,6 +17,7 @@ Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique from CVE- No PoCs from references. #### Github +- https://github.com/0x0021h/expbox - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/cepxeo/pentest_notes diff --git a/2021/CVE-2021-41351.md b/2021/CVE-2021-41351.md index 495cf53eb9..f23c533aac 100644 --- a/2021/CVE-2021-41351.md +++ b/2021/CVE-2021-41351.md @@ -31,6 +31,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/JaneMandy/CVE-2021-41351-POC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-41379.md b/2021/CVE-2021-41379.md index 8cd798ade1..969b990267 100644 --- a/2021/CVE-2021-41379.md +++ b/2021/CVE-2021-41379.md @@ -33,8 +33,10 @@ No PoCs from references. #### Github - https://github.com/AlexandrVIvanov/InstallerFileTakeOver +- https://github.com/Octoberfest7/Tools - https://github.com/devopscoder331/CVE_InstallerFileTakeOver - https://github.com/dxnboy/redteam +- https://github.com/klinix5/InstallerFileTakeOver - https://github.com/noname1007/InstallerFileTakeOver - https://github.com/puckiestyle/InstallerFileTakeOver - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2021/CVE-2021-41381.md b/2021/CVE-2021-41381.md index b790257b3b..c0855b8de5 100644 --- a/2021/CVE-2021-41381.md +++ b/2021/CVE-2021-41381.md @@ -17,4 +17,5 @@ Payara Micro Community 5.2021.6 and below allows Directory Traversal. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Net-hunter121/CVE-2021-41381 diff --git a/2021/CVE-2021-41382.md b/2021/CVE-2021-41382.md index bcd478cc43..88ee75ed99 100644 --- a/2021/CVE-2021-41382.md +++ b/2021/CVE-2021-41382.md @@ -14,5 +14,5 @@ Plastic SCM before 10.0.16.5622 mishandles the WebAdmin server management interf - http://packetstormsecurity.com/files/164531/Plastic-SCM-10.0.16.5622-Insecure-Direct-Object-Reference.html #### Github -No PoCs found on GitHub currently. +- https://github.com/basubanakar/Plastic-SCM-Exploit diff --git a/2021/CVE-2021-41495.md b/2021/CVE-2021-41495.md index 8f4d709509..8a63f57a85 100644 --- a/2021/CVE-2021-41495.md +++ b/2021/CVE-2021-41495.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/Daybreak2019/PolyCruise +- https://github.com/baltsers/polycruise diff --git a/2021/CVE-2021-41496.md b/2021/CVE-2021-41496.md index 4e8228e991..5c3e8cecc0 100644 --- a/2021/CVE-2021-41496.md +++ b/2021/CVE-2021-41496.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/Daybreak2019/PolyCruise +- https://github.com/baltsers/polycruise diff --git a/2021/CVE-2021-41497.md b/2021/CVE-2021-41497.md index 1a6adfc0cf..75ea582426 100644 --- a/2021/CVE-2021-41497.md +++ b/2021/CVE-2021-41497.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/Daybreak2019/PolyCruise +- https://github.com/baltsers/polycruise diff --git a/2021/CVE-2021-41498.md b/2021/CVE-2021-41498.md index a26328b3e7..f4efc602ae 100644 --- a/2021/CVE-2021-41498.md +++ b/2021/CVE-2021-41498.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/Daybreak2019/PolyCruise +- https://github.com/baltsers/polycruise diff --git a/2021/CVE-2021-41499.md b/2021/CVE-2021-41499.md index 68a1b24bbf..4c8df6b64b 100644 --- a/2021/CVE-2021-41499.md +++ b/2021/CVE-2021-41499.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/Daybreak2019/PolyCruise +- https://github.com/baltsers/polycruise diff --git a/2021/CVE-2021-41500.md b/2021/CVE-2021-41500.md index 82e4ca31c5..7ac4970492 100644 --- a/2021/CVE-2021-41500.md +++ b/2021/CVE-2021-41500.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/Daybreak2019/PolyCruise +- https://github.com/baltsers/polycruise diff --git a/2021/CVE-2021-41511.md b/2021/CVE-2021-41511.md index 10e877ce39..3d32c9c592 100644 --- a/2021/CVE-2021-41511.md +++ b/2021/CVE-2021-41511.md @@ -14,5 +14,5 @@ The username and password field of login in Lodging Reservation Management Syste - https://www.exploit-db.com/exploits/50372 #### Github -No PoCs found on GitHub currently. +- https://github.com/Ni7inSharma/CVE-2021-41511 diff --git a/2021/CVE-2021-41560.md b/2021/CVE-2021-41560.md new file mode 100644 index 0000000000..bbcc8d687c --- /dev/null +++ b/2021/CVE-2021-41560.md @@ -0,0 +1,17 @@ +### [CVE-2021-41560](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41560) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +OpenCATS through 0.9.6 allows remote attackers to execute arbitrary code by uploading an executable file via lib/FileUtility.php. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Nickguitar/RevCAT + diff --git a/2021/CVE-2021-41595.md b/2021/CVE-2021-41595.md new file mode 100644 index 0000000000..6b316d6d67 --- /dev/null +++ b/2021/CVE-2021-41595.md @@ -0,0 +1,17 @@ +### [CVE-2021-41595](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41595) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +SuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal. An attacker can partially include arbitrary files via the file_name parameter of the Step3 import functionality. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ach-ing/cves + diff --git a/2021/CVE-2021-41596.md b/2021/CVE-2021-41596.md new file mode 100644 index 0000000000..4294b6276a --- /dev/null +++ b/2021/CVE-2021-41596.md @@ -0,0 +1,17 @@ +### [CVE-2021-41596](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41596) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +SuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal. An attacker can partially include arbitrary files via the importFile parameter of the RefreshMapping import functionality. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ach-ing/cves + diff --git a/2021/CVE-2021-41597.md b/2021/CVE-2021-41597.md new file mode 100644 index 0000000000..31a1475591 --- /dev/null +++ b/2021/CVE-2021-41597.md @@ -0,0 +1,17 @@ +### [CVE-2021-41597](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41597) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +SuiteCRM through 7.11.21 is vulnerable to CSRF, with resultant remote code execution, via the UpgradeWizard functionality, if a PHP file is included in a ZIP archive. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ach-ing/cves + diff --git a/2021/CVE-2021-41643.md b/2021/CVE-2021-41643.md index 2de1d91f50..2fcd2fd2d8 100644 --- a/2021/CVE-2021-41643.md +++ b/2021/CVE-2021-41643.md @@ -14,6 +14,7 @@ Remote Code Execution (RCE) vulnerability exists in Sourcecodester Church Manage #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/hax3xploit/CVE-2021-41643 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-41644.md b/2021/CVE-2021-41644.md index 2d2158c5cc..83edbc8032 100644 --- a/2021/CVE-2021-41644.md +++ b/2021/CVE-2021-41644.md @@ -14,6 +14,7 @@ Remote Code Exection (RCE) vulnerability exists in Sourcecodester Online Food Or #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/hax3xploit/CVE-2021-41644 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-41645.md b/2021/CVE-2021-41645.md index 394dd7a0ab..c854aa65e4 100644 --- a/2021/CVE-2021-41645.md +++ b/2021/CVE-2021-41645.md @@ -14,6 +14,7 @@ Remote Code Execution (RCE) vulnerability exists in Sourcecodester Budget and Ex #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/hax3xploit/CVE-2021-41645 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-41646.md b/2021/CVE-2021-41646.md index 11bb51ba00..9f51aba9e9 100644 --- a/2021/CVE-2021-41646.md +++ b/2021/CVE-2021-41646.md @@ -14,6 +14,7 @@ Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Review #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/hax3xploit/CVE-2021-41646 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-41647.md b/2021/CVE-2021-41647.md index d2642049ff..78cd5e8e2f 100644 --- a/2021/CVE-2021-41647.md +++ b/2021/CVE-2021-41647.md @@ -13,5 +13,5 @@ An un-authenticated error-based and time-based blind SQL injection vulnerability - http://packetstormsecurity.com/files/164422/Online-Food-Ordering-Web-App-SQL-Injection.html #### Github -No PoCs found on GitHub currently. +- https://github.com/MobiusBinary/CVE-2021-41647 diff --git a/2021/CVE-2021-41648.md b/2021/CVE-2021-41648.md index 781814ffd3..66d38f8c58 100644 --- a/2021/CVE-2021-41648.md +++ b/2021/CVE-2021-41648.md @@ -15,4 +15,5 @@ An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-syste #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/MobiusBinary/CVE-2021-41648 diff --git a/2021/CVE-2021-41649.md b/2021/CVE-2021-41649.md index ff7eeaa947..4579d182d8 100644 --- a/2021/CVE-2021-41649.md +++ b/2021/CVE-2021-41649.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/MobiusBinary/CVE-2021-41649 diff --git a/2021/CVE-2021-41653.md b/2021/CVE-2021-41653.md index eb6d50e30b..9dc43ad128 100644 --- a/2021/CVE-2021-41653.md +++ b/2021/CVE-2021-41653.md @@ -13,9 +13,11 @@ The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL - https://k4m1ll0.com/cve-2021-41653.html #### Github +- https://github.com/0x0021h/expbox - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/ohnonoyesyes/CVE-2021-41653 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- diff --git a/2021/CVE-2021-41728.md b/2021/CVE-2021-41728.md index 83e0bd1c89..ac53c6c328 100644 --- a/2021/CVE-2021-41728.md +++ b/2021/CVE-2021-41728.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Dir0x/CVE-2021-41728 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-41773.md b/2021/CVE-2021-41773.md index ed599385bf..f8e634707e 100644 --- a/2021/CVE-2021-41773.md +++ b/2021/CVE-2021-41773.md @@ -18,20 +18,105 @@ A flaw was found in a change made to path normalization in Apache HTTP Server 2. #### Github - https://github.com/0day666/Vulnerability-verification - https://github.com/0e0w/GoHackTools +- https://github.com/0x3n0/redeam +- https://github.com/0xAlmighty/CVE-2021-41773-PoC +- https://github.com/0xRar/CVE-2021-41773 - https://github.com/0xsyr0/OSCP +- https://github.com/1nhann/CVE-2021-41773 +- https://github.com/5gstudent/cve-2021-41773-and-cve-2021-42013 - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/AkshayraviC09YC47/CVE-Exploits +- https://github.com/AssassinUKG/CVE-2021-41773 +- https://github.com/BabyTeam1024/CVE-2021-41773 +- https://github.com/Balgogan/CVE-2021-41773 +- https://github.com/BlueTeamSteve/CVE-2021-41773 +- https://github.com/CHYbeta/Vuln100Topics20 +- https://github.com/ComdeyOverflow/CVE-2021-41773 +- https://github.com/EagleTube/CVE-2021-41773 +- https://github.com/FDlucifer/firece-fish - https://github.com/H0j3n/EzpzCheatSheet - https://github.com/H0j3n/EzpzShell +- https://github.com/HightechSec/scarce-apache2 +- https://github.com/HxDDD/CVE-PoC +- https://github.com/Hydragyrum/CVE-2021-41773-Playground +- https://github.com/IcmpOff/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution-Exploit +- https://github.com/LayarKacaSiber/CVE-2021-41773 +- https://github.com/LetouRaphael/Poc-CVE-2021-41773 +- https://github.com/Ls4ss/CVE-2021-41773_CVE-2021-42013 +- https://github.com/LudovicPatho/CVE-2021-41773 +- https://github.com/MazX0p/CVE-2021-41773 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/MrCl0wnLab/SimplesApachePathTraversal - https://github.com/N0el4kLs/Vulhub_Exp +- https://github.com/PentesterGuruji/CVE-2021-41773 +- https://github.com/RyouYoo/CVE-2021-41773 +- https://github.com/Sakura-nee/CVE-2021-41773 +- https://github.com/Shadow-warrior0/Apache_path_traversal +- https://github.com/TAI-REx/cve-2021-41773-nse +- https://github.com/TheLastVvV/CVE-2021-41773 +- https://github.com/TishcaTpx/POC-CVE-2021-41773 +- https://github.com/Vulnmachines/cve-2021-41773 +- https://github.com/Zeop-CyberSec/apache_normalize_path +- https://github.com/ZephrFish/CVE-2021-41773-PoC +- https://github.com/ahmad4fifz/CVE-2021-41773 +- https://github.com/ahmad4fifz/CVE-2021-42013 +- https://github.com/apapedulimu/Apachuk +- https://github.com/b1tsec/CVE-2021-41773 - https://github.com/binganao/vulns-2022 +- https://github.com/blasty/CVE-2021-41773 +- https://github.com/byteofjoshua/CVE-2021-41773 +- https://github.com/capdegarde/apache_path_traversal +- https://github.com/cgddgc/CVE-2021-41773-42013 - https://github.com/cisagov/Malcolm +- https://github.com/cloudbyteelias/CVE-2021-41773 +- https://github.com/corelight/CVE-2021-41773 +- https://github.com/creadpag/CVE-2021-41773-POC - https://github.com/fardeen-ahmed/Bug-bounty-Writeups +- https://github.com/fnatalucci/CVE-2021-41773-RCE +- https://github.com/habibiefaried/CVE-2021-41773-PoC - https://github.com/hackingyseguridad/nmap +- https://github.com/htrgouvea/research +- https://github.com/iilegacyyii/PoC-CVE-2021-41773 +- https://github.com/im-hanzou/apachrot +- https://github.com/inbug-team/CVE-2021-41773_CVE-2021-42013 +- https://github.com/itsecurityco/CVE-2021-41773 +- https://github.com/jbovet/CVE-2021-41773 +- https://github.com/jheeree/Simple-CVE-2021-41773-checker +- https://github.com/justakazh/mass_cve-2021-41773 +- https://github.com/knqyf263/CVE-2021-41773 +- https://github.com/ksanchezcld/httpd-2.4.49 +- https://github.com/kubota/POC-CVE-2021-41773 +- https://github.com/lopqto/CVE-2021-41773_Honeypot +- https://github.com/lorddemon/CVE-2021-41773-PoC - https://github.com/ltfafei/my_POC - https://github.com/luck-ying/Library-POC +- https://github.com/m96dg/vulnerable_docker_apache_2_4_49 +- https://github.com/mahtin/unix-v7-uucp-chkpth-bug +- https://github.com/masahiro331/CVE-2021-41773 +- https://github.com/mohwahyudi/cve-2021-41773 +- https://github.com/mr-exo/CVE-2021-41773 +- https://github.com/n3k00n3/CVE-2021-41773 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/numanturle/CVE-2021-41773 +- https://github.com/pisut4152/Sigma-Rule-for-CVE-2021-41773-and-CVE-2021-42013-exploitation-attempt +- https://github.com/qwutony/CVE-2021-41773 +- https://github.com/r00tVen0m/CVE-2021-41773 +- https://github.com/ranggaggngntt/CVE-2021-41773 +- https://github.com/scarmandef/CVE-2021-41773 +- https://github.com/shellreaper/CVE-2021-41773 +- https://github.com/signorrayan/RedTeam_toolkit - https://github.com/superfish9/pt +- https://github.com/superzerosec/CVE-2021-41773 +- https://github.com/theLSA/apache-httpd-path-traversal-checker +- https://github.com/twseptian/CVE-2021-41773 +- https://github.com/twseptian/CVE-2021-42013-Docker-Lab +- https://github.com/vida00/Scanner-CVE-2021-41773 +- https://github.com/vinhjaxt/CVE-2021-41773-exploit +- https://github.com/vulf/CVE-2021-41773_42013 +- https://github.com/walnutsecurity/cve-2021-41773 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +- https://github.com/wolf1892/CVE-2021-41773 +- https://github.com/xMohamed0/CVE-2021-41773 +- https://github.com/zeronine9/CVE-2021-41773 diff --git a/2021/CVE-2021-41869.md b/2021/CVE-2021-41869.md new file mode 100644 index 0000000000..17ce0f3390 --- /dev/null +++ b/2021/CVE-2021-41869.md @@ -0,0 +1,17 @@ +### [CVE-2021-41869](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41869) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +SuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vulnerable to privilege escalation. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ach-ing/cves + diff --git a/2021/CVE-2021-41951.md b/2021/CVE-2021-41951.md index 6b5d4341d1..695d5f347d 100644 --- a/2021/CVE-2021-41951.md +++ b/2021/CVE-2021-41951.md @@ -13,6 +13,7 @@ ResourceSpace before 9.6 rev 18290 is affected by a reflected Cross-Site Scripti No PoCs from references. #### Github +- https://github.com/0x0021h/expbox - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates diff --git a/2021/CVE-2021-42013.md b/2021/CVE-2021-42013.md index 24fe4c1182..2715fb17a6 100644 --- a/2021/CVE-2021-42013.md +++ b/2021/CVE-2021-42013.md @@ -18,13 +18,42 @@ It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was in #### Github - https://github.com/0day666/Vulnerability-verification +- https://github.com/5gstudent/cve-2021-41773-and-cve-2021-42013 - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/CHYbeta/Vuln100Topics20 +- https://github.com/FDlucifer/firece-fish - https://github.com/H0j3n/EzpzCheatSheet - https://github.com/H0j3n/EzpzShell +- https://github.com/Hydragyrum/CVE-2021-41773-Playground +- https://github.com/IcmpOff/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution-Exploit +- https://github.com/LayarKacaSiber/CVE-2021-42013 +- https://github.com/Ls4ss/CVE-2021-41773_CVE-2021-42013 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/MrCl0wnLab/SimplesApachePathTraversal +- https://github.com/Shadow-warrior0/Apache_path_traversal +- https://github.com/TheLastVvV/CVE-2021-42013 +- https://github.com/TheLastVvV/CVE-2021-42013_Reverse-Shell +- https://github.com/Vulnmachines/cve-2021-42013 +- https://github.com/Zeop-CyberSec/apache_normalize_path +- https://github.com/ahmad4fifz/CVE-2021-41773 +- https://github.com/ahmad4fifz/CVE-2021-42013 +- https://github.com/andrea-mattioli/apache-exploit-CVE-2021-42013 +- https://github.com/corelight/CVE-2021-41773 - https://github.com/ibrahimetecicek/Advent-of-Cyber-3-2021- +- https://github.com/im-hanzou/apachrot +- https://github.com/inbug-team/CVE-2021-41773_CVE-2021-42013 +- https://github.com/ksanchezcld/httpd-2.4.49 - https://github.com/ltfafei/my_POC +- https://github.com/mr-exo/CVE-2021-41773 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/pisut4152/Sigma-Rule-for-CVE-2021-41773-and-CVE-2021-42013-exploitation-attempt +- https://github.com/robotsense1337/CVE-2021-42013 +- https://github.com/theLSA/apache-httpd-path-traversal-checker +- https://github.com/twseptian/CVE-2021-41773 +- https://github.com/twseptian/CVE-2021-42013-Docker-Lab +- https://github.com/vulf/CVE-2021-41773_42013 +- https://github.com/walnutsecurity/cve-2021-42013 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +- https://github.com/xMohamed0/CVE-2021-42013-ApacheRCE diff --git a/2021/CVE-2021-42114.md b/2021/CVE-2021-42114.md index bf598a3140..ece30eb6ba 100644 --- a/2021/CVE-2021-42114.md +++ b/2021/CVE-2021-42114.md @@ -18,5 +18,6 @@ Modern DRAM devices (PC-DDR4, LPDDR4X) are affected by a vulnerability in their No PoCs from references. #### Github +- https://github.com/agathanon/vuldb-sync - https://github.com/codexlynx/hardware-attacks-state-of-the-art diff --git a/2021/CVE-2021-42115.md b/2021/CVE-2021-42115.md new file mode 100644 index 0000000000..866495c87c --- /dev/null +++ b/2021/CVE-2021-42115.md @@ -0,0 +1,17 @@ +### [CVE-2021-42115](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42115) +![](https://img.shields.io/static/v1?label=Product&message=TopEase&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%207.1.27%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-1004%20Sensitive%20Cookie%20Without%20'HttpOnly'%20Flag&color=brighgreen) + +### Description + +Missing HTTPOnly flag in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 allows an unauthenticated remote attacker to escalate privileges from unauthenticated to authenticated user via stealing and injecting the session- independent and static cookie UID. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sixgroup-security/CVE + diff --git a/2021/CVE-2021-42116.md b/2021/CVE-2021-42116.md new file mode 100644 index 0000000000..8971b52be4 --- /dev/null +++ b/2021/CVE-2021-42116.md @@ -0,0 +1,17 @@ +### [CVE-2021-42116](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42116) +![](https://img.shields.io/static/v1?label=Product&message=TopEase&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%207.1.27%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%20Improper%20Access%20Control&color=brighgreen) + +### Description + +Incorrect Access Control in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 allows an authenticated remote attacker to view the Shape Editor and Settings, which are functionality for higher privileged users, via identifying said components in the front-end source code or other means. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sixgroup-security/CVE + diff --git a/2021/CVE-2021-42117.md b/2021/CVE-2021-42117.md new file mode 100644 index 0000000000..52659fbb62 --- /dev/null +++ b/2021/CVE-2021-42117.md @@ -0,0 +1,17 @@ +### [CVE-2021-42117](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42117) +![](https://img.shields.io/static/v1?label=Product&message=TopEase&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%207.1.27%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%20Improper%20Input%20Validation&color=brighgreen) + +### Description + +Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 allows an authenticated remote attacker with Object Modification privileges to insert arbitrary HTML without code execution. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sixgroup-security/CVE + diff --git a/2021/CVE-2021-42118.md b/2021/CVE-2021-42118.md new file mode 100644 index 0000000000..03f86eb8fd --- /dev/null +++ b/2021/CVE-2021-42118.md @@ -0,0 +1,17 @@ +### [CVE-2021-42118](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42118) +![](https://img.shields.io/static/v1?label=Product&message=TopEase&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%207.1.27%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross-site%20Scripting%20(XSS)&color=brighgreen) + +### Description + +Persistent Cross Site Scripting in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 via the Structure Component allows an authenticated remote attacker with Object Modification privileges to inject arbitrary HTML and JavaScript code in an object attribute, which is then rendered in the Structure Component, to alter the intended functionality and steal cookies, the latter allowing for account takeover. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sixgroup-security/CVE + diff --git a/2021/CVE-2021-42119.md b/2021/CVE-2021-42119.md new file mode 100644 index 0000000000..b0cbaa2a47 --- /dev/null +++ b/2021/CVE-2021-42119.md @@ -0,0 +1,17 @@ +### [CVE-2021-42119](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42119) +![](https://img.shields.io/static/v1?label=Product&message=TopEase&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%207.1.27%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross-site%20Scripting%20(XSS)&color=brighgreen) + +### Description + +Persistent Cross Site Scripting in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 via the Search Functionality allows authenticated users with Object Modification privileges to inject arbitrary HTML and JavaScript in object attributes, which is then rendered in the Search Functionality, to alter the intended functionality and steal cookies, the latter allowing for account takeover. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sixgroup-security/CVE + diff --git a/2021/CVE-2021-42120.md b/2021/CVE-2021-42120.md new file mode 100644 index 0000000000..443a5ec630 --- /dev/null +++ b/2021/CVE-2021-42120.md @@ -0,0 +1,17 @@ +### [CVE-2021-42120](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42120) +![](https://img.shields.io/static/v1?label=Product&message=TopEase&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%207.1.27%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%20Improper%20Input%20Validation&color=brighgreen) + +### Description + +Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 on all object attributes allows an authenticated remote attacker with Object Modification privileges to insert arbitrarily long strings, eventually leading to exhaustion of the underlying resource. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sixgroup-security/CVE + diff --git a/2021/CVE-2021-42121.md b/2021/CVE-2021-42121.md new file mode 100644 index 0000000000..2deb5af405 --- /dev/null +++ b/2021/CVE-2021-42121.md @@ -0,0 +1,17 @@ +### [CVE-2021-42121](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42121) +![](https://img.shields.io/static/v1?label=Product&message=TopEase&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%207.1.27%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%20Improper%20Input%20Validation&color=brighgreen) + +### Description + +Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 on an object’s date attribute(s) allows an authenticated remote attacker with Object Modification privileges to insert an unexpected format into date fields, which leads to breaking the object page that the date field is present. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sixgroup-security/CVE + diff --git a/2021/CVE-2021-42122.md b/2021/CVE-2021-42122.md new file mode 100644 index 0000000000..3a0ddee494 --- /dev/null +++ b/2021/CVE-2021-42122.md @@ -0,0 +1,17 @@ +### [CVE-2021-42122](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42122) +![](https://img.shields.io/static/v1?label=Product&message=TopEase&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%207.1.27%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%20Improper%20Input%20Validation&color=brighgreen) + +### Description + +Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 on an object’s attributes with numeric format allows an authenticated remote attacker with Object Modification privileges to insert an unexpected format, which makes the affected attribute non-editable. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sixgroup-security/CVE + diff --git a/2021/CVE-2021-42123.md b/2021/CVE-2021-42123.md new file mode 100644 index 0000000000..086e93bd65 --- /dev/null +++ b/2021/CVE-2021-42123.md @@ -0,0 +1,17 @@ +### [CVE-2021-42123](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42123) +![](https://img.shields.io/static/v1?label=Product&message=TopEase&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%207.1.27%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload%20of%20File%20with%20Dangerous%20Type&color=brighgreen) + +### Description + +Unrestricted File Upload in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 in the File Upload Functions allows an authenticated remote attacker with Upload privileges to upload files with any file type, enabling client-side attacks. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sixgroup-security/CVE + diff --git a/2021/CVE-2021-42261.md b/2021/CVE-2021-42261.md index 40bfa80487..bc0093dbae 100644 --- a/2021/CVE-2021-42261.md +++ b/2021/CVE-2021-42261.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/jet-pentest/CVE-2021-42261 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-42278.md b/2021/CVE-2021-42278.md index e581385cc9..e05f327ea2 100644 --- a/2021/CVE-2021-42278.md +++ b/2021/CVE-2021-42278.md @@ -21,10 +21,12 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/Ascotbe/Kernelhub - https://github.com/H0j3n/EzpzCheatSheet +- https://github.com/Ignitetechnologies/Windows-Privilege-Escalation - https://github.com/Jean-Francois-C/Windows-Penetration-Testing - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/Qazeer/OffensivePythonPipeline - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet +- https://github.com/YossiSassi/hAcKtive-Directory-Forensics - https://github.com/ihebski/A-Red-Teamer-diaries - https://github.com/infosecn1nja/AD-Attack-Defense - https://github.com/mdecrevoisier/EVTX-to-MITRE-Attack diff --git a/2021/CVE-2021-42287.md b/2021/CVE-2021-42287.md index 351f63d13d..b16ab30b24 100644 --- a/2021/CVE-2021-42287.md +++ b/2021/CVE-2021-42287.md @@ -25,6 +25,7 @@ No PoCs from references. - https://github.com/Jean-Francois-C/Windows-Penetration-Testing - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet +- https://github.com/YossiSassi/hAcKtive-Directory-Forensics - https://github.com/ihebski/A-Red-Teamer-diaries - https://github.com/infosecn1nja/AD-Attack-Defense - https://github.com/mishmashclone/infosecn1nja-AD-Attack-Defense diff --git a/2021/CVE-2021-42292.md b/2021/CVE-2021-42292.md index 54b466836e..ee671e1494 100644 --- a/2021/CVE-2021-42292.md +++ b/2021/CVE-2021-42292.md @@ -21,6 +21,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/cisagov/Malcolm +- https://github.com/corelight/CVE-2021-42292 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-42321.md b/2021/CVE-2021-42321.md index 3b6ac3d664..a7b9f5f08c 100644 --- a/2021/CVE-2021-42321.md +++ b/2021/CVE-2021-42321.md @@ -16,7 +16,10 @@ Microsoft Exchange Server Remote Code Execution Vulnerability No PoCs from references. #### Github +- https://github.com/0x0021h/expbox - https://github.com/ARPSyndicate/cvemon +- https://github.com/DarkSprings/CVE-2021-42321 +- https://github.com/FDlucifer/Proxy-Attackchain - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-42327.md b/2021/CVE-2021-42327.md index d357ed7dcc..cb566716d4 100644 --- a/2021/CVE-2021-42327.md +++ b/2021/CVE-2021-42327.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/docfate111/CVE-2021-42327 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/xairy/linux-kernel-exploitation diff --git a/2021/CVE-2021-42340.md b/2021/CVE-2021-42340.md new file mode 100644 index 0000000000..8c5d931af8 --- /dev/null +++ b/2021/CVE-2021-42340.md @@ -0,0 +1,17 @@ +### [CVE-2021-42340](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42340) +![](https://img.shields.io/static/v1?label=Product&message=Apache%20Tomcat&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=Apache%20Tomcat%2010%3D%2010.0.0-M10%20to%2010.0.11%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-772%20Missing%20Release%20of%20Resource%20after%20Effective%20Lifetime&color=brighgreen) + +### Description + +The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the connection was closed. This created a memory leak that, over time, could lead to a denial of service via an OutOfMemoryError. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/PalindromeLabs/awesome-websocket-security + diff --git a/2021/CVE-2021-42342.md b/2021/CVE-2021-42342.md index 6499ace273..42604601ea 100644 --- a/2021/CVE-2021-42342.md +++ b/2021/CVE-2021-42342.md @@ -15,6 +15,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/binganao/vulns-2022 +- https://github.com/kimusan/goahead-webserver-pre-5.1.5-RCE-PoC-CVE-2021-42342- - https://github.com/n1sh1th/CVE-POC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-42544.md b/2021/CVE-2021-42544.md new file mode 100644 index 0000000000..87693b547f --- /dev/null +++ b/2021/CVE-2021-42544.md @@ -0,0 +1,17 @@ +### [CVE-2021-42544](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42544) +![](https://img.shields.io/static/v1?label=Product&message=TopEase&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%207.1.28%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-307%20Improper%20Restriction%20of%20Excessive%20Authentication%20Attempts&color=brighgreen) + +### Description + +Missing Rate Limiting in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 on the Login Form allows an unauthenticated remote attacker to perform multiple login attempts, which facilitates gaining privileges. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sixgroup-security/CVE + diff --git a/2021/CVE-2021-42545.md b/2021/CVE-2021-42545.md new file mode 100644 index 0000000000..8a60c2ccc6 --- /dev/null +++ b/2021/CVE-2021-42545.md @@ -0,0 +1,17 @@ +### [CVE-2021-42545](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42545) +![](https://img.shields.io/static/v1?label=Product&message=TopEase&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%207.1.27%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-613%20Insufficient%20Session%20Expiration&color=brighgreen) + +### Description + +An insufficient session expiration vulnerability exists in Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27, which allows a remote attacker to reuse, spoof, or steal other user and admin sessions. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sixgroup-security/CVE + diff --git a/2021/CVE-2021-42574.md b/2021/CVE-2021-42574.md index c7c29ad171..9e158e5b77 100644 --- a/2021/CVE-2021-42574.md +++ b/2021/CVE-2021-42574.md @@ -14,7 +14,15 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/buckley-w-david/trojan-source +- https://github.com/burberius/trojan-source-maven-plugin +- https://github.com/hffaust/CVE-2021-42574_and_CVE-2021-42694 +- https://github.com/js-on/CVE-2021-42574 - https://github.com/kaosagnt/ansible-everyday +- https://github.com/m1dsummer/AD-2021 +- https://github.com/maweil/bidi_char_detector - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/pierDipi/unicode-control-characters-action +- https://github.com/shiomiyan/CVE-2021-42574 diff --git a/2021/CVE-2021-42662.md b/2021/CVE-2021-42662.md index 62949fd30b..f1ee7f3b6b 100644 --- a/2021/CVE-2021-42662.md +++ b/2021/CVE-2021-42662.md @@ -15,5 +15,7 @@ A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Onlin #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/TheHackingRabbi/CVE-2021-42662 +- https://github.com/TheHackingRabbi/CVE-2021-42663 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-42663.md b/2021/CVE-2021-42663.md index 8104a357c2..07ecb4795d 100644 --- a/2021/CVE-2021-42663.md +++ b/2021/CVE-2021-42663.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/TheHackingRabbi/CVE-2021-42663 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-42664.md b/2021/CVE-2021-42664.md index e54bbf2b54..0d1d7b5655 100644 --- a/2021/CVE-2021-42664.md +++ b/2021/CVE-2021-42664.md @@ -15,5 +15,6 @@ A Stored Cross Site Scripting (XSS) Vulneraibiilty exists in Sourcecodester Engi #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/TheHackingRabbi/CVE-2021-42664 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-42665.md b/2021/CVE-2021-42665.md index 4cfac6b831..2910b9933b 100644 --- a/2021/CVE-2021-42665.md +++ b/2021/CVE-2021-42665.md @@ -14,5 +14,6 @@ An SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/TheHackingRabbi/CVE-2021-42665 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-42666.md b/2021/CVE-2021-42666.md index ba44eb36e5..609587b445 100644 --- a/2021/CVE-2021-42666.md +++ b/2021/CVE-2021-42666.md @@ -14,5 +14,6 @@ A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal i #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/TheHackingRabbi/CVE-2021-42666 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-42667.md b/2021/CVE-2021-42667.md index 7d6de6c4d4..9abe995ccd 100644 --- a/2021/CVE-2021-42667.md +++ b/2021/CVE-2021-42667.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/TheHackingRabbi/CVE-2021-42667 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-42668.md b/2021/CVE-2021-42668.md index 1cca5dcb54..85222b8aea 100644 --- a/2021/CVE-2021-42668.md +++ b/2021/CVE-2021-42668.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/TheHackingRabbi/CVE-2021-42668 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-42669.md b/2021/CVE-2021-42669.md index 146970ef73..dc1ebb22d9 100644 --- a/2021/CVE-2021-42669.md +++ b/2021/CVE-2021-42669.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/TheHackingRabbi/CVE-2021-42669 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-42670.md b/2021/CVE-2021-42670.md index 2536c5eac5..9b9279237c 100644 --- a/2021/CVE-2021-42670.md +++ b/2021/CVE-2021-42670.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/TheHackingRabbi/CVE-2021-42670 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-42671.md b/2021/CVE-2021-42671.md index 9bfb877e98..80915d335d 100644 --- a/2021/CVE-2021-42671.md +++ b/2021/CVE-2021-42671.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/TheHackingRabbi/CVE-2021-42671 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-42694.md b/2021/CVE-2021-42694.md index 0968fc1a1a..f8e676ff30 100644 --- a/2021/CVE-2021-42694.md +++ b/2021/CVE-2021-42694.md @@ -14,7 +14,10 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/hffaust/CVE-2021-42574_and_CVE-2021-42694 +- https://github.com/js-on/CVE-2021-42694 - https://github.com/kaosagnt/ansible-everyday - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/pierDipi/unicode-control-characters-action diff --git a/2021/CVE-2021-43032.md b/2021/CVE-2021-43032.md index 5806f3d29c..996eb81ba0 100644 --- a/2021/CVE-2021-43032.md +++ b/2021/CVE-2021-43032.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/SakuraSamuraii/CVE-2021-43032 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-43137.md b/2021/CVE-2021-43137.md index 28820ff91d..be4db7c3be 100644 --- a/2021/CVE-2021-43137.md +++ b/2021/CVE-2021-43137.md @@ -13,5 +13,5 @@ Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability e - https://www.exploit-db.com/exploits/50461 #### Github -No PoCs found on GitHub currently. +- https://github.com/dn0m1n8tor/dn0m1n8tor diff --git a/2021/CVE-2021-43140.md b/2021/CVE-2021-43140.md index d7be223344..0cf6d209d8 100644 --- a/2021/CVE-2021-43140.md +++ b/2021/CVE-2021-43140.md @@ -14,5 +14,6 @@ SQL Injection vulnerability exists in Sourcecodester. Simple Subscription Websit #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Dir0x/CVE-2021-43140 - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-43141.md b/2021/CVE-2021-43141.md index efdd9504a0..7dc952647e 100644 --- a/2021/CVE-2021-43141.md +++ b/2021/CVE-2021-43141.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Dir0x/CVE-2021-43141 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-43267.md b/2021/CVE-2021-43267.md index afc97f7c78..46533ded99 100644 --- a/2021/CVE-2021-43267.md +++ b/2021/CVE-2021-43267.md @@ -13,12 +13,15 @@ An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16 #### Github +- https://github.com/0x0021h/expbox - https://github.com/ARPSyndicate/cvemon - https://github.com/Al1ex/LinuxEelvation +- https://github.com/DarkSprings/CVE-2021-43267-POC - https://github.com/bcoles/kasld - https://github.com/bsauce/kernel-exploit-factory - https://github.com/bsauce/kernel-security-learning - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/ohnonoyesyes/CVE-2021-43267 - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/xairy/linux-kernel-exploitation diff --git a/2021/CVE-2021-43324.md b/2021/CVE-2021-43324.md new file mode 100644 index 0000000000..9ae9bede04 --- /dev/null +++ b/2021/CVE-2021-43324.md @@ -0,0 +1,17 @@ +### [CVE-2021-43324](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43324) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +LibreNMS through 21.10.2 allows XSS via a widget title. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/mikaelkall/0day + diff --git a/2021/CVE-2021-43361.md b/2021/CVE-2021-43361.md index 308c4e9def..c338529a4d 100644 --- a/2021/CVE-2021-43361.md +++ b/2021/CVE-2021-43361.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/bartutku/CVE-2021-43361 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-43405.md b/2021/CVE-2021-43405.md index cb35a99919..e514521285 100644 --- a/2021/CVE-2021-43405.md +++ b/2021/CVE-2021-43405.md @@ -13,5 +13,5 @@ An issue was discovered in FusionPBX before 4.5.30. The fax_extension may have r - http://packetstormsecurity.com/files/164795/FusionPBX-4.5.29-Remote-Code-Execution.html #### Github -No PoCs found on GitHub currently. +- https://github.com/armadill00/-FusionPBX-4.5.29---Remote-Code-Execution-RCE-Authenticated- diff --git a/2021/CVE-2021-43451.md b/2021/CVE-2021-43451.md index 0a52cfd798..42a2043c0b 100644 --- a/2021/CVE-2021-43451.md +++ b/2021/CVE-2021-43451.md @@ -14,5 +14,5 @@ SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management Syst - https://www.exploit-db.com/exploits/50467 #### Github -No PoCs found on GitHub currently. +- https://github.com/dn0m1n8tor/dn0m1n8tor diff --git a/2021/CVE-2021-43469.md b/2021/CVE-2021-43469.md index cb146fc697..11c7955974 100644 --- a/2021/CVE-2021-43469.md +++ b/2021/CVE-2021-43469.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/badboycxcc/CVE-2021-43469 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-43471.md b/2021/CVE-2021-43471.md index e225bfd1da..7b4e0e0103 100644 --- a/2021/CVE-2021-43471.md +++ b/2021/CVE-2021-43471.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/cxaqhq/CVE-2021-43471 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-43557.md b/2021/CVE-2021-43557.md index 99fe94541a..ae72ddee0d 100644 --- a/2021/CVE-2021-43557.md +++ b/2021/CVE-2021-43557.md @@ -13,7 +13,9 @@ The uri-block plugin in Apache APISIX before 2.10.2 uses $request_uri without ve No PoCs from references. #### Github +- https://github.com/0x0021h/expbox - https://github.com/ARPSyndicate/cvemon - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor +- https://github.com/xvnpw/k8s-CVE-2021-43557-poc diff --git a/2021/CVE-2021-43616.md b/2021/CVE-2021-43616.md index ce533ff53c..5c5beb020f 100644 --- a/2021/CVE-2021-43616.md +++ b/2021/CVE-2021-43616.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/icatalina/CVE-2021-43616 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-43617.md b/2021/CVE-2021-43617.md index 491efd0be8..df6b7f8213 100644 --- a/2021/CVE-2021-43617.md +++ b/2021/CVE-2021-43617.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/kombat1/CVE-2021-43617 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-43778.md b/2021/CVE-2021-43778.md index 960643194d..f4913d7b0c 100644 --- a/2021/CVE-2021-43778.md +++ b/2021/CVE-2021-43778.md @@ -13,6 +13,7 @@ Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances vers No PoCs from references. #### Github +- https://github.com/AK-blank/CVE-2021-43778 - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/d-rn/vulBox diff --git a/2021/CVE-2021-43798.md b/2021/CVE-2021-43798.md index 6569622545..ba2a675cd7 100644 --- a/2021/CVE-2021-43798.md +++ b/2021/CVE-2021-43798.md @@ -21,6 +21,7 @@ Grafana is an open-source platform for monitoring and observability. Grafana ver - https://github.com/harsh-bothra/learn365 - https://github.com/n1sh1th/CVE-POC - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/salvador-arreola/prometheus-grafana-telegram-k8s - https://github.com/taielab/awesome-hacking-lists - https://github.com/tanjiti/sec_profile - https://github.com/woods-sega/woodswiki diff --git a/2021/CVE-2021-43883.md b/2021/CVE-2021-43883.md index 227d928a90..2b531cbbe0 100644 --- a/2021/CVE-2021-43883.md +++ b/2021/CVE-2021-43883.md @@ -35,9 +35,12 @@ Windows Installer Elevation of Privilege Vulnerability No PoCs from references. #### Github +- https://github.com/0x727/usefull-elevation-of-privilege - https://github.com/0xsyr0/OSCP - https://github.com/ARPSyndicate/cvemon - https://github.com/Ascotbe/Kernelhub +- https://github.com/Octoberfest7/Tools +- https://github.com/klinix5/InstallerFileTakeOver - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2021/CVE-2021-44217.md b/2021/CVE-2021-44217.md index a3214bd05e..f1f175da02 100644 --- a/2021/CVE-2021-44217.md +++ b/2021/CVE-2021-44217.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Hyperkopite/CVE-2021-44217 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2021/CVE-2021-44223.md b/2021/CVE-2021-44223.md index 25cc0e2093..493ab5d346 100644 --- a/2021/CVE-2021-44223.md +++ b/2021/CVE-2021-44223.md @@ -13,5 +13,5 @@ WordPress before 5.8 lacks support for the Update URI plugin header. This makes - https://vavkamil.cz/2021/11/25/wordpress-plugin-confusion-update-can-get-you-pwned/ #### Github -No PoCs found on GitHub currently. +- https://github.com/vavkamil/wp-update-confusion diff --git a/2021/CVE-2021-44228.md b/2021/CVE-2021-44228.md index 784455b98a..8dcc2b6503 100644 --- a/2021/CVE-2021-44228.md +++ b/2021/CVE-2021-44228.md @@ -40,21 +40,26 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12 - https://github.com/CobbleSword/NachoSpigot - https://github.com/Cosmo-Tech/azure-digital-twins-simulator-connector - https://github.com/CptOfEvilMinions/ChooseYourSIEMAdventure +- https://github.com/Diablo5G/Certification-Prep - https://github.com/Dmitriy-area51/Exploit - https://github.com/Fantantonio/UNIVR-FSP-2022-Project - https://github.com/FeryaelJustice/Log4Shell - https://github.com/FraunhoferIOSB/FROST-Server - https://github.com/FunnyWolf/Viper - https://github.com/Goqi/ELong +- https://github.com/GreenDelta/search-wrapper-es-rest - https://github.com/H0j3n/EzpzCheatSheet - https://github.com/HackJava/Log4j2 +- https://github.com/HaveFun83/awesome-stars - https://github.com/HynekPetrak/log4shell-finder - https://github.com/J0B10/Minzomat - https://github.com/J0B10/Voteban - https://github.com/Jean-Francois-C/Windows-Penetration-Testing +- https://github.com/KONNEKTIO/konnekt-docs - https://github.com/Log4s/log4s - https://github.com/MedKH1684/Log4j-Vulnerability-Exploitation - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/NUMde/compass-num-conformance-checker - https://github.com/Neo23x0/log4shell-detector - https://github.com/NiftyBank/java-app - https://github.com/OsiriX-Foundation/karnak @@ -62,6 +67,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12 - https://github.com/PAXSTORE/paxstore-openapi-java-sdk - https://github.com/Qualys/log4jscanwin - https://github.com/R0Wi/elasticsearch-nextcloud-docker +- https://github.com/RADIUS-as-a-Service/radiusaas-docs - https://github.com/Staubgeborener/stars - https://github.com/Taipo/pareto_security - https://github.com/adelarsq/awesome-bugs @@ -69,6 +75,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12 - https://github.com/alastria/alastria-node-besu - https://github.com/allegroai/clearml-server - https://github.com/angristan/awesome-stars +- https://github.com/asterinwl/elastic_search - https://github.com/awslabs/jndi-deobfuscate-python - https://github.com/b1n4ryj4n/awesome-stars - https://github.com/baobaovt/CodeReviewLab @@ -90,6 +97,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12 - https://github.com/docker-solr/docker-solr - https://github.com/druminik/log4shell-poc - https://github.com/eclipse-archived/kuksa.integration +- https://github.com/eclipse-scout/scout.rt - https://github.com/eromang/researches - https://github.com/eventsentry/scripts - https://github.com/factoidforrest/homepage @@ -100,15 +108,18 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12 - https://github.com/git-bom/bomsh - https://github.com/goofball222/unifi - https://github.com/gredler/aegis4j +- https://github.com/guerzon/guerzon - https://github.com/hex0wn/learn-java-bug - https://github.com/hotpotcookie/lol4j-white-box - https://github.com/hypertrace/hypertrace - https://github.com/idmengineering/handy_stuff - https://github.com/imTigger/webapp-hardware-bridge +- https://github.com/insignit/cve-informatie - https://github.com/integralads/dependency-deep-scan-utilities - https://github.com/irrer/DICOMClient - https://github.com/jacobalberty/unifi-docker - https://github.com/jaspervanderhoek/MicroflowScheduledEventManager +- https://github.com/jaygooby/jaygooby - https://github.com/jbautistamartin/Log4ShellEjemplo - https://github.com/justb4/docker-jmeter - https://github.com/kdgregory/log4j-aws-appenders @@ -123,6 +134,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12 - https://github.com/logpresso/CVE-2021-44228-Scanner - https://github.com/lucab85/ansible-role-log4shell - https://github.com/lucab85/log4j-cve-2021-44228 +- https://github.com/lukibahr/unifi-controller-helm-chart - https://github.com/mark-5-9/mark59 - https://github.com/mark-5-9/mark59-wip - https://github.com/maxgfr/awesome-stars @@ -143,12 +155,14 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12 - https://github.com/ochrance-cz/web - https://github.com/open-source-agenda/new-open-source-projects - https://github.com/petebuffon/launcher-ot-minecraft +- https://github.com/pg0123/writeups - https://github.com/phax/ph-oton - https://github.com/phax/phase4 - https://github.com/phax/phoss-directory - https://github.com/promregator/promregator - https://github.com/pvnovarese/2022-02-enterprise-demo - https://github.com/quoll/mulgara +- https://github.com/racke/ansible-role-solr - https://github.com/rod4n4m1/hashi-vault-js - https://github.com/romeolibm/DBWorkloadProcessor - https://github.com/schnatterer/smeagol-galore @@ -167,10 +181,12 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12 - https://github.com/tmax-cloud/install-EFK - https://github.com/tslenter/RSX-RSC - https://github.com/typelevel/log4cats +- https://github.com/uli-heller/spring-boot-logback - https://github.com/vdenotaris/spring-boot-security-saml-sample - https://github.com/vendia/blog - https://github.com/veo/vscan - https://github.com/vorburger/Learning-Log4j2 +- https://github.com/wanetty/wanetty.github.io - https://github.com/watson-developer-cloud/assistant-with-discovery - https://github.com/wavefrontHQ/wavefront-proxy - https://github.com/whalehub/awesome-stars diff --git a/2021/CVE-2021-44352.md b/2021/CVE-2021-44352.md new file mode 100644 index 0000000000..1d86715fe5 --- /dev/null +++ b/2021/CVE-2021-44352.md @@ -0,0 +1,17 @@ +### [CVE-2021-44352](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44352) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V15.03.05.18_multi device via the list parameter in a post request in goform/SetIpMacBind. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/zhlu32/cve + diff --git a/2021/CVE-2021-44864.md b/2021/CVE-2021-44864.md new file mode 100644 index 0000000000..2b95e3d5e5 --- /dev/null +++ b/2021/CVE-2021-44864.md @@ -0,0 +1,17 @@ +### [CVE-2021-44864](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44864) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +TP-Link WR886N 3.0 1.0.1 Build 150127 Rel.34123n is vulnerable to Buffer Overflow. Authenticated attackers can crash router httpd services via /userRpm/PingIframeRpm.htm request which contains redundant & in parameter. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/zhlu32/cve + diff --git a/2021/CVE-2021-45046.md b/2021/CVE-2021-45046.md index fd65b7eba7..6cadf7bf76 100644 --- a/2021/CVE-2021-45046.md +++ b/2021/CVE-2021-45046.md @@ -17,8 +17,10 @@ It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was i - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Awisefew/Lof4j - https://github.com/CptOfEvilMinions/ChooseYourSIEMAdventure +- https://github.com/Diablo5G/Certification-Prep - https://github.com/HackJava/Log4j2 - https://github.com/HynekPetrak/log4shell-finder +- https://github.com/NUMde/compass-num-conformance-checker - https://github.com/NiftyBank/java-app - https://github.com/Qualys/log4jscanwin - https://github.com/Staubgeborener/stars @@ -33,9 +35,11 @@ It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was i - https://github.com/eventsentry/scripts - https://github.com/hypertrace/hypertrace - https://github.com/imTigger/webapp-hardware-bridge +- https://github.com/insignit/cve-informatie - https://github.com/integralads/dependency-deep-scan-utilities - https://github.com/jacobalberty/unifi-docker - https://github.com/justb4/docker-jmeter +- https://github.com/kdpuvvadi/Omada-Ansible - https://github.com/logpresso/CVE-2021-44228-Scanner - https://github.com/mergebase/csv-compare - https://github.com/nlmaca/Wowza_Installers diff --git a/2021/CVE-2021-45078.md b/2021/CVE-2021-45078.md index f524689612..3103b78200 100644 --- a/2021/CVE-2021-45078.md +++ b/2021/CVE-2021-45078.md @@ -13,5 +13,5 @@ stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers - https://sourceware.org/bugzilla/show_bug.cgi?id=28694 #### Github -No PoCs found on GitHub currently. +- https://github.com/fluidattacks/makes diff --git a/2021/CVE-2021-45232.md b/2021/CVE-2021-45232.md index 7b2809047b..92a7b8e033 100644 --- a/2021/CVE-2021-45232.md +++ b/2021/CVE-2021-45232.md @@ -13,6 +13,7 @@ In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks an No PoCs from references. #### Github +- https://github.com/0x0021h/expbox - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Mr-xn/Penetration_Testing_POC diff --git a/2021/CVE-2021-45268.md b/2021/CVE-2021-45268.md index 9dcd3f4d1e..8a7bca6368 100644 --- a/2021/CVE-2021-45268.md +++ b/2021/CVE-2021-45268.md @@ -13,5 +13,6 @@ - https://www.exploit-db.com/exploits/50323 #### Github +- https://github.com/V1n1v131r4/CSRF-to-RCE-on-Backdrop-CMS - https://github.com/V1n1v131r4/My-CVEs diff --git a/2021/CVE-2021-45901.md b/2021/CVE-2021-45901.md index bdd1376bc0..f4cd1c1c61 100644 --- a/2021/CVE-2021-45901.md +++ b/2021/CVE-2021-45901.md @@ -15,6 +15,7 @@ The password-reset form in ServiceNow Orlando provides different responses to in - https://www.trustwave.com/en-us/resources/security-resources/security-advisories/ #### Github +- https://github.com/9lyph/CVE-2021-45901 - https://github.com/ARPSyndicate/cvemon - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-45903.md b/2021/CVE-2021-45903.md new file mode 100644 index 0000000000..be7ceab2e8 --- /dev/null +++ b/2021/CVE-2021-45903.md @@ -0,0 +1,17 @@ +### [CVE-2021-45903](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45903) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +A persistent cross-site scripting (XSS) issue in the web interface of SuiteCRM before 7.10.35, and 7.11.x and 7.12.x before 7.12.2, allows a remote attacker to introduce arbitrary JavaScript via attachments upload, a different vulnerability than CVE-2021-39267 and CVE-2021-39268. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/ach-ing/cves + diff --git a/2021/CVE-2021-46013.md b/2021/CVE-2021-46013.md index be69b9c799..4ce167e2dd 100644 --- a/2021/CVE-2021-46013.md +++ b/2021/CVE-2021-46013.md @@ -13,5 +13,5 @@ An unrestricted file upload vulnerability exists in Sourcecodester Free school m - https://www.exploit-db.com/exploits/50587 #### Github -No PoCs found on GitHub currently. +- https://github.com/able403/able403 diff --git a/github.txt b/github.txt index 5c55a600cf..a57c46f04a 100644 --- a/github.txt +++ b/github.txt @@ -1,3 +1,5 @@ +CVE-0000-0000 - https://github.com/Konstantinos-Papanagnou/CMSpit +CVE-0000-0000 - https://github.com/Simonpe1/xray-custom-integration-demo CVE-0000-0000 - https://github.com/YaFou/Changelog-specification CVE-1999-0001 - https://github.com/flowground/anchore-io-connector CVE-1999-0001 - https://github.com/jimmyislive/gocve @@ -1837,6 +1839,7 @@ CVE-2009-1891 - https://github.com/RoliSoft/ReconScan CVE-2009-1891 - https://github.com/issdp/test CVE-2009-1891 - https://github.com/matoweb/Enumeration-Script CVE-2009-1904 - https://github.com/NZKoz/bigdecimal-segfault-fix +CVE-2009-2009 - https://github.com/wst24365888/get_code_segment CVE-2009-2015 - https://github.com/ARPSyndicate/kenzer-templates CVE-2009-2100 - https://github.com/ARPSyndicate/kenzer-templates CVE-2009-2265 - https://github.com/0zvxr/CVE-2009-2265 @@ -2227,6 +2230,8 @@ CVE-2010-1205 - https://github.com/benoit-a/radamsa CVE-2010-1205 - https://github.com/sunzu94/radamsa-Fuzzer CVE-2010-1217 - https://github.com/ARPSyndicate/kenzer-templates CVE-2010-1219 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2010-1240 - https://github.com/Jasmoon99/Embedded-PDF +CVE-2010-1256 - https://github.com/Romulus968/copycat CVE-2010-1302 - https://github.com/ARPSyndicate/kenzer-templates CVE-2010-1304 - https://github.com/ARPSyndicate/kenzer-templates CVE-2010-1305 - https://github.com/ARPSyndicate/kenzer-templates @@ -2333,6 +2338,7 @@ CVE-2010-1887 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2010-1897 - https://github.com/Ascotbe/Kernelhub CVE-2010-1897 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2010-1899 - https://github.com/Al1ex/WindowsElevation +CVE-2010-1899 - https://github.com/Romulus968/copycat CVE-2010-1899 - https://github.com/fei9747/WindowsElevation CVE-2010-1938 - https://github.com/vasanth-tamil/ctf-writeups CVE-2010-1952 - https://github.com/ARPSyndicate/kenzer-templates @@ -2375,7 +2381,9 @@ CVE-2010-2240 - https://github.com/Technoashofficial/kernel-exploitation-linux CVE-2010-2240 - https://github.com/xairy/linux-kernel-exploitation CVE-2010-2259 - https://github.com/ARPSyndicate/kenzer-templates CVE-2010-2307 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2010-2330 - https://github.com/GihanJ/Structured-Exception-Handling-SEH-Buffer-Overflow CVE-2010-2331 - https://github.com/0xhuesca/CVE-2019-18655 +CVE-2010-2331 - https://github.com/GihanJ/Structured-Exception-Handling-SEH-Buffer-Overflow CVE-2010-2331 - https://github.com/developer3000S/PoC-in-GitHub CVE-2010-2443 - https://github.com/Hwangtaewon/radamsa CVE-2010-2443 - https://github.com/StephenHaruna/RADAMSA @@ -2431,6 +2439,7 @@ CVE-2010-2680 - https://github.com/ARPSyndicate/kenzer-templates CVE-2010-2682 - https://github.com/ARPSyndicate/kenzer-templates CVE-2010-2693 - https://github.com/Snoopy-Sec/Localroot-ALL-CVE CVE-2010-2729 - https://github.com/thalpius/Microsoft-PrintDemon-Vulnerability +CVE-2010-2730 - https://github.com/Romulus968/copycat CVE-2010-2730 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2010-2772 - https://github.com/ic3sw0rd/S7_plus_Crash CVE-2010-2772 - https://github.com/uraninite/win32-stuxnet @@ -2610,8 +2619,11 @@ CVE-2010-3301 - https://github.com/yige666/linux-kernel-exploits CVE-2010-3301 - https://github.com/zyjsuper/linux-kernel-exploits CVE-2010-3332 - https://github.com/bongbongco/MS10-070 CVE-2010-3333 - https://github.com/CERT-hr/modified_cve-search +CVE-2010-3333 - https://github.com/ZeroRaidStudios/api.notzerotwo.ml CVE-2010-3333 - https://github.com/cve-search/cve-search CVE-2010-3333 - https://github.com/cve-search/cve-search-ng +CVE-2010-3333 - https://github.com/djschleen/ash +CVE-2010-3333 - https://github.com/doshyt/cve-monitor CVE-2010-3333 - https://github.com/enthought/cve-search CVE-2010-3333 - https://github.com/extremenetworks/cve-search-src CVE-2010-3333 - https://github.com/miradam/cve-search @@ -2763,6 +2775,7 @@ CVE-2010-3904 - https://github.com/xfinest/linux-kernel-exploits CVE-2010-3904 - https://github.com/xssfile/linux-kernel-exploits CVE-2010-3904 - https://github.com/yige666/linux-kernel-exploits CVE-2010-3904 - https://github.com/zyjsuper/linux-kernel-exploits +CVE-2010-3972 - https://github.com/Romulus968/copycat CVE-2010-4051 - https://github.com/flyrev/security-scan-ci-presentation CVE-2010-4051 - https://github.com/garethr/snykout CVE-2010-4052 - https://github.com/flyrev/security-scan-ci-presentation @@ -2894,6 +2907,7 @@ CVE-2010-4527 - https://github.com/mergebase/usn2json CVE-2010-4529 - https://github.com/mergebase/usn2json CVE-2010-4617 - https://github.com/ARPSyndicate/kenzer-templates CVE-2010-4652 - https://github.com/tpez0/node-nmap-vulners +CVE-2010-4662 - https://github.com/0xffee/Layer2HackerDao CVE-2010-4662 - https://github.com/plasticuproject/nvd_api CVE-2010-4669 - https://github.com/quinn-samuel-perry/CVE-2010-4669 CVE-2010-4719 - https://github.com/ARPSyndicate/kenzer-templates @@ -2996,6 +3010,7 @@ CVE-2011-0661 - https://github.com/aRustyDev/C844 CVE-2011-0661 - https://github.com/uroboros-security/SMB-CVE CVE-2011-0708 - https://github.com/mudongliang/LinuxFlaw CVE-2011-0708 - https://github.com/oneoy/cve- +CVE-2011-0751 - https://github.com/NHPT/CVE-2019-16278 CVE-2011-0751 - https://github.com/jas502n/CVE-2019-16278 CVE-2011-0761 - https://github.com/mudongliang/LinuxFlaw CVE-2011-0761 - https://github.com/oneoy/cve- @@ -3088,6 +3103,7 @@ CVE-2011-2348 - https://github.com/Hwangtaewon/radamsa CVE-2011-2348 - https://github.com/StephenHaruna/RADAMSA CVE-2011-2348 - https://github.com/benoit-a/radamsa CVE-2011-2348 - https://github.com/sunzu94/radamsa-Fuzzer +CVE-2011-2461 - https://github.com/Nieuport/awesome-burp-extensions CVE-2011-2461 - https://github.com/awc/bappstore_list CVE-2011-2461 - https://github.com/cranelab/webapp-tech CVE-2011-2461 - https://github.com/snoopysecurity/awesome-burp-extensions @@ -3123,6 +3139,7 @@ CVE-2011-2861 - https://github.com/StephenHaruna/RADAMSA CVE-2011-2861 - https://github.com/benoit-a/radamsa CVE-2011-2861 - https://github.com/sunzu94/radamsa-Fuzzer CVE-2011-2894 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2011-2894 - https://github.com/galimba/Jackson-deserialization-PoC CVE-2011-2894 - https://github.com/kajalNair/OSWE-Prep CVE-2011-2921 - https://github.com/bcoles/local-exploits CVE-2011-3026 - https://github.com/argp/cve-2011-3026-firefox @@ -3161,7 +3178,9 @@ CVE-2011-3368 - https://github.com/matoweb/Enumeration-Script CVE-2011-3368 - https://github.com/syadg123/pigat CVE-2011-3368 - https://github.com/teamssix/pigat CVE-2011-3374 - https://github.com/Azure/container-scan +CVE-2011-3374 - https://github.com/KorayAgaya/TrivyWeb CVE-2011-3374 - https://github.com/cynalytica/container-scan +CVE-2011-3374 - https://github.com/devopstales/trivy-operator CVE-2011-3374 - https://github.com/drjhunter/container-scan CVE-2011-3374 - https://github.com/flyrev/security-scan-ci-presentation CVE-2011-3374 - https://github.com/garethr/findcve @@ -3174,10 +3193,13 @@ CVE-2011-3374 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2011-3374 - https://github.com/umahari/security CVE-2011-3389 - https://github.com/Artem-Salnikov/devops-netology CVE-2011-3389 - https://github.com/Astrogeorgeonethree/Starred +CVE-2011-3389 - https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 CVE-2011-3389 - https://github.com/WiktorMysz/devops-netology CVE-2011-3389 - https://github.com/alexandrburyakov/Rep2 CVE-2011-3389 - https://github.com/bysart/devops-netology +CVE-2011-3389 - https://github.com/daniel1302/litecoin CVE-2011-3389 - https://github.com/garethr/snykout +CVE-2011-3389 - https://github.com/yellownine/netology-DevOps CVE-2011-3414 - https://github.com/sergiogarciadev/HashCollisionDetector CVE-2011-3521 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2011-3556 - https://github.com/gobysec/Goby @@ -3442,6 +3464,7 @@ CVE-2012-0158 - https://github.com/qiantu88/office-cve CVE-2012-0158 - https://github.com/riusksk/vul_war_error CVE-2012-0158 - https://github.com/xiaoy-sec/Pentest_Note CVE-2012-0158 - https://github.com/zhang040723/web +CVE-2012-0217 - https://github.com/Apri1y/Red-Team-links CVE-2012-0217 - https://github.com/Ascotbe/Kernelhub CVE-2012-0217 - https://github.com/Echocipher/Resource-list CVE-2012-0217 - https://github.com/Flerov/WindowsExploitDev @@ -3449,6 +3472,11 @@ CVE-2012-0217 - https://github.com/Snoopy-Sec/Localroot-ALL-CVE CVE-2012-0217 - https://github.com/anoaghost/Localroot_Compile CVE-2012-0217 - https://github.com/cranelab/exploit-development CVE-2012-0217 - https://github.com/felixlinker/ifc-rv-thesis +CVE-2012-0217 - https://github.com/hudunkey/Red-Team-links +CVE-2012-0217 - https://github.com/john-80/-007 +CVE-2012-0217 - https://github.com/lp008/Hack-readme +CVE-2012-0217 - https://github.com/slimdaddy/RedTeam +CVE-2012-0217 - https://github.com/xiaoZ-hc/redtool CVE-2012-0217 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2012-0391 - https://github.com/SexyBeast233/SecBooks CVE-2012-0391 - https://github.com/TesterCC/exp_poc_library @@ -3467,6 +3495,7 @@ CVE-2012-0457 - https://github.com/benoit-a/radamsa CVE-2012-0457 - https://github.com/sunzu94/radamsa-Fuzzer CVE-2012-0469 - https://github.com/Hwangtaewon/radamsa CVE-2012-0469 - https://github.com/StephenHaruna/RADAMSA +CVE-2012-0469 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2012-0469 - https://github.com/benoit-a/radamsa CVE-2012-0469 - https://github.com/sunzu94/radamsa-Fuzzer CVE-2012-0470 - https://github.com/Hwangtaewon/radamsa @@ -3511,6 +3540,7 @@ CVE-2012-1182 - https://github.com/Eutectico/Steel-Mountain CVE-2012-1182 - https://github.com/Qftm/Information_Collection_Handbook CVE-2012-1182 - https://github.com/amishamunjal-az/Week16-Homework CVE-2012-1182 - https://github.com/esteban0477/RedTeamPlaybook +CVE-2012-1182 - https://github.com/katgoods/week16 CVE-2012-1182 - https://github.com/notsag-dev/htb-blue CVE-2012-1182 - https://github.com/notsag-dev/htb-legacy CVE-2012-1182 - https://github.com/superhero1/OSCP-Prep @@ -3550,6 +3580,7 @@ CVE-2012-1835 - https://github.com/ARPSyndicate/kenzer-templates CVE-2012-1856 - https://github.com/Panopticon-Project/Panopticon-Patchwork CVE-2012-1856 - https://github.com/houjingyi233/office-exploit-case-study CVE-2012-1856 - https://github.com/qiantu88/office-cve +CVE-2012-1876 - https://github.com/migraine-sudo/Arsenal CVE-2012-1889 - https://github.com/l-iberty/cve-2012-1889 CVE-2012-1889 - https://github.com/whu-enjoy/CVE-2012-1889 CVE-2012-1909 - https://github.com/uvhw/wallet.cpp @@ -3568,21 +3599,31 @@ CVE-2012-2511 - https://github.com/martingalloar/martingalloar CVE-2012-2512 - https://github.com/martingalloar/martingalloar CVE-2012-2513 - https://github.com/martingalloar/martingalloar CVE-2012-2514 - https://github.com/martingalloar/martingalloar +CVE-2012-2531 - https://github.com/Romulus968/copycat +CVE-2012-2570 - https://github.com/mishmashclone/sailay1996-offsec_WE CVE-2012-2570 - https://github.com/sailay1996/offsec_WE +CVE-2012-2574 - https://github.com/mishmashclone/sailay1996-offsec_WE CVE-2012-2574 - https://github.com/sailay1996/offsec_WE +CVE-2012-2576 - https://github.com/mishmashclone/sailay1996-offsec_WE CVE-2012-2576 - https://github.com/sailay1996/offsec_WE +CVE-2012-2577 - https://github.com/mishmashclone/sailay1996-offsec_WE CVE-2012-2577 - https://github.com/sailay1996/offsec_WE +CVE-2012-2589 - https://github.com/mishmashclone/sailay1996-offsec_WE CVE-2012-2589 - https://github.com/sailay1996/offsec_WE +CVE-2012-2593 - https://github.com/mishmashclone/sailay1996-offsec_WE CVE-2012-2593 - https://github.com/p1ay8y3ar/cve_monitor CVE-2012-2593 - https://github.com/sailay1996/offsec_WE CVE-2012-2593 - https://github.com/timip/OSWE CVE-2012-2593 - https://github.com/zer0byte/AWAE-OSWP +CVE-2012-2594 - https://github.com/mishmashclone/sailay1996-offsec_WE CVE-2012-2594 - https://github.com/sailay1996/offsec_WE +CVE-2012-2599 - https://github.com/mishmashclone/sailay1996-offsec_WE CVE-2012-2599 - https://github.com/sailay1996/offsec_WE CVE-2012-2611 - https://github.com/martingalloar/martingalloar CVE-2012-2612 - https://github.com/martingalloar/martingalloar CVE-2012-2655 - https://github.com/ptester36/netology_ib_networks_lesson_9 CVE-2012-2660 - https://github.com/kavgan/vuln_test_repo_public_ruby_gemfile_cve-2016-6317 +CVE-2012-2661 - https://github.com/ehayushpathak/WebApp-Hacking CVE-2012-2687 - https://github.com/GiJ03/ReconScan CVE-2012-2687 - https://github.com/MrFrozenPepe/Pentest-Cheetsheet CVE-2012-2687 - https://github.com/RoliSoft/ReconScan @@ -3614,7 +3655,9 @@ CVE-2012-2887 - https://github.com/Hwangtaewon/radamsa CVE-2012-2887 - https://github.com/StephenHaruna/RADAMSA CVE-2012-2887 - https://github.com/benoit-a/radamsa CVE-2012-2887 - https://github.com/sunzu94/radamsa-Fuzzer +CVE-2012-2953 - https://github.com/mishmashclone/sailay1996-offsec_WE CVE-2012-2953 - https://github.com/sailay1996/offsec_WE +CVE-2012-2982 - https://github.com/JohnHammond/CVE-2012-2982 CVE-2012-3137 - https://github.com/L34kl0ve/WNMAP CVE-2012-3137 - https://github.com/quentinhardy/odat CVE-2012-3137 - https://github.com/shakenetwork/odat @@ -3671,6 +3714,7 @@ CVE-2012-3524 - https://github.com/yige666/linux-kernel-exploits CVE-2012-3524 - https://github.com/zyjsuper/linux-kernel-exploits CVE-2012-3716 - https://github.com/d4rkcat/killosx CVE-2012-3748 - https://github.com/r0ysue/OSG-TranslationTeam +CVE-2012-3789 - https://github.com/nachobonilla/awesome-blockchain-security CVE-2012-3972 - https://github.com/Hwangtaewon/radamsa CVE-2012-3972 - https://github.com/StephenHaruna/RADAMSA CVE-2012-3972 - https://github.com/benoit-a/radamsa @@ -3734,6 +3778,8 @@ CVE-2012-4558 - https://github.com/teamssix/pigat CVE-2012-4558 - https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough CVE-2012-4681 - https://github.com/hackerhouse-opensource/exploits CVE-2012-4681 - https://github.com/thongsia/Public-Pcaps +CVE-2012-4683 - https://github.com/nachobonilla/awesome-blockchain-security +CVE-2012-4684 - https://github.com/nachobonilla/awesome-blockchain-security CVE-2012-4768 - https://github.com/ARPSyndicate/kenzer-templates CVE-2012-4792 - https://github.com/LyleMi/dom-vuln-db CVE-2012-4838 - https://github.com/abhav/nvd_scrapper @@ -3754,6 +3800,7 @@ CVE-2012-4929 - https://github.com/Artem-Salnikov/devops-netology CVE-2012-4929 - https://github.com/F4RM0X/script_a2sv CVE-2012-4929 - https://github.com/H4CK3RT3CH/a2sv CVE-2012-4929 - https://github.com/Mre11i0t/a2sv +CVE-2012-4929 - https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 CVE-2012-4929 - https://github.com/WiktorMysz/devops-netology CVE-2012-4929 - https://github.com/alexandrburyakov/Rep2 CVE-2012-4929 - https://github.com/bysart/devops-netology @@ -3763,6 +3810,7 @@ CVE-2012-4929 - https://github.com/emarexteam/WebsiteScannerVulnerability CVE-2012-4929 - https://github.com/fireorb/sslscanner CVE-2012-4929 - https://github.com/mohitrex7/Wap-Recon CVE-2012-4929 - https://github.com/nkiselyov/devops-netology +CVE-2012-4929 - https://github.com/yellownine/netology-DevOps CVE-2012-4940 - https://github.com/ARPSyndicate/kenzer-templates CVE-2012-5106 - https://github.com/war4uthor/CVE-2012-5106 CVE-2012-5108 - https://github.com/Hwangtaewon/radamsa @@ -3836,6 +3884,7 @@ CVE-2013-0156 - https://github.com/thesp0nge/dawnscanner CVE-2013-0156 - https://github.com/w181496/Web-CTF-Cheatsheet CVE-2013-0169 - https://github.com/Artem-Salnikov/devops-netology CVE-2013-0169 - https://github.com/PeterMosmans/security-scripts +CVE-2013-0169 - https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 CVE-2013-0169 - https://github.com/WiktorMysz/devops-netology CVE-2013-0169 - https://github.com/alexandrburyakov/Rep2 CVE-2013-0169 - https://github.com/bysart/devops-netology @@ -3844,6 +3893,7 @@ CVE-2013-0169 - https://github.com/qazbnm456/awesome-cve-poc CVE-2013-0169 - https://github.com/sailfishos-mirror/tlslite-ng CVE-2013-0169 - https://github.com/tlsfuzzer/tlslite-ng CVE-2013-0169 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2013-0169 - https://github.com/yellownine/netology-DevOps CVE-2013-0180 - https://github.com/lukeber4/usn-search CVE-2013-0221 - https://github.com/mudongliang/LinuxFlaw CVE-2013-0221 - https://github.com/oneoy/cve- @@ -4050,6 +4100,7 @@ CVE-2013-1966 - https://github.com/fupinglee/Struts2_Bugs CVE-2013-1966 - https://github.com/snic-nsc/cvechecker CVE-2013-1966 - https://github.com/sourcery-ai-bot/Deep-Security-Reports CVE-2013-1966 - https://github.com/woods-sega/woodswiki +CVE-2013-2028 - https://github.com/camel-clarkson/non-controlflow-hijacking-datasets CVE-2013-2028 - https://github.com/mertsarica/hack4career CVE-2013-2028 - https://github.com/mudongliang/LinuxFlaw CVE-2013-2028 - https://github.com/oneoy/cve- @@ -4154,31 +4205,46 @@ CVE-2013-2251 - https://github.com/0day666/Vulnerability-verification CVE-2013-2251 - https://github.com/3vikram/Application-Vulnerabilities-Payloads CVE-2013-2251 - https://github.com/84KaliPleXon3/Payloads_All_The_Things CVE-2013-2251 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2013-2251 - https://github.com/Delishsploits/PayloadsAndMethodology CVE-2013-2251 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2013-2251 - https://github.com/GuynnR/Payloads CVE-2013-2251 - https://github.com/Muhammd/Awesome-Payloads +CVE-2013-2251 - https://github.com/Nieuport/PayloadsAllTheThings CVE-2013-2251 - https://github.com/Ra7mo0on/PayloadsAllTheThings CVE-2013-2251 - https://github.com/SexyBeast233/SecBooks CVE-2013-2251 - https://github.com/XPR1M3/Payloads_All_The_Things CVE-2013-2251 - https://github.com/andrysec/PayloadsAllVulnerability CVE-2013-2251 - https://github.com/anhtu97/PayloadAllEverything +CVE-2013-2251 - https://github.com/apkadmin/PayLoadsAll +CVE-2013-2251 - https://github.com/chanchalpatra/payload CVE-2013-2251 - https://github.com/eescanilla/Apache-Struts-v3 CVE-2013-2251 - https://github.com/fupinglee/Struts2_Bugs CVE-2013-2251 - https://github.com/gobysec/Goby +CVE-2013-2251 - https://github.com/hellochunqiu/PayloadsAllTheThings +CVE-2013-2251 - https://github.com/ksw9722/PayloadsAllTheThings +CVE-2013-2251 - https://github.com/mrhacker51/ReverseShellCommands +CVE-2013-2251 - https://github.com/nevidimk0/PayloadsAllTheThings CVE-2013-2251 - https://github.com/s1kr10s/Apache-Struts-v4 CVE-2013-2251 - https://github.com/sobinge/--1 CVE-2013-2251 - https://github.com/sobinge/PayloadsAllTheThings +CVE-2013-2251 - https://github.com/sobinge/PayloadsAllThesobinge CVE-2013-2251 - https://github.com/sobinge/nuclei-templates +CVE-2013-2251 - https://github.com/winterwolf32/PayloadsAllTheThings CVE-2013-2251 - https://github.com/woods-sega/woodswiki CVE-2013-2266 - https://github.com/Reverier-Xu/bind-EDNS-client-subnet-patched CVE-2013-2287 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2013-2293 - https://github.com/nachobonilla/awesome-blockchain-security +CVE-2013-2392 - https://github.com/ycamper/censys-scripts CVE-2013-2417 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2013-2450 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2013-2456 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2013-2566 - https://github.com/Artem-Salnikov/devops-netology +CVE-2013-2566 - https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 CVE-2013-2566 - https://github.com/WiktorMysz/devops-netology CVE-2013-2566 - https://github.com/alexandrburyakov/Rep2 CVE-2013-2566 - https://github.com/bysart/devops-netology CVE-2013-2566 - https://github.com/mikemackintosh/ruby-qualys +CVE-2013-2566 - https://github.com/yellownine/netology-DevOps CVE-2013-2595 - https://github.com/tangsilian/android-vuln CVE-2013-2596 - https://github.com/geeksniper/reverse-engineering-toolkit CVE-2013-2597 - https://github.com/fi01/libmsm_acdb_exploit @@ -4196,9 +4262,11 @@ CVE-2013-3238 - https://github.com/duckstroms/Web-CTF-Cheatsheet CVE-2013-3238 - https://github.com/w181496/Web-CTF-Cheatsheet CVE-2013-3526 - https://github.com/ARPSyndicate/kenzer-templates CVE-2013-3587 - https://github.com/Artem-Salnikov/devops-netology +CVE-2013-3587 - https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 CVE-2013-3587 - https://github.com/WiktorMysz/devops-netology CVE-2013-3587 - https://github.com/alexandrburyakov/Rep2 CVE-2013-3587 - https://github.com/bysart/devops-netology +CVE-2013-3587 - https://github.com/yellownine/netology-DevOps CVE-2013-3588 - https://github.com/CERT-hr/modified_cve-search CVE-2013-3588 - https://github.com/cve-search/cve-search CVE-2013-3588 - https://github.com/cve-search/cve-search-ng @@ -4246,7 +4314,10 @@ CVE-2013-4123 - https://github.com/oneoy/cve- CVE-2013-4175 - https://github.com/hartwork/mysecureshell-issues CVE-2013-4212 - https://github.com/ilmila/J2EEScan CVE-2013-4212 - https://github.com/sourcery-ai-bot/Deep-Security-Reports +CVE-2013-4235 - https://github.com/brandoncamenisch/release-the-code-litecoin CVE-2013-4235 - https://github.com/dispera/giant-squid +CVE-2013-4235 - https://github.com/domyrtille/interview_project +CVE-2013-4235 - https://github.com/epequeno/devops-demo CVE-2013-4235 - https://github.com/flyrev/security-scan-ci-presentation CVE-2013-4235 - https://github.com/garethr/snykout CVE-2013-4235 - https://github.com/nedenwalker/spring-boot-app-using-gradle @@ -4348,6 +4419,8 @@ CVE-2013-6440 - https://github.com/RedHatProductSecurity/cve-pylib CVE-2013-6629 - https://github.com/mrash/afl-cve CVE-2013-6632 - https://github.com/allpaca/chrome-sbx-db CVE-2013-6632 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2013-6632 - https://github.com/thelostvoice/global-takeover +CVE-2013-6632 - https://github.com/thelostvoice/inept-us-military CVE-2013-6632 - https://github.com/tunz/js-vuln-db CVE-2013-6632 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2013-6668 - https://github.com/sdneon/CveTest @@ -4463,6 +4536,7 @@ CVE-2014-0160 - https://github.com/BionicSwash/Awsome-Pentest CVE-2014-0160 - https://github.com/ByteHackr/HackingTools-2 CVE-2014-0160 - https://github.com/ColtSeals/nerdvpn CVE-2014-0160 - https://github.com/Cyberleet1337/Payloadswebhack +CVE-2014-0160 - https://github.com/Delishsploits/PayloadsAndMethodology CVE-2014-0160 - https://github.com/Dor1s/libfuzzer-workshop CVE-2014-0160 - https://github.com/El-Palomo/VULNIX CVE-2014-0160 - https://github.com/EvilHat/awesome-hacking @@ -4473,6 +4547,7 @@ CVE-2014-0160 - https://github.com/Fa1c0n35/Penetration-Testing02 CVE-2014-0160 - https://github.com/Fedex100/awesome-pentest CVE-2014-0160 - https://github.com/Fedex100/awesome-security CVE-2014-0160 - https://github.com/ForAllSecure/VulnerabilitiesLab +CVE-2014-0160 - https://github.com/GuynnR/Payloads CVE-2014-0160 - https://github.com/H4CK3RT3CH/Awesome-Pentest-Reference CVE-2014-0160 - https://github.com/H4CK3RT3CH/a2sv CVE-2014-0160 - https://github.com/H4CK3RT3CH/awesome-pentest @@ -4488,6 +4563,7 @@ CVE-2014-0160 - https://github.com/Muhammd/Awesome-Payloads CVE-2014-0160 - https://github.com/Muhammd/Awesome-Pentest CVE-2014-0160 - https://github.com/NCSU-DANCE-Research-Group/CDL CVE-2014-0160 - https://github.com/Nieuport/Awesome-Security +CVE-2014-0160 - https://github.com/Nieuport/PayloadsAllTheThings CVE-2014-0160 - https://github.com/OshekharO/Penetration-Testing CVE-2014-0160 - https://github.com/Prodject/Kn0ck CVE-2014-0160 - https://github.com/Programming-Fun/awesome-pentest @@ -4508,6 +4584,7 @@ CVE-2014-0160 - https://github.com/The-Cracker-Technology/sslscan CVE-2014-0160 - https://github.com/Trietptm-on-Awesome-Lists/become-a-penetration-tester CVE-2014-0160 - https://github.com/Tung0801/Certified-Ethical-Hacker-Exam-CEH-v10 CVE-2014-0160 - https://github.com/UroBs17/hacking-tools +CVE-2014-0160 - https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 CVE-2014-0160 - https://github.com/WiktorMysz/devops-netology CVE-2014-0160 - https://github.com/XPR1M3/Payloads_All_The_Things CVE-2014-0160 - https://github.com/abhinavkakku/Ethical-Hacking-Tutorials @@ -4519,6 +4596,7 @@ CVE-2014-0160 - https://github.com/andr3w-hilton/Penetration_Testing_Resources CVE-2014-0160 - https://github.com/andrysec/PayloadsAllVulnerability CVE-2014-0160 - https://github.com/anhtu97/PayloadAllEverything CVE-2014-0160 - https://github.com/antoinegoze/learn-web-hacking +CVE-2014-0160 - https://github.com/apkadmin/PayLoadsAll CVE-2014-0160 - https://github.com/aylincetin/PayloadsAllTheThings CVE-2014-0160 - https://github.com/aymankhder/awesome-pentest CVE-2014-0160 - https://github.com/barnumbirr/ares @@ -4526,6 +4604,7 @@ CVE-2014-0160 - https://github.com/blackpars4x4/pentesting CVE-2014-0160 - https://github.com/briskinfosec/Tools CVE-2014-0160 - https://github.com/bysart/devops-netology CVE-2014-0160 - https://github.com/catsecorg/CatSec-TryHackMe-WriteUps +CVE-2014-0160 - https://github.com/chanchalpatra/payload CVE-2014-0160 - https://github.com/dadglad/aawesome-security CVE-2014-0160 - https://github.com/darkcatdark/awesome-pentest CVE-2014-0160 - https://github.com/delishen/sslscan @@ -4543,6 +4622,7 @@ CVE-2014-0160 - https://github.com/gpoojareddy/Security CVE-2014-0160 - https://github.com/hackerhouse-opensource/exploits CVE-2014-0160 - https://github.com/hackingyseguridad/sslscan CVE-2014-0160 - https://github.com/halon/changelog +CVE-2014-0160 - https://github.com/hellochunqiu/PayloadsAllTheThings CVE-2014-0160 - https://github.com/hilal007/E-Tip CVE-2014-0160 - https://github.com/huangzhe312/pentest CVE-2014-0160 - https://github.com/ibr2/awesome-pentest @@ -4556,10 +4636,12 @@ CVE-2014-0160 - https://github.com/jottama/pentesting CVE-2014-0160 - https://github.com/jweny/pocassistdb CVE-2014-0160 - https://github.com/kk98kk0/Payloads CVE-2014-0160 - https://github.com/korotkov-dmitry/03-sysadmin-09-security +CVE-2014-0160 - https://github.com/ksw9722/PayloadsAllTheThings CVE-2014-0160 - https://github.com/lethanhtrung22/Awesome-Hacking CVE-2014-0160 - https://github.com/linuxjustin/Pentest CVE-2014-0160 - https://github.com/linuxjustin/Tools CVE-2014-0160 - https://github.com/lotusirous/vulnwebcollection +CVE-2014-0160 - https://github.com/madhavmehndiratta/Google-Code-In-2019 CVE-2014-0160 - https://github.com/mahyarx/pentest-tools CVE-2014-0160 - https://github.com/majidkalantarii/WebHacking CVE-2014-0160 - https://github.com/marrocamp/Impressionante-pentest @@ -4570,7 +4652,9 @@ CVE-2014-0160 - https://github.com/mayanksaini65/API CVE-2014-0160 - https://github.com/mikesir87/docker-nginx-patching-demo CVE-2014-0160 - https://github.com/minkhant-dotcom/awesome_security CVE-2014-0160 - https://github.com/mostakimur/SecurityTesting_web-hacking +CVE-2014-0160 - https://github.com/mrhacker51/ReverseShellCommands CVE-2014-0160 - https://github.com/nabaratanpatra/CODE-FOR-FUN +CVE-2014-0160 - https://github.com/nevidimk0/PayloadsAllTheThings CVE-2014-0160 - https://github.com/nikamajinkya/PentestEx CVE-2014-0160 - https://github.com/nkiselyov/devops-netology CVE-2014-0160 - https://github.com/noname1007/awesome-web-hacking @@ -4603,6 +4687,7 @@ CVE-2014-0160 - https://github.com/sgxguru/awesome-pentest CVE-2014-0160 - https://github.com/shayezkarim/pentest CVE-2014-0160 - https://github.com/sobinge/--1 CVE-2014-0160 - https://github.com/sobinge/PayloadsAllTheThings +CVE-2014-0160 - https://github.com/sobinge/PayloadsAllThesobinge CVE-2014-0160 - https://github.com/spy86/Security-Awesome CVE-2014-0160 - https://github.com/ssc-oscar/HBL CVE-2014-0160 - https://github.com/takuzoo3868/laputa @@ -4618,9 +4703,12 @@ CVE-2014-0160 - https://github.com/vishalrudraraju/Pen-test CVE-2014-0160 - https://github.com/vshaliii/Hacklab-Vulnix CVE-2014-0160 - https://github.com/vulnersCom/api CVE-2014-0160 - https://github.com/vulsio/go-cve-dictionary +CVE-2014-0160 - https://github.com/vulsio/go-msfdb +CVE-2014-0160 - https://github.com/waako/awesome-stars CVE-2014-0160 - https://github.com/wanirauf/pentest CVE-2014-0160 - https://github.com/wattson-coder/pablo_rotem_security CVE-2014-0160 - https://github.com/whalehub/awesome-stars +CVE-2014-0160 - https://github.com/winterwolf32/PayloadsAllTheThings CVE-2014-0160 - https://github.com/winterwolf32/Penetration-Testing CVE-2014-0160 - https://github.com/winterwolf32/awesome-web-hacking CVE-2014-0160 - https://github.com/winterwolf32/awesome-web-hacking-1 @@ -4628,6 +4716,7 @@ CVE-2014-0160 - https://github.com/wmtech-1/OpenVPN-Installer CVE-2014-0160 - https://github.com/wtsxDev/List-of-web-application-security CVE-2014-0160 - https://github.com/wtsxDev/Penetration-Testing CVE-2014-0160 - https://github.com/x-o-r-r-o/PHP-Webshells-Collection +CVE-2014-0160 - https://github.com/yellownine/netology-DevOps CVE-2014-0160 - https://github.com/yige666/awesome-pentest CVE-2014-0160 - https://github.com/yllnelaj/awesome-pentest CVE-2014-0166 - https://github.com/Ettack/POC-CVE-2014-0166 @@ -4678,6 +4767,7 @@ CVE-2014-0224 - https://github.com/H4CK3RT3CH/a2sv CVE-2014-0224 - https://github.com/Mre11i0t/a2sv CVE-2014-0224 - https://github.com/SSLyze410-SSLGrader-wCipherSuite-info/ssl-grader CVE-2014-0224 - https://github.com/SSLyze410-SSLGrader-wCipherSuite-info/ssl-wrapping-grader +CVE-2014-0224 - https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 CVE-2014-0224 - https://github.com/WiktorMysz/devops-netology CVE-2014-0224 - https://github.com/alexandrburyakov/Rep2 CVE-2014-0224 - https://github.com/bysart/devops-netology @@ -4688,6 +4778,7 @@ CVE-2014-0224 - https://github.com/krabelize/openbsd-httpd-tls-perfect-ssllabs-s CVE-2014-0224 - https://github.com/nkiselyov/devops-netology CVE-2014-0224 - https://github.com/takuzoo3868/laputa CVE-2014-0224 - https://github.com/vshaliii/Hacklab-Vulnix +CVE-2014-0224 - https://github.com/yellownine/netology-DevOps CVE-2014-0226 - https://github.com/flipkart-incubator/watchdog CVE-2014-0226 - https://github.com/keloud/TEC-MBSD2017 CVE-2014-0226 - https://github.com/mudongliang/LinuxFlaw @@ -4774,6 +4865,8 @@ CVE-2014-1701 - https://github.com/qazbnm456/awesome-cve-poc CVE-2014-1701 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2014-1705 - https://github.com/BushraAloraini/Android-Vulnerabilities CVE-2014-1705 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2014-1705 - https://github.com/thelostvoice/global-takeover +CVE-2014-1705 - https://github.com/thelostvoice/inept-us-military CVE-2014-1705 - https://github.com/tunz/js-vuln-db CVE-2014-1705 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2014-1710 - https://github.com/BushraAloraini/Android-Vulnerabilities @@ -4824,6 +4917,7 @@ CVE-2014-1939 - https://github.com/heimashi/CompatWebView CVE-2014-1972 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2014-2056 - https://github.com/rockmelodies/iiirockyiiidocx CVE-2014-2064 - https://github.com/Naramsim/Offensive +CVE-2014-2217 - https://github.com/mcgyver5/scrap_telerik CVE-2014-2273 - https://github.com/tangsilian/android-vuln CVE-2014-2285 - https://github.com/andir/nixos-issue-db-example CVE-2014-2321 - https://github.com/ARPSyndicate/kenzer-templates @@ -4934,6 +5028,7 @@ CVE-2014-3488 - https://github.com/ian4hu/super-pom CVE-2014-3505 - https://github.com/jumanjihouse/oval CVE-2014-3506 - https://github.com/jumanjihouse/oval CVE-2014-3507 - https://github.com/jumanjihouse/oval +CVE-2014-3507 - https://github.com/ruan777/MiniProject2019 CVE-2014-3508 - https://github.com/jumanjihouse/oval CVE-2014-3509 - https://github.com/jumanjihouse/oval CVE-2014-3510 - https://github.com/jumanjihouse/oval @@ -4946,9 +5041,11 @@ CVE-2014-3566 - https://github.com/Artem-Salnikov/devops-netology CVE-2014-3566 - https://github.com/F4RM0X/script_a2sv CVE-2014-3566 - https://github.com/H4CK3RT3CH/a2sv CVE-2014-3566 - https://github.com/Mre11i0t/a2sv +CVE-2014-3566 - https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 CVE-2014-3566 - https://github.com/WiktorMysz/devops-netology CVE-2014-3566 - https://github.com/alexandrburyakov/Rep2 CVE-2014-3566 - https://github.com/bysart/devops-netology +CVE-2014-3566 - https://github.com/camel-clarkson/non-controlflow-hijacking-datasets CVE-2014-3566 - https://github.com/cloudpassage/mangy-beast CVE-2014-3566 - https://github.com/fireorb/sslscanner CVE-2014-3566 - https://github.com/giusepperuggiero96/Network-Security-2021 @@ -4957,6 +5054,7 @@ CVE-2014-3566 - https://github.com/mikemackintosh/ruby-qualys CVE-2014-3566 - https://github.com/revl-ca/scan-docker-image CVE-2014-3566 - https://github.com/shanekeels/harden-ssl-tls-windows CVE-2014-3566 - https://github.com/vshaliii/Hacklab-Vulnix +CVE-2014-3566 - https://github.com/yellownine/netology-DevOps CVE-2014-3567 - https://github.com/RedHatOfficial/rhsecapi CVE-2014-3567 - https://github.com/RedHatProductSecurity/cve-pylib CVE-2014-3568000 - https://github.com/trend-anz/Deep-Security-Open-Patch @@ -5000,6 +5098,7 @@ CVE-2014-3704 - https://github.com/Elsfa7-110/kenzer-templates CVE-2014-3704 - https://github.com/SexyBeast233/SecBooks CVE-2014-3704 - https://github.com/jweny/pocassistdb CVE-2014-3704 - https://github.com/koutto/jok3r-pocs +CVE-2014-3704 - https://github.com/maya6/-scan- CVE-2014-3704 - https://github.com/moradotai/CMS-Scan CVE-2014-3704 - https://github.com/superfish9/pt CVE-2014-3704 - https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough @@ -5057,6 +5156,7 @@ CVE-2014-4078 - https://github.com/aRustyDev/C844 CVE-2014-4109 - https://github.com/day6reak/CVE-2014-4109 CVE-2014-4113 - https://github.com/0xpetros/windows-privilage-escalation CVE-2014-4113 - https://github.com/Al1ex/WindowsElevation +CVE-2014-4113 - https://github.com/Apri1y/Red-Team-links CVE-2014-4113 - https://github.com/Ascotbe/Kernelhub CVE-2014-4113 - https://github.com/ByteHackr/WindowsExploitation CVE-2014-4113 - https://github.com/CrackerCat/Kernel-Security-Development @@ -5074,7 +5174,10 @@ CVE-2014-4113 - https://github.com/cranelab/exploit-development CVE-2014-4113 - https://github.com/fei9747/WindowsElevation CVE-2014-4113 - https://github.com/gaearrow/windows-lpe-lite CVE-2014-4113 - https://github.com/howknows/awesome-windows-security-development +CVE-2014-4113 - https://github.com/hudunkey/Red-Team-links +CVE-2014-4113 - https://github.com/john-80/-007 CVE-2014-4113 - https://github.com/liuhe3647/Windows +CVE-2014-4113 - https://github.com/lp008/Hack-readme CVE-2014-4113 - https://github.com/paulveillard/cybersecurity-windows-exploitation CVE-2014-4113 - https://github.com/pr0code/https-github.com-ExpLife0011-awesome-windows-kernel-security-development CVE-2014-4113 - https://github.com/pravinsrc/NOTES-windows-kernel-links @@ -5082,8 +5185,10 @@ CVE-2014-4113 - https://github.com/r3p3r/nixawk-awesome-windows-exploitation CVE-2014-4113 - https://github.com/rhamaa/Binary-exploit-writeups CVE-2014-4113 - https://github.com/sailay1996/awe-win-expx CVE-2014-4113 - https://github.com/sathwikch/windows-exploitation +CVE-2014-4113 - https://github.com/slimdaddy/RedTeam CVE-2014-4113 - https://github.com/timip/OSEE CVE-2014-4113 - https://github.com/wateroot/poc-exp +CVE-2014-4113 - https://github.com/xiaoZ-hc/redtool CVE-2014-4113 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2014-4114 - https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections CVE-2014-4114 - https://github.com/Panopticon-Project/Panopticon-Patchwork @@ -5101,6 +5206,7 @@ CVE-2014-4140 - https://github.com/day6reak/CVE-2014-4140 CVE-2014-4149 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2014-4162 - https://github.com/CERT-hr/modified_cve-search CVE-2014-4162 - https://github.com/cve-search/cve-search +CVE-2014-4162 - https://github.com/cve-search/cve-search-ng CVE-2014-4162 - https://github.com/enthought/cve-search CVE-2014-4162 - https://github.com/extremenetworks/cve-search-src CVE-2014-4162 - https://github.com/miradam/cve-search @@ -5113,6 +5219,7 @@ CVE-2014-4210 - https://github.com/0ps/pocassistdb CVE-2014-4210 - https://github.com/0xn0ne/weblogicScanner CVE-2014-4210 - https://github.com/1120362990/vulnerability-list CVE-2014-4210 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2014-4210 - https://github.com/Bywalks/WeblogicScan CVE-2014-4210 - https://github.com/Elsfa7-110/kenzer-templates CVE-2014-4210 - https://github.com/H4ckTh3W0r1d/Goby_POC CVE-2014-4210 - https://github.com/ParrotSec-CN/ParrotSecCN_Community_QQbot @@ -5124,9 +5231,12 @@ CVE-2014-4210 - https://github.com/dr0op/WeblogicScan CVE-2014-4210 - https://github.com/fengjixuchui/RedTeamer CVE-2014-4210 - https://github.com/hanc00l/some_pocsuite CVE-2014-4210 - https://github.com/hktalent/myhktools +CVE-2014-4210 - https://github.com/hmoytx/weblogicscan CVE-2014-4210 - https://github.com/ilmila/J2EEScan CVE-2014-4210 - https://github.com/jiangsir404/POC-S CVE-2014-4210 - https://github.com/jweny/pocassistdb +CVE-2014-4210 - https://github.com/maya6/-scan- +CVE-2014-4210 - https://github.com/pwnagelabs/VEF CVE-2014-4210 - https://github.com/rabbitmask/WeblogicScanLot CVE-2014-4210 - https://github.com/superfish9/pt CVE-2014-4210 - https://github.com/veo/vscan @@ -5250,6 +5360,7 @@ CVE-2014-5284 - https://github.com/xssfile/linux-kernel-exploits CVE-2014-5284 - https://github.com/yige666/linux-kernel-exploits CVE-2014-5284 - https://github.com/zyjsuper/linux-kernel-exploits CVE-2014-5368 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2014-5460 - https://github.com/El-Palomo/DerpNStink CVE-2014-5461 - https://github.com/andir/nixos-issue-db-example CVE-2014-5461 - https://github.com/bharatsunny/dagda CVE-2014-5461 - https://github.com/eliasgranderubio/dagda @@ -5271,6 +5382,8 @@ CVE-2014-6271 - https://github.com/BionicSwash/Awsome-Pentest CVE-2014-6271 - https://github.com/BitTheByte/Eagle CVE-2014-6271 - https://github.com/ByteHackr/HackingTools-2 CVE-2014-6271 - https://github.com/Cyberleet1337/Payloadswebhack +CVE-2014-6271 - https://github.com/D3Ext/PentestDictionary +CVE-2014-6271 - https://github.com/Delishsploits/PayloadsAndMethodology CVE-2014-6271 - https://github.com/Elsfa7-110/kenzer-templates CVE-2014-6271 - https://github.com/EvilAnne/Python_Learn CVE-2014-6271 - https://github.com/EvilHat/awesome-hacking @@ -5279,6 +5392,7 @@ CVE-2014-6271 - https://github.com/EvilHat/pentest-resource CVE-2014-6271 - https://github.com/Fa1c0n35/Penetration-Testing02 CVE-2014-6271 - https://github.com/Fedex100/awesome-pentest CVE-2014-6271 - https://github.com/Fedex100/awesome-security +CVE-2014-6271 - https://github.com/GuynnR/Payloads CVE-2014-6271 - https://github.com/H0j3n/EzpzCheatSheet CVE-2014-6271 - https://github.com/H4CK3RT3CH/Awesome-Pentest-Reference CVE-2014-6271 - https://github.com/H4CK3RT3CH/awesome-pentest @@ -5298,6 +5412,7 @@ CVE-2014-6271 - https://github.com/Muhammd/Awesome-Payloads CVE-2014-6271 - https://github.com/Muhammd/Awesome-Pentest CVE-2014-6271 - https://github.com/NCSU-DANCE-Research-Group/CDL CVE-2014-6271 - https://github.com/Nieuport/Awesome-Security +CVE-2014-6271 - https://github.com/Nieuport/PayloadsAllTheThings CVE-2014-6271 - https://github.com/OshekharO/Penetration-Testing CVE-2014-6271 - https://github.com/Prodject/Kn0ck CVE-2014-6271 - https://github.com/Programming-Fun/awesome-pentest @@ -5308,10 +5423,12 @@ CVE-2014-6271 - https://github.com/Ra7mo0on/PayloadsAllTheThings CVE-2014-6271 - https://github.com/SARATOGAMarine/Lastest-Web-Hacking-Tools-vol-I CVE-2014-6271 - https://github.com/SaltwaterC/sploit-tools CVE-2014-6271 - https://github.com/Secop/awesome-security +CVE-2014-6271 - https://github.com/Sindayifu/CVE-2019-14287-CVE-2014-6271 CVE-2014-6271 - https://github.com/Soldie/Colection-pentest CVE-2014-6271 - https://github.com/Soldie/PayloadsAllTheThings CVE-2014-6271 - https://github.com/Soldie/Penetration-Testing CVE-2014-6271 - https://github.com/Soldie/awesome-pentest-listas +CVE-2014-6271 - https://github.com/Swordfish-Security/Pentest-In-Docker CVE-2014-6271 - https://github.com/Trietptm-on-Awesome-Lists/become-a-penetration-tester CVE-2014-6271 - https://github.com/UroBs17/hacking-tools CVE-2014-6271 - https://github.com/Voxer/nagios-plugins @@ -5329,12 +5446,14 @@ CVE-2014-6271 - https://github.com/andr3w-hilton/Penetration_Testing_Resources CVE-2014-6271 - https://github.com/andrysec/PayloadsAllVulnerability CVE-2014-6271 - https://github.com/anhtu97/PayloadAllEverything CVE-2014-6271 - https://github.com/antoinegoze/learn-web-hacking +CVE-2014-6271 - https://github.com/apkadmin/PayLoadsAll CVE-2014-6271 - https://github.com/aylincetin/PayloadsAllTheThings CVE-2014-6271 - https://github.com/aymankhder/awesome-pentest CVE-2014-6271 - https://github.com/blackpars4x4/pentesting CVE-2014-6271 - https://github.com/briskinfosec/Tools CVE-2014-6271 - https://github.com/capture0x/XSHOCK CVE-2014-6271 - https://github.com/catsecorg/CatSec-TryHackMe-WriteUps +CVE-2014-6271 - https://github.com/chanchalpatra/payload CVE-2014-6271 - https://github.com/chuang76/writ3up CVE-2014-6271 - https://github.com/czq945659538/-study CVE-2014-6271 - https://github.com/dadglad/aawesome-security @@ -5354,6 +5473,7 @@ CVE-2014-6271 - https://github.com/gpoojareddy/Security CVE-2014-6271 - https://github.com/hacden/vultools CVE-2014-6271 - https://github.com/hailan09/Hacker CVE-2014-6271 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2014-6271 - https://github.com/hellochunqiu/PayloadsAllTheThings CVE-2014-6271 - https://github.com/hilal007/E-Tip CVE-2014-6271 - https://github.com/hktalent/myhktools CVE-2014-6271 - https://github.com/huangzhe312/pentest @@ -5363,10 +5483,12 @@ CVE-2014-6271 - https://github.com/infosecmahi/awesome-pentest CVE-2014-6271 - https://github.com/infoslack/awesome-web-hacking CVE-2014-6271 - https://github.com/jottama/pentesting CVE-2014-6271 - https://github.com/kk98kk0/Payloads +CVE-2014-6271 - https://github.com/ksw9722/PayloadsAllTheThings CVE-2014-6271 - https://github.com/lethanhtrung22/Awesome-Hacking CVE-2014-6271 - https://github.com/linuxjustin/Pentest CVE-2014-6271 - https://github.com/linuxjustin/Tools CVE-2014-6271 - https://github.com/lotusirous/vulnwebcollection +CVE-2014-6271 - https://github.com/lp008/Hack-readme CVE-2014-6271 - https://github.com/mahyarx/pentest-tools CVE-2014-6271 - https://github.com/majidkalantarii/WebHacking CVE-2014-6271 - https://github.com/marrocamp/Impressionante-pentest @@ -5375,7 +5497,9 @@ CVE-2014-6271 - https://github.com/marroocamp/Recursos-pentest CVE-2014-6271 - https://github.com/meherarfaoui09/meher CVE-2014-6271 - https://github.com/minkhant-dotcom/awesome_security CVE-2014-6271 - https://github.com/mostakimur/SecurityTesting_web-hacking +CVE-2014-6271 - https://github.com/mrhacker51/ReverseShellCommands CVE-2014-6271 - https://github.com/nabaratanpatra/CODE-FOR-FUN +CVE-2014-6271 - https://github.com/nevidimk0/PayloadsAllTheThings CVE-2014-6271 - https://github.com/nikamajinkya/PentestEx CVE-2014-6271 - https://github.com/noname1007/awesome-web-hacking CVE-2014-6271 - https://github.com/notsag-dev/htb-shocker @@ -5409,6 +5533,7 @@ CVE-2014-6271 - https://github.com/shayezkarim/pentest CVE-2014-6271 - https://github.com/shildenbrand/Exploits CVE-2014-6271 - https://github.com/sobinge/--1 CVE-2014-6271 - https://github.com/sobinge/PayloadsAllTheThings +CVE-2014-6271 - https://github.com/sobinge/PayloadsAllThesobinge CVE-2014-6271 - https://github.com/sobinge/nuclei-templates CVE-2014-6271 - https://github.com/spy86/Security-Awesome CVE-2014-6271 - https://github.com/takuzoo3868/laputa @@ -5423,6 +5548,7 @@ CVE-2014-6271 - https://github.com/val922/cyb3r53cur1ty CVE-2014-6271 - https://github.com/vishalrudraraju/Pen-test CVE-2014-6271 - https://github.com/wanirauf/pentest CVE-2014-6271 - https://github.com/wattson-coder/pablo_rotem_security +CVE-2014-6271 - https://github.com/winterwolf32/PayloadsAllTheThings CVE-2014-6271 - https://github.com/winterwolf32/Penetration-Testing CVE-2014-6271 - https://github.com/winterwolf32/awesome-web-hacking CVE-2014-6271 - https://github.com/winterwolf32/awesome-web-hacking-1 @@ -5453,12 +5579,14 @@ CVE-2014-6321 - https://github.com/Al1ex/WindowsElevation CVE-2014-6321 - https://github.com/Artem-Salnikov/devops-netology CVE-2014-6321 - https://github.com/Ascotbe/Kernelhub CVE-2014-6321 - https://github.com/Flerov/WindowsExploitDev +CVE-2014-6321 - https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 CVE-2014-6321 - https://github.com/WiktorMysz/devops-netology CVE-2014-6321 - https://github.com/alexandrburyakov/Rep2 CVE-2014-6321 - https://github.com/bysart/devops-netology CVE-2014-6321 - https://github.com/cranelab/exploit-development CVE-2014-6321 - https://github.com/fei9747/WindowsElevation CVE-2014-6321 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2014-6321 - https://github.com/yellownine/netology-DevOps CVE-2014-6324 - https://github.com/Al1ex/WindowsElevation CVE-2014-6324 - https://github.com/Ascotbe/Kernelhub CVE-2014-6324 - https://github.com/ErdemOzgen/ActiveDirectoryAttacks @@ -5525,6 +5653,7 @@ CVE-2014-7187 - https://github.com/meherarfaoui09/meher CVE-2014-7205 - https://github.com/p1ay8y3ar/cve_monitor CVE-2014-7205 - https://github.com/timip/OSWE CVE-2014-7205 - https://github.com/zer0byte/AWAE-OSWP +CVE-2014-7216 - https://github.com/deadcyph3r/Awesome-Collection CVE-2014-7224 - https://github.com/heimashi/CompatWebView CVE-2014-7279 - https://github.com/5ecurity/CVE-List CVE-2014-7279 - https://github.com/anquanquantao/iwantacve @@ -5560,6 +5689,7 @@ CVE-2014-7933 - https://github.com/benoit-a/radamsa CVE-2014-7933 - https://github.com/sunzu94/radamsa-Fuzzer CVE-2014-7939 - https://github.com/jesusprubio/strong-node CVE-2014-7953 - https://github.com/askk/CVE-2014-4322_adaptation +CVE-2014-8098 - https://github.com/RedHatProductSecurity/cwe-toolkit CVE-2014-8104 - https://github.com/skyleronken/Find-VulnerableSoftware CVE-2014-8109 - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough CVE-2014-8110 - https://github.com/tafamace/CVE-2014-8110 @@ -5657,6 +5787,7 @@ CVE-2014-9757 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2014-9771 - https://github.com/mrash/afl-cve CVE-2014-9913 - https://github.com/andir/nixos-issue-db-example CVE-2014-9913 - https://github.com/phonito/phonito-vulnerable-container +CVE-2014-9939 - https://github.com/KorayAgaya/TrivyWeb CVE-2014-9939 - https://github.com/siddharthraopotukuchi/trivy CVE-2014-9939 - https://github.com/simiyo/trivy CVE-2014-9939 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers @@ -5709,12 +5840,16 @@ CVE-2015-0204 - https://github.com/F4RM0X/script_a2sv CVE-2015-0204 - https://github.com/H4CK3RT3CH/a2sv CVE-2015-0204 - https://github.com/Mre11i0t/a2sv CVE-2015-0204 - https://github.com/TopCaver/scz_doc_copy +CVE-2015-0204 - https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 CVE-2015-0204 - https://github.com/WiktorMysz/devops-netology CVE-2015-0204 - https://github.com/alexandrburyakov/Rep2 CVE-2015-0204 - https://github.com/bysart/devops-netology +CVE-2015-0204 - https://github.com/camel-clarkson/non-controlflow-hijacking-datasets CVE-2015-0204 - https://github.com/fireorb/sslscanner CVE-2015-0204 - https://github.com/javirodriguezzz/Shodan-Browser CVE-2015-0204 - https://github.com/thekondrashov/stuff +CVE-2015-0204 - https://github.com/yellownine/netology-DevOps +CVE-2015-0207 - https://github.com/ruan777/MiniProject2019 CVE-2015-0210 - https://github.com/RedHatOfficial/rhsecapi CVE-2015-0210 - https://github.com/RedHatProductSecurity/cve-pylib CVE-2015-0228 - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough @@ -5816,6 +5951,7 @@ CVE-2015-0357 - https://github.com/thdusdl1219/CVE-Study CVE-2015-0358 - https://github.com/thdusdl1219/CVE-Study CVE-2015-0359 - https://github.com/thdusdl1219/CVE-Study CVE-2015-0360 - https://github.com/thdusdl1219/CVE-Study +CVE-2015-0400 - https://github.com/camel-clarkson/non-controlflow-hijacking-datasets CVE-2015-0411 - https://github.com/scmanjarrez/CVEScannerV2 CVE-2015-0418 - https://github.com/abazhaniuk/Publications CVE-2015-0427 - https://github.com/abazhaniuk/Publications @@ -5962,6 +6098,7 @@ CVE-2015-1427 - https://github.com/fengjixuchui/RedTeamer CVE-2015-1427 - https://github.com/gitrobtest/Java-Security CVE-2015-1427 - https://github.com/hktalent/myhktools CVE-2015-1427 - https://github.com/jweny/pocassistdb +CVE-2015-1427 - https://github.com/lp008/Hack-readme CVE-2015-1427 - https://github.com/marcocesarato/Shell-BotKiller CVE-2015-1427 - https://github.com/shildenbrand/Exploits CVE-2015-1427 - https://github.com/superfish9/pt @@ -5976,6 +6113,7 @@ CVE-2015-1483 - https://github.com/thdusdl1219/CVE-Study CVE-2015-1503 - https://github.com/ARPSyndicate/kenzer-templates CVE-2015-1528 - https://github.com/I-Prashanth-S/CybersecurityTIFAC CVE-2015-1528 - https://github.com/Qamar4P/awesome-android-cpp +CVE-2015-1538 - https://github.com/Tharana/vulnerability-exploitation CVE-2015-1538 - https://github.com/mrash/afl-cve CVE-2015-1539 - https://github.com/mrash/afl-cve CVE-2015-1563 - https://github.com/RedHatOfficial/rhsecapi @@ -5999,6 +6137,7 @@ CVE-2015-1635 - https://github.com/hanc00l/some_pocsuite CVE-2015-1635 - https://github.com/qazbnm456/awesome-cve-poc CVE-2015-1635 - https://github.com/twekkis/cybersecuritybase-project2 CVE-2015-1635 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2015-1641 - https://github.com/CyberSift/CyberSift-Alerts CVE-2015-1641 - https://github.com/PWN-Kingdom/Test_Tasks CVE-2015-1641 - https://github.com/Panopticon-Project/Panopticon-Patchwork CVE-2015-1641 - https://github.com/houjingyi233/office-exploit-case-study @@ -6070,6 +6209,7 @@ CVE-2015-1900 - https://github.com/thdusdl1219/CVE-Study CVE-2015-1920 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2015-1920 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2015-1920 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +CVE-2015-20001 - https://github.com/Qwaz/rust-cve CVE-2015-20001 - https://github.com/xxg1413/rust-security CVE-2015-2041 - https://github.com/thdusdl1219/CVE-Study CVE-2015-2042 - https://github.com/thdusdl1219/CVE-Study @@ -6125,6 +6265,7 @@ CVE-2015-2426 - https://github.com/paulveillard/cybersecurity-windows-exploitati CVE-2015-2426 - https://github.com/r3p3r/nixawk-awesome-windows-exploitation CVE-2015-2426 - https://github.com/rhamaa/Binary-exploit-writeups CVE-2015-2426 - https://github.com/sathwikch/windows-exploitation +CVE-2015-2426 - https://github.com/scuechjr/Sec-Box CVE-2015-2455 - https://github.com/googleprojectzero/BrokenType CVE-2015-2474 - https://github.com/uroboros-security/SMB-CVE CVE-2015-2511 - https://github.com/ycdxsb/WindowsPrivilegeEscalation @@ -6173,10 +6314,12 @@ CVE-2015-2806 - https://github.com/rsumnerz/vuls CVE-2015-2806 - https://github.com/xmppadmin/vuls CVE-2015-2807 - https://github.com/ARPSyndicate/kenzer-templates CVE-2015-2808 - https://github.com/Artem-Salnikov/devops-netology +CVE-2015-2808 - https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 CVE-2015-2808 - https://github.com/WiktorMysz/devops-netology CVE-2015-2808 - https://github.com/alexandrburyakov/Rep2 CVE-2015-2808 - https://github.com/bysart/devops-netology CVE-2015-2808 - https://github.com/mikemackintosh/ruby-qualys +CVE-2015-2808 - https://github.com/yellownine/netology-DevOps CVE-2015-2819 - https://github.com/Hwangtaewon/radamsa CVE-2015-2819 - https://github.com/StephenHaruna/RADAMSA CVE-2015-2819 - https://github.com/benoit-a/radamsa @@ -6196,6 +6339,7 @@ CVE-2015-2925 - https://github.com/thdusdl1219/CVE-Study CVE-2015-2951 - https://github.com/The-Cracker-Technology/jwt_tool CVE-2015-2951 - https://github.com/aress31/jwtcat CVE-2015-2951 - https://github.com/mishmashclone/ticarpi-jwt_tool +CVE-2015-2951 - https://github.com/puckiestyle/jwt_tool CVE-2015-2951 - https://github.com/ticarpi/jwt_tool CVE-2015-2963 - https://github.com/innoq/security_report CVE-2015-3036 - https://github.com/pandazheng/MiraiSecurity @@ -6382,6 +6526,7 @@ CVE-2015-3837 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2015-3839 - https://github.com/mabin004/cve-2015-3839_PoC CVE-2015-3864 - https://github.com/HenryVHuang/CVE-2015-3864 CVE-2015-3864 - https://github.com/eudemonics/scaredycat +CVE-2015-3864 - https://github.com/hac425xxx/heap-exploitation-in-real-world CVE-2015-3864 - https://github.com/pwnaccelerator/stagefright-cve-2015-3864 CVE-2015-3884 - https://github.com/0xT11/CVE-POC CVE-2015-3884 - https://github.com/TobinShields/qdPM9.1_Exploit @@ -6398,6 +6543,7 @@ CVE-2015-4000 - https://github.com/Artem-Salnikov/devops-netology CVE-2015-4000 - https://github.com/F4RM0X/script_a2sv CVE-2015-4000 - https://github.com/H4CK3RT3CH/a2sv CVE-2015-4000 - https://github.com/Mre11i0t/a2sv +CVE-2015-4000 - https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 CVE-2015-4000 - https://github.com/WiktorMysz/devops-netology CVE-2015-4000 - https://github.com/alexandrburyakov/Rep2 CVE-2015-4000 - https://github.com/bysart/devops-netology @@ -6405,11 +6551,18 @@ CVE-2015-4000 - https://github.com/fireorb/sslscanner CVE-2015-4000 - https://github.com/giusepperuggiero96/Network-Security-2021 CVE-2015-4000 - https://github.com/javirodriguezzz/Shodan-Browser CVE-2015-4000 - https://github.com/thekondrashov/stuff +CVE-2015-4000 - https://github.com/yellownine/netology-DevOps CVE-2015-4001 - https://github.com/thdusdl1219/CVE-Study CVE-2015-4002 - https://github.com/thdusdl1219/CVE-Study CVE-2015-4003 - https://github.com/thdusdl1219/CVE-Study CVE-2015-4004 - https://github.com/thdusdl1219/CVE-Study +CVE-2015-4027 - https://github.com/Apri1y/Red-Team-links CVE-2015-4027 - https://github.com/Echocipher/Resource-list +CVE-2015-4027 - https://github.com/hudunkey/Red-Team-links +CVE-2015-4027 - https://github.com/john-80/-007 +CVE-2015-4027 - https://github.com/lp008/Hack-readme +CVE-2015-4027 - https://github.com/slimdaddy/RedTeam +CVE-2015-4027 - https://github.com/xiaoZ-hc/redtool CVE-2015-4036 - https://github.com/thdusdl1219/CVE-Study CVE-2015-4047 - https://github.com/andir/nixos-issue-db-example CVE-2015-4050 - https://github.com/ARPSyndicate/kenzer-templates @@ -6438,6 +6591,7 @@ CVE-2015-4472 - https://github.com/mrash/afl-cve CVE-2015-4491 - https://github.com/thdusdl1219/CVE-Study CVE-2015-4495 - https://github.com/vincd/CVE-2015-4495 CVE-2015-4512 - https://github.com/thdusdl1219/CVE-Study +CVE-2015-4582 - https://github.com/safe6Sec/wlsEnv CVE-2015-4588 - https://github.com/andir/nixos-issue-db-example CVE-2015-4590 - https://github.com/mrash/afl-cve CVE-2015-4599 - https://github.com/80vul/phpcodz @@ -6462,6 +6616,8 @@ CVE-2015-4819 - https://github.com/scmanjarrez/CVEScannerV2 CVE-2015-4852 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2015-4852 - https://github.com/MrTcsy/Exploit CVE-2015-4852 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2015-4852 - https://github.com/Y4tacker/JavaSec +CVE-2015-4852 - https://github.com/asa1997/topgear_test CVE-2015-4852 - https://github.com/awsassets/weblogic_exploit CVE-2015-4852 - https://github.com/cross2to/betaseclab_tools CVE-2015-4852 - https://github.com/fengjixuchui/RedTeamer @@ -6470,6 +6626,7 @@ CVE-2015-4852 - https://github.com/hanc00l/weblogic_unserialize_exploit CVE-2015-4852 - https://github.com/hashtagcyber/Exp CVE-2015-4852 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2015-4852 - https://github.com/koutto/jok3r-pocs +CVE-2015-4852 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2015-4852 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2015-4852 - https://github.com/nihaohello/N-MiddlewareScan CVE-2015-4852 - https://github.com/sourcery-ai-bot/Deep-Security-Reports @@ -6514,11 +6671,13 @@ CVE-2015-5131 - https://github.com/thdusdl1219/CVE-Study CVE-2015-5132 - https://github.com/thdusdl1219/CVE-Study CVE-2015-5133 - https://github.com/thdusdl1219/CVE-Study CVE-2015-5134 - https://github.com/thdusdl1219/CVE-Study +CVE-2015-5156 - https://github.com/Resery/Learning_Record CVE-2015-5156 - https://github.com/thdusdl1219/CVE-Study CVE-2015-5157 - https://github.com/thdusdl1219/CVE-Study CVE-2015-5165 - https://github.com/Resery/Learning_Note CVE-2015-5165 - https://github.com/jiayy/android_vuln_poc-exp CVE-2015-5165 - https://github.com/ray-cp/Vuln_Analysis +CVE-2015-5165 - https://github.com/tina2114/skr_learn_list CVE-2015-5178 - https://github.com/RedHatOfficial/rhsecapi CVE-2015-5178 - https://github.com/RedHatProductSecurity/cve-pylib CVE-2015-5180 - https://github.com/yfoelling/yair @@ -6533,6 +6692,7 @@ CVE-2015-5218 - https://github.com/garethr/findcve CVE-2015-5218 - https://github.com/thdusdl1219/CVE-Study CVE-2015-5220 - https://github.com/RedHatOfficial/rhsecapi CVE-2015-5220 - https://github.com/RedHatProductSecurity/cve-pylib +CVE-2015-5224 - https://github.com/KorayAgaya/TrivyWeb CVE-2015-5224 - https://github.com/garethr/findcve CVE-2015-5224 - https://github.com/siddharthraopotukuchi/trivy CVE-2015-5224 - https://github.com/simiyo/trivy @@ -6546,6 +6706,7 @@ CVE-2015-5254 - https://github.com/SexyBeast233/SecBooks CVE-2015-5254 - https://github.com/bigblackhat/oFx CVE-2015-5254 - https://github.com/fengjixuchui/RedTeamer CVE-2015-5254 - https://github.com/guoyu07/AwareIM-resources +CVE-2015-5254 - https://github.com/jas502n/CVE-2015-5254 CVE-2015-5254 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2015-5254 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2015-5254 - https://github.com/qazbnm456/awesome-cve-poc @@ -6652,6 +6813,7 @@ CVE-2015-5622 - https://github.com/alexanderkoz/Web-Security-Week-7-Project-Word CVE-2015-5622 - https://github.com/and-aleksandrov/wordpress CVE-2015-5622 - https://github.com/bryanvnguyen/WordPress-PT CVE-2015-5622 - https://github.com/choyuansu/Week-7-Project +CVE-2015-5622 - https://github.com/christiancastro1/Codepath-Week-7-8-Assignement CVE-2015-5622 - https://github.com/drsh0x2/WebSec-Week7 CVE-2015-5622 - https://github.com/jas5mg/Code-Path-Week7 CVE-2015-5622 - https://github.com/jguerrero12/WordPress-Pentesting @@ -6669,6 +6831,7 @@ CVE-2015-5622 - https://github.com/zakia00/Week7Lab CVE-2015-5622 - https://github.com/zjasonshen/CodepathWebSecurityWeek7 CVE-2015-5623 - https://github.com/and-aleksandrov/wordpress CVE-2015-5623 - https://github.com/choyuansu/Week-7-Project +CVE-2015-5623 - https://github.com/christiancastro1/Codepath-Week-7-8-Assignement CVE-2015-5623 - https://github.com/jas5mg/Code-Path-Week7 CVE-2015-5623 - https://github.com/lihaojin/WordPress-Pentesting CVE-2015-5623 - https://github.com/mmehrayin/cybersecurity-week7 @@ -6683,6 +6846,7 @@ CVE-2015-5714 - https://github.com/Lukanite/CP_wpvulns CVE-2015-5714 - https://github.com/RandallLu/codepath_7 CVE-2015-5714 - https://github.com/and-aleksandrov/wordpress CVE-2015-5714 - https://github.com/choyuansu/Week-7-Project +CVE-2015-5714 - https://github.com/christiancastro1/Codepath-Week-7-8-Assignement CVE-2015-5714 - https://github.com/kennyhk418/Codepath_project7 CVE-2015-5714 - https://github.com/krushang598/Cybersecurity-Week-7-and-8 CVE-2015-5714 - https://github.com/mmehrayin/cybersecurity-week7 @@ -6693,10 +6857,12 @@ CVE-2015-5714 - https://github.com/zjasonshen/CodepathWebSecurityWeek7 CVE-2015-5715 - https://github.com/LifeBringer/WordPress-Pentesting CVE-2015-5715 - https://github.com/and-aleksandrov/wordpress CVE-2015-5715 - https://github.com/choyuansu/Week-7-Project +CVE-2015-5715 - https://github.com/christiancastro1/Codepath-Week-7-8-Assignement CVE-2015-5715 - https://github.com/sammanthp007/WordPress-Pentesting CVE-2015-5722 - https://github.com/mrash/afl-cve CVE-2015-5726 - https://github.com/mrash/afl-cve CVE-2015-5732 - https://github.com/jguerrero12/WordPress-Pentesting +CVE-2015-5733 - https://github.com/christiancastro1/Codepath-Week-7-8-Assignement CVE-2015-5733 - https://github.com/ftruncale/Codepath-Week-7 CVE-2015-5734 - https://github.com/JHChen3/web_security_week7 CVE-2015-5734 - https://github.com/breindy/Week7-WordPress-Pentesting @@ -6728,6 +6894,8 @@ CVE-2015-6086 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2015-6095 - https://github.com/JackOfMostTrades/bluebox CVE-2015-6132 - https://github.com/hexx0r/CVE-2015-6132 CVE-2015-6152 - https://github.com/LyleMi/dom-vuln-db +CVE-2015-6161 - https://github.com/jessewolcott/VulnerabilityRemediation +CVE-2015-6240 - https://github.com/PRISHIta123/Securing_Open_Source_Components_on_Containers CVE-2015-6252 - https://github.com/thdusdl1219/CVE-Study CVE-2015-6271 - https://github.com/tobor88/Bash CVE-2015-6305 - https://github.com/goichot/CVE-2020-3153 @@ -6819,6 +6987,7 @@ CVE-2015-7253 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Ch CVE-2015-7297 - https://github.com/0ps/pocassistdb CVE-2015-7297 - https://github.com/ARPSyndicate/kenzer-templates CVE-2015-7297 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2015-7297 - https://github.com/areaventuno/exploit-joomla CVE-2015-7297 - https://github.com/jweny/pocassistdb CVE-2015-7297 - https://github.com/stamparm/maltrail CVE-2015-7312 - https://github.com/thdusdl1219/CVE-Study @@ -6828,27 +6997,41 @@ CVE-2015-7450 - https://github.com/0day666/Vulnerability-verification CVE-2015-7450 - https://github.com/3vikram/Application-Vulnerabilities-Payloads CVE-2015-7450 - https://github.com/84KaliPleXon3/Payloads_All_The_Things CVE-2015-7450 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2015-7450 - https://github.com/Delishsploits/PayloadsAndMethodology CVE-2015-7450 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet +CVE-2015-7450 - https://github.com/GuynnR/Payloads CVE-2015-7450 - https://github.com/Muhammd/Awesome-Payloads +CVE-2015-7450 - https://github.com/Nieuport/PayloadsAllTheThings CVE-2015-7450 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2015-7450 - https://github.com/Ra7mo0on/PayloadsAllTheThings CVE-2015-7450 - https://github.com/XPR1M3/Payloads_All_The_Things CVE-2015-7450 - https://github.com/andrysec/PayloadsAllVulnerability CVE-2015-7450 - https://github.com/anhtu97/PayloadAllEverything +CVE-2015-7450 - https://github.com/apkadmin/PayLoadsAll +CVE-2015-7450 - https://github.com/chanchalpatra/payload +CVE-2015-7450 - https://github.com/hellochunqiu/PayloadsAllTheThings CVE-2015-7450 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2015-7450 - https://github.com/koutto/jok3r-pocs +CVE-2015-7450 - https://github.com/ksw9722/PayloadsAllTheThings CVE-2015-7450 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +CVE-2015-7450 - https://github.com/mrhacker51/ReverseShellCommands +CVE-2015-7450 - https://github.com/nevidimk0/PayloadsAllTheThings CVE-2015-7450 - https://github.com/qazbnm456/awesome-cve-poc CVE-2015-7450 - https://github.com/sobinge/--1 CVE-2015-7450 - https://github.com/sobinge/PayloadsAllTheThings +CVE-2015-7450 - https://github.com/sobinge/PayloadsAllThesobinge CVE-2015-7450 - https://github.com/sourcery-ai-bot/Deep-Security-Reports +CVE-2015-7450 - https://github.com/winterwolf32/PayloadsAllTheThings CVE-2015-7450 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2015-7501 - https://github.com/0day666/Vulnerability-verification CVE-2015-7501 - https://github.com/3vikram/Application-Vulnerabilities-Payloads CVE-2015-7501 - https://github.com/84KaliPleXon3/Payloads_All_The_Things CVE-2015-7501 - https://github.com/AfvanMoopen/tryhackme- +CVE-2015-7501 - https://github.com/Delishsploits/PayloadsAndMethodology CVE-2015-7501 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet +CVE-2015-7501 - https://github.com/GuynnR/Payloads CVE-2015-7501 - https://github.com/Muhammd/Awesome-Payloads +CVE-2015-7501 - https://github.com/Nieuport/PayloadsAllTheThings CVE-2015-7501 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2015-7501 - https://github.com/Ra7mo0on/PayloadsAllTheThings CVE-2015-7501 - https://github.com/RedHatOfficial/rhsecapi @@ -6857,20 +7040,30 @@ CVE-2015-7501 - https://github.com/SexyBeast233/SecBooks CVE-2015-7501 - https://github.com/XPR1M3/Payloads_All_The_Things CVE-2015-7501 - https://github.com/andrysec/PayloadsAllVulnerability CVE-2015-7501 - https://github.com/anhtu97/PayloadAllEverything +CVE-2015-7501 - https://github.com/apkadmin/PayLoadsAll +CVE-2015-7501 - https://github.com/asa1997/topgear_test CVE-2015-7501 - https://github.com/catsecorg/CatSec-TryHackMe-WriteUps +CVE-2015-7501 - https://github.com/chanchalpatra/payload CVE-2015-7501 - https://github.com/fengjixuchui/RedTeamer CVE-2015-7501 - https://github.com/fupinglee/JavaTools CVE-2015-7501 - https://github.com/gredler/aegis4j +CVE-2015-7501 - https://github.com/hellochunqiu/PayloadsAllTheThings CVE-2015-7501 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2015-7501 - https://github.com/koutto/jok3r-pocs +CVE-2015-7501 - https://github.com/ksw9722/PayloadsAllTheThings CVE-2015-7501 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +CVE-2015-7501 - https://github.com/mrhacker51/ReverseShellCommands +CVE-2015-7501 - https://github.com/nevidimk0/PayloadsAllTheThings CVE-2015-7501 - https://github.com/qazbnm456/awesome-cve-poc CVE-2015-7501 - https://github.com/sobinge/--1 CVE-2015-7501 - https://github.com/sobinge/PayloadsAllTheThings +CVE-2015-7501 - https://github.com/sobinge/PayloadsAllThesobinge CVE-2015-7501 - https://github.com/sourcery-ai-bot/Deep-Security-Reports +CVE-2015-7501 - https://github.com/winterwolf32/PayloadsAllTheThings CVE-2015-7501 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2015-7501 - https://github.com/zema1/oracle-vuln-crawler CVE-2015-7504 - https://github.com/Resery/Learning_Note +CVE-2015-7504 - https://github.com/Resery/Learning_Record CVE-2015-7504 - https://github.com/WinMin/awesome-vm-exploit CVE-2015-7504 - https://github.com/jiayy/android_vuln_poc-exp CVE-2015-7504 - https://github.com/ray-cp/Vuln_Analysis @@ -6908,6 +7101,7 @@ CVE-2015-7547 - https://github.com/ozkanbilge/Linux-Kernel-Exploits CVE-2015-7547 - https://github.com/pandazheng/LinuxExploit CVE-2015-7547 - https://github.com/qiantu88/Linux--exp CVE-2015-7547 - https://github.com/rakjong/LinuxElevation +CVE-2015-7547 - https://github.com/scuechjr/Sec-Box CVE-2015-7547 - https://github.com/xfinest/linux-kernel-exploits CVE-2015-7547 - https://github.com/xssfile/linux-kernel-exploits CVE-2015-7547 - https://github.com/yige666/linux-kernel-exploits @@ -6978,7 +7172,9 @@ CVE-2015-7808 - https://github.com/XiphosResearch/exploits CVE-2015-7808 - https://github.com/shildenbrand/Exploits CVE-2015-7823 - https://github.com/ARPSyndicate/kenzer-templates CVE-2015-7855 - https://github.com/mrash/afl-cve +CVE-2015-7857 - https://github.com/areaventuno/exploit-joomla CVE-2015-7857 - https://github.com/stamparm/maltrail +CVE-2015-7858 - https://github.com/areaventuno/exploit-joomla CVE-2015-7858 - https://github.com/stamparm/maltrail CVE-2015-7869 - https://github.com/thdusdl1219/CVE-Study CVE-2015-7872 - https://github.com/thdusdl1219/CVE-Study @@ -7021,22 +7217,33 @@ CVE-2015-8071 - https://github.com/thdusdl1219/CVE-Study CVE-2015-8088 - https://github.com/Pray3r/CVE-2015-8088 CVE-2015-8103 - https://github.com/3vikram/Application-Vulnerabilities-Payloads CVE-2015-8103 - https://github.com/84KaliPleXon3/Payloads_All_The_Things +CVE-2015-8103 - https://github.com/Delishsploits/PayloadsAndMethodology CVE-2015-8103 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet +CVE-2015-8103 - https://github.com/GuynnR/Payloads CVE-2015-8103 - https://github.com/Muhammd/Awesome-Payloads CVE-2015-8103 - https://github.com/NCSU-DANCE-Research-Group/CDL +CVE-2015-8103 - https://github.com/Nieuport/PayloadsAllTheThings CVE-2015-8103 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2015-8103 - https://github.com/Ra7mo0on/PayloadsAllTheThings CVE-2015-8103 - https://github.com/XPR1M3/Payloads_All_The_Things CVE-2015-8103 - https://github.com/andrysec/PayloadsAllVulnerability CVE-2015-8103 - https://github.com/anhtu97/PayloadAllEverything +CVE-2015-8103 - https://github.com/apkadmin/PayLoadsAll +CVE-2015-8103 - https://github.com/chanchalpatra/payload CVE-2015-8103 - https://github.com/gquere/pwn_jenkins +CVE-2015-8103 - https://github.com/hellochunqiu/PayloadsAllTheThings CVE-2015-8103 - https://github.com/jiangsir404/POC-S CVE-2015-8103 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2015-8103 - https://github.com/koutto/jok3r-pocs +CVE-2015-8103 - https://github.com/ksw9722/PayloadsAllTheThings CVE-2015-8103 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +CVE-2015-8103 - https://github.com/mrhacker51/ReverseShellCommands +CVE-2015-8103 - https://github.com/nevidimk0/PayloadsAllTheThings CVE-2015-8103 - https://github.com/sobinge/--1 CVE-2015-8103 - https://github.com/sobinge/PayloadsAllTheThings +CVE-2015-8103 - https://github.com/sobinge/PayloadsAllThesobinge CVE-2015-8103 - https://github.com/superfish9/pt +CVE-2015-8103 - https://github.com/winterwolf32/PayloadsAllTheThings CVE-2015-8104 - https://github.com/thdusdl1219/CVE-Study CVE-2015-8107 - https://github.com/andir/nixos-issue-db-example CVE-2015-8126 - https://github.com/mrash/afl-cve @@ -7380,11 +7587,13 @@ CVE-2016-0494 - https://github.com/R0B1NL1N/Vulnerability-scanner-for-Linux CVE-2016-0494 - https://github.com/andrewwebber/kate CVE-2016-0494 - https://github.com/pombredanne/vuls-test CVE-2016-0546 - https://github.com/scmanjarrez/CVEScannerV2 +CVE-2016-0634 - https://github.com/KorayAgaya/TrivyWeb CVE-2016-0634 - https://github.com/siddharthraopotukuchi/trivy CVE-2016-0634 - https://github.com/simiyo/trivy CVE-2016-0634 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2016-0634 - https://github.com/umahari/security CVE-2016-0638 - https://github.com/0xn0ne/weblogicScanner +CVE-2016-0638 - https://github.com/Bywalks/WeblogicScan CVE-2016-0638 - https://github.com/ParrotSec-CN/ParrotSecCN_Community_QQbot CVE-2016-0638 - https://github.com/awsassets/weblogic_exploit CVE-2016-0638 - https://github.com/bigblackhat/oFx @@ -7394,9 +7603,11 @@ CVE-2016-0638 - https://github.com/fengjixuchui/RedTeamer CVE-2016-0638 - https://github.com/followboy1999/weblogic-deserialization CVE-2016-0638 - https://github.com/hanc00l/some_pocsuite CVE-2016-0638 - https://github.com/hanc00l/weblogic_unserialize_exploit +CVE-2016-0638 - https://github.com/hmoytx/weblogicscan CVE-2016-0638 - https://github.com/koutto/jok3r-pocs CVE-2016-0638 - https://github.com/nihaohello/N-MiddlewareScan CVE-2016-0638 - https://github.com/rabbitmask/WeblogicScanLot +CVE-2016-0638 - https://github.com/safe6Sec/wlsEnv CVE-2016-0638 - https://github.com/superfish9/pt CVE-2016-0638 - https://github.com/whoadmin/pocs CVE-2016-0638 - https://github.com/zema1/oracle-vuln-crawler @@ -7405,9 +7616,11 @@ CVE-2016-0686 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2016-0702 - https://github.com/rsumnerz/vuls CVE-2016-0702 - https://github.com/xmppadmin/vuls CVE-2016-0703 - https://github.com/Artem-Salnikov/devops-netology +CVE-2016-0703 - https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 CVE-2016-0703 - https://github.com/WiktorMysz/devops-netology CVE-2016-0703 - https://github.com/alexandrburyakov/Rep2 CVE-2016-0703 - https://github.com/bysart/devops-netology +CVE-2016-0703 - https://github.com/yellownine/netology-DevOps CVE-2016-0714 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2016-0714 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2016-0714 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet @@ -7471,6 +7684,7 @@ CVE-2016-0777 - https://github.com/jaymoulin/docker-sshtron CVE-2016-0777 - https://github.com/jcdad3000/GameServer CVE-2016-0777 - https://github.com/jcdad3000/gameserverB CVE-2016-0777 - https://github.com/phx/cvescan +CVE-2016-0777 - https://github.com/project7io/nmap CVE-2016-0777 - https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough CVE-2016-0777 - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough CVE-2016-0777 - https://github.com/zachlatta/sshtron @@ -7478,6 +7692,7 @@ CVE-2016-0778 - https://github.com/jaymoulin/docker-sshtron CVE-2016-0778 - https://github.com/jcdad3000/GameServer CVE-2016-0778 - https://github.com/jcdad3000/gameserverB CVE-2016-0778 - https://github.com/phx/cvescan +CVE-2016-0778 - https://github.com/project7io/nmap CVE-2016-0778 - https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough CVE-2016-0778 - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough CVE-2016-0778 - https://github.com/zachlatta/sshtron @@ -7495,17 +7710,29 @@ CVE-2016-0788 - https://github.com/qazbnm456/awesome-cve-poc CVE-2016-0788 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2016-0792 - https://github.com/3vikram/Application-Vulnerabilities-Payloads CVE-2016-0792 - https://github.com/84KaliPleXon3/Payloads_All_The_Things +CVE-2016-0792 - https://github.com/Delishsploits/PayloadsAndMethodology +CVE-2016-0792 - https://github.com/GuynnR/Payloads CVE-2016-0792 - https://github.com/Muhammd/Awesome-Payloads +CVE-2016-0792 - https://github.com/Nieuport/PayloadsAllTheThings CVE-2016-0792 - https://github.com/Ra7mo0on/PayloadsAllTheThings CVE-2016-0792 - https://github.com/XPR1M3/Payloads_All_The_Things CVE-2016-0792 - https://github.com/andrysec/PayloadsAllVulnerability CVE-2016-0792 - https://github.com/anhtu97/PayloadAllEverything +CVE-2016-0792 - https://github.com/apkadmin/PayLoadsAll +CVE-2016-0792 - https://github.com/chanchalpatra/payload +CVE-2016-0792 - https://github.com/hellochunqiu/PayloadsAllTheThings CVE-2016-0792 - https://github.com/koutto/jok3r-pocs +CVE-2016-0792 - https://github.com/ksw9722/PayloadsAllTheThings +CVE-2016-0792 - https://github.com/lp008/Hack-readme +CVE-2016-0792 - https://github.com/mrhacker51/ReverseShellCommands +CVE-2016-0792 - https://github.com/nevidimk0/PayloadsAllTheThings CVE-2016-0792 - https://github.com/p1ay8y3ar/cve_monitor CVE-2016-0792 - https://github.com/qazbnm456/awesome-cve-poc CVE-2016-0792 - https://github.com/sobinge/--1 CVE-2016-0792 - https://github.com/sobinge/PayloadsAllTheThings +CVE-2016-0792 - https://github.com/sobinge/PayloadsAllThesobinge CVE-2016-0792 - https://github.com/superfish9/pt +CVE-2016-0792 - https://github.com/winterwolf32/PayloadsAllTheThings CVE-2016-0792 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2016-0799 - https://github.com/xinali/articles CVE-2016-0800 - https://github.com/84KaliPleXon3/a2sv @@ -7513,12 +7740,14 @@ CVE-2016-0800 - https://github.com/Artem-Salnikov/devops-netology CVE-2016-0800 - https://github.com/F4RM0X/script_a2sv CVE-2016-0800 - https://github.com/H4CK3RT3CH/a2sv CVE-2016-0800 - https://github.com/Mre11i0t/a2sv +CVE-2016-0800 - https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 CVE-2016-0800 - https://github.com/WiktorMysz/devops-netology CVE-2016-0800 - https://github.com/alexandrburyakov/Rep2 CVE-2016-0800 - https://github.com/bysart/devops-netology CVE-2016-0800 - https://github.com/fireorb/sslscanner CVE-2016-0800 - https://github.com/halon/changelog CVE-2016-0800 - https://github.com/notnarb/docker-murmur +CVE-2016-0800 - https://github.com/yellownine/netology-DevOps CVE-2016-0801 - https://github.com/abdsec/CVE-2016-0801 CVE-2016-0801 - https://github.com/zsaurus/CVE-2016-0801-test CVE-2016-0805 - https://github.com/hulovebin/cve-2016-0805 @@ -7714,6 +7943,7 @@ CVE-2016-10033 - https://github.com/bkrishnasowmya/OTMS-project CVE-2016-10033 - https://github.com/boy-hack/hack-requests CVE-2016-10033 - https://github.com/codersstock/PhpMailer CVE-2016-10033 - https://github.com/crackerica/PHPMailer2 +CVE-2016-10033 - https://github.com/cyberpacifists/redteam CVE-2016-10033 - https://github.com/denniskinyuandege/mailer CVE-2016-10033 - https://github.com/devhribeiro/cadweb_aritana CVE-2016-10033 - https://github.com/dipak1997/Alumni-M @@ -7928,6 +8158,7 @@ CVE-2016-10134 - https://github.com/SexyBeast233/SecBooks CVE-2016-10134 - https://github.com/TesterCC/exp_poc_library CVE-2016-10134 - https://github.com/amcai/myscan CVE-2016-10134 - https://github.com/jweny/pocassistdb +CVE-2016-10134 - https://github.com/maya6/-scan- CVE-2016-10134 - https://github.com/woods-sega/woodswiki CVE-2016-1014 - https://github.com/thdusdl1219/CVE-Study CVE-2016-10147 - https://github.com/thdusdl1219/CVE-Study @@ -7960,7 +8191,10 @@ CVE-2016-10225 - https://github.com/nixawk/labs CVE-2016-10225 - https://github.com/oneplus-x/MS17-010 CVE-2016-10228 - https://github.com/anchore/grype CVE-2016-10228 - https://github.com/aymankhder/scanner-for-container +CVE-2016-10228 - https://github.com/brandoncamenisch/release-the-code-litecoin CVE-2016-10228 - https://github.com/dispera/giant-squid +CVE-2016-10228 - https://github.com/domyrtille/interview_project +CVE-2016-10228 - https://github.com/epequeno/devops-demo CVE-2016-10228 - https://github.com/flyrev/security-scan-ci-presentation CVE-2016-10228 - https://github.com/garethr/snykout CVE-2016-10228 - https://github.com/nedenwalker/spring-boot-app-using-gradle @@ -8031,15 +8265,21 @@ CVE-2016-10370 - https://github.com/qazbnm456/awesome-cve-poc CVE-2016-10370 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2016-10396 - https://github.com/andir/nixos-issue-db-example CVE-2016-10401 - https://github.com/oxagast/oxasploits +CVE-2016-10403 - https://github.com/SkyBulk/RealWorldPwn CVE-2016-10403 - https://github.com/attackgithub/RealWorldPwn +CVE-2016-10523 - https://github.com/ThingzDefense/IoT-Flock CVE-2016-10527 - https://github.com/engn33r/awesome-redos-security CVE-2016-10540 - https://github.com/engn33r/awesome-redos-security +CVE-2016-10542 - https://github.com/PalindromeLabs/awesome-websocket-security +CVE-2016-10544 - https://github.com/PalindromeLabs/awesome-websocket-security CVE-2016-10555 - https://github.com/The-Cracker-Technology/jwt_tool CVE-2016-10555 - https://github.com/mishmashclone/ticarpi-jwt_tool CVE-2016-10555 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2016-10555 - https://github.com/puckiestyle/jwt_tool CVE-2016-10555 - https://github.com/ticarpi/jwt_tool CVE-2016-10707 - https://github.com/flyher/sheep CVE-2016-10708 - https://github.com/phx/cvescan +CVE-2016-10708 - https://github.com/project7io/nmap CVE-2016-10708 - https://github.com/syadg123/pigat CVE-2016-10708 - https://github.com/teamssix/pigat CVE-2016-10708 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough @@ -8058,6 +8298,7 @@ CVE-2016-10750 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2016-10750 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2016-10924 - https://github.com/ARPSyndicate/kenzer-templates CVE-2016-10931 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs +CVE-2016-10931 - https://github.com/MaineK00n/go-osv CVE-2016-10931 - https://github.com/xxg1413/rust-security CVE-2016-10932 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2016-10932 - https://github.com/xxg1413/rust-security @@ -8084,9 +8325,12 @@ CVE-2016-1240 - https://github.com/r0eXpeR/redteam_vul CVE-2016-1240 - https://github.com/superfish9/pt CVE-2016-1240 - https://github.com/woods-sega/woodswiki CVE-2016-1247 - https://github.com/SexyBeast233/SecBooks +CVE-2016-1247 - https://github.com/TCM-Course-Resources/Linux-Privilege-Escalation-Resources CVE-2016-1247 - https://github.com/lukeber4/usn-search CVE-2016-1247 - https://github.com/superfish9/pt CVE-2016-1247 - https://github.com/woods-sega/woodswiki +CVE-2016-1252 - https://github.com/KorayAgaya/TrivyWeb +CVE-2016-1252 - https://github.com/Tufin/securecloud-image-analysis-action CVE-2016-1252 - https://github.com/jaweesh/Packet-Injection-in-Sudan-Analysis CVE-2016-1252 - https://github.com/siddharthraopotukuchi/trivy CVE-2016-1252 - https://github.com/simiyo/trivy @@ -8228,6 +8472,7 @@ CVE-2016-1928 - https://github.com/benoit-a/radamsa CVE-2016-1928 - https://github.com/sunzu94/radamsa-Fuzzer CVE-2016-1928 - https://github.com/vah13/SAP_vulnerabilities CVE-2016-1956 - https://github.com/thdusdl1219/CVE-Study +CVE-2016-1960 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2016-1960 - https://github.com/i0gan/cve CVE-2016-1972 - https://github.com/wcventure/PERIOD CVE-2016-1973 - https://github.com/wcventure/PERIOD @@ -8290,6 +8535,7 @@ CVE-2016-2107 - https://github.com/RedHatProductSecurity/cve-pylib CVE-2016-2107 - https://github.com/hackstoic/hacker-tools-projects CVE-2016-2107 - https://github.com/hannob/tls-what-can-go-wrong CVE-2016-2107 - https://github.com/krabelize/openbsd-httpd-tls-perfect-ssllabs-score +CVE-2016-2107 - https://github.com/scuechjr/Sec-Box CVE-2016-2107 - https://github.com/tomwillfixit/alpine-cvecheck CVE-2016-2109 - https://github.com/tomwillfixit/alpine-cvecheck CVE-2016-2117 - https://github.com/thdusdl1219/CVE-Study @@ -8314,12 +8560,14 @@ CVE-2016-2180 - https://github.com/tomwillfixit/alpine-cvecheck CVE-2016-2181 - https://github.com/tomwillfixit/alpine-cvecheck CVE-2016-2182 - https://github.com/tomwillfixit/alpine-cvecheck CVE-2016-2183 - https://github.com/Artem-Salnikov/devops-netology +CVE-2016-2183 - https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 CVE-2016-2183 - https://github.com/WiktorMysz/devops-netology CVE-2016-2183 - https://github.com/alexandrburyakov/Rep2 CVE-2016-2183 - https://github.com/biswajitde/dsm_ips CVE-2016-2183 - https://github.com/bysart/devops-netology CVE-2016-2183 - https://github.com/gabrieljcs/ips-assessment-reports CVE-2016-2183 - https://github.com/mikemackintosh/ruby-qualys +CVE-2016-2183 - https://github.com/yellownine/netology-DevOps CVE-2016-2184 - https://github.com/thdusdl1219/CVE-Study CVE-2016-2185 - https://github.com/thdusdl1219/CVE-Study CVE-2016-2186 - https://github.com/thdusdl1219/CVE-Study @@ -8340,6 +8588,7 @@ CVE-2016-2334 - https://github.com/mikhailnov/rosa-building-guide CVE-2016-2335 - https://github.com/mikhailnov/rosa-building-guide CVE-2016-2379 - https://github.com/RedHatOfficial/rhsecapi CVE-2016-2379 - https://github.com/RedHatProductSecurity/cve-pylib +CVE-2016-2383 - https://github.com/dylandreimerink/gobpfld CVE-2016-2383 - https://github.com/thdusdl1219/CVE-Study CVE-2016-2384 - https://github.com/Al1ex/LinuxEelvation CVE-2016-2384 - https://github.com/C0dak/linux-kernel-exploits @@ -8443,10 +8692,13 @@ CVE-2016-2568 - https://github.com/p1ay8y3ar/cve_monitor CVE-2016-2569 - https://github.com/amit-raut/CVE-2016-2569 CVE-2016-2776 - https://github.com/KosukeShimofuji/CVE-2016-2776 CVE-2016-2776 - https://github.com/infobyte/CVE-2016-2776 +CVE-2016-2779 - https://github.com/KorayAgaya/TrivyWeb CVE-2016-2779 - https://github.com/aquasecurity/starboard-aqua-csp-webhook +CVE-2016-2779 - https://github.com/broadinstitute/dsp-appsec-trivy-cicd CVE-2016-2779 - https://github.com/flyrev/security-scan-ci-presentation CVE-2016-2779 - https://github.com/garethr/findcve CVE-2016-2779 - https://github.com/hilbix/suid +CVE-2016-2779 - https://github.com/lucky-sideburn/secpod_wrap CVE-2016-2779 - https://github.com/siddharthraopotukuchi/trivy CVE-2016-2779 - https://github.com/simiyo/trivy CVE-2016-2779 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers @@ -8454,7 +8706,11 @@ CVE-2016-2779 - https://github.com/umahari/security CVE-2016-2779 - https://github.com/yfoelling/yair CVE-2016-2781 - https://github.com/anchore/grype CVE-2016-2781 - https://github.com/aymankhder/scanner-for-container +CVE-2016-2781 - https://github.com/brandoncamenisch/release-the-code-litecoin +CVE-2016-2781 - https://github.com/devopstales/trivy-operator CVE-2016-2781 - https://github.com/dispera/giant-squid +CVE-2016-2781 - https://github.com/domyrtille/interview_project +CVE-2016-2781 - https://github.com/epequeno/devops-demo CVE-2016-2781 - https://github.com/equinor/radix-image-scanner CVE-2016-2781 - https://github.com/flyrev/security-scan-ci-presentation CVE-2016-2781 - https://github.com/garethr/findcve @@ -8517,6 +8773,7 @@ CVE-2016-3088 - https://github.com/jweny/pocassistdb CVE-2016-3088 - https://github.com/pravinsrc/NOTES-windows-kernel-links CVE-2016-3088 - https://github.com/qazbnm456/awesome-cve-poc CVE-2016-3088 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2016-3093 - https://github.com/ilmari666/cybsec CVE-2016-3113 - https://github.com/0xEmanuel/CVE-2016-3113 CVE-2016-3113 - https://github.com/N0b1e6/CVE-2016-4977-POC CVE-2016-3115 - https://github.com/biswajitde/dsm_ips @@ -8538,6 +8795,7 @@ CVE-2016-3189 - https://github.com/bubbleguuum/zypperdiff CVE-2016-3189 - https://github.com/ngkz/my-lfs-setup CVE-2016-3189 - https://github.com/phonito/phonito-scanner-action CVE-2016-3189 - https://github.com/phonito/phonito-vulnerable-container +CVE-2016-3189 - https://github.com/strongcourage/uafbench CVE-2016-3189 - https://github.com/tomwillfixit/alpine-cvecheck CVE-2016-3189 - https://github.com/yfoelling/yair CVE-2016-3191 - https://github.com/siddharthraopotukuchi/trivy @@ -8552,6 +8810,7 @@ CVE-2016-3225 - https://github.com/Al1ex/WindowsElevation CVE-2016-3225 - https://github.com/Ascotbe/Kernelhub CVE-2016-3225 - https://github.com/SexyBeast233/SecBooks CVE-2016-3225 - https://github.com/fei9747/WindowsElevation +CVE-2016-3225 - https://github.com/lp008/Hack-readme CVE-2016-3225 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2016-3238 - https://github.com/RPP-IM-2021/IM113-2016-Cvetkov-Katarina CVE-2016-3238 - https://github.com/nirdev/CVE-2016-3749-PoC @@ -8567,18 +8826,24 @@ CVE-2016-3308 - https://github.com/qazbnm456/awesome-cve-poc CVE-2016-3308 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2016-3308 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2016-33083309 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2016-3309 - https://github.com/Apri1y/Red-Team-links CVE-2016-3309 - https://github.com/Ascotbe/Kernelhub CVE-2016-3309 - https://github.com/CrackerCat/Kernel-Security-Development CVE-2016-3309 - https://github.com/Echocipher/Resource-list CVE-2016-3309 - https://github.com/ExpLife0011/awesome-windows-kernel-security-development CVE-2016-3309 - https://github.com/Ondrik8/exploit +CVE-2016-3309 - https://github.com/hudunkey/Red-Team-links CVE-2016-3309 - https://github.com/jenriquezv/OSCP-Cheat-Sheets-Windows +CVE-2016-3309 - https://github.com/john-80/-007 +CVE-2016-3309 - https://github.com/lp008/Hack-readme CVE-2016-3309 - https://github.com/ly4k/CallbackHell CVE-2016-3309 - https://github.com/pravinsrc/NOTES-windows-kernel-links CVE-2016-3309 - https://github.com/qazbnm456/awesome-cve-poc CVE-2016-3309 - https://github.com/sensepost/ms16-098 +CVE-2016-3309 - https://github.com/slimdaddy/RedTeam CVE-2016-3309 - https://github.com/whiteHat001/Kernel-Security CVE-2016-3309 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2016-3309 - https://github.com/xiaoZ-hc/redtool CVE-2016-3309 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2016-3310 - https://github.com/qazbnm456/awesome-cve-poc CVE-2016-3310 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 @@ -8588,10 +8853,16 @@ CVE-2016-3311 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2016-3311 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2016-3345 - https://github.com/uroboros-security/SMB-CVE CVE-2016-3351 - https://github.com/craigdods/SRX_PCAP_Receiver +CVE-2016-3371 - https://github.com/Apri1y/Red-Team-links CVE-2016-3371 - https://github.com/Ascotbe/Kernelhub CVE-2016-3371 - https://github.com/Echocipher/Resource-list +CVE-2016-3371 - https://github.com/hudunkey/Red-Team-links +CVE-2016-3371 - https://github.com/john-80/-007 +CVE-2016-3371 - https://github.com/lp008/Hack-readme CVE-2016-3371 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2016-3371 - https://github.com/slimdaddy/RedTeam CVE-2016-3371 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2016-3371 - https://github.com/xiaoZ-hc/redtool CVE-2016-3371 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2016-3380 - https://github.com/p0w3rsh3ll/MSRC-data CVE-2016-3386 - https://github.com/qazbnm456/awesome-cve-poc @@ -8621,27 +8892,41 @@ CVE-2016-3471 - https://github.com/scmanjarrez/CVEScannerV2 CVE-2016-3510 - https://github.com/0xn0ne/weblogicScanner CVE-2016-3510 - https://github.com/3vikram/Application-Vulnerabilities-Payloads CVE-2016-3510 - https://github.com/84KaliPleXon3/Payloads_All_The_Things +CVE-2016-3510 - https://github.com/Bywalks/WeblogicScan +CVE-2016-3510 - https://github.com/Delishsploits/PayloadsAndMethodology +CVE-2016-3510 - https://github.com/GuynnR/Payloads CVE-2016-3510 - https://github.com/Muhammd/Awesome-Payloads +CVE-2016-3510 - https://github.com/Nieuport/PayloadsAllTheThings CVE-2016-3510 - https://github.com/ParrotSec-CN/ParrotSecCN_Community_QQbot CVE-2016-3510 - https://github.com/Ra7mo0on/PayloadsAllTheThings CVE-2016-3510 - https://github.com/SexyBeast233/SecBooks CVE-2016-3510 - https://github.com/XPR1M3/Payloads_All_The_Things CVE-2016-3510 - https://github.com/andrysec/PayloadsAllVulnerability CVE-2016-3510 - https://github.com/anhtu97/PayloadAllEverything +CVE-2016-3510 - https://github.com/apkadmin/PayLoadsAll CVE-2016-3510 - https://github.com/awsassets/weblogic_exploit +CVE-2016-3510 - https://github.com/chanchalpatra/payload CVE-2016-3510 - https://github.com/cross2to/betaseclab_tools CVE-2016-3510 - https://github.com/dr0op/WeblogicScan CVE-2016-3510 - https://github.com/fengjixuchui/RedTeamer CVE-2016-3510 - https://github.com/followboy1999/weblogic-deserialization CVE-2016-3510 - https://github.com/hanc00l/some_pocsuite CVE-2016-3510 - https://github.com/hanc00l/weblogic_unserialize_exploit +CVE-2016-3510 - https://github.com/hellochunqiu/PayloadsAllTheThings +CVE-2016-3510 - https://github.com/hmoytx/weblogicscan CVE-2016-3510 - https://github.com/koutto/jok3r-pocs +CVE-2016-3510 - https://github.com/ksw9722/PayloadsAllTheThings +CVE-2016-3510 - https://github.com/mrhacker51/ReverseShellCommands +CVE-2016-3510 - https://github.com/nevidimk0/PayloadsAllTheThings CVE-2016-3510 - https://github.com/nihaohello/N-MiddlewareScan CVE-2016-3510 - https://github.com/rabbitmask/WeblogicScanLot +CVE-2016-3510 - https://github.com/safe6Sec/wlsEnv CVE-2016-3510 - https://github.com/sobinge/--1 CVE-2016-3510 - https://github.com/sobinge/PayloadsAllTheThings +CVE-2016-3510 - https://github.com/sobinge/PayloadsAllThesobinge CVE-2016-3510 - https://github.com/superfish9/pt CVE-2016-3510 - https://github.com/whoadmin/pocs +CVE-2016-3510 - https://github.com/winterwolf32/PayloadsAllTheThings CVE-2016-3510 - https://github.com/zema1/oracle-vuln-crawler CVE-2016-3510 - https://github.com/zhzhdoai/Weblogic_Vuln CVE-2016-3642 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet @@ -8691,6 +8976,7 @@ CVE-2016-3720 - https://github.com/developer3000S/PoC-in-GitHub CVE-2016-3720 - https://github.com/gitrobtest/Java-Security CVE-2016-3720 - https://github.com/hectorgie/PoC-in-GitHub CVE-2016-3720 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2016-3720 - https://github.com/scrumfox/Secapp CVE-2016-3749 - https://github.com/nirdev/CVE-2016-3749-PoC CVE-2016-3841 - https://github.com/thdusdl1219/CVE-Study CVE-2016-3842 - https://github.com/tangsilian/android-vuln @@ -8892,6 +9178,7 @@ CVE-2016-4437 - https://github.com/Calistamu/graduation-project CVE-2016-4437 - https://github.com/HackJava/Shiro CVE-2016-4437 - https://github.com/SexyBeast233/SecBooks CVE-2016-4437 - https://github.com/gobysec/Goby +CVE-2016-4437 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2016-4437 - https://github.com/ltfafei/my_POC CVE-2016-4437 - https://github.com/qazbnm456/awesome-cve-poc CVE-2016-4437 - https://github.com/tdtc7/qps @@ -8917,6 +9204,7 @@ CVE-2016-4485 - https://github.com/thdusdl1219/CVE-Study CVE-2016-4486 - https://github.com/bcoles/kasld CVE-2016-4486 - https://github.com/thdusdl1219/CVE-Study CVE-2016-4487 - https://github.com/mrash/afl-cve +CVE-2016-4487 - https://github.com/strongcourage/uafbench CVE-2016-4488 - https://github.com/mrash/afl-cve CVE-2016-4489 - https://github.com/mrash/afl-cve CVE-2016-4490 - https://github.com/mrash/afl-cve @@ -8933,6 +9221,7 @@ CVE-2016-4543 - https://github.com/mrhacker51/FileUploadScanner CVE-2016-4544 - https://github.com/heckintosh/modified_uploadscanner CVE-2016-4544 - https://github.com/modzero/mod0BurpUploadScanner CVE-2016-4544 - https://github.com/mrhacker51/FileUploadScanner +CVE-2016-4557 - https://github.com/dylandreimerink/gobpfld CVE-2016-4557 - https://github.com/mudongliang/LinuxFlaw CVE-2016-4557 - https://github.com/oneoy/cve- CVE-2016-4557 - https://github.com/thdusdl1219/CVE-Study @@ -8962,6 +9251,7 @@ CVE-2016-4622 - https://github.com/0x9k/Browser-Security-Information CVE-2016-4622 - https://github.com/7o8v/Browser CVE-2016-4622 - https://github.com/De4dCr0w/Browser-pwn CVE-2016-4622 - https://github.com/Muhammd/awesome-web-security +CVE-2016-4622 - https://github.com/SkyBulk/RealWorldPwn CVE-2016-4622 - https://github.com/a0viedo/demystifying-js-engines CVE-2016-4622 - https://github.com/cyberheartmi9/awesome-web-security CVE-2016-4622 - https://github.com/gipi/cve-cemetery @@ -9018,6 +9308,7 @@ CVE-2016-4861 - https://github.com/KosukeShimofuji/CVE-2016-4861 CVE-2016-4912 - https://github.com/andir/nixos-issue-db-example CVE-2016-4913 - https://github.com/thdusdl1219/CVE-Study CVE-2016-4951 - https://github.com/thdusdl1219/CVE-Study +CVE-2016-4952 - https://github.com/Resery/Learning_Record CVE-2016-4952 - https://github.com/SexyBeast233/SecBooks CVE-2016-4970 - https://github.com/eliasgranderubio/4depcheck CVE-2016-4971 - https://github.com/qazbnm456/awesome-cve-poc @@ -9047,12 +9338,14 @@ CVE-2016-4998 - https://github.com/thdusdl1219/CVE-Study CVE-2016-4999 - https://github.com/shanika04/dashbuilder CVE-2016-5003 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2016-5003 - https://github.com/fbeasts/xmlrpc-common-deserialization +CVE-2016-5003 - https://github.com/gteissier/xmlrpc-common-deserialization CVE-2016-5004 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2016-5004 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2016-5004 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2016-5004 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2016-5011 - https://github.com/garethr/findcve CVE-2016-5011 - https://github.com/yfoelling/yair +CVE-2016-5017 - https://github.com/yahoo/cubed CVE-2016-5019 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2016-5019 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2016-5019 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet @@ -9094,6 +9387,8 @@ CVE-2016-5195 - https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups CVE-2016-5195 - https://github.com/JoyChou93/sks CVE-2016-5195 - https://github.com/MLGBSec/os-survival CVE-2016-5195 - https://github.com/Metarget/awesome-cloud-native-security +CVE-2016-5195 - https://github.com/Metarget/cloud-native-security-book +CVE-2016-5195 - https://github.com/Metarget/k0otkit CVE-2016-5195 - https://github.com/Metarget/metarget CVE-2016-5195 - https://github.com/Micr067/linux-kernel-exploits CVE-2016-5195 - https://github.com/Mr-e5908de784a1e38197/PenetrationTestCheatSheet @@ -9104,6 +9399,7 @@ CVE-2016-5195 - https://github.com/R0B1NL1N/Linux-Kernal-Exploits-m- CVE-2016-5195 - https://github.com/R0B1NL1N/Linux-Kernel-Exploites CVE-2016-5195 - https://github.com/R0B1NL1N/linux-kernel-exploitation CVE-2016-5195 - https://github.com/Raavan353/Pentest-notes +CVE-2016-5195 - https://github.com/RoqueNight/Linux-Privilege-Escalation-Basics CVE-2016-5195 - https://github.com/Satya42/OSCP-Guide CVE-2016-5195 - https://github.com/SecWiki/linux-kernel-exploits CVE-2016-5195 - https://github.com/SenpaiX00/OSCP-Survival @@ -9119,6 +9415,7 @@ CVE-2016-5195 - https://github.com/alizain51/OSCP-Notes-ALL-CREDITS-TO-OPTIXAL- CVE-2016-5195 - https://github.com/amane312/Linux_menthor CVE-2016-5195 - https://github.com/ambynotcoder/C-libraries CVE-2016-5195 - https://github.com/anoaghost/Localroot_Compile +CVE-2016-5195 - https://github.com/arttnba3/XDU-SCE_OS-Experiment_2021 CVE-2016-5195 - https://github.com/arya07071992/oscp_guide CVE-2016-5195 - https://github.com/bitdefender/vbh_sample CVE-2016-5195 - https://github.com/codeage/root-honda @@ -9141,6 +9438,7 @@ CVE-2016-5195 - https://github.com/frizb/Linux-Privilege-Escalation CVE-2016-5195 - https://github.com/gaahrdner/starred CVE-2016-5195 - https://github.com/gipi/cve-cemetery CVE-2016-5195 - https://github.com/h4x0r-dz/local-root-exploit- +CVE-2016-5195 - https://github.com/hj-hsu/avar2019_frida CVE-2016-5195 - https://github.com/iantal/The-Security-Handbook CVE-2016-5195 - https://github.com/ismailvc1111/Linux_Privilege CVE-2016-5195 - https://github.com/jamiechap/oscp @@ -9151,6 +9449,7 @@ CVE-2016-5195 - https://github.com/jpacg/awesome-stars CVE-2016-5195 - https://github.com/kai5263499/awesome-container-security CVE-2016-5195 - https://github.com/kcgthb/RHEL6.x-COW CVE-2016-5195 - https://github.com/kumardineshwar/linux-kernel-exploits +CVE-2016-5195 - https://github.com/lp008/Hack-readme CVE-2016-5195 - https://github.com/luizmlo/ctf-writeups CVE-2016-5195 - https://github.com/m0mkris/linux-kernel-exploits CVE-2016-5195 - https://github.com/m0nad/awesome-privilege-escalation @@ -9172,6 +9471,7 @@ CVE-2016-5195 - https://github.com/r0eXpeR/pentest CVE-2016-5195 - https://github.com/r0ug3/The-Security-Handbook CVE-2016-5195 - https://github.com/rakjong/LinuxElevation CVE-2016-5195 - https://github.com/redteampa1/my-learning +CVE-2016-5195 - https://github.com/reni2study/Cloud-Native-Security2 CVE-2016-5195 - https://github.com/reybango/The-Security-Handbook CVE-2016-5195 - https://github.com/samknp/killcow CVE-2016-5195 - https://github.com/samknp/realcow @@ -9186,6 +9486,7 @@ CVE-2016-5195 - https://github.com/teawater/CVE-2017-5123 CVE-2016-5195 - https://github.com/thdusdl1219/CVE-Study CVE-2016-5195 - https://github.com/timwr/CVE-2016-5195 CVE-2016-5195 - https://github.com/uhub/awesome-c +CVE-2016-5195 - https://github.com/vapvin/OSCP CVE-2016-5195 - https://github.com/whackmanic/OSCP_Found CVE-2016-5195 - https://github.com/xairy/linux-kernel-exploitation CVE-2016-5195 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 @@ -9239,6 +9540,7 @@ CVE-2016-5345 - https://github.com/NickStephens/cve-2016-5345 CVE-2016-5346 - https://github.com/qazbnm456/awesome-cve-poc CVE-2016-5346 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2016-5384 - https://github.com/getupcloud/openshift-clair-controller +CVE-2016-5385 - https://github.com/KorayAgaya/TrivyWeb CVE-2016-5385 - https://github.com/Tdjgss/nginx-pro CVE-2016-5385 - https://github.com/jwaghetti/docker-nginx-proxy CVE-2016-5385 - https://github.com/mostafanewir47/Containerized-Proxy @@ -9279,6 +9581,7 @@ CVE-2016-5388 - https://github.com/rootolog/nginx-proxy-docker CVE-2016-5388 - https://github.com/welltok/nginx-proxy CVE-2016-5392 - https://github.com/RedHatOfficial/rhsecapi CVE-2016-5392 - https://github.com/RedHatProductSecurity/cve-pylib +CVE-2016-5397 - https://github.com/yahoo/cubed CVE-2016-5399 - https://github.com/syadg123/pigat CVE-2016-5399 - https://github.com/teamssix/pigat CVE-2016-5400 - https://github.com/thdusdl1219/CVE-Study @@ -9329,6 +9632,7 @@ CVE-2016-5697 - https://github.com/cpkenn09y/Ruby-SAML-modified CVE-2016-5697 - https://github.com/cpkenn09y/Ruby-Saml-Modified-1.9.0 CVE-2016-5697 - https://github.com/pvijayfullstack/saml2.0_ruby CVE-2016-5697 - https://github.com/pvijayfullstack/saml2_ruby +CVE-2016-5699 - https://github.com/Tiaonmmn/swpuctf_2016_web_web7 CVE-2016-5699 - https://github.com/bunseokbot/CVE-2016-5699-poc CVE-2016-5699 - https://github.com/shajinzheng/cve-2016-5699-jinzheng-sha CVE-2016-5725 - https://github.com/mergebase/csv-compare @@ -9474,9 +9778,11 @@ CVE-2016-6321 - https://github.com/tomwillfixit/alpine-cvecheck CVE-2016-6327 - https://github.com/thdusdl1219/CVE-Study CVE-2016-6328 - https://github.com/TinyNiko/android_bulletin_notes CVE-2016-6329 - https://github.com/Artem-Salnikov/devops-netology +CVE-2016-6329 - https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 CVE-2016-6329 - https://github.com/WiktorMysz/devops-netology CVE-2016-6329 - https://github.com/alexandrburyakov/Rep2 CVE-2016-6329 - https://github.com/bysart/devops-netology +CVE-2016-6329 - https://github.com/yellownine/netology-DevOps CVE-2016-6366 - https://github.com/0x90/vpn-arsenal CVE-2016-6366 - https://github.com/RoyeeW/pentest-wiki CVE-2016-6366 - https://github.com/erSubhashThapa/pentestwiki @@ -9570,10 +9876,14 @@ CVE-2016-6809 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2016-6809 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2016-6809 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2016-6811 - https://github.com/andir/nixos-issue-db-example +CVE-2016-6811 - https://github.com/yahoo/cubed CVE-2016-6814 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2016-6814 - https://github.com/ilmari666/cybsec CVE-2016-6816 - https://github.com/hktalent/myhktools +CVE-2016-6816 - https://github.com/ilmari666/cybsec CVE-2016-6817 - https://github.com/RedHatOfficial/rhsecapi CVE-2016-6817 - https://github.com/RedHatProductSecurity/cve-pylib +CVE-2016-6817 - https://github.com/ilmari666/cybsec CVE-2016-6828 - https://github.com/thdusdl1219/CVE-Study CVE-2016-6832 - https://github.com/mrash/afl-cve CVE-2016-6832 - https://github.com/mudongliang/LinuxFlaw @@ -9691,6 +10001,7 @@ CVE-2016-7242 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2016-7243 - https://github.com/qazbnm456/awesome-cve-poc CVE-2016-7243 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2016-7255 - https://github.com/0xpetros/windows-privilage-escalation +CVE-2016-7255 - https://github.com/Apri1y/Red-Team-links CVE-2016-7255 - https://github.com/Ascotbe/Kernelhub CVE-2016-7255 - https://github.com/CrackerCat/Kernel-Security-Development CVE-2016-7255 - https://github.com/Echocipher/Resource-list @@ -9707,11 +10018,16 @@ CVE-2016-7255 - https://github.com/conceptofproof/Kernel_Exploitation_Resources CVE-2016-7255 - https://github.com/cranelab/exploit-development CVE-2016-7255 - https://github.com/homjxi0e/CVE-2016-7255 CVE-2016-7255 - https://github.com/howknows/awesome-windows-security-development +CVE-2016-7255 - https://github.com/hudunkey/Red-Team-links +CVE-2016-7255 - https://github.com/john-80/-007 CVE-2016-7255 - https://github.com/liuhe3647/Windows +CVE-2016-7255 - https://github.com/lp008/Hack-readme CVE-2016-7255 - https://github.com/pr0code/https-github.com-ExpLife0011-awesome-windows-kernel-security-development CVE-2016-7255 - https://github.com/pravinsrc/NOTES-windows-kernel-links CVE-2016-7255 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2016-7255 - https://github.com/slimdaddy/RedTeam CVE-2016-7255 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2016-7255 - https://github.com/xiaoZ-hc/redtool CVE-2016-7255 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2016-7286 - https://github.com/qazbnm456/awesome-cve-poc CVE-2016-7286 - https://github.com/tunz/js-vuln-db @@ -9740,6 +10056,7 @@ CVE-2016-7389 - https://github.com/thdusdl1219/CVE-Study CVE-2016-7393 - https://github.com/mrash/afl-cve CVE-2016-7393 - https://github.com/mudongliang/LinuxFlaw CVE-2016-7393 - https://github.com/oneoy/cve- +CVE-2016-7417 - https://github.com/ycamper/censys-scripts CVE-2016-7424 - https://github.com/mrash/afl-cve CVE-2016-7425 - https://github.com/thdusdl1219/CVE-Study CVE-2016-7434 - https://github.com/NCSU-DANCE-Research-Group/CDL @@ -9759,8 +10076,10 @@ CVE-2016-7477 - https://github.com/mudongliang/LinuxFlaw CVE-2016-7477 - https://github.com/oneoy/cve- CVE-2016-7478 - https://github.com/syadg123/pigat CVE-2016-7478 - https://github.com/teamssix/pigat +CVE-2016-7480 - https://github.com/ycamper/censys-scripts CVE-2016-7489 - https://github.com/lucassbeiler/linux_hardening_arsenal CVE-2016-7499 - https://github.com/mrash/afl-cve +CVE-2016-7543 - https://github.com/KorayAgaya/TrivyWeb CVE-2016-7543 - https://github.com/andrewwebber/kate CVE-2016-7543 - https://github.com/siddharthraopotukuchi/trivy CVE-2016-7543 - https://github.com/simiyo/trivy @@ -9998,6 +10317,7 @@ CVE-2016-8650 - https://github.com/RUB-SysSec/kAFL CVE-2016-8650 - https://github.com/thdusdl1219/CVE-Study CVE-2016-8653 - https://github.com/RedHatOfficial/rhsecapi CVE-2016-8653 - https://github.com/RedHatProductSecurity/cve-pylib +CVE-2016-8655 - https://github.com/84KaliPleXon3/linux-exploit-suggester CVE-2016-8655 - https://github.com/Metarget/metarget CVE-2016-8655 - https://github.com/R0B1NL1N/linux-kernel-exploitation CVE-2016-8655 - https://github.com/SeaJae/exploitPlayground @@ -10015,6 +10335,7 @@ CVE-2016-8655 - https://github.com/mzet-/linux-exploit-suggester CVE-2016-8655 - https://github.com/n3t1nv4d3/kernel-exploits CVE-2016-8655 - https://github.com/oneoy/cve- CVE-2016-8655 - https://github.com/skbasava/Linux-Kernel-exploit +CVE-2016-8655 - https://github.com/stefanocutelle/linux-exploit-suggester CVE-2016-8655 - https://github.com/thdusdl1219/CVE-Study CVE-2016-8655 - https://github.com/xairy/linux-kernel-exploitation CVE-2016-8655 - https://github.com/xyongcn/exploit @@ -10067,6 +10388,7 @@ CVE-2016-8735 - https://github.com/SexyBeast233/SecBooks CVE-2016-8735 - https://github.com/bibortone/Jexboss CVE-2016-8735 - https://github.com/c002/Java-Application-Exploits CVE-2016-8735 - https://github.com/fengjixuchui/RedTeamer +CVE-2016-8735 - https://github.com/ilmari666/cybsec CVE-2016-8735 - https://github.com/joaomatosf/jexboss CVE-2016-8735 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2016-8735 - https://github.com/milkdevil/jexboss @@ -10084,6 +10406,7 @@ CVE-2016-8744 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2016-8744 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2016-8744 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2016-8744 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +CVE-2016-8745 - https://github.com/ilmari666/cybsec CVE-2016-8749 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2016-8749 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2016-8749 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet @@ -10108,16 +10431,20 @@ CVE-2016-8869 - https://github.com/SexyBeast233/SecBooks CVE-2016-8869 - https://github.com/XiphosResearch/exploits CVE-2016-8869 - https://github.com/binfed/cms-exp CVE-2016-8869 - https://github.com/copperfieldd/CMS-Hunter +CVE-2016-8869 - https://github.com/dhniroshan/offensive_hacking CVE-2016-8869 - https://github.com/shildenbrand/Exploits CVE-2016-8870 - https://github.com/R0B1NL1N/E-x-p-l-o-i-t-s CVE-2016-8870 - https://github.com/XiphosResearch/exploits +CVE-2016-8870 - https://github.com/dhniroshan/offensive_hacking CVE-2016-8870 - https://github.com/paralelo14/google_explorer CVE-2016-8870 - https://github.com/shildenbrand/Exploits CVE-2016-8883 - https://github.com/mudongliang/LinuxFlaw CVE-2016-8883 - https://github.com/oneoy/cve- CVE-2016-8884 - https://github.com/mrash/afl-cve CVE-2016-8885 - https://github.com/mrash/afl-cve +CVE-2016-8886 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark CVE-2016-8886 - https://github.com/mrash/afl-cve +CVE-2016-8886 - https://github.com/tzf-key/MemLock_Benchmark CVE-2016-8887 - https://github.com/mrash/afl-cve CVE-2016-8887 - https://github.com/mudongliang/LinuxFlaw CVE-2016-8887 - https://github.com/oneoy/cve- @@ -10133,9 +10460,11 @@ CVE-2016-8981 - https://github.com/thdusdl1219/CVE-Study CVE-2016-9011 - https://github.com/andir/nixos-issue-db-example CVE-2016-9011 - https://github.com/mrash/afl-cve CVE-2016-9014 - https://github.com/leoChristofoli/CRUD-170406 +CVE-2016-9066 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2016-9079 - https://github.com/LyleMi/dom-vuln-db CVE-2016-9079 - https://github.com/RedHatOfficial/rhsecapi CVE-2016-9079 - https://github.com/RedHatProductSecurity/cve-pylib +CVE-2016-9079 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2016-9079 - https://github.com/i0gan/cve CVE-2016-9083 - https://github.com/thdusdl1219/CVE-Study CVE-2016-9084 - https://github.com/thdusdl1219/CVE-Study @@ -10157,13 +10486,16 @@ CVE-2016-9191 - https://github.com/thdusdl1219/CVE-Study CVE-2016-9243 - https://github.com/khodges42/Etrata CVE-2016-9244 - https://github.com/5l1v3r1/0rion-Framework CVE-2016-9244 - https://github.com/Artem-Salnikov/devops-netology +CVE-2016-9244 - https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14 CVE-2016-9244 - https://github.com/WiktorMysz/devops-netology CVE-2016-9244 - https://github.com/alexandrburyakov/Rep2 CVE-2016-9244 - https://github.com/bysart/devops-netology CVE-2016-9244 - https://github.com/korotkov-dmitry/03-sysadmin-09-security CVE-2016-9244 - https://github.com/nkiselyov/devops-netology +CVE-2016-9244 - https://github.com/yellownine/netology-DevOps CVE-2016-9259 - https://github.com/s3curityb3ast/s3curityb3ast.github.io CVE-2016-9261 - https://github.com/s3curityb3ast/s3curityb3ast.github.io +CVE-2016-9263 - https://github.com/El-Palomo/DerpNStink CVE-2016-9264 - https://github.com/mrash/afl-cve CVE-2016-9265 - https://github.com/mrash/afl-cve CVE-2016-9266 - https://github.com/mrash/afl-cve @@ -10196,6 +10528,7 @@ CVE-2016-9396 - https://github.com/mrash/afl-cve CVE-2016-9397 - https://github.com/mrash/afl-cve CVE-2016-9398 - https://github.com/mrash/afl-cve CVE-2016-9399 - https://github.com/mrash/afl-cve +CVE-2016-9401 - https://github.com/KorayAgaya/TrivyWeb CVE-2016-9401 - https://github.com/RedHatOfficial/rhsecapi CVE-2016-9401 - https://github.com/RedHatProductSecurity/cve-pylib CVE-2016-9401 - https://github.com/garethr/findcve @@ -10360,6 +10693,8 @@ CVE-2016-9843 - https://github.com/arminc/clair-scanner CVE-2016-9844 - https://github.com/andir/nixos-issue-db-example CVE-2016-9844 - https://github.com/phonito/phonito-vulnerable-container CVE-2016-9844 - https://github.com/ronomon/zip +CVE-2016-9878 - https://github.com/ilmari666/cybsec +CVE-2016-9879 - https://github.com/ilmari666/cybsec CVE-2016-9890 - https://github.com/mynameisv/MMSBGA CVE-2016-9909 - https://github.com/cclauss/pythonista-module-versions CVE-2016-9919 - https://github.com/thdusdl1219/CVE-Study @@ -10381,6 +10716,7 @@ CVE-2017-0005 - https://github.com/TamilHackz/windows-exploitation CVE-2017-0005 - https://github.com/TheNilesh/nvd-cvedetails-api CVE-2017-0005 - https://github.com/conceptofproof/Kernel_Exploitation_Resources CVE-2017-0005 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2017-0007 - https://github.com/bohops/UltimateWDACBypassList CVE-2017-0008 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-0008 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-0009 - https://github.com/0xT11/CVE-POC @@ -10476,6 +10812,7 @@ CVE-2017-0140 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-0141 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-0141 - https://github.com/tunz/js-vuln-db CVE-2017-0141 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2017-0143 - https://github.com/4n0nym0u5dk/MS17-010_CVE-2017-0143 CVE-2017-0143 - https://github.com/Al1ex/WindowsElevation CVE-2017-0143 - https://github.com/ArcadeHustle/X3_USB_softmod CVE-2017-0143 - https://github.com/Ascotbe/Kernelhub @@ -10483,6 +10820,7 @@ CVE-2017-0143 - https://github.com/Cyberwatch/cyberwatch_api_powershell CVE-2017-0143 - https://github.com/ErdemOzgen/ActiveDirectoryAttacks CVE-2017-0143 - https://github.com/HacTF/poc--exp CVE-2017-0143 - https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups +CVE-2017-0143 - https://github.com/Kiz619ao630/StepwisePolicy3 CVE-2017-0143 - https://github.com/Nieuport/Active-Directory-Kill-Chain-Attack-Defense CVE-2017-0143 - https://github.com/PWN-Kingdom/Test_Tasks CVE-2017-0143 - https://github.com/R-Vision/ms17-010 @@ -10492,6 +10830,7 @@ CVE-2017-0143 - https://github.com/SexyBeast233/SecBooks CVE-2017-0143 - https://github.com/androidkey/MS17-011 CVE-2017-0143 - https://github.com/cb4cb4/EternalBlue-EK-Auto-Mode CVE-2017-0143 - https://github.com/cb4cb4/EternalBlue-EK-Manual-Mode +CVE-2017-0143 - https://github.com/ceskillets/DCV-Predefined-Log-Filter-of-Specific-CVE-of-EternalBlue-and-BlueKeep-with-Auto-Tag- CVE-2017-0143 - https://github.com/chaao195/EBEKv2.0 CVE-2017-0143 - https://github.com/czq945659538/-study CVE-2017-0143 - https://github.com/ericjiang97/SecScripts @@ -10525,6 +10864,8 @@ CVE-2017-0144 - https://github.com/Astrogeorgeonethree/Starred CVE-2017-0144 - https://github.com/Cyberwatch/cyberwatch_api_powershell CVE-2017-0144 - https://github.com/EEsshq/CVE-2017-0144---EtneralBlue-MS17-010-Remote-Code-Execution CVE-2017-0144 - https://github.com/ErdemOzgen/ActiveDirectoryAttacks +CVE-2017-0144 - https://github.com/JeffEmrys/termux- +CVE-2017-0144 - https://github.com/Kiz619ao630/StepwisePolicy3 CVE-2017-0144 - https://github.com/Nieuport/Active-Directory-Kill-Chain-Attack-Defense CVE-2017-0144 - https://github.com/PWN-Kingdom/Test_Tasks CVE-2017-0144 - https://github.com/Project-WARMIND/Exploit-Modules @@ -10535,8 +10876,10 @@ CVE-2017-0144 - https://github.com/ShubhamGuptaIN/WannaCry-ransomware-attack-Vir CVE-2017-0144 - https://github.com/androidkey/MS17-011 CVE-2017-0144 - https://github.com/cb4cb4/EternalBlue-EK-Auto-Mode CVE-2017-0144 - https://github.com/cb4cb4/EternalBlue-EK-Manual-Mode +CVE-2017-0144 - https://github.com/ceskillets/DCV-Predefined-Log-Filter-of-Specific-CVE-of-EternalBlue-and-BlueKeep-with-Auto-Tag- CVE-2017-0144 - https://github.com/chaao195/EBEKv2.0 CVE-2017-0144 - https://github.com/ericjiang97/SecScripts +CVE-2017-0144 - https://github.com/fernandopaezmartin/SAD_2021--Metasploit CVE-2017-0144 - https://github.com/geeksniper/active-directory-pentest CVE-2017-0144 - https://github.com/infosecn1nja/AD-Attack-Defense CVE-2017-0144 - https://github.com/mishmashclone/infosecn1nja-AD-Attack-Defense @@ -10552,6 +10895,8 @@ CVE-2017-0144 - https://github.com/zorikcherfas/eternalblue_linux_cpp CVE-2017-0145 - https://github.com/Astrogeorgeonethree/Starred CVE-2017-0145 - https://github.com/Cyberwatch/cyberwatch_api_powershell CVE-2017-0145 - https://github.com/ErdemOzgen/ActiveDirectoryAttacks +CVE-2017-0145 - https://github.com/JeffEmrys/termux- +CVE-2017-0145 - https://github.com/Kiz619ao630/StepwisePolicy3 CVE-2017-0145 - https://github.com/MelonSmasher/chef_tissues CVE-2017-0145 - https://github.com/Nieuport/Active-Directory-Kill-Chain-Attack-Defense CVE-2017-0145 - https://github.com/R-Vision/ms17-010 @@ -10560,6 +10905,7 @@ CVE-2017-0145 - https://github.com/RodrigoVarasLopez/Download-Scanners-from-Ness CVE-2017-0145 - https://github.com/androidkey/MS17-011 CVE-2017-0145 - https://github.com/cb4cb4/EternalBlue-EK-Auto-Mode CVE-2017-0145 - https://github.com/cb4cb4/EternalBlue-EK-Manual-Mode +CVE-2017-0145 - https://github.com/ceskillets/DCV-Predefined-Log-Filter-of-Specific-CVE-of-EternalBlue-and-BlueKeep-with-Auto-Tag- CVE-2017-0145 - https://github.com/chaao195/EBEKv2.0 CVE-2017-0145 - https://github.com/ericjiang97/SecScripts CVE-2017-0145 - https://github.com/geeksniper/active-directory-pentest @@ -10573,6 +10919,7 @@ CVE-2017-0145 - https://github.com/uroboros-security/SMB-CVE CVE-2017-0145 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-0146 - https://github.com/Cyberwatch/cyberwatch_api_powershell CVE-2017-0146 - https://github.com/ErdemOzgen/ActiveDirectoryAttacks +CVE-2017-0146 - https://github.com/Kiz619ao630/StepwisePolicy3 CVE-2017-0146 - https://github.com/Nieuport/Active-Directory-Kill-Chain-Attack-Defense CVE-2017-0146 - https://github.com/R-Vision/ms17-010 CVE-2017-0146 - https://github.com/R0B1NL1N/AD-Attack-Defense @@ -10581,6 +10928,7 @@ CVE-2017-0146 - https://github.com/Urahara3389/SmbtouchBatchScan CVE-2017-0146 - https://github.com/androidkey/MS17-011 CVE-2017-0146 - https://github.com/cb4cb4/EternalBlue-EK-Auto-Mode CVE-2017-0146 - https://github.com/cb4cb4/EternalBlue-EK-Manual-Mode +CVE-2017-0146 - https://github.com/ceskillets/DCV-Predefined-Log-Filter-of-Specific-CVE-of-EternalBlue-and-BlueKeep-with-Auto-Tag- CVE-2017-0146 - https://github.com/chaao195/EBEKv2.0 CVE-2017-0146 - https://github.com/ericjiang97/SecScripts CVE-2017-0146 - https://github.com/geeksniper/active-directory-pentest @@ -10592,12 +10940,14 @@ CVE-2017-0146 - https://github.com/tataev/Security CVE-2017-0146 - https://github.com/uroboros-security/SMB-CVE CVE-2017-0146 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-0146 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2017-0147 - https://github.com/Kiz619ao630/StepwisePolicy3 CVE-2017-0147 - https://github.com/R-Vision/ms17-010 CVE-2017-0147 - https://github.com/RodrigoVarasLopez/Download-Scanners-from-Nessus-8.7-using-the-API CVE-2017-0147 - https://github.com/Urahara3389/SmbtouchBatchScan CVE-2017-0147 - https://github.com/androidkey/MS17-011 CVE-2017-0147 - https://github.com/cb4cb4/EternalBlue-EK-Auto-Mode CVE-2017-0147 - https://github.com/cb4cb4/EternalBlue-EK-Manual-Mode +CVE-2017-0147 - https://github.com/ceskillets/DCV-Predefined-Log-Filter-of-Specific-CVE-of-EternalBlue-and-BlueKeep-with-Auto-Tag- CVE-2017-0147 - https://github.com/chaao195/EBEKv2.0 CVE-2017-0147 - https://github.com/ericjiang97/SecScripts CVE-2017-0147 - https://github.com/qazbnm456/awesome-cve-poc @@ -10605,6 +10955,7 @@ CVE-2017-0147 - https://github.com/uroboros-security/SMB-CVE CVE-2017-0147 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-0148 - https://github.com/Cyberwatch/cyberwatch_api_powershell CVE-2017-0148 - https://github.com/ErdemOzgen/ActiveDirectoryAttacks +CVE-2017-0148 - https://github.com/Kiz619ao630/StepwisePolicy3 CVE-2017-0148 - https://github.com/Nieuport/Active-Directory-Kill-Chain-Attack-Defense CVE-2017-0148 - https://github.com/R-Vision/ms17-010 CVE-2017-0148 - https://github.com/R0B1NL1N/AD-Attack-Defense @@ -10612,6 +10963,7 @@ CVE-2017-0148 - https://github.com/RodrigoVarasLopez/Download-Scanners-from-Ness CVE-2017-0148 - https://github.com/androidkey/MS17-011 CVE-2017-0148 - https://github.com/cb4cb4/EternalBlue-EK-Auto-Mode CVE-2017-0148 - https://github.com/cb4cb4/EternalBlue-EK-Manual-Mode +CVE-2017-0148 - https://github.com/ceskillets/DCV-Predefined-Log-Filter-of-Specific-CVE-of-EternalBlue-and-BlueKeep-with-Auto-Tag- CVE-2017-0148 - https://github.com/chaao195/EBEKv2.0 CVE-2017-0148 - https://github.com/ericjiang97/SecScripts CVE-2017-0148 - https://github.com/geeksniper/active-directory-pentest @@ -10633,6 +10985,7 @@ CVE-2017-0190 - https://github.com/hardik05/winafl-powermopt CVE-2017-0190 - https://github.com/s0i37/winafl_inmemory CVE-2017-0199 - https://github.com/0xsyr0/OSCP CVE-2017-0199 - https://github.com/AnonVulc/Pentest-Tools +CVE-2017-0199 - https://github.com/Apri1y/Red-Team-links CVE-2017-0199 - https://github.com/DrVilepis/cyber-apocalypse-drvilepis CVE-2017-0199 - https://github.com/Echocipher/Resource-list CVE-2017-0199 - https://github.com/Exploit-install/CVE-2017-0199 @@ -10654,12 +11007,15 @@ CVE-2017-0199 - https://github.com/gold1029/Red-Teaming-Toolkit CVE-2017-0199 - https://github.com/haibara3839/CVE-2017-0199-master CVE-2017-0199 - https://github.com/highmeh/cvesearch CVE-2017-0199 - https://github.com/houjingyi233/office-exploit-case-study +CVE-2017-0199 - https://github.com/hudunkey/Red-Team-links CVE-2017-0199 - https://github.com/jacobsoo/RTF-Cleaner +CVE-2017-0199 - https://github.com/john-80/-007 CVE-2017-0199 - https://github.com/kbandla/APTnotes CVE-2017-0199 - https://github.com/kn0wm4d/htattack CVE-2017-0199 - https://github.com/likescam/CVE-2017-0199 CVE-2017-0199 - https://github.com/likescam/Red-Teaming-Toolkit CVE-2017-0199 - https://github.com/likescam/Red-Teaming-Toolkit_all_pentests +CVE-2017-0199 - https://github.com/lp008/Hack-readme CVE-2017-0199 - https://github.com/mucahittopal/Pentesting-Pratic-Notes CVE-2017-0199 - https://github.com/mzakyz666/PoC-CVE-2017-0199 CVE-2017-0199 - https://github.com/n1shant-sinha/CVE-2017-0199 @@ -10672,16 +11028,20 @@ CVE-2017-0199 - https://github.com/oneplus-x/MS17-010 CVE-2017-0199 - https://github.com/papa-anniekey/CustomSignatures CVE-2017-0199 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-0199 - https://github.com/qiantu88/office-cve +CVE-2017-0199 - https://github.com/r0eXpeR/supplier CVE-2017-0199 - https://github.com/r3p3r/yeyintminthuhtut-Awesome-Red-Teaming CVE-2017-0199 - https://github.com/rosetscmite/logsender CVE-2017-0199 - https://github.com/ryhanson/CVE-2017-0199 CVE-2017-0199 - https://github.com/sUbc0ol/Microsoft-Word-CVE-2017-0199- CVE-2017-0199 - https://github.com/seclib/oletools +CVE-2017-0199 - https://github.com/severnake/Pentest-Tools CVE-2017-0199 - https://github.com/shr3ddersec/Shr3dKit +CVE-2017-0199 - https://github.com/slimdaddy/RedTeam CVE-2017-0199 - https://github.com/theyoge/AD-Pentesting-Tools CVE-2017-0199 - https://github.com/viethdgit/CVE-2017-0199 CVE-2017-0199 - https://github.com/vysecurity/RedTips CVE-2017-0199 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2017-0199 - https://github.com/xiaoZ-hc/redtool CVE-2017-0199 - https://github.com/xiaoy-sec/Pentest_Note CVE-2017-0199 - https://github.com/zhang040723/web CVE-2017-0202 - https://github.com/googleprojectzero/domato @@ -10690,6 +11050,7 @@ CVE-2017-0213 - https://github.com/AfvanMoopen/tryhackme- CVE-2017-0213 - https://github.com/Al1ex/WindowsElevation CVE-2017-0213 - https://github.com/AndreaOm/awesome-stars CVE-2017-0213 - https://github.com/Anonymous-Family/CVE-2017-0213 +CVE-2017-0213 - https://github.com/Apri1y/Red-Team-links CVE-2017-0213 - https://github.com/Ascotbe/Kernelhub CVE-2017-0213 - https://github.com/Echocipher/Resource-list CVE-2017-0213 - https://github.com/Itachl/windows_kenel_exploit @@ -10715,13 +11076,17 @@ CVE-2017-0213 - https://github.com/fei9747/WindowsElevation CVE-2017-0213 - https://github.com/gaearrow/windows-lpe-lite CVE-2017-0213 - https://github.com/gclu0212/windows-kernel-exploits CVE-2017-0213 - https://github.com/geeksniper/windows-privilege-escalation +CVE-2017-0213 - https://github.com/hudunkey/Red-Team-links CVE-2017-0213 - https://github.com/jbooz1/CVE-2017-0213 +CVE-2017-0213 - https://github.com/john-80/-007 CVE-2017-0213 - https://github.com/klsfct/getshell CVE-2017-0213 - https://github.com/lollelink/test +CVE-2017-0213 - https://github.com/lp008/Hack-readme CVE-2017-0213 - https://github.com/m0mkris/windows-kernel-exploits CVE-2017-0213 - https://github.com/mishmashclone/SecWiki-windows-kernel-exploits CVE-2017-0213 - https://github.com/n8v79a/exploit CVE-2017-0213 - https://github.com/n8v79a/win-exploit +CVE-2017-0213 - https://github.com/nickswink/Retro-Writeup CVE-2017-0213 - https://github.com/nicolas-gagnon/windows-kernel-exploits CVE-2017-0213 - https://github.com/njahrckstr/Windows_Kernel_Sploit_List CVE-2017-0213 - https://github.com/paramint/windows-kernel-exploits @@ -10733,10 +11098,12 @@ CVE-2017-0213 - https://github.com/renzu0/Windows-exp CVE-2017-0213 - https://github.com/root26/bug CVE-2017-0213 - https://github.com/safesword/WindowsExp CVE-2017-0213 - https://github.com/shaheemirza/CVE-2017-0213- +CVE-2017-0213 - https://github.com/slimdaddy/RedTeam CVE-2017-0213 - https://github.com/valentinoJones/Windows-Kernel-Exploits CVE-2017-0213 - https://github.com/welove88888/cve CVE-2017-0213 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-0213 - https://github.com/xfinest/windows-kernel-exploits +CVE-2017-0213 - https://github.com/xiaoZ-hc/redtool CVE-2017-0213 - https://github.com/xiaoy-sec/Pentest_Note CVE-2017-0213 - https://github.com/xssfile/windows-kernel-exploits CVE-2017-0213 - https://github.com/ycdxsb/WindowsPrivilegeEscalation @@ -10751,6 +11118,7 @@ CVE-2017-0214 - https://github.com/Anonymous-Family/CVE-2017-0213 CVE-2017-0214 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-0214 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-0214 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2017-0215 - https://github.com/bohops/UltimateWDACBypassList CVE-2017-0218 - https://github.com/301415926/PENTESTING-BIBLE CVE-2017-0218 - https://github.com/84KaliPleXon3/PENTESTING-BIBLE CVE-2017-0218 - https://github.com/Mathankumar2701/ALL-PENTESTING-BIBLE @@ -10763,6 +11131,7 @@ CVE-2017-0218 - https://github.com/Tracehowler/Bible CVE-2017-0218 - https://github.com/aymankhder/PENTESTING-BIBLE2 CVE-2017-0218 - https://github.com/bjknbrrr/PENTESTING-BIBLE CVE-2017-0218 - https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE +CVE-2017-0218 - https://github.com/bohops/UltimateWDACBypassList CVE-2017-0218 - https://github.com/codereveryday/Programming-Hacking-Resources CVE-2017-0218 - https://github.com/erSubhashThapa/pentest-bible CVE-2017-0218 - https://github.com/gacontuyenchien1/Security @@ -10794,6 +11163,7 @@ CVE-2017-0238 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-0243 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-0243 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-0248 - https://github.com/rubenmamo/CVE-2017-0248-Test +CVE-2017-0261 - https://github.com/CyberSift/CyberSift-Alerts CVE-2017-0261 - https://github.com/Panopticon-Project/Panopticon-Patchwork CVE-2017-0261 - https://github.com/cyberk1w1/CVE-2017-7529 CVE-2017-0261 - https://github.com/erfze/CVE-2017-0261 @@ -11047,8 +11417,10 @@ CVE-2017-0781 - https://github.com/WinMin/Protocol-Vul CVE-2017-0781 - https://github.com/XsafeAdmin/BlueBorne CVE-2017-0781 - https://github.com/coh7eiqu8thaBu/BookMark CVE-2017-0781 - https://github.com/engn33r/awesome-bluetooth-security +CVE-2017-0781 - https://github.com/hac425xxx/heap-exploitation-in-real-world CVE-2017-0781 - https://github.com/hook-s3c/blueborne-scanner CVE-2017-0781 - https://github.com/hw5773/blueborne +CVE-2017-0781 - https://github.com/lp008/Hack-readme CVE-2017-0781 - https://github.com/mailinneberg/BlueBorne CVE-2017-0781 - https://github.com/marcinguy/android712-blueborne CVE-2017-0781 - https://github.com/ojasookert/CVE-2017-0781 @@ -11090,6 +11462,7 @@ CVE-2017-0785 - https://github.com/pieterbork/blueborne CVE-2017-0785 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-0785 - https://github.com/raviwithu/Bluetooth CVE-2017-0785 - https://github.com/rootabeta/shellfish +CVE-2017-0785 - https://github.com/severnake/Pentest-Tools CVE-2017-0785 - https://github.com/sigbitsadmin/diff CVE-2017-0785 - https://github.com/theyoge/AD-Pentesting-Tools CVE-2017-0785 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 @@ -11110,6 +11483,7 @@ CVE-2017-0931 - https://github.com/ossf-cve-benchmark/CVE-2017-0931 CVE-2017-0961 - https://github.com/neilhendricks/week7 CVE-2017-1000000 - https://github.com/smythtech/DWF-CVE-2017-1000000 CVE-2017-1000006 - https://github.com/ossf-cve-benchmark/CVE-2017-1000006 +CVE-2017-1000010 - https://github.com/GitHubAssessments/CVE_Assessments_10_2019 CVE-2017-10000112 - https://github.com/OrangeGzY/security-research-learning CVE-2017-1000028 - https://github.com/0day666/Vulnerability-verification CVE-2017-1000028 - https://github.com/ARPSyndicate/kenzer-templates @@ -11120,6 +11494,7 @@ CVE-2017-1000070 - https://github.com/sonatype-nexus-community/nancy CVE-2017-1000081 - https://github.com/grafeas/kritis CVE-2017-1000082 - https://github.com/flyrev/security-scan-ci-presentation CVE-2017-1000082 - https://github.com/grafeas/kritis +CVE-2017-1000112 - https://github.com/84KaliPleXon3/linux-exploit-suggester CVE-2017-1000112 - https://github.com/Al1ex/LinuxEelvation CVE-2017-1000112 - https://github.com/C0dak/linux-kernel-exploits CVE-2017-1000112 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp @@ -11151,6 +11526,7 @@ CVE-2017-1000112 - https://github.com/ismailvc1111/Linux_Privilege CVE-2017-1000112 - https://github.com/jiayy/android_vuln_poc-exp CVE-2017-1000112 - https://github.com/kumardineshwar/linux-kernel-exploits CVE-2017-1000112 - https://github.com/m0mkris/linux-kernel-exploits +CVE-2017-1000112 - https://github.com/milabs/lkrg-bypass CVE-2017-1000112 - https://github.com/mzet-/linux-exploit-suggester CVE-2017-1000112 - https://github.com/n3t1nv4d3/kernel-exploits CVE-2017-1000112 - https://github.com/ozkanbilge/Linux-Kernel-Exploits @@ -11159,6 +11535,7 @@ CVE-2017-1000112 - https://github.com/qiantu88/Linux--exp CVE-2017-1000112 - https://github.com/rakjong/LinuxElevation CVE-2017-1000112 - https://github.com/santoshankr/smep_detector CVE-2017-1000112 - https://github.com/spencerdodd/kernelpop +CVE-2017-1000112 - https://github.com/stefanocutelle/linux-exploit-suggester CVE-2017-1000112 - https://github.com/xairy/kernel-exploits CVE-2017-1000112 - https://github.com/xairy/linux-kernel-exploitation CVE-2017-1000112 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 @@ -11389,11 +11766,13 @@ CVE-2017-1002003 - https://github.com/alienwithin/Scripts-Sploits CVE-2017-1002008 - https://github.com/alienwithin/Scripts-Sploits CVE-2017-1002024 - https://github.com/SexyBeast233/SecBooks CVE-2017-1002101 - https://github.com/Metarget/awesome-cloud-native-security +CVE-2017-1002101 - https://github.com/Metarget/cloud-native-security-book CVE-2017-1002101 - https://github.com/Metarget/metarget CVE-2017-1002101 - https://github.com/Pray3r/cloud-native-security CVE-2017-1002101 - https://github.com/bgeesaman/subpath-exploit CVE-2017-1002101 - https://github.com/h34dless/kubernetes-pocs CVE-2017-1002101 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2017-1002101 - https://github.com/reni2study/Cloud-Native-Security2 CVE-2017-1002101 - https://github.com/ssst0n3/docker_archive CVE-2017-1002101 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-1002999 - https://github.com/mpmiller37/nvdTest @@ -11450,17 +11829,21 @@ CVE-2017-10271 - https://github.com/7kbstorm/WebLogic_CNVD_C2019_48814 CVE-2017-10271 - https://github.com/84KaliPleXon3/Payloads_All_The_Things CVE-2017-10271 - https://github.com/ARPSyndicate/kenzer-templates CVE-2017-10271 - https://github.com/AnonVulc/Pentest-Tools +CVE-2017-10271 - https://github.com/Bywalks/WeblogicScan CVE-2017-10271 - https://github.com/Cymmetria/weblogic_honeypot +CVE-2017-10271 - https://github.com/Delishsploits/PayloadsAndMethodology CVE-2017-10271 - https://github.com/DynamicDesignz/Alien-Framework CVE-2017-10271 - https://github.com/ETOCheney/JavaDeserialization CVE-2017-10271 - https://github.com/Elsfa7-110/kenzer-templates CVE-2017-10271 - https://github.com/Flerov/WindowsExploitDev CVE-2017-10271 - https://github.com/FoolMitAh/WeblogicScan CVE-2017-10271 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet +CVE-2017-10271 - https://github.com/GuynnR/Payloads CVE-2017-10271 - https://github.com/JackyTsuuuy/weblogic_wls_rce_poc-exp CVE-2017-10271 - https://github.com/Jean-Francois-C/Windows-Penetration-Testing CVE-2017-10271 - https://github.com/Luffin/CVE-2017-10271 CVE-2017-10271 - https://github.com/Muhammd/Awesome-Payloads +CVE-2017-10271 - https://github.com/Nieuport/PayloadsAllTheThings CVE-2017-10271 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2017-10271 - https://github.com/ParrotSec-CN/ParrotSecCN_Community_QQbot CVE-2017-10271 - https://github.com/Prodject/Kn0ck @@ -11478,18 +11861,23 @@ CVE-2017-10271 - https://github.com/ZH3FENG/PoCs-Weblogic_2017_10271 CVE-2017-10271 - https://github.com/amcai/myscan CVE-2017-10271 - https://github.com/andrysec/PayloadsAllVulnerability CVE-2017-10271 - https://github.com/anhtu97/PayloadAllEverything +CVE-2017-10271 - https://github.com/apkadmin/PayLoadsAll CVE-2017-10271 - https://github.com/awsassets/weblogic_exploit CVE-2017-10271 - https://github.com/bigblackhat/oFx CVE-2017-10271 - https://github.com/bigsizeme/weblogic-XMLDecoder CVE-2017-10271 - https://github.com/bmcculley/CVE-2017-10271 CVE-2017-10271 - https://github.com/c0mmand3rOpSec/CVE-2017-10271 +CVE-2017-10271 - https://github.com/chanchalpatra/payload CVE-2017-10271 - https://github.com/cjjduck/weblogic_wls_wsat_rce CVE-2017-10271 - https://github.com/cranelab/exploit-development CVE-2017-10271 - https://github.com/cross2to/betaseclab_tools +CVE-2017-10271 - https://github.com/diggid4ever/Weblogic-XMLDecoder-POC CVE-2017-10271 - https://github.com/dr0op/WeblogicScan CVE-2017-10271 - https://github.com/fengjixuchui/RedTeamer CVE-2017-10271 - https://github.com/hanc00l/some_pocsuite +CVE-2017-10271 - https://github.com/hellochunqiu/PayloadsAllTheThings CVE-2017-10271 - https://github.com/hktalent/myhktools +CVE-2017-10271 - https://github.com/hmoytx/weblogicscan CVE-2017-10271 - https://github.com/jas502n/CNVD-C-2019-48814 CVE-2017-10271 - https://github.com/jas502n/cve-2019-2618 CVE-2017-10271 - https://github.com/jiangsir404/POC-S @@ -11499,8 +11887,14 @@ CVE-2017-10271 - https://github.com/kingkaki/weblogic-scan CVE-2017-10271 - https://github.com/kkirsche/CVE-2017-10271 CVE-2017-10271 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2017-10271 - https://github.com/koutto/jok3r-pocs +CVE-2017-10271 - https://github.com/ksw9722/PayloadsAllTheThings CVE-2017-10271 - https://github.com/lonehand/Oracle-WebLogic-CVE-2017-10271-master +CVE-2017-10271 - https://github.com/lp008/Hack-readme +CVE-2017-10271 - https://github.com/m1dsummer/AD-2021 +CVE-2017-10271 - https://github.com/maya6/-scan- CVE-2017-10271 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +CVE-2017-10271 - https://github.com/mrhacker51/ReverseShellCommands +CVE-2017-10271 - https://github.com/nevidimk0/PayloadsAllTheThings CVE-2017-10271 - https://github.com/nihaohello/N-MiddlewareScan CVE-2017-10271 - https://github.com/oneplus-x/Sn1per CVE-2017-10271 - https://github.com/papa-anniekey/CustomSignatures @@ -11508,20 +11902,26 @@ CVE-2017-10271 - https://github.com/paralax/awesome-honeypots CVE-2017-10271 - https://github.com/peterpeter228/Oracle-WebLogic-CVE-2017-10271 CVE-2017-10271 - https://github.com/pimps/CVE-2019-2725 CVE-2017-10271 - https://github.com/pssss/CVE-2017-10271 +CVE-2017-10271 - https://github.com/pwnagelabs/VEF CVE-2017-10271 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-10271 - https://github.com/r0eXpeR/redteam_vul CVE-2017-10271 - https://github.com/rabbitmask/WeblogicScanLot CVE-2017-10271 - https://github.com/s3xy/CVE-2017-10271 +CVE-2017-10271 - https://github.com/safe6Sec/wlsEnv CVE-2017-10271 - https://github.com/seruling/weblogic-wsat-scan +CVE-2017-10271 - https://github.com/severnake/Pentest-Tools CVE-2017-10271 - https://github.com/shack2/javaserializetools CVE-2017-10271 - https://github.com/skytina/CNVD-C-2019-48814-COMMON CVE-2017-10271 - https://github.com/sobinge/--1 CVE-2017-10271 - https://github.com/sobinge/PayloadsAllTheThings +CVE-2017-10271 - https://github.com/sobinge/PayloadsAllThesobinge CVE-2017-10271 - https://github.com/sobinge/nuclei-templates CVE-2017-10271 - https://github.com/superfish9/pt +CVE-2017-10271 - https://github.com/tdcoming/Vulnerability-engine CVE-2017-10271 - https://github.com/theyoge/AD-Pentesting-Tools CVE-2017-10271 - https://github.com/unusualwork/Sn1per CVE-2017-10271 - https://github.com/veo/vscan +CVE-2017-10271 - https://github.com/winterwolf32/PayloadsAllTheThings CVE-2017-10271 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-10271 - https://github.com/zema1/oracle-vuln-crawler CVE-2017-10276 - https://github.com/keloud/TEC-MBSD2017 @@ -11557,6 +11957,7 @@ CVE-2017-10684 - https://github.com/cloudpassage/jira_halo_issues_sync CVE-2017-10684 - https://github.com/yfoelling/yair CVE-2017-10685 - https://github.com/cloudpassage/jira_halo_issues_sync CVE-2017-10685 - https://github.com/yfoelling/yair +CVE-2017-10686 - https://github.com/strongcourage/uafbench CVE-2017-10688 - https://github.com/mudongliang/LinuxFlaw CVE-2017-10688 - https://github.com/oneoy/cve- CVE-2017-10718 - https://github.com/ethanhunnt/IoT_vulnerabilities @@ -11610,7 +12011,10 @@ CVE-2017-11120 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-11124 - https://github.com/andir/nixos-issue-db-example CVE-2017-11125 - https://github.com/andir/nixos-issue-db-example CVE-2017-11164 - https://github.com/andir/nixos-issue-db-example +CVE-2017-11164 - https://github.com/brandoncamenisch/release-the-code-litecoin CVE-2017-11164 - https://github.com/dispera/giant-squid +CVE-2017-11164 - https://github.com/domyrtille/interview_project +CVE-2017-11164 - https://github.com/epequeno/devops-demo CVE-2017-11164 - https://github.com/flyrev/security-scan-ci-presentation CVE-2017-11164 - https://github.com/garethr/snykout CVE-2017-11164 - https://github.com/nedenwalker/spring-boot-app-using-gradle @@ -11619,11 +12023,13 @@ CVE-2017-11164 - https://github.com/onzack/trivy-multiscanner CVE-2017-11175 - https://github.com/rochesecurity/Roche-CVEs CVE-2017-11176 - https://github.com/Al1ex/LinuxEelvation CVE-2017-11176 - https://github.com/Flerov/WindowsExploitDev +CVE-2017-11176 - https://github.com/ahpaleus/ahp_cheatsheet CVE-2017-11176 - https://github.com/anoaghost/Localroot_Compile CVE-2017-11176 - https://github.com/bsauce/kernel-exploit-factory CVE-2017-11176 - https://github.com/bsauce/kernel-security-learning CVE-2017-11176 - https://github.com/cranelab/exploit-development CVE-2017-11176 - https://github.com/gladiopeace/awesome-stars +CVE-2017-11176 - https://github.com/klecko/exploits CVE-2017-11176 - https://github.com/thdusdl1219/CVE-Study CVE-2017-11176 - https://github.com/xairy/linux-kernel-exploitation CVE-2017-11189 - https://github.com/p1ay8y3ar/cve_monitor @@ -11643,6 +12049,7 @@ CVE-2017-11317 - https://github.com/bao7uo/RAU_crypto CVE-2017-11317 - https://github.com/bao7uo/dp_crypto CVE-2017-11317 - https://github.com/developer3000S/PoC-in-GitHub CVE-2017-11317 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2017-11317 - https://github.com/mcgyver5/scrap_telerik CVE-2017-11317 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-11317 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-11331 - https://github.com/andir/nixos-issue-db-example @@ -11791,6 +12198,7 @@ CVE-2017-11821 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-11821 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-11823 - https://github.com/punishell/WindowsLegacyCVE CVE-2017-11826 - https://github.com/9aylas/DDE-MS_WORD-Exploit_Detector +CVE-2017-11826 - https://github.com/JoeyZzZzZz/JoeyZzZzZz.github.io CVE-2017-11826 - https://github.com/abhishek283/AmexCodeChallange CVE-2017-11826 - https://github.com/houjingyi233/office-exploit-case-study CVE-2017-11826 - https://github.com/pandazheng/Threat-Intelligence-Analyst @@ -11816,6 +12224,7 @@ CVE-2017-11843 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-11843 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-11846 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-11846 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2017-11852 - https://github.com/ksyang-hj/ksyang-hj CVE-2017-11855 - https://github.com/googleprojectzero/domato CVE-2017-11855 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-11855 - https://github.com/tunz/js-vuln-db @@ -11846,10 +12255,13 @@ CVE-2017-11873 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-11882 - https://github.com/0x09AL/CVE-2017-11882-metasploit CVE-2017-11882 - https://github.com/0xT11/CVE-POC CVE-2017-11882 - https://github.com/404notf0und/Security-Data-Analysis-and-Visualization +CVE-2017-11882 - https://github.com/Apri1y/Red-Team-links +CVE-2017-11882 - https://github.com/BENARBIAfiras/SophosLabs-Intelix CVE-2017-11882 - https://github.com/BlackMathIT/2017-11882_Generator CVE-2017-11882 - https://github.com/CSC-pentest/cve-2017-11882 CVE-2017-11882 - https://github.com/ChaitanyaHaritash/CVE-2017-11882 CVE-2017-11882 - https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections +CVE-2017-11882 - https://github.com/CyberSift/CyberSift-Alerts CVE-2017-11882 - https://github.com/Echocipher/Resource-list CVE-2017-11882 - https://github.com/FlatL1neAPT/MS-Office CVE-2017-11882 - https://github.com/Flerov/WindowsExploitDev @@ -11873,6 +12285,7 @@ CVE-2017-11882 - https://github.com/czq945659538/-study CVE-2017-11882 - https://github.com/dactoankmapydev/crawler0121 CVE-2017-11882 - https://github.com/developer3000S/PoC-in-GitHub CVE-2017-11882 - https://github.com/edeca/rtfraptor +CVE-2017-11882 - https://github.com/ekgg/Overflow-Demo-CVE-2017-11882 CVE-2017-11882 - https://github.com/emaan122/Note2 CVE-2017-11882 - https://github.com/embedi/CVE-2017-11882 CVE-2017-11882 - https://github.com/eric-erki/APT_CyberCriminal_Campagin_Collections @@ -11880,7 +12293,10 @@ CVE-2017-11882 - https://github.com/fengjixuchui/RedTeamer CVE-2017-11882 - https://github.com/gold1029/Red-Teaming-Toolkit CVE-2017-11882 - https://github.com/hectorgie/PoC-in-GitHub CVE-2017-11882 - https://github.com/houjingyi233/office-exploit-case-study +CVE-2017-11882 - https://github.com/hudunkey/Red-Team-links CVE-2017-11882 - https://github.com/iwarsong/apt +CVE-2017-11882 - https://github.com/jaychouzzk/- +CVE-2017-11882 - https://github.com/john-80/-007 CVE-2017-11882 - https://github.com/jstrosch/malware-samples CVE-2017-11882 - https://github.com/jvdroit/APT_CyberCriminal_Campagin_Collections CVE-2017-11882 - https://github.com/likescam/APT_CyberCriminal_Campagin_Collections @@ -11891,13 +12307,16 @@ CVE-2017-11882 - https://github.com/likescam/Red-Teaming-Toolkit CVE-2017-11882 - https://github.com/likescam/Red-Teaming-Toolkit_all_pentests CVE-2017-11882 - https://github.com/lisinan988/CVE-2017-11882-exp CVE-2017-11882 - https://github.com/littlebin404/CVE-2017-11882 +CVE-2017-11882 - https://github.com/lp008/Hack-readme CVE-2017-11882 - https://github.com/mucahittopal/Pentesting-Pratic-Notes CVE-2017-11882 - https://github.com/nitishbadole/pentesting_Notes CVE-2017-11882 - https://github.com/pandazheng/Threat-Intelligence-Analyst CVE-2017-11882 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-11882 - https://github.com/qiantu88/office-cve +CVE-2017-11882 - https://github.com/r0eXpeR/supplier CVE-2017-11882 - https://github.com/rxwx/CVE-2018-0802 CVE-2017-11882 - https://github.com/shr3ddersec/Shr3dKit +CVE-2017-11882 - https://github.com/slimdaddy/RedTeam CVE-2017-11882 - https://github.com/starnightcyber/CVE-2017-11882 CVE-2017-11882 - https://github.com/sumas/APT_CyberCriminal_Campagin_Collections CVE-2017-11882 - https://github.com/tingsama/hacking-p2 @@ -11906,6 +12325,7 @@ CVE-2017-11882 - https://github.com/wateroot/poc-exp CVE-2017-11882 - https://github.com/wrlu/Vulnerabilities CVE-2017-11882 - https://github.com/wzxmt/CVE-2017 CVE-2017-11882 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2017-11882 - https://github.com/xiaoZ-hc/redtool CVE-2017-11882 - https://github.com/xiaoy-sec/Pentest_Note CVE-2017-11882 - https://github.com/zhang040723/web CVE-2017-11882 - https://github.com/zhouat/cve-2017-11882 @@ -11995,6 +12415,7 @@ CVE-2017-12149 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2017-12149 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2017-12149 - https://github.com/SexyBeast233/SecBooks CVE-2017-12149 - https://github.com/YIXINSHUWU/Penetration_Testing_POC +CVE-2017-12149 - https://github.com/chalern/Pentest-Tools CVE-2017-12149 - https://github.com/fengjixuchui/RedTeamer CVE-2017-12149 - https://github.com/fupinglee/JavaTools CVE-2017-12149 - https://github.com/hasee2018/Penetration_Testing_POC @@ -12016,6 +12437,7 @@ CVE-2017-12149 - https://github.com/r0eXpeR/redteam_vul CVE-2017-12149 - https://github.com/sevck/CVE-2017-12149 CVE-2017-12149 - https://github.com/superfish9/pt CVE-2017-12149 - https://github.com/taielab/awesome-hacking-lists +CVE-2017-12149 - https://github.com/tdcoming/Vulnerability-engine CVE-2017-12149 - https://github.com/veo/vscan CVE-2017-12149 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2017-12149 - https://github.com/x-f1v3/Vulnerability_Environment @@ -12080,6 +12502,7 @@ CVE-2017-12603 - https://github.com/xiaoqx/pocs CVE-2017-12604 - https://github.com/xiaoqx/pocs CVE-2017-12605 - https://github.com/xiaoqx/pocs CVE-2017-12606 - https://github.com/xiaoqx/pocs +CVE-2017-12610 - https://github.com/isxbot/software-assurance CVE-2017-12611 - https://github.com/0day666/Vulnerability-verification CVE-2017-12611 - https://github.com/ARPSyndicate/kenzer-templates CVE-2017-12611 - https://github.com/Elsfa7-110/kenzer-templates @@ -12090,6 +12513,7 @@ CVE-2017-12611 - https://github.com/albinowax/ActiveScanPlusPlus CVE-2017-12611 - https://github.com/brianwrf/S2-053-CVE-2017-12611 CVE-2017-12611 - https://github.com/khodges42/Etrata CVE-2017-12611 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2017-12611 - https://github.com/tdcoming/Vulnerability-engine CVE-2017-12611 - https://github.com/whoadmin/pocs CVE-2017-12611 - https://github.com/woods-sega/woodswiki CVE-2017-12611 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 @@ -12113,6 +12537,8 @@ CVE-2017-12615 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2017-12615 - https://github.com/huike007/penetration_poc CVE-2017-12615 - https://github.com/huike007/poc CVE-2017-12615 - https://github.com/jweny/pocassistdb +CVE-2017-12615 - https://github.com/lp008/Hack-readme +CVE-2017-12615 - https://github.com/maya6/-scan- CVE-2017-12615 - https://github.com/mefulton/cve-2017-12615 CVE-2017-12615 - https://github.com/nixawk/labs CVE-2017-12615 - https://github.com/oneplus-x/MS17-010 @@ -12121,6 +12547,7 @@ CVE-2017-12615 - https://github.com/r0eXpeR/redteam_vul CVE-2017-12615 - https://github.com/safe6Sec/PentestNote CVE-2017-12615 - https://github.com/sobinge/nuclei-templates CVE-2017-12615 - https://github.com/superfish9/pt +CVE-2017-12615 - https://github.com/tdcoming/Vulnerability-engine CVE-2017-12615 - https://github.com/underattack-today/underattack-py CVE-2017-12615 - https://github.com/veo/vscan CVE-2017-12615 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- @@ -12142,9 +12569,12 @@ CVE-2017-12617 - https://github.com/1120362990/vulnerability-list CVE-2017-12617 - https://github.com/3vikram/Application-Vulnerabilities-Payloads CVE-2017-12617 - https://github.com/84KaliPleXon3/Payloads_All_The_Things CVE-2017-12617 - https://github.com/Cyberleet1337/Payloadswebhack +CVE-2017-12617 - https://github.com/Delishsploits/PayloadsAndMethodology CVE-2017-12617 - https://github.com/DynamicDesignz/Alien-Framework +CVE-2017-12617 - https://github.com/GuynnR/Payloads CVE-2017-12617 - https://github.com/Kaizhe/attacker CVE-2017-12617 - https://github.com/Muhammd/Awesome-Payloads +CVE-2017-12617 - https://github.com/Nieuport/PayloadsAllTheThings CVE-2017-12617 - https://github.com/Prodject/Kn0ck CVE-2017-12617 - https://github.com/Ra7mo0on/PayloadsAllTheThings CVE-2017-12617 - https://github.com/SexyBeast233/SecBooks @@ -12152,18 +12582,29 @@ CVE-2017-12617 - https://github.com/Soldie/PayloadsAllTheThings CVE-2017-12617 - https://github.com/XPR1M3/Payloads_All_The_Things CVE-2017-12617 - https://github.com/andrysec/PayloadsAllVulnerability CVE-2017-12617 - https://github.com/anhtu97/PayloadAllEverything +CVE-2017-12617 - https://github.com/apkadmin/PayLoadsAll CVE-2017-12617 - https://github.com/aylincetin/PayloadsAllTheThings +CVE-2017-12617 - https://github.com/chanchalpatra/payload CVE-2017-12617 - https://github.com/cyberheartmi9/CVE-2017-12617 CVE-2017-12617 - https://github.com/devcoinfet/CVE-2017-12617 +CVE-2017-12617 - https://github.com/hellochunqiu/PayloadsAllTheThings CVE-2017-12617 - https://github.com/hktalent/myhktools +CVE-2017-12617 - https://github.com/ilmari666/cybsec CVE-2017-12617 - https://github.com/kk98kk0/Payloads CVE-2017-12617 - https://github.com/koutto/jok3r-pocs +CVE-2017-12617 - https://github.com/ksw9722/PayloadsAllTheThings +CVE-2017-12617 - https://github.com/maya6/-scan- +CVE-2017-12617 - https://github.com/mrhacker51/ReverseShellCommands +CVE-2017-12617 - https://github.com/nevidimk0/PayloadsAllTheThings CVE-2017-12617 - https://github.com/oneplus-x/Sn1per CVE-2017-12617 - https://github.com/ozkanbilge/Payloads CVE-2017-12617 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2017-12617 - https://github.com/scxiaotan1/Docker CVE-2017-12617 - https://github.com/sobinge/--1 CVE-2017-12617 - https://github.com/sobinge/PayloadsAllTheThings +CVE-2017-12617 - https://github.com/sobinge/PayloadsAllThesobinge CVE-2017-12617 - https://github.com/unusualwork/Sn1per +CVE-2017-12617 - https://github.com/winterwolf32/PayloadsAllTheThings CVE-2017-12617 - https://github.com/woods-sega/woodswiki CVE-2017-12617 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-12617 - https://github.com/ycdxsb/Exploits @@ -12255,12 +12696,16 @@ CVE-2017-12936 - https://github.com/oneoy/cve- CVE-2017-12937 - https://github.com/mudongliang/LinuxFlaw CVE-2017-12937 - https://github.com/oneoy/cve- CVE-2017-12943 - https://github.com/aymankhalfatni/D-Link +CVE-2017-12945 - https://github.com/aress31/cve-2017-12945 +CVE-2017-12945 - https://github.com/aress31/solstice-pod-cves CVE-2017-12955 - https://github.com/andir/nixos-issue-db-example CVE-2017-12956 - https://github.com/andir/nixos-issue-db-example CVE-2017-12957 - https://github.com/andir/nixos-issue-db-example CVE-2017-12966 - https://github.com/9emin1/advisories CVE-2017-12966 - https://github.com/andir/nixos-issue-db-example CVE-2017-1297 - https://github.com/thdusdl1219/CVE-Study +CVE-2017-12982 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2017-12982 - https://github.com/tzf-key/MemLock_Benchmark CVE-2017-12983 - https://github.com/mrash/afl-cve CVE-2017-13002 - https://github.com/tarrell13/CVE-Reporter CVE-2017-13010 - https://github.com/geeknik/cve-fuzzing-poc @@ -12334,6 +12779,7 @@ CVE-2017-13286 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2017-13672 - https://github.com/DavidBuchanan314/CVE-2017-13672 CVE-2017-13680 - https://github.com/shubham0d/SymBlock CVE-2017-13686 - https://github.com/thdusdl1219/CVE-Study +CVE-2017-13716 - https://github.com/KorayAgaya/TrivyWeb CVE-2017-13716 - https://github.com/siddharthraopotukuchi/trivy CVE-2017-13716 - https://github.com/simiyo/trivy CVE-2017-13716 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers @@ -12372,6 +12818,7 @@ CVE-2017-13802 - https://github.com/googleprojectzero/domato CVE-2017-13830 - https://github.com/RUB-SysSec/kAFL CVE-2017-13833 - https://github.com/bazad/sysctl_coalition_get_pid_list-dos CVE-2017-13861 - https://github.com/Jailbreaks/async_wake_ios +CVE-2017-13861 - https://github.com/WRFan/jailbreak10.3.3 CVE-2017-13861 - https://github.com/blacktop/async_wake CVE-2017-13861 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2017-13865 - https://github.com/Jailbreaks/async_wake_ios @@ -12538,6 +12985,7 @@ CVE-2017-14890 - https://github.com/jiayy/android_vuln_poc-exp CVE-2017-14894 - https://github.com/jiayy/android_vuln_poc-exp CVE-2017-14904 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-14904 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2017-14930 - https://github.com/KorayAgaya/TrivyWeb CVE-2017-14930 - https://github.com/siddharthraopotukuchi/trivy CVE-2017-14930 - https://github.com/simiyo/trivy CVE-2017-14930 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers @@ -12561,9 +13009,11 @@ CVE-2017-15095 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2017-15095 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2017-15095 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2017-15095 - https://github.com/SecureSkyTechnology/study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095 +CVE-2017-15095 - https://github.com/ilmari666/cybsec CVE-2017-15095 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2017-15095 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2017-15095 - https://github.com/taielab/awesome-hacking-lists +CVE-2017-15095 - https://github.com/yahoo/cubed CVE-2017-15103 - https://github.com/abhishek283/AmexCodeChallange CVE-2017-15105 - https://github.com/ibauersachs/dnssecjava CVE-2017-15107 - https://github.com/andir/nixos-issue-db-example @@ -12694,6 +13144,7 @@ CVE-2017-15708 - https://github.com/hucheat/APacheSynapseSimplePOC CVE-2017-15708 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2017-15708 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2017-15709 - https://github.com/SexyBeast233/SecBooks +CVE-2017-15710 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2017-15710 - https://github.com/rackerlabs/insightvm_slackbot CVE-2017-15710 - https://github.com/rnbochsr/yr_of_the_jellyfish CVE-2017-15710 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough @@ -12706,6 +13157,7 @@ CVE-2017-15715 - https://github.com/ARPSyndicate/kenzer-templates CVE-2017-15715 - https://github.com/Elsfa7-110/kenzer-templates CVE-2017-15715 - https://github.com/Fa1c0n35/Web-CTF-Cheatshee CVE-2017-15715 - https://github.com/SexyBeast233/SecBooks +CVE-2017-15715 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2017-15715 - https://github.com/duckstroms/Web-CTF-Cheatsheet CVE-2017-15715 - https://github.com/hacden/vultools CVE-2017-15715 - https://github.com/hailan09/Hacker @@ -12727,6 +13179,7 @@ CVE-2017-15831 - https://github.com/jiayy/android_vuln_poc-exp CVE-2017-15832 - https://github.com/jiayy/android_vuln_poc-exp CVE-2017-15836 - https://github.com/jiayy/android_vuln_poc-exp CVE-2017-15854 - https://github.com/jiayy/android_vuln_poc-exp +CVE-2017-15906 - https://github.com/project7io/nmap CVE-2017-15906 - https://github.com/syadg123/pigat CVE-2017-15906 - https://github.com/teamssix/pigat CVE-2017-15906 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough @@ -12749,6 +13202,8 @@ CVE-2017-15944 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-15944 - https://github.com/surajraghuvanshi/PaloAltoRceDetectionAndExploit CVE-2017-15944 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-15944 - https://github.com/xxnbyy/CVE-2017-15944-POC +CVE-2017-15996 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2017-15996 - https://github.com/tzf-key/MemLock_Benchmark CVE-2017-16003 - https://github.com/ossf-cve-benchmark/CVE-2017-16003 CVE-2017-16006 - https://github.com/ossf-cve-benchmark/CVE-2017-16006 CVE-2017-16011 - https://github.com/ossf-cve-benchmark/CVE-2017-16011 @@ -12759,6 +13214,7 @@ CVE-2017-16026 - https://github.com/ossf-cve-benchmark/CVE-2017-16026 CVE-2017-16028 - https://github.com/ossf-cve-benchmark/CVE-2017-16028 CVE-2017-16029 - https://github.com/ossf-cve-benchmark/CVE-2017-16029 CVE-2017-16030 - https://github.com/ossf-cve-benchmark/CVE-2017-16030 +CVE-2017-16031 - https://github.com/PalindromeLabs/awesome-websocket-security CVE-2017-16031 - https://github.com/ossf-cve-benchmark/CVE-2017-16031 CVE-2017-16042 - https://github.com/ossf-cve-benchmark/CVE-2017-16042 CVE-2017-16043 - https://github.com/ossf-cve-benchmark/CVE-2017-16043 @@ -12846,6 +13302,12 @@ CVE-2017-16894 - https://github.com/Gutem/scans-exploits CVE-2017-16894 - https://github.com/H4ckTh3W0r1d/Goby_POC CVE-2017-16894 - https://github.com/SexyBeast233/SecBooks CVE-2017-16900 - https://github.com/summtime/CVE +CVE-2017-16905 - https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups +CVE-2017-16905 - https://github.com/Saidul-M-Khan/Awesome-Bugbounty-Writeups +CVE-2017-16905 - https://github.com/ajino2k/Awesome-Bugbounty-Writeups +CVE-2017-16905 - https://github.com/blitz-cmd/Bugbounty-writeups +CVE-2017-16905 - https://github.com/bot8080/awesomeBugbounty +CVE-2017-16905 - https://github.com/deadcyph3r/Awesome-Collection CVE-2017-16905 - https://github.com/devanshbatham/Awesome-Bugbounty-Writeups CVE-2017-16905 - https://github.com/kyawthiha7/Mobile-App-Pentest CVE-2017-16939 - https://github.com/Al1ex/LinuxEelvation @@ -12873,6 +13335,7 @@ CVE-2017-16944 - https://github.com/00010111/exim_check CVE-2017-16944 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-16944 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-16957 - https://github.com/SexyBeast233/SecBooks +CVE-2017-16995 - https://github.com/84KaliPleXon3/linux-exploit-suggester CVE-2017-16995 - https://github.com/AfvanMoopen/tryhackme- CVE-2017-16995 - https://github.com/Al1ex/CVE-2017-16995 CVE-2017-16995 - https://github.com/Al1ex/LinuxEelvation @@ -12899,6 +13362,7 @@ CVE-2017-16995 - https://github.com/dangokyo/CVE_2017_16995 CVE-2017-16995 - https://github.com/distance-vector/linux-kernel-exploits CVE-2017-16995 - https://github.com/fei9747/LinuxEelvation CVE-2017-16995 - https://github.com/fengjixuchui/RedTeamer +CVE-2017-16995 - https://github.com/holmes-py/King-of-the-hill CVE-2017-16995 - https://github.com/integeruser/on-pwning CVE-2017-16995 - https://github.com/jas502n/Ubuntu-0day CVE-2017-16995 - https://github.com/kumardineshwar/linux-kernel-exploits @@ -12910,6 +13374,9 @@ CVE-2017-16995 - https://github.com/qiantu88/Linux--exp CVE-2017-16995 - https://github.com/rakjong/LinuxElevation CVE-2017-16995 - https://github.com/ret2p4nda/kernel-pwn CVE-2017-16995 - https://github.com/rootclay/Ubuntu-16.04-0Day +CVE-2017-16995 - https://github.com/stefanocutelle/linux-exploit-suggester +CVE-2017-16995 - https://github.com/thelostvoice/global-takeover +CVE-2017-16995 - https://github.com/thelostvoice/inept-us-military CVE-2017-16995 - https://github.com/xairy/linux-kernel-exploitation CVE-2017-16995 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-16995 - https://github.com/xfinest/linux-kernel-exploits @@ -12949,6 +13416,7 @@ CVE-2017-17405 - https://github.com/SexyBeast233/SecBooks CVE-2017-17405 - https://github.com/duckstroms/Web-CTF-Cheatsheet CVE-2017-17405 - https://github.com/mengdaya/Web-CTF-Cheatsheet CVE-2017-17405 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2017-17405 - https://github.com/scumdestroy/pentest-scripts-for-dangerous-boys CVE-2017-17405 - https://github.com/w181496/Web-CTF-Cheatsheet CVE-2017-17405 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-17408 - https://github.com/qazbnm456/awesome-cve-poc @@ -12988,6 +13456,7 @@ CVE-2017-17485 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2017-17485 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2017-17485 - https://github.com/SugarP1g/LearningSecurity CVE-2017-17485 - https://github.com/hktalent/myhktools +CVE-2017-17485 - https://github.com/ilmari666/cybsec CVE-2017-17485 - https://github.com/irsl/jackson-rce-via-spel CVE-2017-17485 - https://github.com/klarna/kco_rest_java CVE-2017-17485 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet @@ -12995,6 +13464,7 @@ CVE-2017-17485 - https://github.com/maxbitcoin/Jackson-CVE-2017-17485 CVE-2017-17485 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2017-17485 - https://github.com/mymortal/expcode CVE-2017-17485 - https://github.com/shadowsock5/jackson-databind-POC +CVE-2017-17485 - https://github.com/yahoo/cubed CVE-2017-17505 - https://github.com/andir/nixos-issue-db-example CVE-2017-17505 - https://github.com/xiaoqx/pocs CVE-2017-17506 - https://github.com/andir/nixos-issue-db-example @@ -13079,6 +13549,7 @@ CVE-2017-18013 - https://github.com/revl-ca/scan-docker-image CVE-2017-18017 - https://github.com/hiboma/hiboma CVE-2017-18017 - https://github.com/intrajp/network-magic CVE-2017-18018 - https://github.com/andir/nixos-issue-db-example +CVE-2017-18018 - https://github.com/devopstales/trivy-operator CVE-2017-18018 - https://github.com/flyrev/security-scan-ci-presentation CVE-2017-18018 - https://github.com/garethr/snykout CVE-2017-18018 - https://github.com/phonito/phonito-scanner-action @@ -13136,6 +13607,7 @@ CVE-2017-18589 - https://github.com/xxg1413/rust-security CVE-2017-18635 - https://github.com/ShielderSec/poc CVE-2017-18635 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2017-18638 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2017-20004 - https://github.com/Qwaz/rust-cve CVE-2017-20004 - https://github.com/xxg1413/rust-security CVE-2017-2362 - https://github.com/googleprojectzero/domato CVE-2017-2363 - https://github.com/0xR0/uxss-db @@ -13252,16 +13724,20 @@ CVE-2017-2531 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-2533 - https://github.com/maximehip/Safari-iOS10.3.2-macOS-10.12.4-exploit-Bugs CVE-2017-2534 - https://github.com/maximehip/Safari-iOS10.3.2-macOS-10.12.4-exploit-Bugs CVE-2017-2535 - https://github.com/maximehip/Safari-iOS10.3.2-macOS-10.12.4-exploit-Bugs +CVE-2017-2536 - https://github.com/SkyBulk/RealWorldPwn CVE-2017-2536 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-2536 - https://github.com/tunz/js-vuln-db CVE-2017-2536 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2017-2540 - https://github.com/SkyBulk/RealWorldPwn CVE-2017-2540 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-2540 - https://github.com/theori-io/zer0con2018_singi CVE-2017-2540 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2017-2541 - https://github.com/SkyBulk/RealWorldPwn CVE-2017-2541 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-2541 - https://github.com/theori-io/zer0con2018_singi CVE-2017-2541 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-2547 - https://github.com/SeaJae/exploitPlayground +CVE-2017-2547 - https://github.com/SkyBulk/RealWorldPwn CVE-2017-2547 - https://github.com/externalist/exploit_playground CVE-2017-2547 - https://github.com/likescam/exploit_playground_lists_androidCVE CVE-2017-2547 - https://github.com/qazbnm456/awesome-cve-poc @@ -13369,6 +13845,7 @@ CVE-2017-3159 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2017-3159 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2017-3163 - https://github.com/veracode-research/solr-injection CVE-2017-3167 - https://github.com/gyoisamurai/GyoiThon +CVE-2017-3167 - https://github.com/jklinges14/Cyber-Security-Final-Project CVE-2017-3167 - https://github.com/syadg123/pigat CVE-2017-3167 - https://github.com/teamssix/pigat CVE-2017-3167 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough @@ -13396,7 +13873,9 @@ CVE-2017-3241 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2017-3241 - https://github.com/gitrobtest/Java-Security CVE-2017-3241 - https://github.com/superfish9/pt CVE-2017-3241 - https://github.com/xfei3/CVE-2017-3241-POC +CVE-2017-3241 - https://github.com/yahoo/cubed CVE-2017-3248 - https://github.com/0xn0ne/weblogicScanner +CVE-2017-3248 - https://github.com/Bywalks/WeblogicScan CVE-2017-3248 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2017-3248 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2017-3248 - https://github.com/ParrotSec-CN/ParrotSecCN_Community_QQbot @@ -13408,6 +13887,7 @@ CVE-2017-3248 - https://github.com/fengjixuchui/RedTeamer CVE-2017-3248 - https://github.com/followboy1999/weblogic-deserialization CVE-2017-3248 - https://github.com/hanc00l/some_pocsuite CVE-2017-3248 - https://github.com/hanc00l/weblogic_unserialize_exploit +CVE-2017-3248 - https://github.com/hmoytx/weblogicscan CVE-2017-3248 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2017-3248 - https://github.com/koutto/jok3r-pocs CVE-2017-3248 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet @@ -13421,13 +13901,17 @@ CVE-2017-3248 - https://github.com/tdy218/ysoserial-cve-2018-2628 CVE-2017-3248 - https://github.com/whoadmin/pocs CVE-2017-3248 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-3248 - https://github.com/zema1/oracle-vuln-crawler +CVE-2017-3260 - https://github.com/yahoo/cubed CVE-2017-3261 - https://github.com/arminc/clair-scanner +CVE-2017-3272 - https://github.com/yahoo/cubed CVE-2017-3289 - https://github.com/Alexandre-Bartel/jvm-musti +CVE-2017-3289 - https://github.com/yahoo/cubed CVE-2017-3428 - https://github.com/cross2to/betaseclab_tools CVE-2017-3428 - https://github.com/dr0op/WeblogicScan CVE-2017-3506 - https://github.com/0day666/Vulnerability-verification CVE-2017-3506 - https://github.com/0xn0ne/weblogicScanner CVE-2017-3506 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2017-3506 - https://github.com/Bywalks/WeblogicScan CVE-2017-3506 - https://github.com/Elsfa7-110/kenzer-templates CVE-2017-3506 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2017-3506 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs @@ -13438,8 +13922,10 @@ CVE-2017-3506 - https://github.com/XHSecurity/Oracle-WebLogic-CVE-2017-10271 CVE-2017-3506 - https://github.com/bigblackhat/oFx CVE-2017-3506 - https://github.com/bmcculley/CVE-2017-10271 CVE-2017-3506 - https://github.com/cross2to/betaseclab_tools +CVE-2017-3506 - https://github.com/diggid4ever/Weblogic-XMLDecoder-POC CVE-2017-3506 - https://github.com/dr0op/WeblogicScan CVE-2017-3506 - https://github.com/fengjixuchui/RedTeamer +CVE-2017-3506 - https://github.com/hmoytx/weblogicscan CVE-2017-3506 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2017-3506 - https://github.com/koutto/jok3r-pocs CVE-2017-3506 - https://github.com/lonehand/Oracle-WebLogic-CVE-2017-10271-master @@ -13447,14 +13933,17 @@ CVE-2017-3506 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Ch CVE-2017-3506 - https://github.com/nihaohello/N-MiddlewareScan CVE-2017-3506 - https://github.com/peterpeter228/Oracle-WebLogic-CVE-2017-10271 CVE-2017-3506 - https://github.com/pimps/CVE-2019-2725 +CVE-2017-3506 - https://github.com/pwnagelabs/VEF CVE-2017-3506 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-3506 - https://github.com/rabbitmask/WeblogicScanLot +CVE-2017-3506 - https://github.com/safe6Sec/wlsEnv CVE-2017-3506 - https://github.com/superfish9/pt CVE-2017-3506 - https://github.com/veo/vscan CVE-2017-3506 - https://github.com/whoadmin/pocs CVE-2017-3506 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-3506 - https://github.com/zema1/oracle-vuln-crawler CVE-2017-3511 - https://github.com/Ondrik8/byPass_AV +CVE-2017-3514 - https://github.com/yahoo/cubed CVE-2017-3523 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2017-3523 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2017-3523 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet @@ -13505,13 +13994,20 @@ CVE-2017-4878 - https://github.com/liuhe3647/Windows CVE-2017-4878 - https://github.com/pr0code/https-github.com-ExpLife0011-awesome-windows-kernel-security-development CVE-2017-4878 - https://github.com/pravinsrc/NOTES-windows-kernel-links CVE-2017-4898 - https://github.com/ivildeed/vmw_vmx_overloader +CVE-2017-4901 - https://github.com/Apri1y/Red-Team-links CVE-2017-4901 - https://github.com/BLACKHAT-SSG/Vmware-Exploitation CVE-2017-4901 - https://github.com/Echocipher/Resource-list CVE-2017-4901 - https://github.com/WinMin/awesome-vm-exploit CVE-2017-4901 - https://github.com/hookmaster/frida-all-in-one +CVE-2017-4901 - https://github.com/hudunkey/Red-Team-links +CVE-2017-4901 - https://github.com/john-80/-007 +CVE-2017-4901 - https://github.com/lp008/Hack-readme CVE-2017-4901 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2017-4901 - https://github.com/slimdaddy/RedTeam +CVE-2017-4901 - https://github.com/wangsheng123168/123 CVE-2017-4901 - https://github.com/xairy/vmware-exploitation CVE-2017-4901 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2017-4901 - https://github.com/xiaoZ-hc/redtool CVE-2017-4914 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-4914 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-4915 - https://github.com/bcoles/local-exploits @@ -13651,6 +14147,7 @@ CVE-2017-5123 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-5123 - https://github.com/qiantu88/Linux--exp CVE-2017-5123 - https://github.com/r0ysue/OSG-TranslationTeam CVE-2017-5123 - https://github.com/rakjong/LinuxElevation +CVE-2017-5123 - https://github.com/reni2study/Cloud-Native-Security2 CVE-2017-5123 - https://github.com/spencerdodd/kernelpop CVE-2017-5123 - https://github.com/teawater/CVE-2017-5123 CVE-2017-5123 - https://github.com/whiteHat001/Kernel-Security @@ -13801,6 +14298,12 @@ CVE-2017-5230 - https://github.com/arminc/clair-scanner CVE-2017-5230 - https://github.com/jamesz2011/clairctl CVE-2017-5230 - https://github.com/jgsqware/clairctl CVE-2017-5231 - https://github.com/justinsteven/advisories +CVE-2017-5244 - https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups +CVE-2017-5244 - https://github.com/Saidul-M-Khan/Awesome-Bugbounty-Writeups +CVE-2017-5244 - https://github.com/ajino2k/Awesome-Bugbounty-Writeups +CVE-2017-5244 - https://github.com/blitz-cmd/Bugbounty-writeups +CVE-2017-5244 - https://github.com/bot8080/awesomeBugbounty +CVE-2017-5244 - https://github.com/deadcyph3r/Awesome-Collection CVE-2017-5244 - https://github.com/devanshbatham/Awesome-Bugbounty-Writeups CVE-2017-5332 - https://github.com/vulsio/goval-dictionary CVE-2017-5333 - https://github.com/vulsio/goval-dictionary @@ -13816,6 +14319,7 @@ CVE-2017-5371 - https://github.com/StephenHaruna/RADAMSA CVE-2017-5371 - https://github.com/benoit-a/radamsa CVE-2017-5371 - https://github.com/sunzu94/radamsa-Fuzzer CVE-2017-5371 - https://github.com/vah13/SAP_vulnerabilities +CVE-2017-5375 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2017-5383 - https://github.com/JasonLOU/security CVE-2017-5383 - https://github.com/numirias/security CVE-2017-5404 - https://github.com/googleprojectzero/domato @@ -13897,10 +14401,12 @@ CVE-2017-5638 - https://github.com/Aasron/Struts2-045-Exp CVE-2017-5638 - https://github.com/AndreaOm/awesome-stars CVE-2017-5638 - https://github.com/AndreasKl/CVE-2017-5638 CVE-2017-5638 - https://github.com/Cyberleet1337/Payloadswebhack +CVE-2017-5638 - https://github.com/Delishsploits/PayloadsAndMethodology CVE-2017-5638 - https://github.com/DynamicDesignz/Alien-Framework CVE-2017-5638 - https://github.com/Elsfa7-110/kenzer-templates CVE-2017-5638 - https://github.com/Flyteas/Struts2-045-Exp CVE-2017-5638 - https://github.com/Greynad/struts2-jakarta-inject +CVE-2017-5638 - https://github.com/GuynnR/Payloads CVE-2017-5638 - https://github.com/H0j3n/EzpzCheatSheet CVE-2017-5638 - https://github.com/Iletee/struts2-rce CVE-2017-5638 - https://github.com/Kaizhe/attacker @@ -13908,9 +14414,11 @@ CVE-2017-5638 - https://github.com/KarzsGHR/S2-046_S2-045_POC CVE-2017-5638 - https://github.com/Masahiro-Yamada/OgnlContentTypeRejectorValve CVE-2017-5638 - https://github.com/Muhammd/Awesome-Payloads CVE-2017-5638 - https://github.com/NCSU-DANCE-Research-Group/CDL +CVE-2017-5638 - https://github.com/Nieuport/PayloadsAllTheThings CVE-2017-5638 - https://github.com/PWN-Kingdom/Test_Tasks CVE-2017-5638 - https://github.com/PolarisLab/S2-045 CVE-2017-5638 - https://github.com/Prodject/Kn0ck +CVE-2017-5638 - https://github.com/Pwera/Anchore-Notes CVE-2017-5638 - https://github.com/R4v3nBl4ck/Apache-Struts-2-CVE-2017-5638-Exploit- CVE-2017-5638 - https://github.com/Ra7mo0on/PayloadsAllTheThings CVE-2017-5638 - https://github.com/SexyBeast233/SecBooks @@ -13925,6 +14433,7 @@ CVE-2017-5638 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2017-5638 - https://github.com/andrewkroh/auditbeat-apache-struts-demo CVE-2017-5638 - https://github.com/andrysec/PayloadsAllVulnerability CVE-2017-5638 - https://github.com/anhtu97/PayloadAllEverything +CVE-2017-5638 - https://github.com/apkadmin/PayLoadsAll CVE-2017-5638 - https://github.com/aylincetin/PayloadsAllTheThings CVE-2017-5638 - https://github.com/bhagdave/CVE-2017-5638 CVE-2017-5638 - https://github.com/bibortone/Jexboss @@ -13932,6 +14441,7 @@ CVE-2017-5638 - https://github.com/bongbongco/cve-2017-5638 CVE-2017-5638 - https://github.com/c002/Apache-Struts CVE-2017-5638 - https://github.com/c002/Java-Application-Exploits CVE-2017-5638 - https://github.com/cafnet/apache-struts-v2-CVE-2017-5638 +CVE-2017-5638 - https://github.com/chanchalpatra/payload CVE-2017-5638 - https://github.com/donaldashdown/Common-Vulnerability-and-Exploit CVE-2017-5638 - https://github.com/eeehit/CVE-2017-5638 CVE-2017-5638 - https://github.com/eescanilla/Apache-Struts-v3 @@ -13942,6 +14452,7 @@ CVE-2017-5638 - https://github.com/ggolawski/struts-rce CVE-2017-5638 - https://github.com/gmu-swe/rivulet CVE-2017-5638 - https://github.com/gobysec/Goby CVE-2017-5638 - https://github.com/gsfish/S2-Reaper +CVE-2017-5638 - https://github.com/hellochunqiu/PayloadsAllTheThings CVE-2017-5638 - https://github.com/hktalent/myhktools CVE-2017-5638 - https://github.com/homjxi0e/CVE-2017-5638 CVE-2017-5638 - https://github.com/hook-s3c/CVE-2018-11776-Python-PoC @@ -13955,6 +14466,7 @@ CVE-2017-5638 - https://github.com/jpacora/Struts2Shell CVE-2017-5638 - https://github.com/jrrdev/cve-2017-5638 CVE-2017-5638 - https://github.com/jrrombaldo/CVE-2017-5638 CVE-2017-5638 - https://github.com/kk98kk0/Payloads +CVE-2017-5638 - https://github.com/ksw9722/PayloadsAllTheThings CVE-2017-5638 - https://github.com/kyawthiha7/pentest-methodology CVE-2017-5638 - https://github.com/leandrocamposcardoso/CVE-2017-5638-Mass-Exploit CVE-2017-5638 - https://github.com/lizhi16/CVE-2017-5638 @@ -13964,7 +14476,9 @@ CVE-2017-5638 - https://github.com/mazen160/struts-pwn CVE-2017-5638 - https://github.com/mcassano/cve-2017-5638 CVE-2017-5638 - https://github.com/mike-williams/Struts2Vuln CVE-2017-5638 - https://github.com/milkdevil/jexboss +CVE-2017-5638 - https://github.com/mrhacker51/ReverseShellCommands CVE-2017-5638 - https://github.com/mthbernardes/strutszeiro +CVE-2017-5638 - https://github.com/nevidimk0/PayloadsAllTheThings CVE-2017-5638 - https://github.com/nightfallai/pii-leak-prevention-guide CVE-2017-5638 - https://github.com/nixawk/labs CVE-2017-5638 - https://github.com/oktavianto/CVE-2017-5638-Apache-Struts2 @@ -13993,14 +14507,17 @@ CVE-2017-5638 - https://github.com/shawnmckinney/remote-code-execution-sample CVE-2017-5638 - https://github.com/sjitech/test_struts2_vulnerability_CVE-2017-5638 CVE-2017-5638 - https://github.com/sobinge/--1 CVE-2017-5638 - https://github.com/sobinge/PayloadsAllTheThings +CVE-2017-5638 - https://github.com/sobinge/PayloadsAllThesobinge CVE-2017-5638 - https://github.com/sobinge/nuclei-templates CVE-2017-5638 - https://github.com/tahmed11/strutsy +CVE-2017-5638 - https://github.com/tdcoming/Vulnerability-engine CVE-2017-5638 - https://github.com/trapp3rhat/CVE-shellshock CVE-2017-5638 - https://github.com/tsheth/JavaStruts-App-Terraform CVE-2017-5638 - https://github.com/unusualwork/Sn1per CVE-2017-5638 - https://github.com/wangeradd1/MyPyExploit CVE-2017-5638 - https://github.com/whoadmin/pocs CVE-2017-5638 - https://github.com/win3zz/CVE-2017-5638 +CVE-2017-5638 - https://github.com/winterwolf32/PayloadsAllTheThings CVE-2017-5638 - https://github.com/woods-sega/woodswiki CVE-2017-5638 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-5638 - https://github.com/xsscx/cve-2017-5638 @@ -14024,11 +14541,17 @@ CVE-2017-5645 - https://github.com/ltslog/ltslog CVE-2017-5645 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2017-5645 - https://github.com/p1ay8y3ar/cve_monitor CVE-2017-5645 - https://github.com/pimps/CVE-2017-5645 +CVE-2017-5645 - https://github.com/shadow-horse/CVE-2019-17571 CVE-2017-5645 - https://github.com/thl-cmk/CVE-log4j-check_mk-plugin CVE-2017-5645 - https://github.com/woods-sega/woodswiki CVE-2017-5645 - https://github.com/zema1/oracle-vuln-crawler +CVE-2017-5647 - https://github.com/ilmari666/cybsec CVE-2017-5648 - https://github.com/dkiser/vulners-yum-scanner +CVE-2017-5648 - https://github.com/ilmari666/cybsec +CVE-2017-5650 - https://github.com/ilmari666/cybsec +CVE-2017-5651 - https://github.com/ilmari666/cybsec CVE-2017-5664 - https://github.com/dkiser/vulners-yum-scanner +CVE-2017-5664 - https://github.com/ilmari666/cybsec CVE-2017-5665 - https://github.com/andir/nixos-issue-db-example CVE-2017-5665 - https://github.com/mrash/afl-cve CVE-2017-5666 - https://github.com/andir/nixos-issue-db-example @@ -14277,7 +14800,10 @@ CVE-2017-5899 - https://github.com/bcoles/local-exploits CVE-2017-5924 - https://github.com/wcventure/UAF-Fuzzer-TestSuite CVE-2017-5929 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2017-5929 - https://github.com/fergarrui/exploits +CVE-2017-5929 - https://github.com/ilmari666/cybsec +CVE-2017-5929 - https://github.com/yahoo/cubed CVE-2017-5933 - https://github.com/nonce-disrespect/nonce-disrespect +CVE-2017-5941 - https://github.com/gitaalekhyapaul/vuln-app CVE-2017-5946 - https://github.com/innoq/security_report CVE-2017-5947 - https://github.com/beerisgood/Smartphone_Security CVE-2017-5948 - https://github.com/qazbnm456/awesome-cve-poc @@ -14469,6 +14995,7 @@ CVE-2017-6817 - https://github.com/NoahMarwitz/CodePath-Week-7 CVE-2017-6817 - https://github.com/alexanderkoz/Web-Security-Week-7-Project-WordPress-vs.-Kali CVE-2017-6817 - https://github.com/and-aleksandrov/wordpress CVE-2017-6817 - https://github.com/breindy/Week7-WordPress-Pentesting +CVE-2017-6817 - https://github.com/christiancastro1/Codepath-Week-7-8-Assignement CVE-2017-6817 - https://github.com/drsh0x2/WebSec-Week7 CVE-2017-6817 - https://github.com/ftruncale/Codepath-Week-7 CVE-2017-6817 - https://github.com/hughiednguyen/cybersec_kali_vs_old_wp_p7 @@ -14477,6 +15004,7 @@ CVE-2017-6817 - https://github.com/jguerrero12/WordPress-Pentesting CVE-2017-6817 - https://github.com/krushang598/Cybersecurity-Week-7-and-8 CVE-2017-6817 - https://github.com/natlarks/Week7-WordPressPentesting CVE-2017-6817 - https://github.com/oleksandrbi/CodePathweek7 +CVE-2017-6817 - https://github.com/pshrest001/Week-7-and-8-Codepath CVE-2017-6817 - https://github.com/sammanthp007/WordPress-Pentesting CVE-2017-6817 - https://github.com/smfils1/Cybersecurity-WordPress-Pentesting CVE-2017-6817 - https://github.com/zyeri/wordpress-pentesting @@ -14618,10 +15146,13 @@ CVE-2017-7186 - https://github.com/yfoelling/yair CVE-2017-7187 - https://github.com/thdusdl1219/CVE-Study CVE-2017-7188 - https://github.com/faizzaidi/Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC CVE-2017-7199 - https://github.com/rasta-mouse/Sherlock +CVE-2017-7199 - https://github.com/x3419/Penrose CVE-2017-7219 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-7219 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-7228 - https://github.com/jhembree/IACapstone +CVE-2017-7233 - https://github.com/Crossroadsman/treehouse-techdegree-python-project9 CVE-2017-7233 - https://github.com/leoChristofoli/CRUD-170406 +CVE-2017-7234 - https://github.com/Crossroadsman/treehouse-techdegree-python-project9 CVE-2017-7234 - https://github.com/leoChristofoli/CRUD-170406 CVE-2017-7244 - https://github.com/yfoelling/yair CVE-2017-7245 - https://github.com/flyrev/security-scan-ci-presentation @@ -14639,6 +15170,7 @@ CVE-2017-7269 - https://github.com/Ang31D/deobfuscation CVE-2017-7269 - https://github.com/CnHack3r/Penetration_PoC CVE-2017-7269 - https://github.com/DynamicDesignz/Alien-Framework CVE-2017-7269 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2017-7269 - https://github.com/FDlucifer/firece-fish CVE-2017-7269 - https://github.com/H0j3n/EzpzCheatSheet CVE-2017-7269 - https://github.com/HacTF/poc--exp CVE-2017-7269 - https://github.com/Mr-xn/Penetration_Testing_POC @@ -14648,6 +15180,7 @@ CVE-2017-7269 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2017-7269 - https://github.com/admintony/CollectionOfExp CVE-2017-7269 - https://github.com/amcai/myscan CVE-2017-7269 - https://github.com/caicai1355/CVE-2017-7269-exploit +CVE-2017-7269 - https://github.com/chalern/Pentest-Tools CVE-2017-7269 - https://github.com/danigargu/explodingcan CVE-2017-7269 - https://github.com/dayaramb/dayaramb.github.io CVE-2017-7269 - https://github.com/dmmcoco/explodingcan-checker @@ -14659,6 +15192,7 @@ CVE-2017-7269 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2017-7269 - https://github.com/homjxi0e/cve-2017-7269 CVE-2017-7269 - https://github.com/huike007/penetration_poc CVE-2017-7269 - https://github.com/huike007/poc +CVE-2017-7269 - https://github.com/jaychouzzk/- CVE-2017-7269 - https://github.com/jrrombaldo/CVE-2017-7269 CVE-2017-7269 - https://github.com/lcatro/CVE-2017-7269-Echo-PoC CVE-2017-7269 - https://github.com/morkin1792/security-tests @@ -14718,6 +15252,7 @@ CVE-2017-7308 - https://github.com/QChiLan/linux-exp CVE-2017-7308 - https://github.com/R0B1NL1N/Linux-Kernal-Exploits-m- CVE-2017-7308 - https://github.com/R0B1NL1N/Linux-Kernel-Exploites CVE-2017-7308 - https://github.com/R0B1NL1N/linux-kernel-exploitation +CVE-2017-7308 - https://github.com/RLee063/RLee063 CVE-2017-7308 - https://github.com/SecWiki/linux-kernel-exploits CVE-2017-7308 - https://github.com/Shadowshusky/linux-kernel-exploits CVE-2017-7308 - https://github.com/Singlea-lyh/linux-kernel-exploits @@ -14756,6 +15291,7 @@ CVE-2017-7308 - https://github.com/xssfile/linux-kernel-exploits CVE-2017-7308 - https://github.com/yige666/linux-kernel-exploits CVE-2017-7308 - https://github.com/zyjsuper/linux-kernel-exploits CVE-2017-7311 - https://github.com/vah13/SAP_vulnerabilities +CVE-2017-7317 - https://github.com/V1n1v131r4/HGB10R-2 CVE-2017-7344 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-7344 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-7346 - https://github.com/thdusdl1219/CVE-Study @@ -14792,6 +15328,7 @@ CVE-2017-7442 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-7442 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-7472 - https://github.com/homjxi0e/CVE-2017-7472 CVE-2017-7472 - https://github.com/thdusdl1219/CVE-Study +CVE-2017-7475 - https://github.com/facebookincubator/meta-fbvuln CVE-2017-7475 - https://github.com/mrash/afl-cve CVE-2017-7476 - https://github.com/mrash/afl-cve CVE-2017-7477 - https://github.com/thdusdl1219/CVE-Study @@ -14821,6 +15358,7 @@ CVE-2017-7494 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2017-7494 - https://github.com/QChiLan/linux-exp CVE-2017-7494 - https://github.com/R0B1NL1N/Linux-Kernal-Exploits-m- CVE-2017-7494 - https://github.com/R0B1NL1N/Linux-Kernel-Exploites +CVE-2017-7494 - https://github.com/RyanNgCT/EH-Assignment CVE-2017-7494 - https://github.com/S3cur3Th1sSh1t/Pentest-Tools CVE-2017-7494 - https://github.com/SecWiki/linux-kernel-exploits CVE-2017-7494 - https://github.com/Sep0lkit/el5-ELS @@ -14860,6 +15398,7 @@ CVE-2017-7494 - https://github.com/huangzhe312/pentest CVE-2017-7494 - https://github.com/incredible1yu/CVE-2017-7494 CVE-2017-7494 - https://github.com/infosecmahi/AWeSome_Pentest CVE-2017-7494 - https://github.com/infosecmahi/awesome-pentest +CVE-2017-7494 - https://github.com/jklinges14/Cyber-Security-Final-Project CVE-2017-7494 - https://github.com/joxeankoret/CVE-2017-7494 CVE-2017-7494 - https://github.com/kumardineshwar/linux-kernel-exploits CVE-2017-7494 - https://github.com/lolici123/ScriptsAndCommands @@ -14881,11 +15420,13 @@ CVE-2017-7494 - https://github.com/rakjong/LinuxElevation CVE-2017-7494 - https://github.com/rikosintie/nmap-python CVE-2017-7494 - https://github.com/roninAPT/pentest-kit CVE-2017-7494 - https://github.com/seaunderwater/MHN-Honeypots +CVE-2017-7494 - https://github.com/severnake/Pentest-Tools CVE-2017-7494 - https://github.com/severnake/awesome-pentest CVE-2017-7494 - https://github.com/sgxguru/awesome-pentest CVE-2017-7494 - https://github.com/shayezkarim/pentest CVE-2017-7494 - https://github.com/taielab/awesome-hacking-lists CVE-2017-7494 - https://github.com/thanshurc/awesome-pentest +CVE-2017-7494 - https://github.com/the-aerospace-corporation/counter-reconnaissance-program CVE-2017-7494 - https://github.com/theyoge/AD-Pentesting-Tools CVE-2017-7494 - https://github.com/val922/cyb3r53cur1ty CVE-2017-7494 - https://github.com/valarauco/wannafind @@ -14911,8 +15452,10 @@ CVE-2017-7504 - https://github.com/koutto/jok3r-pocs CVE-2017-7504 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2017-7504 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-7504 - https://github.com/r0eXpeR/redteam_vul +CVE-2017-7504 - https://github.com/tdcoming/Vulnerability-engine CVE-2017-7504 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-7525 - https://github.com/0xT11/CVE-POC +CVE-2017-7525 - https://github.com/CatalanCabbage/king-of-pop CVE-2017-7525 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2017-7525 - https://github.com/GrrrDog/ZeroNights-WebVillage-2017 CVE-2017-7525 - https://github.com/Nazicc/S2-055 @@ -14922,8 +15465,10 @@ CVE-2017-7525 - https://github.com/SecureSkyTechnology/study-struts2-s2-054_055- CVE-2017-7525 - https://github.com/SexyBeast233/SecBooks CVE-2017-7525 - https://github.com/SugarP1g/LearningSecurity CVE-2017-7525 - https://github.com/dotanuki-labs/android-oss-cves-research +CVE-2017-7525 - https://github.com/galimba/Jackson-deserialization-PoC CVE-2017-7525 - https://github.com/hectorgie/PoC-in-GitHub CVE-2017-7525 - https://github.com/hktalent/myhktools +CVE-2017-7525 - https://github.com/ilmari666/cybsec CVE-2017-7525 - https://github.com/ilmila/J2EEScan CVE-2017-7525 - https://github.com/irsl/jackson-rce-via-spel CVE-2017-7525 - https://github.com/klarna/kco_rest_java @@ -14937,6 +15482,7 @@ CVE-2017-7525 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-7525 - https://github.com/taielab/awesome-hacking-lists CVE-2017-7525 - https://github.com/woods-sega/woodswiki CVE-2017-7525 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2017-7525 - https://github.com/yahoo/cubed CVE-2017-7525 - https://github.com/zema1/oracle-vuln-crawler CVE-2017-7526 - https://github.com/garethr/findcve CVE-2017-7529 - https://github.com/0day666/Vulnerability-verification @@ -14955,6 +15501,7 @@ CVE-2017-7529 - https://github.com/medeirosvf/-exerc-cio-extra-2017-08-08.md- CVE-2017-7529 - https://github.com/nihaohello/N-MiddlewareScan CVE-2017-7529 - https://github.com/p1ay8y3ar/cve_monitor CVE-2017-7529 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2017-7529 - https://github.com/tdcoming/Vulnerability-engine CVE-2017-7529 - https://github.com/woods-sega/woodswiki CVE-2017-7529 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-7529 - https://github.com/y1ng1996/w8scan @@ -14965,6 +15512,7 @@ CVE-2017-7533 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-7533 - https://github.com/shankarapailoor/moonshine CVE-2017-7533 - https://github.com/thdusdl1219/CVE-Study CVE-2017-7533 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2017-7536 - https://github.com/ilmari666/cybsec CVE-2017-7541 - https://github.com/freener/pocs CVE-2017-7541 - https://github.com/thdusdl1219/CVE-Study CVE-2017-7542 - https://github.com/thdusdl1219/CVE-Study @@ -14989,6 +15537,7 @@ CVE-2017-7602 - https://github.com/mudongliang/LinuxFlaw CVE-2017-7602 - https://github.com/oneoy/cve- CVE-2017-7606 - https://github.com/mudongliang/LinuxFlaw CVE-2017-7606 - https://github.com/oneoy/cve- +CVE-2017-7614 - https://github.com/KorayAgaya/TrivyWeb CVE-2017-7614 - https://github.com/siddharthraopotukuchi/trivy CVE-2017-7614 - https://github.com/simiyo/trivy CVE-2017-7614 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers @@ -15012,6 +15561,8 @@ CVE-2017-7651 - https://github.com/andir/nixos-issue-db-example CVE-2017-7652 - https://github.com/andir/nixos-issue-db-example CVE-2017-7653 - https://github.com/andir/nixos-issue-db-example CVE-2017-7654 - https://github.com/andir/nixos-issue-db-example +CVE-2017-7657 - https://github.com/yahoo/cubed +CVE-2017-7658 - https://github.com/yahoo/cubed CVE-2017-7659 - https://github.com/google/honggfuzz CVE-2017-7659 - https://github.com/r3p3r/nixawk-honggfuzz CVE-2017-7668 - https://github.com/gyoisamurai/GyoiThon @@ -15024,6 +15575,8 @@ CVE-2017-7668 - https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough CVE-2017-7668 - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough CVE-2017-7668 - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough CVE-2017-7672 - https://github.com/PEAKWEI/WsylibBookRS +CVE-2017-7674 - https://github.com/ilmari666/cybsec +CVE-2017-7675 - https://github.com/ilmari666/cybsec CVE-2017-7679 - https://github.com/DynamicDesignz/Alien-Framework CVE-2017-7679 - https://github.com/averna-syd/Shodan CVE-2017-7679 - https://github.com/flipkart-incubator/watchdog @@ -15036,6 +15589,8 @@ CVE-2017-7679 - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough CVE-2017-7696 - https://github.com/vah13/SAP_vulnerabilities CVE-2017-7698 - https://github.com/0ca/swftools_crashes CVE-2017-7698 - https://github.com/andir/nixos-issue-db-example +CVE-2017-7784 - https://github.com/ZihanYe/web-browser-vulnerabilities +CVE-2017-7828 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2017-7874 - https://github.com/xyongcn/exploit CVE-2017-7881 - https://github.com/bigtreecms/BigTree-CMS CVE-2017-7889 - https://github.com/thdusdl1219/CVE-Study @@ -15070,6 +15625,7 @@ CVE-2017-8046 - https://github.com/SecureSkyTechnology/study-struts2-s2-054_055- CVE-2017-8046 - https://github.com/SexyBeast233/SecBooks CVE-2017-8046 - https://github.com/Soontao/CVE-2017-8046-DEMO CVE-2017-8046 - https://github.com/holisticon/hack-yourself +CVE-2017-8046 - https://github.com/ilmari666/cybsec CVE-2017-8046 - https://github.com/ilmila/J2EEScan CVE-2017-8046 - https://github.com/jkutner/spring-break-cve-2017-8046 CVE-2017-8046 - https://github.com/m3ssap0/SpringBreakVulnerableApp @@ -15188,6 +15744,7 @@ CVE-2017-8414 - https://github.com/ethanhunnt/IoT_vulnerabilities CVE-2017-8415 - https://github.com/ethanhunnt/IoT_vulnerabilities CVE-2017-8416 - https://github.com/ethanhunnt/IoT_vulnerabilities CVE-2017-8417 - https://github.com/ethanhunnt/IoT_vulnerabilities +CVE-2017-8421 - https://github.com/KorayAgaya/TrivyWeb CVE-2017-8421 - https://github.com/siddharthraopotukuchi/trivy CVE-2017-8421 - https://github.com/simiyo/trivy CVE-2017-8421 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers @@ -15198,6 +15755,7 @@ CVE-2017-8461 - https://github.com/aRustyDev/C844 CVE-2017-8461 - https://github.com/peterpt/eternal_check CVE-2017-8464 - https://github.com/3gstudent/CVE-2017-8464-EXP CVE-2017-8464 - https://github.com/Al1ex/WindowsElevation +CVE-2017-8464 - https://github.com/Apri1y/Red-Team-links CVE-2017-8464 - https://github.com/Ascotbe/Kernelhub CVE-2017-8464 - https://github.com/B-coder-code/Bill CVE-2017-8464 - https://github.com/Echocipher/Resource-list @@ -15225,8 +15783,11 @@ CVE-2017-8464 - https://github.com/distance-vector/window-kernel-exp CVE-2017-8464 - https://github.com/fei9747/WindowsElevation CVE-2017-8464 - https://github.com/fortify24x7/FuzzySecurity-PowerShell-Suite CVE-2017-8464 - https://github.com/geeksniper/windows-privilege-escalation +CVE-2017-8464 - https://github.com/hudunkey/Red-Team-links +CVE-2017-8464 - https://github.com/john-80/-007 CVE-2017-8464 - https://github.com/klsfct/getshell CVE-2017-8464 - https://github.com/likescam/Red-Teaming-Toolkit_all_pentests +CVE-2017-8464 - https://github.com/lp008/Hack-readme CVE-2017-8464 - https://github.com/m0mkris/windows-kernel-exploits CVE-2017-8464 - https://github.com/mishmashclone/SecWiki-windows-kernel-exploits CVE-2017-8464 - https://github.com/n8v79a/exploit @@ -15244,10 +15805,12 @@ CVE-2017-8464 - https://github.com/root26/bug CVE-2017-8464 - https://github.com/safesword/WindowsExp CVE-2017-8464 - https://github.com/securifybv/ShellLink CVE-2017-8464 - https://github.com/shakenetwork/PowerShell-Suite +CVE-2017-8464 - https://github.com/slimdaddy/RedTeam CVE-2017-8464 - https://github.com/valentinoJones/Windows-Kernel-Exploits CVE-2017-8464 - https://github.com/welove88888/cve CVE-2017-8464 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-8464 - https://github.com/xfinest/windows-kernel-exploits +CVE-2017-8464 - https://github.com/xiaoZ-hc/redtool CVE-2017-8464 - https://github.com/xiaoy-sec/Pentest_Note CVE-2017-8464 - https://github.com/xssfile/CVE-2017-8464-EXP CVE-2017-8464 - https://github.com/xssfile/windows-kernel-exploits @@ -15269,6 +15832,12 @@ CVE-2017-8496 - https://github.com/LyleMi/dom-vuln-db CVE-2017-8496 - https://github.com/googleprojectzero/domato CVE-2017-8499 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-8499 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2017-8514 - https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups +CVE-2017-8514 - https://github.com/Saidul-M-Khan/Awesome-Bugbounty-Writeups +CVE-2017-8514 - https://github.com/ajino2k/Awesome-Bugbounty-Writeups +CVE-2017-8514 - https://github.com/blitz-cmd/Bugbounty-writeups +CVE-2017-8514 - https://github.com/bot8080/awesomeBugbounty +CVE-2017-8514 - https://github.com/deadcyph3r/Awesome-Collection CVE-2017-8514 - https://github.com/devanshbatham/Awesome-Bugbounty-Writeups CVE-2017-8514 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-8514 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 @@ -15290,10 +15859,12 @@ CVE-2017-8548 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-8549 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-8549 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-8563 - https://github.com/zyn3rgy/LdapRelayScan +CVE-2017-8565 - https://github.com/NHPT/ysoserial.net CVE-2017-8565 - https://github.com/cyberheartmi9/ysoserial.net CVE-2017-8565 - https://github.com/incredibleindishell/ysoserial.net-complied CVE-2017-8565 - https://github.com/pwntester/ysoserial.net CVE-2017-8565 - https://github.com/zyanfx/SafeDeserializationHelpers +CVE-2017-8570 - https://github.com/Apri1y/Red-Team-links CVE-2017-8570 - https://github.com/CrackerCat/Kernel-Security-Development CVE-2017-8570 - https://github.com/Echocipher/Resource-list CVE-2017-8570 - https://github.com/ExpLife0011/awesome-windows-kernel-security-development @@ -15307,9 +15878,12 @@ CVE-2017-8570 - https://github.com/SwordSheath/CVE-2017-8570 CVE-2017-8570 - https://github.com/gold1029/Red-Teaming-Toolkit CVE-2017-8570 - https://github.com/houjingyi233/office-exploit-case-study CVE-2017-8570 - https://github.com/howknows/awesome-windows-security-development +CVE-2017-8570 - https://github.com/hudunkey/Red-Team-links +CVE-2017-8570 - https://github.com/john-80/-007 CVE-2017-8570 - https://github.com/likescam/Red-Teaming-Toolkit CVE-2017-8570 - https://github.com/likescam/Red-Teaming-Toolkit_all_pentests CVE-2017-8570 - https://github.com/liuhe3647/Windows +CVE-2017-8570 - https://github.com/lp008/Hack-readme CVE-2017-8570 - https://github.com/mucahittopal/Pentesting-Pratic-Notes CVE-2017-8570 - https://github.com/nccgroup/CVE-2017-8759 CVE-2017-8570 - https://github.com/nitishbadole/pentesting_Notes @@ -15319,9 +15893,11 @@ CVE-2017-8570 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-8570 - https://github.com/qiantu88/office-cve CVE-2017-8570 - https://github.com/rxwx/CVE-2017-8570 CVE-2017-8570 - https://github.com/shr3ddersec/Shr3dKit +CVE-2017-8570 - https://github.com/slimdaddy/RedTeam CVE-2017-8570 - https://github.com/temesgeny/ppsx-file-generator CVE-2017-8570 - https://github.com/tezukanice/Office8570 CVE-2017-8570 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2017-8570 - https://github.com/xiaoZ-hc/redtool CVE-2017-8594 - https://github.com/googleprojectzero/domato CVE-2017-8596 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-8596 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 @@ -15370,6 +15946,7 @@ CVE-2017-8625 - https://github.com/aliyavalieva/RedTeam CVE-2017-8625 - https://github.com/aymankhder/PENTESTING-BIBLE2 CVE-2017-8625 - https://github.com/bjknbrrr/PENTESTING-BIBLE CVE-2017-8625 - https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE +CVE-2017-8625 - https://github.com/bohops/UltimateWDACBypassList CVE-2017-8625 - https://github.com/codereveryday/Programming-Hacking-Resources CVE-2017-8625 - https://github.com/erSubhashThapa/pentest-bible CVE-2017-8625 - https://github.com/gacontuyenchien1/Security @@ -15475,6 +16052,7 @@ CVE-2017-8715 - https://github.com/Tracehowler/Bible CVE-2017-8715 - https://github.com/aymankhder/PENTESTING-BIBLE2 CVE-2017-8715 - https://github.com/bjknbrrr/PENTESTING-BIBLE CVE-2017-8715 - https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE +CVE-2017-8715 - https://github.com/bohops/UltimateWDACBypassList CVE-2017-8715 - https://github.com/codereveryday/Programming-Hacking-Resources CVE-2017-8715 - https://github.com/erSubhashThapa/pentest-bible CVE-2017-8715 - https://github.com/gacontuyenchien1/Security @@ -15512,8 +16090,10 @@ CVE-2017-8755 - https://github.com/tunz/js-vuln-db CVE-2017-8755 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-8756 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-8756 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2017-8759 - https://github.com/Apri1y/Red-Team-links CVE-2017-8759 - https://github.com/BasuCert/CVE-2017-8759 CVE-2017-8759 - https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections +CVE-2017-8759 - https://github.com/CyberSift/CyberSift-Alerts CVE-2017-8759 - https://github.com/Echocipher/Resource-list CVE-2017-8759 - https://github.com/FlatL1neAPT/MS-Office CVE-2017-8759 - https://github.com/GitHubAssessments/CVE_Assessments_01_2020 @@ -15529,8 +16109,10 @@ CVE-2017-8759 - https://github.com/eric-erki/APT_CyberCriminal_Campagin_Collecti CVE-2017-8759 - https://github.com/gold1029/Red-Teaming-Toolkit CVE-2017-8759 - https://github.com/homjxi0e/CVE-2017-8759_-SOAP_WSDL CVE-2017-8759 - https://github.com/houjingyi233/office-exploit-case-study +CVE-2017-8759 - https://github.com/hudunkey/Red-Team-links CVE-2017-8759 - https://github.com/iwarsong/apt CVE-2017-8759 - https://github.com/jacobsoo/RTF-Cleaner +CVE-2017-8759 - https://github.com/john-80/-007 CVE-2017-8759 - https://github.com/jvdroit/APT_CyberCriminal_Campagin_Collections CVE-2017-8759 - https://github.com/kbandla/APTnotes CVE-2017-8759 - https://github.com/l0n3rs/CVE-2017-8759 @@ -15538,6 +16120,7 @@ CVE-2017-8759 - https://github.com/likescam/APT_CyberCriminal_Campagin_Collectio CVE-2017-8759 - https://github.com/likescam/CyberMonitor-APT_CyberCriminal_Campagin_Collections CVE-2017-8759 - https://github.com/likescam/Red-Teaming-Toolkit CVE-2017-8759 - https://github.com/likescam/Red-Teaming-Toolkit_all_pentests +CVE-2017-8759 - https://github.com/lp008/Hack-readme CVE-2017-8759 - https://github.com/mucahittopal/Pentesting-Pratic-Notes CVE-2017-8759 - https://github.com/nccgroup/CVE-2017-8759 CVE-2017-8759 - https://github.com/nitishbadole/pentesting_Notes @@ -15546,10 +16129,12 @@ CVE-2017-8759 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-8759 - https://github.com/qiantu88/office-cve CVE-2017-8759 - https://github.com/r3p3r/yeyintminthuhtut-Awesome-Red-Teaming CVE-2017-8759 - https://github.com/shr3ddersec/Shr3dKit +CVE-2017-8759 - https://github.com/slimdaddy/RedTeam CVE-2017-8759 - https://github.com/sumas/APT_CyberCriminal_Campagin_Collections CVE-2017-8759 - https://github.com/vysecurity/CVE-2017-8759 CVE-2017-8759 - https://github.com/willyb321/willyb321-stars CVE-2017-8759 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2017-8759 - https://github.com/xiaoZ-hc/redtool CVE-2017-8760 - https://github.com/Voraka/cve-2017-8760 CVE-2017-8779 - https://github.com/andir/nixos-issue-db-example CVE-2017-8779 - https://github.com/c0decave/Exploits_DoS @@ -15752,6 +16337,12 @@ CVE-2017-9206 - https://github.com/oneoy/cve- CVE-2017-9207 - https://github.com/mudongliang/LinuxFlaw CVE-2017-9207 - https://github.com/oneoy/cve- CVE-2017-9211 - https://github.com/thdusdl1219/CVE-Study +CVE-2017-9224 - https://github.com/onivim/esy-oniguruma +CVE-2017-9225 - https://github.com/onivim/esy-oniguruma +CVE-2017-9226 - https://github.com/onivim/esy-oniguruma +CVE-2017-9227 - https://github.com/onivim/esy-oniguruma +CVE-2017-9228 - https://github.com/onivim/esy-oniguruma +CVE-2017-9229 - https://github.com/onivim/esy-oniguruma CVE-2017-9239 - https://github.com/andir/nixos-issue-db-example CVE-2017-9242 - https://github.com/thdusdl1219/CVE-Study CVE-2017-9248 - https://github.com/Gutem/scans-exploits @@ -15765,6 +16356,8 @@ CVE-2017-9248 - https://github.com/hantwister/sites-compromised-20170625-foi CVE-2017-9248 - https://github.com/ictnamanh/CVE-2017-9248 CVE-2017-9248 - https://github.com/shacojx/dp CVE-2017-9288 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2017-9304 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2017-9304 - https://github.com/tzf-key/MemLock_Benchmark CVE-2017-9363 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2017-9380 - https://github.com/Hacker5preme/Exploits CVE-2017-9381 - https://github.com/ethanhunnt/IoT_vulnerabilities @@ -15787,13 +16380,17 @@ CVE-2017-9417 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-9430 - https://github.com/andir/nixos-issue-db-example CVE-2017-9430 - https://github.com/homjxi0e/CVE-2017-9430 CVE-2017-9430 - https://github.com/j0lama/Dnstracer-1.9-Fix +CVE-2017-9438 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2017-9438 - https://github.com/tzf-key/MemLock_Benchmark CVE-2017-9476 - https://github.com/soxrok2212/PSKracker CVE-2017-9476 - https://github.com/wiire-a/CVE-2017-9476 +CVE-2017-9506 - https://github.com/0x48piraj/Jiraffe CVE-2017-9506 - https://github.com/ARPSyndicate/kenzer-templates CVE-2017-9506 - https://github.com/Elsfa7-110/kenzer-templates CVE-2017-9506 - https://github.com/assetnote/blind-ssrf-chains CVE-2017-9506 - https://github.com/random-robbie/Jira-Scan CVE-2017-9506 - https://github.com/sobinge/nuclei-templates +CVE-2017-9506 - https://github.com/sushantdhopat/JIRA_testing CVE-2017-9524 - https://github.com/dkiser/vulners-yum-scanner CVE-2017-9544 - https://github.com/adenkiewicz/CVE-2017-9544 CVE-2017-9554 - https://github.com/Ez0-yf/CVE-2017-9554-Exploit-Tool @@ -15843,6 +16440,7 @@ CVE-2017-9791 - https://github.com/SexyBeast233/SecBooks CVE-2017-9791 - https://github.com/atdpa4sw0rd/Experience-library CVE-2017-9791 - https://github.com/binfed/cms-exp CVE-2017-9791 - https://github.com/copperfieldd/CMS-Hunter +CVE-2017-9791 - https://github.com/djschleen/ash CVE-2017-9791 - https://github.com/dragoneeg/Struts2-048 CVE-2017-9791 - https://github.com/hktalent/myhktools CVE-2017-9791 - https://github.com/jas502n/st2-048 @@ -15851,6 +16449,7 @@ CVE-2017-9791 - https://github.com/nixawk/labs CVE-2017-9791 - https://github.com/oneplus-x/MS17-010 CVE-2017-9791 - https://github.com/qazbnm456/awesome-cve-poc CVE-2017-9791 - https://github.com/shuanx/vulnerability +CVE-2017-9791 - https://github.com/tdcoming/Vulnerability-engine CVE-2017-9791 - https://github.com/woods-sega/woodswiki CVE-2017-9791 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-9791 - https://github.com/xfer0/CVE-2017-9791 @@ -15879,14 +16478,17 @@ CVE-2017-9805 - https://github.com/84KaliPleXon3/Payloads_All_The_Things CVE-2017-9805 - https://github.com/ARPSyndicate/kenzer-templates CVE-2017-9805 - https://github.com/BeyondCy/S2-052 CVE-2017-9805 - https://github.com/Cyberleet1337/Payloadswebhack +CVE-2017-9805 - https://github.com/Delishsploits/PayloadsAndMethodology CVE-2017-9805 - https://github.com/DynamicDesignz/Alien-Framework CVE-2017-9805 - https://github.com/Elsfa7-110/kenzer-templates CVE-2017-9805 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet +CVE-2017-9805 - https://github.com/GuynnR/Payloads CVE-2017-9805 - https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups CVE-2017-9805 - https://github.com/Jean-Francois-C/Windows-Penetration-Testing CVE-2017-9805 - https://github.com/LearnGolang/LearnGolang CVE-2017-9805 - https://github.com/Lone-Ranger/apache-struts-pwn_CVE-2017-9805 CVE-2017-9805 - https://github.com/Muhammd/Awesome-Payloads +CVE-2017-9805 - https://github.com/Nieuport/PayloadsAllTheThings CVE-2017-9805 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2017-9805 - https://github.com/Prodject/Kn0ck CVE-2017-9805 - https://github.com/Ra7mo0on/PayloadsAllTheThings @@ -15898,20 +16500,26 @@ CVE-2017-9805 - https://github.com/ZarvisD/Struts2_rce_XStream_Plugin CVE-2017-9805 - https://github.com/albinowax/ActiveScanPlusPlus CVE-2017-9805 - https://github.com/andrysec/PayloadsAllVulnerability CVE-2017-9805 - https://github.com/anhtu97/PayloadAllEverything +CVE-2017-9805 - https://github.com/apkadmin/PayLoadsAll CVE-2017-9805 - https://github.com/aylincetin/PayloadsAllTheThings +CVE-2017-9805 - https://github.com/chanchalpatra/payload CVE-2017-9805 - https://github.com/chrisjd20/cve-2017-9805.py CVE-2017-9805 - https://github.com/cyjaysun/S2-052 CVE-2017-9805 - https://github.com/digitalencoding/HHC2017 CVE-2017-9805 - https://github.com/freddyfernando/News CVE-2017-9805 - https://github.com/hahwul/struts2-rce-cve-2017-9805-ruby +CVE-2017-9805 - https://github.com/hellochunqiu/PayloadsAllTheThings CVE-2017-9805 - https://github.com/hktalent/myhktools CVE-2017-9805 - https://github.com/khodges42/Etrata CVE-2017-9805 - https://github.com/kk98kk0/Payloads CVE-2017-9805 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2017-9805 - https://github.com/koutto/jok3r-pocs +CVE-2017-9805 - https://github.com/ksw9722/PayloadsAllTheThings CVE-2017-9805 - https://github.com/luc10/struts-rce-cve-2017-9805 CVE-2017-9805 - https://github.com/mazen160/struts-pwn_CVE-2017-9805 CVE-2017-9805 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +CVE-2017-9805 - https://github.com/mrhacker51/ReverseShellCommands +CVE-2017-9805 - https://github.com/nevidimk0/PayloadsAllTheThings CVE-2017-9805 - https://github.com/oneplus-x/Sn1per CVE-2017-9805 - https://github.com/ozkanbilge/Payloads CVE-2017-9805 - https://github.com/qazbnm456/awesome-cve-poc @@ -15919,9 +16527,12 @@ CVE-2017-9805 - https://github.com/s1kr10s/Apache-Struts-v4 CVE-2017-9805 - https://github.com/samba234/Sniper CVE-2017-9805 - https://github.com/sobinge/--1 CVE-2017-9805 - https://github.com/sobinge/PayloadsAllTheThings +CVE-2017-9805 - https://github.com/sobinge/PayloadsAllThesobinge +CVE-2017-9805 - https://github.com/tdcoming/Vulnerability-engine CVE-2017-9805 - https://github.com/unusualwork/Sn1per CVE-2017-9805 - https://github.com/vitapluvia/hhc-writeup-2017 CVE-2017-9805 - https://github.com/whoadmin/pocs +CVE-2017-9805 - https://github.com/winterwolf32/PayloadsAllTheThings CVE-2017-9805 - https://github.com/woods-sega/woodswiki CVE-2017-9805 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2017-9810 - https://github.com/lean0x2F/lean0x2f.github.io @@ -15930,6 +16541,7 @@ CVE-2017-9812 - https://github.com/lean0x2F/lean0x2f.github.io CVE-2017-9813 - https://github.com/lean0x2F/lean0x2f.github.io CVE-2017-9822 - https://github.com/ARPSyndicate/kenzer-templates CVE-2017-9822 - https://github.com/Jean-Francois-C/Windows-Penetration-Testing +CVE-2017-9822 - https://github.com/NHPT/ysoserial.net CVE-2017-9822 - https://github.com/incredibleindishell/ysoserial.net-complied CVE-2017-9822 - https://github.com/murataydemir/CVE-2017-9822 CVE-2017-9822 - https://github.com/pwntester/ysoserial.net @@ -16016,7 +16628,9 @@ CVE-2018-0114 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-0114 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-0114 - https://github.com/mishmashclone/ticarpi-jwt_tool CVE-2018-0114 - https://github.com/pinnace/burp-jwt-fuzzhelper-extension +CVE-2018-0114 - https://github.com/puckiestyle/jwt_tool CVE-2018-0114 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2018-0114 - https://github.com/scumdestroy/pentest-scripts-for-dangerous-boys CVE-2018-0114 - https://github.com/ticarpi/jwt_tool CVE-2018-0114 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-0114 - https://github.com/zi0Black/POC-CVE-2018-0114 @@ -16046,19 +16660,26 @@ CVE-2018-0288 - https://github.com/s-index/dora CVE-2018-0296 - https://github.com/0xT11/CVE-POC CVE-2018-0296 - https://github.com/3ndG4me/CVE-2020-3452-Exploit CVE-2018-0296 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2018-0296 - https://github.com/Apri1y/Red-Team-links CVE-2018-0296 - https://github.com/Echocipher/Resource-list CVE-2018-0296 - https://github.com/Elsfa7-110/kenzer-templates CVE-2018-0296 - https://github.com/GarnetSunset/CiscoIOSSNMPToolkit CVE-2018-0296 - https://github.com/bhenner1/CVE-2018-0296 CVE-2018-0296 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-0296 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-0296 - https://github.com/hudunkey/Red-Team-links CVE-2018-0296 - https://github.com/jacobsoo/HardwareWiki +CVE-2018-0296 - https://github.com/john-80/-007 +CVE-2018-0296 - https://github.com/lp008/Hack-readme CVE-2018-0296 - https://github.com/milo2012/CVE-2018-0296 CVE-2018-0296 - https://github.com/moli1369/cisco-user CVE-2018-0296 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2018-0296 - https://github.com/r0eXpeR/supplier CVE-2018-0296 - https://github.com/rudinyu/KB +CVE-2018-0296 - https://github.com/slimdaddy/RedTeam CVE-2018-0296 - https://github.com/sobinge/nuclei-templates CVE-2018-0296 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-0296 - https://github.com/xiaoZ-hc/redtool CVE-2018-0296 - https://github.com/yassineaboukir/CVE-2018-0296 CVE-2018-0324 - https://github.com/s-index/dora CVE-2018-0492 - https://github.com/qazbnm456/awesome-cve-poc @@ -16073,6 +16694,7 @@ CVE-2018-0624 - https://github.com/cranelab/exploit-development CVE-2018-0624 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-0624 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-0624 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2018-0694 - https://github.com/r0eXpeR/supplier CVE-2018-0708 - https://github.com/0xT11/CVE-POC CVE-2018-0708 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-0708 - https://github.com/hectorgie/PoC-in-GitHub @@ -16456,6 +17078,7 @@ CVE-2018-1000006 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-1000024 - https://github.com/andir/nixos-issue-db-example CVE-2018-1000027 - https://github.com/andir/nixos-issue-db-example CVE-2018-1000030 - https://github.com/0xT11/CVE-POC +CVE-2018-1000035 - https://github.com/FritzJo/pacheck CVE-2018-1000035 - https://github.com/phonito/phonito-vulnerable-container CVE-2018-1000035 - https://github.com/ronomon/zip CVE-2018-1000036 - https://github.com/andir/nixos-issue-db-example @@ -16487,6 +17110,7 @@ CVE-2018-1000118 - https://github.com/Project-WARMIND/Exploit-Modules CVE-2018-1000118 - https://github.com/andir/nixos-issue-db-example CVE-2018-1000118 - https://github.com/squalle0nhart/electron_pdf_render CVE-2018-1000120 - https://github.com/facebookincubator/nvdtools +CVE-2018-1000122 - https://github.com/belcebus/clair-architecture-poc CVE-2018-1000122 - https://github.com/facebookincubator/nvdtools CVE-2018-1000129 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-1000129 - https://github.com/Elsfa7-110/kenzer-templates @@ -16511,6 +17135,7 @@ CVE-2018-1000140 - https://github.com/0xT11/CVE-POC CVE-2018-1000140 - https://github.com/Project-WARMIND/Exploit-Modules CVE-2018-1000140 - https://github.com/andir/nixos-issue-db-example CVE-2018-1000156 - https://github.com/andir/nixos-issue-db-example +CVE-2018-1000156 - https://github.com/irsl/gnu-patch-vulnerabilities CVE-2018-1000156 - https://github.com/phonito/phonito-vulnerable-container CVE-2018-1000159 - https://github.com/eldron/metls CVE-2018-1000159 - https://github.com/sailfishos-mirror/tlslite-ng @@ -16524,6 +17149,7 @@ CVE-2018-1000224 - https://github.com/0xT11/CVE-POC CVE-2018-1000226 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-1000300 - https://github.com/Project-WARMIND/Exploit-Modules CVE-2018-1000500 - https://github.com/alphaSeclab/sec-daily-2020 +CVE-2018-1000518 - https://github.com/PalindromeLabs/awesome-websocket-security CVE-2018-1000529 - https://github.com/0xT11/CVE-POC CVE-2018-1000529 - https://github.com/martinfrancois/CVE-2018-1000529 CVE-2018-1000531 - https://github.com/aress31/jwtcat @@ -16537,17 +17163,23 @@ CVE-2018-1000613 - https://github.com/dotanuki-labs/android-oss-cves-research CVE-2018-1000620 - https://github.com/ossf-cve-benchmark/CVE-2018-1000620 CVE-2018-1000622 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2018-1000622 - https://github.com/xxg1413/rust-security +CVE-2018-1000632 - https://github.com/ilmari666/cybsec +CVE-2018-1000654 - https://github.com/brandoncamenisch/release-the-code-litecoin CVE-2018-1000654 - https://github.com/dispera/giant-squid +CVE-2018-1000654 - https://github.com/domyrtille/interview_project +CVE-2018-1000654 - https://github.com/epequeno/devops-demo CVE-2018-1000654 - https://github.com/garethr/snykout CVE-2018-1000654 - https://github.com/nedenwalker/spring-boot-app-using-gradle CVE-2018-1000654 - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln CVE-2018-1000654 - https://github.com/onzack/trivy-multiscanner CVE-2018-1000656 - https://github.com/snyk-labs/pysnyk CVE-2018-1000657 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs +CVE-2018-1000657 - https://github.com/Qwaz/rust-cve CVE-2018-1000657 - https://github.com/xxg1413/rust-security CVE-2018-1000801 - https://github.com/ponypot/cve CVE-2018-1000802 - https://github.com/0xT11/CVE-POC CVE-2018-1000810 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs +CVE-2018-1000810 - https://github.com/Qwaz/rust-cve CVE-2018-1000810 - https://github.com/saaramar/Publications CVE-2018-1000810 - https://github.com/xxg1413/rust-security CVE-2018-1000858 - https://github.com/flyrev/security-scan-ci-presentation @@ -16564,6 +17196,8 @@ CVE-2018-1000861 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2018-1000861 - https://github.com/Zompire/cc_talk_2021 CVE-2018-1000861 - https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc CVE-2018-1000861 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2018-1000861 - https://github.com/deadbits/yara-rules +CVE-2018-1000861 - https://github.com/glithc/yara-detection CVE-2018-1000861 - https://github.com/gobysec/Goby CVE-2018-1000861 - https://github.com/gquere/pwn_jenkins CVE-2018-1000861 - https://github.com/hasee2018/Penetration_Testing_POC @@ -16579,20 +17213,25 @@ CVE-2018-1000861 - https://github.com/woods-sega/woodswiki CVE-2018-1000861 - https://github.com/yedada-wei/- CVE-2018-1000861 - https://github.com/yedada-wei/gongkaishouji CVE-2018-1000873 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2018-1000873 - https://github.com/ilmari666/cybsec CVE-2018-1000876 - https://github.com/phonito/phonito-vulnerable-container CVE-2018-1000876 - https://github.com/revl-ca/scan-docker-image CVE-2018-1000877 - https://github.com/revl-ca/scan-docker-image CVE-2018-1000878 - https://github.com/revl-ca/scan-docker-image +CVE-2018-1000886 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2018-1000886 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-10016 - https://github.com/junxzm1990/afl-pt CVE-2018-1002100 - https://github.com/Metarget/awesome-cloud-native-security CVE-2018-1002100 - https://github.com/Metarget/metarget CVE-2018-1002101 - https://github.com/0xT11/CVE-POC CVE-2018-1002103 - https://github.com/Metarget/awesome-cloud-native-security +CVE-2018-1002103 - https://github.com/Metarget/cloud-native-security-book CVE-2018-1002105 - https://github.com/0xT11/CVE-POC CVE-2018-1002105 - https://github.com/ExpLife0011/awesome-windows-kernel-security-development CVE-2018-1002105 - https://github.com/Lee-SungYoung/Delicious-Hot-Six CVE-2018-1002105 - https://github.com/Lee-SungYoung/Kube-Six CVE-2018-1002105 - https://github.com/Metarget/awesome-cloud-native-security +CVE-2018-1002105 - https://github.com/Metarget/cloud-native-security-book CVE-2018-1002105 - https://github.com/Metarget/metarget CVE-2018-1002105 - https://github.com/Ondrik8/exploit CVE-2018-1002105 - https://github.com/PaloAltoNetworks/research-notes @@ -16606,6 +17245,7 @@ CVE-2018-1002105 - https://github.com/merlinxcy/ToolBox CVE-2018-1002105 - https://github.com/owen800q/Awesome-Stars CVE-2018-1002105 - https://github.com/pravinsrc/NOTES-windows-kernel-links CVE-2018-1002105 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2018-1002105 - https://github.com/reni2study/Cloud-Native-Security2 CVE-2018-1002105 - https://github.com/rsingh1611/Docker-SimpliVity CVE-2018-1002105 - https://github.com/superfish9/pt CVE-2018-1002105 - https://github.com/warmchang/KubeCon-CloudNativeCon-Europe-2019 @@ -16642,8 +17282,11 @@ CVE-2018-1010 - https://github.com/0xT11/CVE-POC CVE-2018-1010 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-1010 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-1010 - https://github.com/ymgh96/Detecting-the-patch-of-CVE-2018-1010 +CVE-2018-10100 - https://github.com/El-Palomo/DerpNStink +CVE-2018-10101 - https://github.com/El-Palomo/DerpNStink CVE-2018-10102 - https://github.com/CeCe2018/Codepath CVE-2018-10102 - https://github.com/CeCe2018/Codepath-Week-7-Alternative-Assignment-Essay +CVE-2018-10102 - https://github.com/El-Palomo/DerpNStink CVE-2018-10102 - https://github.com/Tanvi20/Week-7-Alternative-Assignment-wp-cve CVE-2018-10111 - https://github.com/xiaoqx/pocs CVE-2018-10112 - https://github.com/xiaoqx/pocs @@ -16674,13 +17317,16 @@ CVE-2018-10172 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-10172 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-1019 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-1019 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-10191 - https://github.com/nautilus-fuzz/nautilus CVE-2018-10196 - https://github.com/andir/nixos-issue-db-example +CVE-2018-10199 - https://github.com/nautilus-fuzz/nautilus CVE-2018-10201 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-1021 - https://github.com/LyleMi/dom-vuln-db CVE-2018-1022 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-1022 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-10225 - https://github.com/elon996/gluttony CVE-2018-10237 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2018-10237 - https://github.com/diakogiannis/moviebook CVE-2018-10237 - https://github.com/dotanuki-labs/android-oss-cves-research CVE-2018-1026 - https://github.com/0xT11/CVE-POC CVE-2018-1026 - https://github.com/developer3000S/PoC-in-GitHub @@ -16833,6 +17479,7 @@ CVE-2018-10676 - https://github.com/maxpowersi/CamSploit CVE-2018-10676 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-10676 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-10678 - https://github.com/0xT11/CVE-POC +CVE-2018-10685 - https://github.com/strongcourage/uafbench CVE-2018-10689 - https://github.com/andir/nixos-issue-db-example CVE-2018-10715 - https://github.com/0xT11/CVE-POC CVE-2018-10717 - https://github.com/nafiez/Vulnerability-Research @@ -16860,6 +17507,7 @@ CVE-2018-10821 - https://github.com/BalvinderSingh23/Cross-Site-Scripting-Reflec CVE-2018-10822 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-10823 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-10860 - https://github.com/snyk/zip-slip-vulnerability +CVE-2018-10876 - https://github.com/rm511130/BBL CVE-2018-1088 - https://github.com/0xT11/CVE-POC CVE-2018-1088 - https://github.com/MauroEldritch/GEVAUDAN CVE-2018-1088 - https://github.com/developer3000S/PoC-in-GitHub @@ -16871,6 +17519,7 @@ CVE-2018-10903 - https://github.com/sonatype-nexus-community/jake CVE-2018-10920 - https://github.com/0xT11/CVE-POC CVE-2018-10933 - https://github.com/0xT11/CVE-POC CVE-2018-10933 - https://github.com/915425297/CVES +CVE-2018-10933 - https://github.com/Apri1y/Red-Team-links CVE-2018-10933 - https://github.com/DynamicDesignz/Alien-Framework CVE-2018-10933 - https://github.com/Echocipher/Resource-list CVE-2018-10933 - https://github.com/MarkBuffalo/exploits @@ -16881,18 +17530,23 @@ CVE-2018-10933 - https://github.com/a-n-n-a-c-g/advanced-pentesting CVE-2018-10933 - https://github.com/angristan/awesome-stars CVE-2018-10933 - https://github.com/blacknbunny/CVE-2018-10933 CVE-2018-10933 - https://github.com/hackerhouse-opensource/cve-2018-10933 +CVE-2018-10933 - https://github.com/hudunkey/Red-Team-links CVE-2018-10933 - https://github.com/jas502n/CVE-2018-10933 +CVE-2018-10933 - https://github.com/john-80/-007 CVE-2018-10933 - https://github.com/kn6869610/CVE-2018-10933 CVE-2018-10933 - https://github.com/leapsecurity/libssh-scanner +CVE-2018-10933 - https://github.com/lp008/Hack-readme CVE-2018-10933 - https://github.com/marco-lancini/hunt-for-cve-2018-10933 CVE-2018-10933 - https://github.com/nikhil1232/LibSSH-Authentication-Bypass CVE-2018-10933 - https://github.com/pghook/CVE-2018-10933_Scanner CVE-2018-10933 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-10933 - https://github.com/r3dxpl0it/CVE-2018-10933 CVE-2018-10933 - https://github.com/shifa123/pythonprojects-CVE-2018-10933 +CVE-2018-10933 - https://github.com/slimdaddy/RedTeam CVE-2018-10933 - https://github.com/trbpnd/bpnd-libssh CVE-2018-10933 - https://github.com/xFreed0m/CVE-2018-10933 CVE-2018-10933 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-10933 - https://github.com/xiaoZ-hc/redtool CVE-2018-10936 - https://github.com/0xT11/CVE-POC CVE-2018-10944 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-10944 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 @@ -16905,6 +17559,7 @@ CVE-2018-10958 - https://github.com/andir/nixos-issue-db-example CVE-2018-10963 - https://github.com/andir/nixos-issue-db-example CVE-2018-10963 - https://github.com/revl-ca/scan-docker-image CVE-2018-1098 - https://github.com/andir/nixos-issue-db-example +CVE-2018-1098 - https://github.com/asa1997/topgear_test CVE-2018-1098 - https://github.com/sonatype-nexus-community/nancy CVE-2018-1099 - https://github.com/andir/nixos-issue-db-example CVE-2018-1099 - https://github.com/sonatype-nexus-community/nancy @@ -16923,6 +17578,8 @@ CVE-2018-11024 - https://github.com/SexyBeast233/SecBooks CVE-2018-11025 - https://github.com/SexyBeast233/SecBooks CVE-2018-11033 - https://github.com/andir/nixos-issue-db-example CVE-2018-11037 - https://github.com/andir/nixos-issue-db-example +CVE-2018-11039 - https://github.com/ilmari666/cybsec +CVE-2018-11040 - https://github.com/ilmari666/cybsec CVE-2018-11072 - https://github.com/hatRiot/bugs CVE-2018-11093 - https://github.com/ossf-cve-benchmark/CVE-2018-11093 CVE-2018-11097 - https://github.com/ZhengMinghui1234/enfuzzer @@ -17003,6 +17660,8 @@ CVE-2018-11256 - https://github.com/andir/nixos-issue-db-example CVE-2018-11293 - https://github.com/jiayy/android_vuln_poc-exp CVE-2018-11297 - https://github.com/jiayy/android_vuln_poc-exp CVE-2018-11302 - https://github.com/jiayy/android_vuln_poc-exp +CVE-2018-11307 - https://github.com/ilmari666/cybsec +CVE-2018-11307 - https://github.com/yahoo/cubed CVE-2018-11311 - https://github.com/0xT11/CVE-POC CVE-2018-11311 - https://github.com/EmreOvunc/mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password CVE-2018-11314 - https://github.com/brannondorsey/cve @@ -17037,6 +17696,7 @@ CVE-2018-11409 - https://github.com/kofa2002/splunk CVE-2018-11409 - https://github.com/sobinge/nuclei-templates CVE-2018-11411 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-11411 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-11416 - https://github.com/strongcourage/uafbench CVE-2018-11416 - https://github.com/wcventure/UAF-Fuzzer-TestSuite CVE-2018-11439 - https://github.com/andir/nixos-issue-db-example CVE-2018-11450 - https://github.com/0xT11/CVE-POC @@ -17052,6 +17712,7 @@ CVE-2018-11488 - https://github.com/bitsadmin/exploits CVE-2018-1149 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-1149 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-11496 - https://github.com/andir/nixos-issue-db-example +CVE-2018-11496 - https://github.com/strongcourage/uafbench CVE-2018-11496 - https://github.com/wcventure/UAF-Fuzzer-TestSuite CVE-2018-11499 - https://github.com/andir/nixos-issue-db-example CVE-2018-1150 - https://github.com/qazbnm456/awesome-cve-poc @@ -17099,6 +17760,7 @@ CVE-2018-11681 - https://github.com/SadFud/Exploits CVE-2018-11682 - https://github.com/SadFud/Exploits CVE-2018-11686 - https://github.com/0xT11/CVE-POC CVE-2018-11686 - https://github.com/mpgn/CVE-2018-11686 +CVE-2018-11687 - https://github.com/rjhorniii/DICOM-YARA-rules CVE-2018-11687 - https://github.com/sec-bit/awesome-buggy-erc20-tokens CVE-2018-11689 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-11689 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 @@ -17109,6 +17771,7 @@ CVE-2018-11697 - https://github.com/andir/nixos-issue-db-example CVE-2018-11698 - https://github.com/andir/nixos-issue-db-example CVE-2018-11709 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-1172 - https://github.com/andir/nixos-issue-db-example +CVE-2018-11743 - https://github.com/nautilus-fuzz/nautilus CVE-2018-11759 - https://github.com/0ps/pocassistdb CVE-2018-11759 - https://github.com/0xT11/CVE-POC CVE-2018-11759 - https://github.com/ARPSyndicate/kenzer-templates @@ -17125,6 +17788,7 @@ CVE-2018-11759 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-11761 - https://github.com/0xT11/CVE-POC CVE-2018-11761 - https://github.com/brianwrf/CVE-2018-11761 CVE-2018-11761 - https://github.com/brianwrf/TechArticles +CVE-2018-11763 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2018-11763 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2018-11763 - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough CVE-2018-11763 - https://github.com/vshaliii/Funbox2-rookie @@ -17136,14 +17800,19 @@ CVE-2018-11776 - https://github.com/3vikram/Application-Vulnerabilities-Payloads CVE-2018-11776 - https://github.com/649/Apache-Struts-Shodan-Exploit CVE-2018-11776 - https://github.com/84KaliPleXon3/Payloads_All_The_Things CVE-2018-11776 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2018-11776 - https://github.com/Apri1y/Red-Team-links CVE-2018-11776 - https://github.com/BitTheByte/Domainker CVE-2018-11776 - https://github.com/BitTheByte/Eagle +CVE-2018-11776 - https://github.com/Delishsploits/PayloadsAndMethodology CVE-2018-11776 - https://github.com/Echocipher/Resource-list CVE-2018-11776 - https://github.com/Ekultek/Strutter CVE-2018-11776 - https://github.com/Elsfa7-110/kenzer-templates CVE-2018-11776 - https://github.com/Fnzer0/S2-057-poc +CVE-2018-11776 - https://github.com/GuynnR/Payloads +CVE-2018-11776 - https://github.com/HxDDD/CVE-PoC CVE-2018-11776 - https://github.com/Ivan1ee/struts2-057-exp CVE-2018-11776 - https://github.com/Muhammd/Awesome-Payloads +CVE-2018-11776 - https://github.com/Nieuport/PayloadsAllTheThings CVE-2018-11776 - https://github.com/PEAKWEI/WsylibBookRS CVE-2018-11776 - https://github.com/Prodject/Kn0ck CVE-2018-11776 - https://github.com/Ra7mo0on/PayloadsAllTheThings @@ -17156,39 +17825,56 @@ CVE-2018-11776 - https://github.com/alex14324/Eagel CVE-2018-11776 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2018-11776 - https://github.com/andrysec/PayloadsAllVulnerability CVE-2018-11776 - https://github.com/anhtu97/PayloadAllEverything +CVE-2018-11776 - https://github.com/apkadmin/PayLoadsAll CVE-2018-11776 - https://github.com/bhdresh/CVE-2018-11776 CVE-2018-11776 - https://github.com/brianwrf/S2-057-CVE-2018-11776 +CVE-2018-11776 - https://github.com/byteofjoshua/CVE-2021-26084 +CVE-2018-11776 - https://github.com/chanchalpatra/payload CVE-2018-11776 - https://github.com/cved-sources/cve-2018-11776 +CVE-2018-11776 - https://github.com/djschleen/ash CVE-2018-11776 - https://github.com/eescanilla/Apache-Struts-v3 CVE-2018-11776 - https://github.com/foreseeti/securicad-enterprise-sdk CVE-2018-11776 - https://github.com/foreseeti/securicad-vanguard-sdk CVE-2018-11776 - https://github.com/github/securitylab +CVE-2018-11776 - https://github.com/hellochunqiu/PayloadsAllTheThings CVE-2018-11776 - https://github.com/hktalent/myhktools CVE-2018-11776 - https://github.com/hook-s3c/CVE-2018-11776-Python-PoC +CVE-2018-11776 - https://github.com/hudunkey/Red-Team-links CVE-2018-11776 - https://github.com/jas502n/St2-057 CVE-2018-11776 - https://github.com/jiguangsdf/CVE-2018-11776 +CVE-2018-11776 - https://github.com/john-80/-007 CVE-2018-11776 - https://github.com/khodges42/Etrata CVE-2018-11776 - https://github.com/knqyf263/CVE-2018-11776 CVE-2018-11776 - https://github.com/koutto/jok3r-pocs +CVE-2018-11776 - https://github.com/ksw9722/PayloadsAllTheThings +CVE-2018-11776 - https://github.com/lp008/Hack-readme CVE-2018-11776 - https://github.com/mazen160/struts-pwn_CVE-2018-11776 +CVE-2018-11776 - https://github.com/mrhacker51/ReverseShellCommands +CVE-2018-11776 - https://github.com/nevidimk0/PayloadsAllTheThings CVE-2018-11776 - https://github.com/ninoseki/mitaka CVE-2018-11776 - https://github.com/oneplus-x/Sn1per CVE-2018-11776 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-11776 - https://github.com/s1kr10s/Apache-Struts-v4 +CVE-2018-11776 - https://github.com/slimdaddy/RedTeam CVE-2018-11776 - https://github.com/sobinge/--1 CVE-2018-11776 - https://github.com/sobinge/PayloadsAllTheThings +CVE-2018-11776 - https://github.com/sobinge/PayloadsAllThesobinge CVE-2018-11776 - https://github.com/sourcery-ai-bot/Deep-Security-Reports +CVE-2018-11776 - https://github.com/tdcoming/Vulnerability-engine CVE-2018-11776 - https://github.com/tuxotron/cve-2018-11776-docker CVE-2018-11776 - https://github.com/unusualwork/Sn1per CVE-2018-11776 - https://github.com/we1h0/awesome-java-security-checklist CVE-2018-11776 - https://github.com/whoadmin/pocs +CVE-2018-11776 - https://github.com/winterwolf32/PayloadsAllTheThings CVE-2018-11776 - https://github.com/woods-sega/woodswiki CVE-2018-11776 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-11776 - https://github.com/xfox64x/CVE-2018-11776 +CVE-2018-11776 - https://github.com/xiaoZ-hc/redtool CVE-2018-11777 - https://github.com/yahoo/hive-funnel-udf CVE-2018-11779 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2018-11784 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-11784 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2018-11784 - https://github.com/ilmari666/cybsec CVE-2018-11784 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-11784 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2018-11784 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 @@ -17212,7 +17898,9 @@ CVE-2018-11882 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-11882 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-11886 - https://github.com/jiayy/android_vuln_poc-exp CVE-2018-11905 - https://github.com/jiayy/android_vuln_poc-exp +CVE-2018-1196 - https://github.com/ilmari666/cybsec CVE-2018-11976 - https://github.com/enovella/TEE-reversing +CVE-2018-1199 - https://github.com/ilmari666/cybsec CVE-2018-12015 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-12015 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-12018 - https://github.com/0xT11/CVE-POC @@ -17222,6 +17910,8 @@ CVE-2018-12020 - https://github.com/hannob/pgpbugs CVE-2018-12020 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-12020 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-12021 - https://github.com/ARGOeu/secmon-probes +CVE-2018-12022 - https://github.com/ilmari666/cybsec +CVE-2018-12023 - https://github.com/ilmari666/cybsec CVE-2018-12025 - https://github.com/sec-bit/awesome-buggy-erc20-tokens CVE-2018-12031 - https://github.com/0xT11/CVE-POC CVE-2018-12031 - https://github.com/ARPSyndicate/kenzer-templates @@ -17284,6 +17974,9 @@ CVE-2018-12207 - https://github.com/speed47/spectre-meltdown-checker CVE-2018-12232 - https://github.com/hiboma/hiboma CVE-2018-12232 - https://github.com/shankarapailoor/moonshine CVE-2018-12233 - https://github.com/shankarapailoor/moonshine +CVE-2018-12247 - https://github.com/nautilus-fuzz/nautilus +CVE-2018-12248 - https://github.com/nautilus-fuzz/nautilus +CVE-2018-12249 - https://github.com/nautilus-fuzz/nautilus CVE-2018-12257 - https://github.com/reillychase/IoT-Hacking-DNS-Hijacking-Firmware-Upgrade-PoC CVE-2018-12264 - https://github.com/xiaoqx/pocs CVE-2018-12265 - https://github.com/xiaoqx/pocs @@ -17292,13 +17985,17 @@ CVE-2018-1235 - https://github.com/0xT11/CVE-POC CVE-2018-1235 - https://github.com/bao7uo/dell-emc_recoverpoint CVE-2018-1235 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-1235 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-12364 - https://github.com/jeetgit/json_csrf +CVE-2018-12364 - https://github.com/mobx26/test CVE-2018-12384 - https://github.com/rjrelyea/ca-certificate-scripts CVE-2018-12386 - https://github.com/0xT11/CVE-POC +CVE-2018-12386 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2018-12386 - https://github.com/googleprojectzero/fuzzilli CVE-2018-12386 - https://github.com/m00zh33/sploits CVE-2018-12386 - https://github.com/niklasb/sploits CVE-2018-12386 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-12386 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-12387 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2018-12387 - https://github.com/m00zh33/sploits CVE-2018-12387 - https://github.com/niklasb/sploits CVE-2018-12387 - https://github.com/qazbnm456/awesome-cve-poc @@ -17334,8 +18031,11 @@ CVE-2018-12533 - https://github.com/p1ay8y3ar/cve_monitor CVE-2018-12537 - https://github.com/0xT11/CVE-POC CVE-2018-12539 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2018-12540 - https://github.com/0xT11/CVE-POC +CVE-2018-1257 - https://github.com/ilmari666/cybsec CVE-2018-12578 - https://github.com/xiaoqx/pocs CVE-2018-1258 - https://github.com/abhav/nvd_scrapper +CVE-2018-1258 - https://github.com/diakogiannis/moviebook +CVE-2018-1258 - https://github.com/ilmari666/cybsec CVE-2018-12589 - https://github.com/rudinyu/KB CVE-2018-1259 - https://github.com/0xT11/CVE-POC CVE-2018-1259 - https://github.com/developer3000S/PoC-in-GitHub @@ -17354,27 +18054,35 @@ CVE-2018-12613 - https://github.com/0x00-0x00/CVE-2018-12613 CVE-2018-12613 - https://github.com/0xT11/CVE-POC CVE-2018-12613 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-12613 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2018-12613 - https://github.com/NS-Sp4ce/2019-Ciscn-Southern-China-Web CVE-2018-12613 - https://github.com/SexyBeast233/SecBooks CVE-2018-12613 - https://github.com/duckstroms/Web-CTF-Cheatsheet CVE-2018-12613 - https://github.com/eastmountyxz/CSDNBlog-Security-Based CVE-2018-12613 - https://github.com/eastmountyxz/NetworkSecuritySelf-study +CVE-2018-12613 - https://github.com/fix-you/unc1e_web_note CVE-2018-12613 - https://github.com/jweny/pocassistdb CVE-2018-12613 - https://github.com/kyawthiha7/pentest-methodology +CVE-2018-12613 - https://github.com/tdcoming/Vulnerability-engine CVE-2018-12613 - https://github.com/w181496/Web-CTF-Cheatsheet CVE-2018-1263 - https://github.com/snyk/zip-slip-vulnerability CVE-2018-12634 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-12634 - https://github.com/SadFud/Exploits CVE-2018-12636 - https://github.com/nth347/CVE-2018-12636_exploit CVE-2018-12640 - https://github.com/badnack/Insteon_2864-222 +CVE-2018-12641 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark CVE-2018-12641 - https://github.com/RUB-SysSec/redqueen CVE-2018-12641 - https://github.com/revl-ca/scan-docker-image +CVE-2018-12641 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-12648 - https://github.com/xiaoqx/pocs CVE-2018-12686 - https://github.com/tencentbladeteam/Exploit-Amazon-Echo CVE-2018-12687 - https://github.com/ZhengMinghui1234/enfuzzer CVE-2018-12688 - https://github.com/ZhengMinghui1234/enfuzzer CVE-2018-12697 - https://github.com/RUB-SysSec/redqueen CVE-2018-12698 - https://github.com/RUB-SysSec/redqueen +CVE-2018-12699 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-12699 - https://github.com/RUB-SysSec/redqueen +CVE-2018-12699 - https://github.com/colonelmeow/appsecctf +CVE-2018-12699 - https://github.com/jrak1204/overstock_test CVE-2018-12699 - https://github.com/siddharthraopotukuchi/trivy CVE-2018-12699 - https://github.com/simiyo/trivy CVE-2018-12699 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers @@ -17389,6 +18097,7 @@ CVE-2018-1270 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-1270 - https://github.com/genxor/CVE-2018-1270_EXP CVE-2018-1270 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-1270 - https://github.com/hktalent/myhktools +CVE-2018-1270 - https://github.com/ilmari666/cybsec CVE-2018-1270 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-1270 - https://github.com/src-kun/map CVE-2018-1270 - https://github.com/superfish9/pt @@ -17400,18 +18109,22 @@ CVE-2018-12702 - https://github.com/im-bug/BlockChain-Security-List CVE-2018-12703 - https://github.com/im-bug/BlockChain-Security-List CVE-2018-1271 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-1271 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2018-1271 - https://github.com/ilmari666/cybsec CVE-2018-1271 - https://github.com/sobinge/nuclei-templates CVE-2018-1271 - https://github.com/superfish9/pt CVE-2018-1271 - https://github.com/x-f1v3/Vulnerability_Environment CVE-2018-12716 - https://github.com/brannondorsey/cve +CVE-2018-1272 - https://github.com/ilmari666/cybsec CVE-2018-1273 - https://github.com/0day666/Vulnerability-verification CVE-2018-1273 - https://github.com/0xT11/CVE-POC CVE-2018-1273 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-1273 - https://github.com/Elsfa7-110/kenzer-templates CVE-2018-1273 - https://github.com/SexyBeast233/SecBooks CVE-2018-1273 - https://github.com/SugarP1g/LearningSecurity +CVE-2018-1273 - https://github.com/asa1997/topgear_test CVE-2018-1273 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-1273 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-1273 - https://github.com/ilmari666/cybsec CVE-2018-1273 - https://github.com/ilmila/J2EEScan CVE-2018-1273 - https://github.com/jas502n/cve-2018-1273 CVE-2018-1273 - https://github.com/jiangsir404/POC-S @@ -17423,6 +18136,7 @@ CVE-2018-1273 - https://github.com/webr0ck/poc-cve-2018-1273 CVE-2018-1273 - https://github.com/whoadmin/pocs CVE-2018-1273 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-1273 - https://github.com/zhengjim/loophole +CVE-2018-1275 - https://github.com/ilmari666/cybsec CVE-2018-1275 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-1275 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-12754 - https://github.com/googleprojectzero/winafl @@ -17448,17 +18162,21 @@ CVE-2018-12768 - https://github.com/hardik05/winafl-powermopt CVE-2018-12768 - https://github.com/s0i37/winafl_inmemory CVE-2018-1279 - https://github.com/gteissier/erl-matter CVE-2018-12794 - https://github.com/HackOvert/awesome-bugs +CVE-2018-12794 - https://github.com/SkyBulk/RealWorldPwn CVE-2018-12794 - https://github.com/attackgithub/RealWorldPwn CVE-2018-12798 - https://github.com/0xT11/CVE-POC CVE-2018-12809 - https://github.com/0ang3el/aem-hacker CVE-2018-12809 - https://github.com/Raz0r/aemscan CVE-2018-12809 - https://github.com/TheRipperJhon/AEMVS +CVE-2018-1281 - https://github.com/PRISHIta123/Securing_Open_Source_Components_on_Containers +CVE-2018-1283 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2018-1283 - https://github.com/benoitsevres/north-dakota CVE-2018-1283 - https://github.com/rnbochsr/yr_of_the_jellyfish CVE-2018-1283 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2018-1283 - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough CVE-2018-1283 - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough CVE-2018-1283 - https://github.com/vshaliii/Funbox2-rookie +CVE-2018-12831 - https://github.com/SkyBulk/RealWorldPwn CVE-2018-12831 - https://github.com/attackgithub/RealWorldPwn CVE-2018-12839 - https://github.com/googleprojectzero/winafl CVE-2018-12839 - https://github.com/hardik05/winafl-powermopt @@ -17536,6 +18254,7 @@ CVE-2018-12875 - https://github.com/s0i37/winafl_inmemory CVE-2018-1288 - https://github.com/0xT11/CVE-POC CVE-2018-1288 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-1288 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-1288 - https://github.com/isxbot/software-assurance CVE-2018-12882 - https://github.com/0xbigshaq/php7-internals CVE-2018-12882 - https://github.com/geeknik/cve-fuzzing-poc CVE-2018-12885 - https://github.com/qazbnm456/awesome-cve-poc @@ -17544,7 +18263,9 @@ CVE-2018-12886 - https://github.com/Azure/container-scan CVE-2018-12886 - https://github.com/Azure/publish-security-assessments CVE-2018-12886 - https://github.com/drjhunter/container-scan CVE-2018-12886 - https://github.com/garethr/snykout +CVE-2018-12886 - https://github.com/lucky-sideburn/secpod_wrap CVE-2018-12895 - https://github.com/0xT11/CVE-POC +CVE-2018-12895 - https://github.com/El-Palomo/DerpNStink CVE-2018-12895 - https://github.com/bloom-ux/cve-2018-12895-hotfix CVE-2018-12895 - https://github.com/harrystaley/CSCI4349_Week9_Honeypot CVE-2018-12895 - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough @@ -17577,18 +18298,21 @@ CVE-2018-13006 - https://github.com/Edward-L/my-cve-list CVE-2018-13007 - https://github.com/Edward-L/my-cve-list CVE-2018-13008 - https://github.com/Edward-L/my-cve-list CVE-2018-13009 - https://github.com/Edward-L/my-cve-list +CVE-2018-1301 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2018-1301 - https://github.com/google/honggfuzz CVE-2018-1301 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2018-1301 - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough CVE-2018-1301 - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough CVE-2018-1301 - https://github.com/vshaliii/Funbox2-rookie CVE-2018-13011 - https://github.com/Edward-L/my-cve-list +CVE-2018-1302 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2018-1302 - https://github.com/google/honggfuzz CVE-2018-1302 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2018-1302 - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough CVE-2018-1302 - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough CVE-2018-1302 - https://github.com/vshaliii/Funbox2-rookie CVE-2018-13026 - https://github.com/Edward-L/my-cve-list +CVE-2018-1303 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2018-1303 - https://github.com/google/honggfuzz CVE-2018-1303 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2018-1303 - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough @@ -17601,6 +18325,7 @@ CVE-2018-13037 - https://github.com/fouzhe/security CVE-2018-1304 - https://github.com/0xT11/CVE-POC CVE-2018-1304 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-1304 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-1304 - https://github.com/ilmari666/cybsec CVE-2018-1304 - https://github.com/knqyf263/CVE-2018-1304 CVE-2018-1304 - https://github.com/thariyarox/tomcat_CVE-2018-1304_testing CVE-2018-1305 - https://github.com/0xT11/CVE-POC @@ -17608,6 +18333,7 @@ CVE-2018-1305 - https://github.com/Pa55w0rd/CVE-2018-1305 CVE-2018-1305 - https://github.com/SexyBeast233/SecBooks CVE-2018-1305 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-1305 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-1305 - https://github.com/ilmari666/cybsec CVE-2018-1305 - https://github.com/woods-sega/woodswiki CVE-2018-13056 - https://github.com/SexyBeast233/SecBooks CVE-2018-1306 - https://github.com/0xT11/CVE-POC @@ -17616,6 +18342,7 @@ CVE-2018-1306 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-1310 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2018-1311 - https://github.com/p1ay8y3ar/cve_monitor CVE-2018-13112 - https://github.com/Edward-L/my-cve-list +CVE-2018-1312 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2018-1312 - https://github.com/intrigueio/intrigue-ident CVE-2018-1312 - https://github.com/rnbochsr/yr_of_the_jellyfish CVE-2018-1312 - https://github.com/syadg123/pigat @@ -17638,6 +18365,8 @@ CVE-2018-1324 - https://github.com/0xT11/CVE-POC CVE-2018-1324 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-1324 - https://github.com/dotanuki-labs/android-oss-cves-research CVE-2018-1324 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-13251 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2018-13251 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-13257 - https://github.com/0xT11/CVE-POC CVE-2018-1327 - https://github.com/SexyBeast233/SecBooks CVE-2018-1327 - https://github.com/khodges42/Etrata @@ -17655,6 +18384,7 @@ CVE-2018-13304 - https://github.com/aflsmart/aflsmart CVE-2018-13304 - https://github.com/andir/nixos-issue-db-example CVE-2018-13305 - https://github.com/aflsmart/aflsmart CVE-2018-13305 - https://github.com/andir/nixos-issue-db-example +CVE-2018-1333 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2018-1333 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2018-1333 - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough CVE-2018-1333 - https://github.com/vshaliii/Funbox2-rookie @@ -17666,6 +18396,7 @@ CVE-2018-1335 - https://github.com/HackOvert/awesome-bugs CVE-2018-1335 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2018-1335 - https://github.com/RhinoSecurityLabs/CVEs CVE-2018-1335 - https://github.com/SkyBlueEternal/CVE-2018-1335-EXP-GUI +CVE-2018-1335 - https://github.com/ThePirateWhoSmellsOfSunflowers/TheHackerLinks CVE-2018-1335 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2018-1335 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-1335 - https://github.com/hectorgie/PoC-in-GitHub @@ -17675,10 +18406,13 @@ CVE-2018-1335 - https://github.com/r0eXpeR/redteam_vul CVE-2018-1335 - https://github.com/sunzu94/AWS-CVEs CVE-2018-1335 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-1335 - https://github.com/zhengjim/loophole +CVE-2018-1336 - https://github.com/ilmari666/cybsec CVE-2018-1336 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough +CVE-2018-1337 - https://github.com/yahoo/cubed CVE-2018-13374 - https://github.com/juliourena/plaintext CVE-2018-13379 - https://github.com/0ps/pocassistdb CVE-2018-13379 - https://github.com/0xT11/CVE-POC +CVE-2018-13379 - https://github.com/7Elements/Fortigate CVE-2018-13379 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-13379 - https://github.com/Elsfa7-110/kenzer-templates CVE-2018-13379 - https://github.com/SexyBeast233/SecBooks @@ -17689,9 +18423,11 @@ CVE-2018-13379 - https://github.com/fengjixuchui/RedTeamer CVE-2018-13379 - https://github.com/gobysec/Goby CVE-2018-13379 - https://github.com/iGotRootSRC/Dorkers CVE-2018-13379 - https://github.com/jam620/forti-vpn +CVE-2018-13379 - https://github.com/jpiechowka/at-doom-fortigate CVE-2018-13379 - https://github.com/jweny/pocassistdb CVE-2018-13379 - https://github.com/milo2012/CVE-2018-13379 CVE-2018-13379 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2018-13379 - https://github.com/r0eXpeR/supplier CVE-2018-13379 - https://github.com/sobinge/nuclei-templates CVE-2018-13380 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-13380 - https://github.com/Elsfa7-110/kenzer-templates @@ -17705,6 +18441,7 @@ CVE-2018-13382 - https://github.com/SexyBeast233/SecBooks CVE-2018-13382 - https://github.com/dhn/exploits CVE-2018-13382 - https://github.com/jam620/forti-vpn CVE-2018-13382 - https://github.com/milo2012/CVE-2018-13382 +CVE-2018-13382 - https://github.com/ugur-ercan/exploit-collection CVE-2018-13383 - https://github.com/SexyBeast233/SecBooks CVE-2018-13383 - https://github.com/jam620/forti-vpn CVE-2018-13410 - https://github.com/0xT11/CVE-POC @@ -17781,6 +18518,7 @@ CVE-2018-14051 - https://github.com/ZhengMinghui1234/enfuzzer CVE-2018-14051 - https://github.com/fouzhe/security CVE-2018-14052 - https://github.com/ZhengMinghui1234/enfuzzer CVE-2018-14052 - https://github.com/fouzhe/security +CVE-2018-14054 - https://github.com/FritzJo/pacheck CVE-2018-14054 - https://github.com/sergiomb2/libmp4v2 CVE-2018-14060 - https://github.com/cc-crack/router CVE-2018-14064 - https://github.com/ARPSyndicate/kenzer-templates @@ -17806,6 +18544,7 @@ CVE-2018-14378 - https://github.com/revl-ca/scan-docker-image CVE-2018-14379 - https://github.com/sergiomb2/libmp4v2 CVE-2018-14380 - https://github.com/ossf-cve-benchmark/CVE-2018-14380 CVE-2018-14403 - https://github.com/sergiomb2/libmp4v2 +CVE-2018-14404 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-14404 - https://github.com/googleprojectzero/winafl CVE-2018-14404 - https://github.com/hardik05/winafl-powermopt CVE-2018-14404 - https://github.com/laws-africa/slaw @@ -17815,6 +18554,7 @@ CVE-2018-14404 - https://github.com/simiyo/trivy CVE-2018-14404 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2018-14404 - https://github.com/umahari/security CVE-2018-14442 - https://github.com/0xT11/CVE-POC +CVE-2018-14442 - https://github.com/SkyBulk/RealWorldPwn CVE-2018-14442 - https://github.com/attackgithub/RealWorldPwn CVE-2018-14442 - https://github.com/payatu/CVE-2018-14442 CVE-2018-14449 - https://github.com/xiaoqx/pocs @@ -17845,6 +18585,7 @@ CVE-2018-14563 - https://github.com/ZhengMinghui1234/enfuzzer CVE-2018-14564 - https://github.com/ZhengMinghui1234/enfuzzer CVE-2018-14565 - https://github.com/ZhengMinghui1234/enfuzzer CVE-2018-14566 - https://github.com/RUB-SysSec/redqueen +CVE-2018-14567 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-14567 - https://github.com/RUB-SysSec/redqueen CVE-2018-14567 - https://github.com/revl-ca/scan-docker-image CVE-2018-14567 - https://github.com/siddharthraopotukuchi/trivy @@ -17869,6 +18610,7 @@ CVE-2018-14592 - https://github.com/GoVanguard/pyExploitDb CVE-2018-14598 - https://github.com/revl-ca/scan-docker-image CVE-2018-14599 - https://github.com/revl-ca/scan-docker-image CVE-2018-14600 - https://github.com/revl-ca/scan-docker-image +CVE-2018-14618 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-14618 - https://github.com/revl-ca/scan-docker-image CVE-2018-14618 - https://github.com/siddharthraopotukuchi/trivy CVE-2018-14618 - https://github.com/simiyo/trivy @@ -17884,13 +18626,19 @@ CVE-2018-14634 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-14647 - https://github.com/revl-ca/scan-docker-image CVE-2018-14665 - https://github.com/0xT11/CVE-POC CVE-2018-14665 - https://github.com/0xdea/exploits +CVE-2018-14665 - https://github.com/Apri1y/Red-Team-links CVE-2018-14665 - https://github.com/Echocipher/Resource-list CVE-2018-14665 - https://github.com/anoaghost/Localroot_Compile CVE-2018-14665 - https://github.com/hackerhouse-opensource/exploits +CVE-2018-14665 - https://github.com/hudunkey/Red-Team-links CVE-2018-14665 - https://github.com/jas502n/CVE-2018-14665 +CVE-2018-14665 - https://github.com/john-80/-007 CVE-2018-14665 - https://github.com/jondonas/linux-exploit-suggester-2 +CVE-2018-14665 - https://github.com/lp008/Hack-readme CVE-2018-14665 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2018-14665 - https://github.com/slimdaddy/RedTeam CVE-2018-14665 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-14665 - https://github.com/xiaoZ-hc/redtool CVE-2018-14667 - https://github.com/0xT11/CVE-POC CVE-2018-14667 - https://github.com/Cryin/Paper CVE-2018-14667 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs @@ -17908,9 +18656,14 @@ CVE-2018-14715 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-14715 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-14716 - https://github.com/Ginove/post CVE-2018-14718 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2018-14718 - https://github.com/ilmari666/cybsec +CVE-2018-14718 - https://github.com/yahoo/cubed CVE-2018-14719 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2018-14719 - https://github.com/ilmari666/cybsec CVE-2018-14720 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2018-14720 - https://github.com/ilmari666/cybsec CVE-2018-14721 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2018-14721 - https://github.com/ilmari666/cybsec CVE-2018-14728 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-14728 - https://github.com/Elsfa7-110/kenzer-templates CVE-2018-14728 - https://github.com/sobinge/nuclei-templates @@ -17969,6 +18722,7 @@ CVE-2018-15133 - https://github.com/H0j3n/EzpzCheatSheet CVE-2018-15133 - https://github.com/SexyBeast233/SecBooks CVE-2018-15133 - https://github.com/carlosevieira/larasploit CVE-2018-15133 - https://github.com/enlightn/security-checker +CVE-2018-15133 - https://github.com/karimmuya/laravel-exploit-tricks CVE-2018-15133 - https://github.com/kozmic/laravel-poc-CVE-2018-15133 CVE-2018-15133 - https://github.com/owen800q/Awesome-Stars CVE-2018-15133 - https://github.com/u1f383/Web-CTF-CheatSheet-And-Learning @@ -17997,8 +18751,10 @@ CVE-2018-15473 - https://github.com/W-GOULD/ssh-user-enumeration CVE-2018-15473 - https://github.com/angry-bender/SUOPE CVE-2018-15473 - https://github.com/epi052/cve-2018-15473 CVE-2018-15473 - https://github.com/gbonacini/opensshenum +CVE-2018-15473 - https://github.com/jtesta/ga-test CVE-2018-15473 - https://github.com/jtesta/ssh-audit CVE-2018-15473 - https://github.com/kaio6fellipe/ssh-enum +CVE-2018-15473 - https://github.com/lp008/Hack-readme CVE-2018-15473 - https://github.com/p1ay8y3ar/cve_monitor CVE-2018-15473 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-15473 - https://github.com/r3dxpl0it/CVE-2018-15473 @@ -18020,8 +18776,10 @@ CVE-2018-15517 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-15531 - https://github.com/jenkinsci/monitoring-plugin CVE-2018-15535 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-15572 - https://github.com/codexlynx/hardware-attacks-state-of-the-art +CVE-2018-15599 - https://github.com/xtaran/dist-detect CVE-2018-15640 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-15640 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2018-15664 - https://github.com/Metarget/cloud-native-security-book CVE-2018-15664 - https://github.com/Metarget/metarget CVE-2018-1567 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2018-1567 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs @@ -18033,6 +18791,7 @@ CVE-2018-15685 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-15685 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-15686 - https://github.com/0xT11/CVE-POC CVE-2018-15686 - https://github.com/flyrev/security-scan-ci-presentation +CVE-2018-15686 - https://github.com/hpcprofessional/remediate_cesa_2019_2091 CVE-2018-15686 - https://github.com/kiseru-io/clair-sec-scanner CVE-2018-15686 - https://github.com/revl-ca/scan-docker-image CVE-2018-15688 - https://github.com/fbreton/lacework @@ -18047,9 +18806,12 @@ CVE-2018-15715 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-15727 - https://github.com/0xT11/CVE-POC CVE-2018-15727 - https://github.com/u238/grafana-CVE-2018-15727 CVE-2018-15732 - https://github.com/geeksniper/windows-privilege-escalation +CVE-2018-15732 - https://github.com/gtworek/Priv2Admin CVE-2018-15745 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2018-15756 - https://github.com/ilmari666/cybsec CVE-2018-15774 - https://github.com/Fohdeesha/idrac-7-8-reverse-engineering CVE-2018-15776 - https://github.com/Fohdeesha/idrac-7-8-reverse-engineering +CVE-2018-15805 - https://github.com/deadcyph3r/Awesome-Collection CVE-2018-15832 - https://github.com/0xT11/CVE-POC CVE-2018-15835 - https://github.com/0xT11/CVE-POC CVE-2018-15869 - https://github.com/SummitRoute/csp_security_mistakes @@ -18062,6 +18824,7 @@ CVE-2018-15877 - https://github.com/cved-sources/cve-2018-15877 CVE-2018-15890 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2018-15912 - https://github.com/0xT11/CVE-POC CVE-2018-15919 - https://github.com/averna-syd/Shodan +CVE-2018-15919 - https://github.com/project7io/nmap CVE-2018-15919 - https://github.com/revl-ca/scan-docker-image CVE-2018-15919 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2018-15919 - https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough @@ -18121,6 +18884,8 @@ CVE-2018-15956 - https://github.com/hardik05/winafl-powermopt CVE-2018-15956 - https://github.com/s0i37/winafl_inmemory CVE-2018-15961 - https://github.com/0xT11/CVE-POC CVE-2018-15961 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2018-15961 - https://github.com/byteofjoshua/CVE-2018-15961 +CVE-2018-15961 - https://github.com/dudacgf/ovr_convert CVE-2018-15961 - https://github.com/p1ay8y3ar/cve_monitor CVE-2018-15961 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-15961 - https://github.com/vah13/CVE-2018-15961 @@ -18142,6 +18907,7 @@ CVE-2018-15982 - https://github.com/jas502n/CVE-2018-15982_EXP_IE CVE-2018-15982 - https://github.com/kphongagsorn/adobe-flash-cve2018-15982 CVE-2018-15982 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-15982 - https://github.com/scanfsec/CVE-2018-15982 +CVE-2018-15982 - https://github.com/tdcoming/Vulnerability-engine CVE-2018-15982 - https://github.com/wateroot/poc-exp CVE-2018-15982 - https://github.com/wrlu/Vulnerabilities CVE-2018-15982 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 @@ -18238,6 +19004,7 @@ CVE-2018-16480 - https://github.com/ossf-cve-benchmark/CVE-2018-16480 CVE-2018-16484 - https://github.com/ossf-cve-benchmark/CVE-2018-16484 CVE-2018-16485 - https://github.com/ossf-cve-benchmark/CVE-2018-16485 CVE-2018-16487 - https://github.com/Kirill89/prototype-pollution-explained +CVE-2018-16487 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-16487 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2018-16487 - https://github.com/chkp-dhouari/CloudGuard-ShiftLeft-CICD CVE-2018-16487 - https://github.com/duckstroms/Web-CTF-Cheatsheet @@ -18256,6 +19023,7 @@ CVE-2018-16490 - https://github.com/ossf-cve-benchmark/CVE-2018-16490 CVE-2018-16491 - https://github.com/ossf-cve-benchmark/CVE-2018-16491 CVE-2018-16492 - https://github.com/dsp-testing/CVE-2018-16492 CVE-2018-16492 - https://github.com/ossf-cve-benchmark/CVE-2018-16492 +CVE-2018-16492 - https://github.com/ossf-cve-benchmark/ossf-cve-benchmark CVE-2018-16509 - https://github.com/0xT11/CVE-POC CVE-2018-16509 - https://github.com/0xsyr0/OSCP CVE-2018-16509 - https://github.com/NCSU-DANCE-Research-Group/CDL @@ -18317,6 +19085,7 @@ CVE-2018-16750 - https://github.com/RUB-SysSec/redqueen CVE-2018-16763 - https://github.com/0xT11/CVE-POC CVE-2018-16763 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-16763 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2018-16763 - https://github.com/jtaubs1/Fuel-1.4.1-RCE-Updated CVE-2018-16763 - https://github.com/sobinge/nuclei-templates CVE-2018-16781 - https://github.com/ZhengMinghui1234/enfuzzer CVE-2018-16782 - https://github.com/ZhengMinghui1234/enfuzzer @@ -18333,14 +19102,18 @@ CVE-2018-16829 - https://github.com/PAGalaxyLab/VulInfo CVE-2018-16830 - https://github.com/PAGalaxyLab/VulInfo CVE-2018-16831 - https://github.com/PAGalaxyLab/VulInfo CVE-2018-16836 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2018-16839 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-16839 - https://github.com/siddharthraopotukuchi/trivy CVE-2018-16839 - https://github.com/simiyo/trivy CVE-2018-16839 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2018-16839 - https://github.com/umahari/security +CVE-2018-1684 - https://github.com/ThingzDefense/IoT-Flock +CVE-2018-16840 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-16840 - https://github.com/siddharthraopotukuchi/trivy CVE-2018-16840 - https://github.com/simiyo/trivy CVE-2018-16840 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2018-16840 - https://github.com/umahari/security +CVE-2018-16842 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-16842 - https://github.com/revl-ca/scan-docker-image CVE-2018-16842 - https://github.com/siddharthraopotukuchi/trivy CVE-2018-16842 - https://github.com/simiyo/trivy @@ -18360,6 +19133,7 @@ CVE-2018-16858 - https://github.com/irsl/apache-openoffice-rce-via-uno-links CVE-2018-16858 - https://github.com/litneet64/containerized-bomb-disposal CVE-2018-16864 - https://github.com/fbreton/lacework CVE-2018-16865 - https://github.com/fbreton/lacework +CVE-2018-16866 - https://github.com/hpcprofessional/remediate_cesa_2019_2091 CVE-2018-16866 - https://github.com/revl-ca/scan-docker-image CVE-2018-16868 - https://github.com/nedenwalker/spring-boot-app-using-gradle CVE-2018-16868 - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln @@ -18372,8 +19146,10 @@ CVE-2018-16875 - https://github.com/0xT11/CVE-POC CVE-2018-16875 - https://github.com/alexzorin/poc-cve-2018-16875 CVE-2018-16886 - https://github.com/sonatype-nexus-community/nancy CVE-2018-16888 - https://github.com/flyrev/security-scan-ci-presentation +CVE-2018-16888 - https://github.com/hpcprofessional/remediate_cesa_2019_2091 CVE-2018-1689 - https://github.com/saiyuki1919/BlackHat2019 CVE-2018-16890 - https://github.com/0xT11/CVE-POC +CVE-2018-16890 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-16890 - https://github.com/siddharthraopotukuchi/trivy CVE-2018-16890 - https://github.com/simiyo/trivy CVE-2018-16890 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers @@ -18408,9 +19184,11 @@ CVE-2018-17021 - https://github.com/PAGalaxyLab/VulInfo CVE-2018-17022 - https://github.com/PAGalaxyLab/VulInfo CVE-2018-17023 - https://github.com/PAGalaxyLab/VulInfo CVE-2018-17024 - https://github.com/0xT11/CVE-POC +CVE-2018-1703 - https://github.com/rmadamson/rmadamson CVE-2018-17042 - https://github.com/ZhengMinghui1234/enfuzzer CVE-2018-17043 - https://github.com/ZhengMinghui1234/enfuzzer CVE-2018-17057 - https://github.com/AfvanMoopen/tryhackme- +CVE-2018-17057 - https://github.com/Tiaonmmn/ccc_2019_web_pdfcreator CVE-2018-17057 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2018-17057 - https://github.com/catsecorg/CatSec-TryHackMe-WriteUps CVE-2018-17057 - https://github.com/electronforce/py2to3 @@ -18450,20 +19228,30 @@ CVE-2018-17145 - https://github.com/0xT11/CVE-POC CVE-2018-17145 - https://github.com/404notf0und/CVE-Flow CVE-2018-17182 - https://github.com/0xT11/CVE-POC CVE-2018-17182 - https://github.com/Al1ex/LinuxEelvation +CVE-2018-17182 - https://github.com/Apri1y/Red-Team-links CVE-2018-17182 - https://github.com/Echocipher/Resource-list CVE-2018-17182 - https://github.com/fei9747/LinuxEelvation +CVE-2018-17182 - https://github.com/hudunkey/Red-Team-links CVE-2018-17182 - https://github.com/jas502n/CVE-2018-17182 CVE-2018-17182 - https://github.com/jiayy/android_vuln_poc-exp +CVE-2018-17182 - https://github.com/john-80/-007 CVE-2018-17182 - https://github.com/likescam/CVE-2018-17182 +CVE-2018-17182 - https://github.com/lp008/Hack-readme CVE-2018-17182 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-17182 - https://github.com/rakjong/LinuxElevation +CVE-2018-17182 - https://github.com/slimdaddy/RedTeam CVE-2018-17182 - https://github.com/xairy/linux-kernel-exploitation CVE-2018-17182 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-17182 - https://github.com/xiaoZ-hc/redtool CVE-2018-17183 - https://github.com/0xT11/CVE-POC +CVE-2018-17189 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2018-17189 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2018-17189 - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough CVE-2018-17189 - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough CVE-2018-17189 - https://github.com/vshaliii/Funbox2-rookie +CVE-2018-17190 - https://github.com/yahoo/cubed +CVE-2018-17196 - https://github.com/isxbot/software-assurance +CVE-2018-17199 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2018-17199 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2018-17199 - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough CVE-2018-17199 - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough @@ -18472,6 +19260,7 @@ CVE-2018-17200 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2018-17207 - https://github.com/0xT11/CVE-POC CVE-2018-17229 - https://github.com/Marsman1996/pocs CVE-2018-17230 - https://github.com/Marsman1996/pocs +CVE-2018-1724 - https://github.com/rmadamson/rmadamson CVE-2018-17246 - https://github.com/0xT11/CVE-POC CVE-2018-17246 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-17246 - https://github.com/Elsfa7-110/kenzer-templates @@ -18507,6 +19296,7 @@ CVE-2018-17453 - https://github.com/PAGalaxyLab/VulInfo CVE-2018-17456 - https://github.com/0xT11/CVE-POC CVE-2018-17456 - https://github.com/AnonymKing/CVE-2017-1000117 CVE-2018-17456 - https://github.com/AnonymKing/CVE-2018-17456 +CVE-2018-17456 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-17456 - https://github.com/back2zero/GIT_CVE_2018_17456 CVE-2018-17456 - https://github.com/siddharthraopotukuchi/trivy CVE-2018-17456 - https://github.com/simiyo/trivy @@ -18537,6 +19327,8 @@ CVE-2018-17497 - https://github.com/nutc4k3/amazing-iot-security CVE-2018-17499 - https://github.com/nutc4k3/amazing-iot-security CVE-2018-17500 - https://github.com/nutc4k3/amazing-iot-security CVE-2018-17502 - https://github.com/nutc4k3/amazing-iot-security +CVE-2018-17552 - https://github.com/anhquan99/DetectSQLInjectionPyshark +CVE-2018-1776 - https://github.com/rmadamson/rmadamson CVE-2018-17765 - https://github.com/404notf0und/CVE-Flow CVE-2018-17766 - https://github.com/404notf0und/CVE-Flow CVE-2018-17767 - https://github.com/404notf0und/CVE-Flow @@ -18549,6 +19341,7 @@ CVE-2018-17773 - https://github.com/404notf0und/CVE-Flow CVE-2018-17774 - https://github.com/404notf0und/CVE-Flow CVE-2018-17780 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-17780 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-1782 - https://github.com/rmadamson/rmadamson CVE-2018-17853 - https://github.com/PAGalaxyLab/VulInfo CVE-2018-17854 - https://github.com/ZhengMinghui1234/enfuzzer CVE-2018-17873 - https://github.com/0xT11/CVE-POC @@ -18557,11 +19350,23 @@ CVE-2018-17915 - https://github.com/KostasEreksonas/Besder-6024PB-XMA501-ip-came CVE-2018-17917 - https://github.com/KostasEreksonas/Besder-6024PB-XMA501-ip-camera-security-investigation CVE-2018-17919 - https://github.com/KostasEreksonas/Besder-6024PB-XMA501-ip-camera-security-investigation CVE-2018-1792 - https://github.com/mirchr/security-research +CVE-2018-17946 - https://github.com/El-Palomo/DerpNStink CVE-2018-17961 - https://github.com/0xT11/CVE-POC +CVE-2018-17961 - https://github.com/Apri1y/Red-Team-links CVE-2018-17961 - https://github.com/Echocipher/Resource-list +CVE-2018-17961 - https://github.com/hudunkey/Red-Team-links +CVE-2018-17961 - https://github.com/john-80/-007 +CVE-2018-17961 - https://github.com/lp008/Hack-readme +CVE-2018-17961 - https://github.com/slimdaddy/RedTeam CVE-2018-17961 - https://github.com/superfish9/pt +CVE-2018-17961 - https://github.com/xiaoZ-hc/redtool +CVE-2018-17985 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2018-17985 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-17985 - https://github.com/wcventure/MemLock-Fuzz CVE-2018-18013 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2018-18017 - https://github.com/El-Palomo/DerpNStink +CVE-2018-18018 - https://github.com/El-Palomo/DerpNStink +CVE-2018-18019 - https://github.com/El-Palomo/DerpNStink CVE-2018-18026 - https://github.com/0xT11/CVE-POC CVE-2018-18026 - https://github.com/DownWithUp/CVE-2018-18026 CVE-2018-18026 - https://github.com/DownWithUp/CVE-Stockpile @@ -18570,6 +19375,8 @@ CVE-2018-18067 - https://github.com/PAGalaxyLab/VulInfo CVE-2018-18069 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-18069 - https://github.com/Elsfa7-110/kenzer-templates CVE-2018-18069 - https://github.com/sobinge/nuclei-templates +CVE-2018-18074 - https://github.com/colonelmeow/appsecctf +CVE-2018-18074 - https://github.com/jrak1204/overstock_test CVE-2018-18086 - https://github.com/SexyBeast233/SecBooks CVE-2018-18191 - https://github.com/SexyBeast233/SecBooks CVE-2018-18203 - https://github.com/sgayou/subaru-starlink-research @@ -18596,9 +19403,14 @@ CVE-2018-18439 - https://github.com/f-secure-foundry/advisories CVE-2018-18440 - https://github.com/f-secure-foundry/advisories CVE-2018-18472 - https://github.com/odolezal/notes CVE-2018-18483 - https://github.com/wcventure/MemLock-Fuzz +CVE-2018-18484 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2018-18484 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-18484 - https://github.com/wcventure/MemLock-Fuzz +CVE-2018-18492 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2018-18492 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2018-18495 - https://github.com/RedHatProductSecurity/cwe-toolkit CVE-2018-18500 - https://github.com/0xT11/CVE-POC +CVE-2018-18500 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2018-18500 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2018-18500 - https://github.com/sophoslabs/CVE-2018-18500 CVE-2018-18520 - https://github.com/flyrev/security-scan-ci-presentation @@ -18621,12 +19433,17 @@ CVE-2018-18628 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2018-18629 - https://github.com/mirchr/security-research CVE-2018-18637 - https://github.com/WSP-LAB/FUSE CVE-2018-18649 - https://github.com/0xT11/CVE-POC +CVE-2018-18649 - https://github.com/deadcyph3r/Awesome-Collection CVE-2018-18649 - https://github.com/izj007/wechat CVE-2018-18656 - https://github.com/SpiderLabs/cve_server CVE-2018-18661 - https://github.com/revl-ca/scan-docker-image CVE-2018-18694 - https://github.com/WSP-LAB/FUSE CVE-2018-18695 - https://github.com/DelspoN/CVE +CVE-2018-18700 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2018-18700 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-18700 - https://github.com/wcventure/MemLock-Fuzz +CVE-2018-18701 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2018-18701 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-18701 - https://github.com/wcventure/MemLock-Fuzz CVE-2018-18714 - https://github.com/0xT11/CVE-POC CVE-2018-18714 - https://github.com/DownWithUp/CVE-2018-18714 @@ -18651,6 +19468,7 @@ CVE-2018-18852 - https://github.com/0xT11/CVE-POC CVE-2018-18852 - https://github.com/hook-s3c/CVE-2018-18852 CVE-2018-18925 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-18925 - https://github.com/SexyBeast233/SecBooks +CVE-2018-18925 - https://github.com/Timirepo/CVE_Exploits CVE-2018-18925 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2018-18925 - https://github.com/p1ay8y3ar/cve_monitor CVE-2018-18925 - https://github.com/sonatype-nexus-community/nancy @@ -18728,8 +19546,11 @@ CVE-2018-19340 - https://github.com/0xUhaw/CVE-Bins CVE-2018-19340 - https://github.com/eddietcc/CVEnotes CVE-2018-19355 - https://github.com/zapalm/prestashop-security-vulnerability-checker CVE-2018-19360 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2018-19360 - https://github.com/ilmari666/cybsec CVE-2018-19361 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2018-19361 - https://github.com/ilmari666/cybsec CVE-2018-19362 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2018-19362 - https://github.com/ilmari666/cybsec CVE-2018-19386 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-19386 - https://github.com/Elsfa7-110/kenzer-templates CVE-2018-19386 - https://github.com/sobinge/nuclei-templates @@ -18758,6 +19579,7 @@ CVE-2018-19466 - https://github.com/MauroEldritch/lempo CVE-2018-19466 - https://github.com/MauroEldritch/mauroeldritch CVE-2018-19475 - https://github.com/NCSU-DANCE-Research-Group/CDL CVE-2018-19475 - https://github.com/SexyBeast233/SecBooks +CVE-2018-19486 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-19486 - https://github.com/siddharthraopotukuchi/trivy CVE-2018-19486 - https://github.com/simiyo/trivy CVE-2018-19486 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers @@ -18793,6 +19615,8 @@ CVE-2018-19540 - https://github.com/aflsmart/aflsmart CVE-2018-19541 - https://github.com/aflsmart/aflsmart CVE-2018-19542 - https://github.com/aflsmart/aflsmart CVE-2018-19543 - https://github.com/aflsmart/aflsmart +CVE-2018-19571 - https://github.com/dotPY-hax/gitlab_RCE +CVE-2018-19585 - https://github.com/dotPY-hax/gitlab_RCE CVE-2018-19591 - https://github.com/simonsdave/clair-cicd CVE-2018-19592 - https://github.com/0xT11/CVE-POC CVE-2018-19596 - https://github.com/0xT11/CVE-POC @@ -18820,10 +19644,13 @@ CVE-2018-19788 - https://github.com/d4gh0s7/CVE-2018-19788 CVE-2018-19788 - https://github.com/mirchr/security-research CVE-2018-19788 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-19788 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-19837 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2018-19837 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-19844 - https://github.com/0xT11/CVE-POC CVE-2018-19845 - https://github.com/0xT11/CVE-POC CVE-2018-19859 - https://github.com/WhiteOakSecurity/CVE-2018-19859 CVE-2018-19864 - https://github.com/0xT11/CVE-POC +CVE-2018-19876 - https://github.com/facebookincubator/meta-fbvuln CVE-2018-19901 - https://github.com/0xT11/CVE-POC CVE-2018-19902 - https://github.com/0xT11/CVE-POC CVE-2018-19903 - https://github.com/0xT11/CVE-POC @@ -18862,6 +19689,7 @@ CVE-2018-1999002 - https://github.com/fengjixuchui/RedTeamer CVE-2018-1999002 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-1999002 - https://github.com/superfish9/pt CVE-2018-1999002 - https://github.com/wetw0rk/Exploit-Development +CVE-2018-1999004 - https://github.com/SNTSVV/SMRL_EclipsePlugin CVE-2018-1999042 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2018-20002 - https://github.com/wcventure/MemLock-Fuzz CVE-2018-20004 - https://github.com/ZhengMinghui1234/enfuzzer @@ -18880,12 +19708,22 @@ CVE-2018-20117 - https://github.com/RUB-SysSec/redqueen CVE-2018-20118 - https://github.com/RUB-SysSec/redqueen CVE-2018-20119 - https://github.com/RUB-SysSec/redqueen CVE-2018-20129 - https://github.com/SexyBeast233/SecBooks +CVE-2018-20147 - https://github.com/El-Palomo/DerpNStink +CVE-2018-20148 - https://github.com/El-Palomo/DerpNStink CVE-2018-20148 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2018-20148 - https://github.com/tthseus/WooCommerce-CVEs +CVE-2018-20149 - https://github.com/El-Palomo/DerpNStink +CVE-2018-20150 - https://github.com/El-Palomo/DerpNStink +CVE-2018-20151 - https://github.com/El-Palomo/DerpNStink +CVE-2018-20152 - https://github.com/El-Palomo/DerpNStink +CVE-2018-20153 - https://github.com/El-Palomo/DerpNStink CVE-2018-20161 - https://github.com/Jacquais/BlinkVuln CVE-2018-20162 - https://github.com/0xT11/CVE-POC CVE-2018-20162 - https://github.com/stigtsp/CVE-2018-20162-digi-lr54-restricted-shell-escape CVE-2018-20164 - https://github.com/engn33r/awesome-redos-security CVE-2018-20165 - https://github.com/0xT11/CVE-POC +CVE-2018-20186 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2018-20186 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-2019 - https://github.com/0xT11/CVE-POC CVE-2018-2019 - https://github.com/attakercyebr/hack4lx_CVE-2018-2019 CVE-2018-2019 - https://github.com/developer3000S/PoC-in-GitHub @@ -18895,6 +19733,7 @@ CVE-2018-20217 - https://github.com/leonov-av/scanvus CVE-2018-20217 - https://github.com/p1ay8y3ar/cve_monitor CVE-2018-2025 - https://github.com/QAX-A-Team/CVE-2018-20250 CVE-2018-20250 - https://github.com/0xT11/CVE-POC +CVE-2018-20250 - https://github.com/Apri1y/Red-Team-links CVE-2018-20250 - https://github.com/CnHack3r/Penetration_PoC CVE-2018-20250 - https://github.com/DANIELVISPOBLOG/WinRar_ACE_exploit_CVE-2018-20250 CVE-2018-20250 - https://github.com/Echocipher/Resource-list @@ -18913,22 +19752,28 @@ CVE-2018-20250 - https://github.com/easis/CVE-2018-20250-WinRAR-ACE CVE-2018-20250 - https://github.com/eastmountyxz/CSDNBlog-Security-Based CVE-2018-20250 - https://github.com/eastmountyxz/CVE-2018-20250-WinRAR CVE-2018-20250 - https://github.com/eastmountyxz/NetworkSecuritySelf-study +CVE-2018-20250 - https://github.com/eastmountyxz/SystemSecurity-ReverseAnalysis CVE-2018-20250 - https://github.com/googleprojectzero/winafl CVE-2018-20250 - https://github.com/hardik05/winafl-powermopt CVE-2018-20250 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2018-20250 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-20250 - https://github.com/hudunkey/Red-Team-links CVE-2018-20250 - https://github.com/huike007/penetration_poc CVE-2018-20250 - https://github.com/huike007/poc +CVE-2018-20250 - https://github.com/john-80/-007 +CVE-2018-20250 - https://github.com/lp008/Hack-readme CVE-2018-20250 - https://github.com/manulqwerty/Evil-WinRAR-Gen CVE-2018-20250 - https://github.com/nmweizi/CVE-2018-20250-poc-winrar CVE-2018-20250 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2018-20250 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-20250 - https://github.com/ray-cp/Vuln_Analysis +CVE-2018-20250 - https://github.com/slimdaddy/RedTeam CVE-2018-20250 - https://github.com/technicaldada/hack-winrar CVE-2018-20250 - https://github.com/wateroot/poc-exp CVE-2018-20250 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2018-20250 - https://github.com/wrlu/Vulnerabilities CVE-2018-20250 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-20250 - https://github.com/xiaoZ-hc/redtool CVE-2018-20250 - https://github.com/ycdxsb/Exploits CVE-2018-20250 - https://github.com/yedada-wei/- CVE-2018-20250 - https://github.com/yedada-wei/gongkaishouji @@ -18938,14 +19783,18 @@ CVE-2018-20252 - https://github.com/googleprojectzero/winafl CVE-2018-20252 - https://github.com/hardik05/winafl-powermopt CVE-2018-20253 - https://github.com/googleprojectzero/winafl CVE-2018-20253 - https://github.com/hardik05/winafl-powermopt +CVE-2018-20303 - https://github.com/Timirepo/CVE_Exploits CVE-2018-20303 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2018-20303 - https://github.com/sonatype-nexus-community/ahab CVE-2018-20303 - https://github.com/sonatype-nexus-community/nancy CVE-2018-20310 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2018-20318 - https://github.com/superfish9/pt CVE-2018-20319 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2018-20334 - https://github.com/JustPlay/pce-ac88_linuxdriver +CVE-2018-20336 - https://github.com/JustPlay/pce-ac88_linuxdriver CVE-2018-20343 - https://github.com/0xT11/CVE-POC CVE-2018-20343 - https://github.com/Alexandre-Bartel/CVE-2018-20343 +CVE-2018-20346 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-20346 - https://github.com/righettod/log-requests-to-sqlite CVE-2018-20346 - https://github.com/saiyuki1919/BlackHat2019 CVE-2018-20346 - https://github.com/siddharthraopotukuchi/trivy @@ -18961,17 +19810,20 @@ CVE-2018-20434 - https://github.com/0xT11/CVE-POC CVE-2018-20434 - https://github.com/mhaskar/CVE-2018-20434 CVE-2018-20462 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-20470 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2018-20482 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-20482 - https://github.com/flyrev/security-scan-ci-presentation CVE-2018-20482 - https://github.com/siddharthraopotukuchi/trivy CVE-2018-20482 - https://github.com/simiyo/trivy CVE-2018-20482 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2018-20482 - https://github.com/umahari/security +CVE-2018-20505 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-20505 - https://github.com/righettod/log-requests-to-sqlite CVE-2018-20505 - https://github.com/saiyuki1919/BlackHat2019 CVE-2018-20505 - https://github.com/siddharthraopotukuchi/trivy CVE-2018-20505 - https://github.com/simiyo/trivy CVE-2018-20505 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2018-20505 - https://github.com/umahari/security +CVE-2018-20506 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-20506 - https://github.com/saiyuki1919/BlackHat2019 CVE-2018-20506 - https://github.com/siddharthraopotukuchi/trivy CVE-2018-20506 - https://github.com/simiyo/trivy @@ -18983,12 +19835,17 @@ CVE-2018-20552 - https://github.com/Marsman1996/pocs CVE-2018-20553 - https://github.com/Marsman1996/pocs CVE-2018-20555 - https://github.com/0xT11/CVE-POC CVE-2018-20555 - https://github.com/fs0c131y/CVE-2018-20555 +CVE-2018-20573 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2018-20573 - https://github.com/tzf-key/MemLock_Benchmark +CVE-2018-20574 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2018-20574 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-20575 - https://github.com/zadewg/LIVEBOX-0DAY CVE-2018-20576 - https://github.com/zadewg/LIVEBOX-0DAY CVE-2018-20577 - https://github.com/zadewg/LIVEBOX-0DAY CVE-2018-20580 - https://github.com/0xT11/CVE-POC CVE-2018-20580 - https://github.com/gscamelo/CVE-2018-20580 CVE-2018-20586 - https://github.com/0xT11/CVE-POC +CVE-2018-20587 - https://github.com/nachobonilla/awesome-blockchain-security CVE-2018-20592 - https://github.com/wcventure/UAF-Fuzzer-TestSuite CVE-2018-20605 - https://github.com/SexyBeast233/SecBooks CVE-2018-20606 - https://github.com/SexyBeast233/SecBooks @@ -19001,16 +19858,21 @@ CVE-2018-20621 - https://github.com/RhinoSecurityLabs/CVEs CVE-2018-20621 - https://github.com/nattimmis/CVE-Collection CVE-2018-20621 - https://github.com/sunzu94/AWS-CVEs CVE-2018-20623 - https://github.com/phonito/phonito-vulnerable-container +CVE-2018-20623 - https://github.com/strongcourage/uafbench +CVE-2018-20623 - https://github.com/strongcourage/uafuzz CVE-2018-20623 - https://github.com/wcventure/UAF-Fuzzer-TestSuite CVE-2018-20651 - https://github.com/phonito/phonito-vulnerable-container CVE-2018-20652 - https://github.com/wcventure/MemLock-Fuzz CVE-2018-20657 - https://github.com/phonito/phonito-vulnerable-container CVE-2018-20657 - https://github.com/wcventure/MemLock-Fuzz +CVE-2018-20659 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2018-20659 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-20671 - https://github.com/phonito/phonito-vulnerable-container CVE-2018-20673 - https://github.com/phonito/phonito-vulnerable-container CVE-2018-20676 - https://github.com/ossf-cve-benchmark/CVE-2018-20676 CVE-2018-20677 - https://github.com/andersoncontreira/http-tunnel-node CVE-2018-20677 - https://github.com/ossf-cve-benchmark/CVE-2018-20677 +CVE-2018-20685 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-20685 - https://github.com/revl-ca/scan-docker-image CVE-2018-20685 - https://github.com/siddharthraopotukuchi/trivy CVE-2018-20685 - https://github.com/simiyo/trivy @@ -19030,22 +19892,31 @@ CVE-2018-20783 - https://github.com/teamssix/pigat CVE-2018-20796 - https://github.com/flyrev/security-scan-ci-presentation CVE-2018-20796 - https://github.com/garethr/snykout CVE-2018-20796 - https://github.com/revl-ca/scan-docker-image +CVE-2018-20797 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2018-20797 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-20801 - https://github.com/ossf-cve-benchmark/CVE-2018-20801 CVE-2018-20817 - https://github.com/RektInator/cod-steamauth-rce CVE-2018-20817 - https://github.com/momo5502/cod-exploits +CVE-2018-20821 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2018-20821 - https://github.com/tzf-key/MemLock_Benchmark +CVE-2018-20822 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2018-20822 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-20824 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-20824 - https://github.com/Elsfa7-110/kenzer-templates CVE-2018-20824 - https://github.com/sobinge/nuclei-templates +CVE-2018-20824 - https://github.com/sushantdhopat/JIRA_testing CVE-2018-20834 - https://github.com/ForEvolve/git-extensions-for-vs-code CVE-2018-20834 - https://github.com/hegde5/VS-Code-PyDoc-Extension CVE-2018-20834 - https://github.com/ossf-cve-benchmark/CVE-2018-20834 CVE-2018-20835 - https://github.com/ossf-cve-benchmark/CVE-2018-20835 CVE-2018-20839 - https://github.com/garethr/snykout +CVE-2018-20839 - https://github.com/juaromu/wazuh-snyk CVE-2018-20839 - https://github.com/revl-ca/scan-docker-image CVE-2018-20839 - https://github.com/simonsdave/clair-cicd CVE-2018-20843 - https://github.com/revl-ca/scan-docker-image CVE-2018-20852 - https://github.com/phonito/phonito-vulnerable-container CVE-2018-20966 - https://github.com/parzel/CVE-2018-20966 +CVE-2018-20969 - https://github.com/irsl/gnu-patch-vulnerabilities CVE-2018-20969 - https://github.com/phonito/phonito-vulnerable-container CVE-2018-20979 - https://github.com/El-Palomo/MR-ROBOT-1 CVE-2018-20985 - https://github.com/ARPSyndicate/kenzer-templates @@ -19057,6 +19928,7 @@ CVE-2018-20994 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2018-20995 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2018-20996 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2018-20997 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs +CVE-2018-20997 - https://github.com/MaineK00n/go-osv CVE-2018-20998 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2018-20999 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2018-21000 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs @@ -19069,6 +19941,7 @@ CVE-2018-21019 - https://github.com/Eriner/eriner CVE-2018-21031 - https://github.com/elkassimyhajar/CVE-2018-16809 CVE-2018-21031 - https://github.com/manmolecular/tautulli-cve-2018-21031 CVE-2018-21034 - https://github.com/Eriner/eriner +CVE-2018-21035 - https://github.com/PalindromeLabs/awesome-websocket-security CVE-2018-21036 - https://github.com/ossf-cve-benchmark/CVE-2018-21036 CVE-2018-21232 - https://github.com/jaydenaung/CloudGuard-ShiftLeft-CICD-AWS CVE-2018-2373 - https://github.com/lmkalg/my_cves @@ -19083,6 +19956,7 @@ CVE-2018-2392 - https://github.com/Vladimir-Ivanov-Git/sap_igs_xxe CVE-2018-2392 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-2392 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-2393 - https://github.com/Vladimir-Ivanov-Git/sap_igs_xxe +CVE-2018-25008 - https://github.com/Qwaz/rust-cve CVE-2018-25010 - https://github.com/equinor/radix-image-scanner CVE-2018-25015 - https://github.com/plummm/SyzScope CVE-2018-2562 - https://github.com/andir/nixos-issue-db-example @@ -19103,6 +19977,7 @@ CVE-2018-2628 - https://github.com/0xn0ne/weblogicScanner CVE-2018-2628 - https://github.com/1120362990/vulnerability-list CVE-2018-2628 - https://github.com/9uest/CVE-2018-2628 CVE-2018-2628 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2018-2628 - https://github.com/Bywalks/WeblogicScan CVE-2018-2628 - https://github.com/Dido1960/Weblogic-CVE-2020-2551-To-Internet CVE-2018-2628 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2018-2628 - https://github.com/Lighird/CVE-2018-2628 @@ -19128,6 +20003,7 @@ CVE-2018-2628 - https://github.com/hanc00l/weblogic_unserialize_exploit CVE-2018-2628 - https://github.com/hashtagcyber/Exp CVE-2018-2628 - https://github.com/hawk-520/CVE-2018-2628 CVE-2018-2628 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-2628 - https://github.com/hmoytx/weblogicscan CVE-2018-2628 - https://github.com/jas502n/CVE-2018-2628 CVE-2018-2628 - https://github.com/jas502n/CVE-2018-2893 CVE-2018-2628 - https://github.com/jiangsir404/POC-S @@ -19136,15 +20012,18 @@ CVE-2018-2628 - https://github.com/kingkaki/weblogic-scan CVE-2018-2628 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2018-2628 - https://github.com/koutto/jok3r-pocs CVE-2018-2628 - https://github.com/likescam/CVE-2018-2628 +CVE-2018-2628 - https://github.com/maya6/-scan- CVE-2018-2628 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2018-2628 - https://github.com/mmioimm/weblogic_test CVE-2018-2628 - https://github.com/nihaohello/N-MiddlewareScan CVE-2018-2628 - https://github.com/p1ay8y3ar/cve_monitor CVE-2018-2628 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-2628 - https://github.com/rabbitmask/WeblogicScanLot +CVE-2018-2628 - https://github.com/safe6Sec/wlsEnv CVE-2018-2628 - https://github.com/shengqi158/CVE-2018-2628 CVE-2018-2628 - https://github.com/skydarker/CVE-2018-2628 CVE-2018-2628 - https://github.com/superfish9/pt +CVE-2018-2628 - https://github.com/tdcoming/Vulnerability-engine CVE-2018-2628 - https://github.com/tdy218/ysoserial-cve-2018-2628 CVE-2018-2628 - https://github.com/whoadmin/pocs CVE-2018-2628 - https://github.com/wrysunny/cve-2018-2628 @@ -19238,6 +20117,8 @@ CVE-2018-2879 - https://github.com/redtimmy/OAMBuster CVE-2018-2893 - https://github.com/0xT11/CVE-POC CVE-2018-2893 - https://github.com/0xn0ne/weblogicScanner CVE-2018-2893 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2018-2893 - https://github.com/Apri1y/Red-Team-links +CVE-2018-2893 - https://github.com/Bywalks/WeblogicScan CVE-2018-2893 - https://github.com/Echocipher/Resource-list CVE-2018-2893 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2018-2893 - https://github.com/Harmoc/CTFTools @@ -19256,9 +20137,13 @@ CVE-2018-2893 - https://github.com/followboy1999/weblogic-deserialization CVE-2018-2893 - https://github.com/hanc00l/some_pocsuite CVE-2018-2893 - https://github.com/hanc00l/weblogic_unserialize_exploit CVE-2018-2893 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-2893 - https://github.com/hmoytx/weblogicscan +CVE-2018-2893 - https://github.com/hudunkey/Red-Team-links CVE-2018-2893 - https://github.com/jas502n/CVE-2018-2893 CVE-2018-2893 - https://github.com/jas502n/CVE-2018-3245 +CVE-2018-2893 - https://github.com/john-80/-007 CVE-2018-2893 - https://github.com/koutto/jok3r-pocs +CVE-2018-2893 - https://github.com/lp008/Hack-readme CVE-2018-2893 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2018-2893 - https://github.com/nihaohello/N-MiddlewareScan CVE-2018-2893 - https://github.com/pyn3rd/CVE-2018-2893 @@ -19268,9 +20153,11 @@ CVE-2018-2893 - https://github.com/qianl0ng/CVE-2018-2893 CVE-2018-2893 - https://github.com/rabbitmask/WeblogicScanLot CVE-2018-2893 - https://github.com/ryanInf/CVE-2018-2893 CVE-2018-2893 - https://github.com/shengqi158/CVE-2018-2628 +CVE-2018-2893 - https://github.com/slimdaddy/RedTeam CVE-2018-2893 - https://github.com/sry309/CVE-2018-2893 CVE-2018-2893 - https://github.com/whoadmin/pocs CVE-2018-2893 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-2893 - https://github.com/xiaoZ-hc/redtool CVE-2018-2893 - https://github.com/zema1/oracle-vuln-crawler CVE-2018-2894 - https://github.com/0day666/Vulnerability-verification CVE-2018-2894 - https://github.com/0xT11/CVE-POC @@ -19281,9 +20168,13 @@ CVE-2018-2894 - https://github.com/84KaliPleXon3/Payloads_All_The_Things CVE-2018-2894 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-2894 - https://github.com/AnonVulc/Pentest-Tools CVE-2018-2894 - https://github.com/Aquilao/Toy-Box +CVE-2018-2894 - https://github.com/Bywalks/WeblogicScan +CVE-2018-2894 - https://github.com/Delishsploits/PayloadsAndMethodology CVE-2018-2894 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2018-2894 - https://github.com/GuynnR/Payloads CVE-2018-2894 - https://github.com/LandGrey/CVE-2018-2894 CVE-2018-2894 - https://github.com/Muhammd/Awesome-Payloads +CVE-2018-2894 - https://github.com/Nieuport/PayloadsAllTheThings CVE-2018-2894 - https://github.com/ParrotSec-CN/ParrotSecCN_Community_QQbot CVE-2018-2894 - https://github.com/Ra7mo0on/PayloadsAllTheThings CVE-2018-2894 - https://github.com/S3cur3Th1sSh1t/Pentest-Tools @@ -19291,24 +20182,37 @@ CVE-2018-2894 - https://github.com/SexyBeast233/SecBooks CVE-2018-2894 - https://github.com/XPR1M3/Payloads_All_The_Things CVE-2018-2894 - https://github.com/andrysec/PayloadsAllVulnerability CVE-2018-2894 - https://github.com/anhtu97/PayloadAllEverything +CVE-2018-2894 - https://github.com/apkadmin/PayLoadsAll CVE-2018-2894 - https://github.com/awsassets/weblogic_exploit +CVE-2018-2894 - https://github.com/chanchalpatra/payload CVE-2018-2894 - https://github.com/cross2to/betaseclab_tools CVE-2018-2894 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-2894 - https://github.com/dr0op/WeblogicScan CVE-2018-2894 - https://github.com/fengjixuchui/RedTeamer CVE-2018-2894 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-2894 - https://github.com/hellochunqiu/PayloadsAllTheThings +CVE-2018-2894 - https://github.com/hmoytx/weblogicscan CVE-2018-2894 - https://github.com/jas502n/CVE-2018-2894 CVE-2018-2894 - https://github.com/jiangsir404/POC-S CVE-2018-2894 - https://github.com/k8gege/PyLadon CVE-2018-2894 - https://github.com/koutto/jok3r-pocs +CVE-2018-2894 - https://github.com/ksw9722/PayloadsAllTheThings +CVE-2018-2894 - https://github.com/lp008/Hack-readme +CVE-2018-2894 - https://github.com/mrhacker51/ReverseShellCommands +CVE-2018-2894 - https://github.com/nevidimk0/PayloadsAllTheThings +CVE-2018-2894 - https://github.com/pwnagelabs/VEF CVE-2018-2894 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-2894 - https://github.com/rabbitmask/WeblogicScanLot +CVE-2018-2894 - https://github.com/severnake/Pentest-Tools CVE-2018-2894 - https://github.com/sobinge/--1 CVE-2018-2894 - https://github.com/sobinge/PayloadsAllTheThings +CVE-2018-2894 - https://github.com/sobinge/PayloadsAllThesobinge CVE-2018-2894 - https://github.com/superfish9/pt +CVE-2018-2894 - https://github.com/tdcoming/Vulnerability-engine CVE-2018-2894 - https://github.com/theyoge/AD-Pentesting-Tools CVE-2018-2894 - https://github.com/veo/vscan CVE-2018-2894 - https://github.com/whoadmin/pocs +CVE-2018-2894 - https://github.com/winterwolf32/PayloadsAllTheThings CVE-2018-2894 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-2894 - https://github.com/xiaoyaovo/2021SecWinterTask CVE-2018-2894 - https://github.com/zema1/oracle-vuln-crawler @@ -19326,7 +20230,9 @@ CVE-2018-3071 - https://github.com/andir/nixos-issue-db-example CVE-2018-3085 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-3085 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-3149 - https://github.com/HackJava/JNDI +CVE-2018-3149 - https://github.com/flowerlake/spring-jolokia-rce CVE-2018-3149 - https://github.com/lz2y/CVE-2021-2394 +CVE-2018-3149 - https://github.com/lz2y/DubboPOC CVE-2018-3167 - https://github.com/301415926/PENTESTING-BIBLE CVE-2018-3167 - https://github.com/84KaliPleXon3/PENTESTING-BIBLE CVE-2018-3167 - https://github.com/ARPSyndicate/kenzer-templates @@ -19353,6 +20259,7 @@ CVE-2018-3167 - https://github.com/t31m0/PENTESTING-BIBLE CVE-2018-3167 - https://github.com/vincentfer/PENTESTING-BIBLE- CVE-2018-3191 - https://github.com/0xT11/CVE-POC CVE-2018-3191 - https://github.com/0xn0ne/weblogicScanner +CVE-2018-3191 - https://github.com/Apri1y/Red-Team-links CVE-2018-3191 - https://github.com/Echocipher/Resource-list CVE-2018-3191 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2018-3191 - https://github.com/Libraggbond/CVE-2018-3191 @@ -19366,19 +20273,25 @@ CVE-2018-3191 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-3191 - https://github.com/fengjixuchui/RedTeamer CVE-2018-3191 - https://github.com/followboy1999/weblogic-deserialization CVE-2018-3191 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-3191 - https://github.com/hudunkey/Red-Team-links CVE-2018-3191 - https://github.com/jas502n/CVE-2018-3191 +CVE-2018-3191 - https://github.com/john-80/-007 CVE-2018-3191 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2018-3191 - https://github.com/koutto/jok3r-pocs +CVE-2018-3191 - https://github.com/lp008/Hack-readme CVE-2018-3191 - https://github.com/mackleadmire/CVE-2018-3191-Rce-Exploit CVE-2018-3191 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2018-3191 - https://github.com/pyn3rd/CVE-2018-3191 CVE-2018-3191 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2018-3191 - https://github.com/slimdaddy/RedTeam CVE-2018-3191 - https://github.com/superfish9/pt CVE-2018-3191 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-3191 - https://github.com/xiaoZ-hc/redtool CVE-2018-3191 - https://github.com/zema1/oracle-vuln-crawler CVE-2018-3238 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-3245 - https://github.com/0xT11/CVE-POC CVE-2018-3245 - https://github.com/0xn0ne/weblogicScanner +CVE-2018-3245 - https://github.com/Apri1y/Red-Team-links CVE-2018-3245 - https://github.com/Echocipher/Resource-list CVE-2018-3245 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2018-3245 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs @@ -19388,14 +20301,19 @@ CVE-2018-3245 - https://github.com/cross2to/betaseclab_tools CVE-2018-3245 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-3245 - https://github.com/followboy1999/weblogic-deserialization CVE-2018-3245 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-3245 - https://github.com/hudunkey/Red-Team-links CVE-2018-3245 - https://github.com/jas502n/CVE-2018-3245 +CVE-2018-3245 - https://github.com/john-80/-007 CVE-2018-3245 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2018-3245 - https://github.com/koutto/jok3r-pocs +CVE-2018-3245 - https://github.com/lp008/Hack-readme CVE-2018-3245 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2018-3245 - https://github.com/pyn3rd/CVE-2018-3245 CVE-2018-3245 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2018-3245 - https://github.com/slimdaddy/RedTeam CVE-2018-3245 - https://github.com/superfish9/pt CVE-2018-3245 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-3245 - https://github.com/xiaoZ-hc/redtool CVE-2018-3245 - https://github.com/zema1/oracle-vuln-crawler CVE-2018-3246 - https://github.com/superfish9/pt CVE-2018-3248 - https://github.com/zema1/oracle-vuln-crawler @@ -19522,6 +20440,8 @@ CVE-2018-3714 - https://github.com/Elsfa7-110/kenzer-templates CVE-2018-3714 - https://github.com/sobinge/nuclei-templates CVE-2018-3718 - https://github.com/ossf-cve-benchmark/CVE-2018-3718 CVE-2018-3719 - https://github.com/ossf-cve-benchmark/CVE-2018-3719 +CVE-2018-3721 - https://github.com/D4rkP0w4r/SnykCon-CTF-2021 +CVE-2018-3721 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-3721 - https://github.com/duckstroms/Web-CTF-Cheatsheet CVE-2018-3721 - https://github.com/futoin/core-js-ri-invoker CVE-2018-3721 - https://github.com/siddharthraopotukuchi/trivy @@ -19542,6 +20462,7 @@ CVE-2018-3736 - https://github.com/ossf-cve-benchmark/CVE-2018-3736 CVE-2018-3737 - https://github.com/hangxingliu/node-cve CVE-2018-3737 - https://github.com/ossf-cve-benchmark/CVE-2018-3737 CVE-2018-3738 - https://github.com/ossf-cve-benchmark/CVE-2018-3738 +CVE-2018-3741 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-3741 - https://github.com/siddharthraopotukuchi/trivy CVE-2018-3741 - https://github.com/simiyo/trivy CVE-2018-3741 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers @@ -19686,6 +20607,7 @@ CVE-2018-4233 - https://github.com/Jailbreaks/rce_1131 CVE-2018-4233 - https://github.com/LinusHenze/WebKit-RegEx-Exploit CVE-2018-4233 - https://github.com/NickA1260/My-Coding-Bio CVE-2018-4233 - https://github.com/Tom-ODonnell/TFP0-via-Safari-iOS-11.3.1 +CVE-2018-4233 - https://github.com/WRFan/jailbreak10.3.3 CVE-2018-4233 - https://github.com/Yangcheesen/jailbreakme CVE-2018-4233 - https://github.com/awesomehd1/JailbreakMe CVE-2018-4233 - https://github.com/developer3000S/PoC-in-GitHub @@ -19735,6 +20657,7 @@ CVE-2018-4251 - https://github.com/ptresearch/mmdetect CVE-2018-4262 - https://github.com/blacktop/docker-webkit CVE-2018-4262 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-4262 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-4277 - https://github.com/deadcyph3r/Awesome-Collection CVE-2018-4280 - https://github.com/0xT11/CVE-POC CVE-2018-4280 - https://github.com/bazad/blanket CVE-2018-4280 - https://github.com/bazad/launchd-portrep @@ -19796,6 +20719,7 @@ CVE-2018-4386 - https://github.com/tunz/js-vuln-db CVE-2018-4396 - https://github.com/didi/kemon CVE-2018-4407 - https://github.com/0xT11/CVE-POC CVE-2018-4407 - https://github.com/649/Crash-iOS-Exploit +CVE-2018-4407 - https://github.com/Apri1y/Red-Team-links CVE-2018-4407 - https://github.com/Aquilao/Toy-Box CVE-2018-4407 - https://github.com/Echocipher/Resource-list CVE-2018-4407 - https://github.com/Flerov/WindowsExploitDev @@ -19813,16 +20737,21 @@ CVE-2018-4407 - https://github.com/geeksniper/reverse-engineering-toolkit CVE-2018-4407 - https://github.com/github/securitylab CVE-2018-4407 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-4407 - https://github.com/houjingyi233/macOS-iOS-system-security +CVE-2018-4407 - https://github.com/hudunkey/Red-Team-links CVE-2018-4407 - https://github.com/integeruser/on-pwning +CVE-2018-4407 - https://github.com/john-80/-007 +CVE-2018-4407 - https://github.com/lp008/Hack-readme CVE-2018-4407 - https://github.com/nixawk/labs CVE-2018-4407 - https://github.com/oneplus-x/MS17-010 CVE-2018-4407 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-4407 - https://github.com/r3dxpl0it/CVE-2018-4407 CVE-2018-4407 - https://github.com/secdev/awesome-scapy +CVE-2018-4407 - https://github.com/slimdaddy/RedTeam CVE-2018-4407 - https://github.com/unixpickle/cve-2018-4407 CVE-2018-4407 - https://github.com/wateroot/poc-exp CVE-2018-4407 - https://github.com/wrlu/Vulnerabilities CVE-2018-4407 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-4407 - https://github.com/xiaoZ-hc/redtool CVE-2018-4407 - https://github.com/xiaoy-sec/Pentest_Note CVE-2018-4407 - https://github.com/zhang040723/web CVE-2018-4407 - https://github.com/zteeed/CVE-2018-4407-IOS @@ -19835,6 +20764,7 @@ CVE-2018-4415 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-4415 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2018-4415 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-4415 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-4416 - https://github.com/SkyBulk/RealWorldPwn CVE-2018-4416 - https://github.com/raystyle/SafariTour CVE-2018-4416 - https://github.com/tunz/js-vuln-db CVE-2018-4418 - https://github.com/didi/kemon @@ -19856,17 +20786,23 @@ CVE-2018-4442 - https://github.com/tunz/js-vuln-db CVE-2018-4443 - https://github.com/niklasb/sploits CVE-2018-4443 - https://github.com/tunz/js-vuln-db CVE-2018-4464 - https://github.com/SoftSec-KAIST/CodeAlchemist +CVE-2018-4868 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark CVE-2018-4868 - https://github.com/andir/nixos-issue-db-example +CVE-2018-4868 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-4878 - https://github.com/0xT11/CVE-POC +CVE-2018-4878 - https://github.com/Apri1y/Red-Team-links CVE-2018-4878 - https://github.com/B0fH/CVE-2018-4878 CVE-2018-4878 - https://github.com/BOFs/365CS CVE-2018-4878 - https://github.com/BOFs/CobaltStrike +CVE-2018-4878 - https://github.com/CYJoe-Cyclone/Awesome-CobaltStrike +CVE-2018-4878 - https://github.com/ChefGordon/List-O-Tools CVE-2018-4878 - https://github.com/Echocipher/Resource-list CVE-2018-4878 - https://github.com/FlatL1neAPT/MS-Office CVE-2018-4878 - https://github.com/FlatL1neAPT/Post-exploitation CVE-2018-4878 - https://github.com/H3llozy/CVE-2018-4879 CVE-2018-4878 - https://github.com/HacTF/poc--exp CVE-2018-4878 - https://github.com/HuanWoWeiLan/SoftwareSystemSecurity +CVE-2018-4878 - https://github.com/HuanWoWeiLan/SoftwareSystemSecurity-2019 CVE-2018-4878 - https://github.com/InQuest/malware-samples CVE-2018-4878 - https://github.com/InQuest/yara-rules CVE-2018-4878 - https://github.com/KathodeN/CVE-2018-4878 @@ -19876,24 +20812,31 @@ CVE-2018-4878 - https://github.com/SyFi/CVE-2018-4878 CVE-2018-4878 - https://github.com/blackorbird/APT_REPORT CVE-2018-4878 - https://github.com/blackorlittle/exps CVE-2018-4878 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2018-4878 - https://github.com/diovil/aaa +CVE-2018-4878 - https://github.com/dudacgf/ovr_convert CVE-2018-4878 - https://github.com/emtuls/Awesome-Cyber-Security-List CVE-2018-4878 - https://github.com/gold1029/Red-Teaming-Toolkit CVE-2018-4878 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-4878 - https://github.com/hongriSec/Growth-Diary +CVE-2018-4878 - https://github.com/hudunkey/Red-Team-links CVE-2018-4878 - https://github.com/hybridious/CVE-2018-4878 +CVE-2018-4878 - https://github.com/john-80/-007 CVE-2018-4878 - https://github.com/likescam/APT_REPORT CVE-2018-4878 - https://github.com/likescam/Red-Teaming-Toolkit CVE-2018-4878 - https://github.com/likescam/Red-Teaming-Toolkit_all_pentests +CVE-2018-4878 - https://github.com/lp008/Hack-readme CVE-2018-4878 - https://github.com/mdsecactivebreach/CVE-2018-4878 CVE-2018-4878 - https://github.com/mucahittopal/Pentesting-Pratic-Notes CVE-2018-4878 - https://github.com/nao-sec/ektotal CVE-2018-4878 - https://github.com/nitishbadole/pentesting_Notes CVE-2018-4878 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-4878 - https://github.com/shr3ddersec/Shr3dKit +CVE-2018-4878 - https://github.com/slimdaddy/RedTeam CVE-2018-4878 - https://github.com/sung3r/CobaltStrike CVE-2018-4878 - https://github.com/vysecurity/CVE-2018-4878 CVE-2018-4878 - https://github.com/wateroot/poc-exp CVE-2018-4878 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-4878 - https://github.com/xiaoZ-hc/redtool CVE-2018-4878 - https://github.com/ydl555/CVE-2018-4878- CVE-2018-4878 - https://github.com/zer0yu/Awesome-CobaltStrike CVE-2018-4879 - https://github.com/H3llozy/CVE-2018-4879 @@ -19905,12 +20848,15 @@ CVE-2018-4901 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-4939 - https://github.com/Ginove/post CVE-2018-4939 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2018-4939 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2018-4939 - https://github.com/dudacgf/ovr_convert CVE-2018-4939 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet CVE-2018-4939 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2018-4985 - https://github.com/googleprojectzero/winafl CVE-2018-4985 - https://github.com/hardik05/winafl-powermopt CVE-2018-4985 - https://github.com/s0i37/winafl_inmemory +CVE-2018-4990 - https://github.com/SkyBulk/RealWorldPwn CVE-2018-4990 - https://github.com/attackgithub/RealWorldPwn +CVE-2018-4990 - https://github.com/fengjixuchui/Just-pwn-it-for-fun CVE-2018-4990 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-4990 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-4991 - https://github.com/ChiChou/sploits @@ -19919,6 +20865,7 @@ CVE-2018-4993 - https://github.com/S3cur3Th1sSh1t/Pentest-Tools CVE-2018-4993 - https://github.com/deepzec/Bad-Pdf CVE-2018-4993 - https://github.com/ponypot/cve CVE-2018-4993 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2018-4993 - https://github.com/severnake/Pentest-Tools CVE-2018-4993 - https://github.com/theyoge/AD-Pentesting-Tools CVE-2018-4993 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-5002 - https://github.com/PaloAltoNetworks/research-notes @@ -19965,8 +20912,16 @@ CVE-2018-5087 - https://github.com/ZhiyuanWang-Chengdu-Qihoo360/K7_AntiVirus_POC CVE-2018-5087 - https://github.com/ZhiyuanWang-Chengdu-Qihoo360/No1 CVE-2018-5088 - https://github.com/ZhiyuanWang-Chengdu-Qihoo360/K7_AntiVirus_POC CVE-2018-5088 - https://github.com/ZhiyuanWang-Chengdu-Qihoo360/No1 +CVE-2018-5093 - https://github.com/ZihanYe/web-browser-vulnerabilities +CVE-2018-5094 - https://github.com/ZihanYe/web-browser-vulnerabilities +CVE-2018-5097 - https://github.com/ZihanYe/web-browser-vulnerabilities +CVE-2018-5100 - https://github.com/ZihanYe/web-browser-vulnerabilities +CVE-2018-5102 - https://github.com/ZihanYe/web-browser-vulnerabilities +CVE-2018-5104 - https://github.com/ZihanYe/web-browser-vulnerabilities +CVE-2018-5127 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2018-5129 - https://github.com/Escapingbug/awesome-browser-exploit CVE-2018-5129 - https://github.com/SkyBulk/the-day-of-nightmares +CVE-2018-5129 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2018-5129 - https://github.com/paulveillard/cybersecurity-windows-exploitation CVE-2018-5129 - https://github.com/yeyintminthuhtut/Awesome-Advanced-Windows-Exploitation-References CVE-2018-5144 - https://github.com/badd1e/Disclosures @@ -20002,6 +20957,7 @@ CVE-2018-5230 - https://github.com/Elsfa7-110/kenzer-templates CVE-2018-5230 - https://github.com/NarbehJackson/Java-Xss-minitwit16 CVE-2018-5230 - https://github.com/NarbehJackson/XSS-Python-Lab CVE-2018-5230 - https://github.com/sobinge/nuclei-templates +CVE-2018-5230 - https://github.com/sushantdhopat/JIRA_testing CVE-2018-5233 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-5234 - https://github.com/0xT11/CVE-POC CVE-2018-5234 - https://github.com/developer3000S/PoC-in-GitHub @@ -20031,7 +20987,9 @@ CVE-2018-5278 - https://github.com/ZhiyuanWang-Chengdu-Qihoo360/No1 CVE-2018-5279 - https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC CVE-2018-5279 - https://github.com/ZhiyuanWang-Chengdu-Qihoo360/No1 CVE-2018-5295 - https://github.com/andir/nixos-issue-db-example +CVE-2018-5296 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark CVE-2018-5296 - https://github.com/andir/nixos-issue-db-example +CVE-2018-5296 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-5308 - https://github.com/andir/nixos-issue-db-example CVE-2018-5309 - https://github.com/andir/nixos-issue-db-example CVE-2018-5316 - https://github.com/ARPSyndicate/kenzer-templates @@ -20058,6 +21016,7 @@ CVE-2018-5391 - https://github.com/chetanshirke/my_ref CVE-2018-5393 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2018-5407 - https://github.com/bbbrumley/portsmash CVE-2018-5407 - https://github.com/codexlynx/hardware-attacks-state-of-the-art +CVE-2018-5407 - https://github.com/djschleen/ash CVE-2018-5407 - https://github.com/nsacyber/Hardware-and-Firmware-Security-Guidance CVE-2018-5511 - https://github.com/punishell/WindowsLegacyCVE CVE-2018-5529 - https://github.com/mirchr/security-research @@ -20066,6 +21025,7 @@ CVE-2018-5553 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-5553 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-5681 - https://github.com/zapalm/prestashop-security-vulnerability-checker CVE-2018-5682 - https://github.com/zapalm/prestashop-security-vulnerability-checker +CVE-2018-5709 - https://github.com/brandoncamenisch/release-the-code-litecoin CVE-2018-5709 - https://github.com/dispera/giant-squid CVE-2018-5711 - https://github.com/0xT11/CVE-POC CVE-2018-5711 - https://github.com/developer3000S/PoC-in-GitHub @@ -20080,6 +21040,7 @@ CVE-2018-5724 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-5727 - https://github.com/andir/nixos-issue-db-example CVE-2018-5728 - https://github.com/0xT11/CVE-POC CVE-2018-5728 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2018-5728 - https://github.com/ezelf/seatel_terminals CVE-2018-5728 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-5729 - https://github.com/leonov-av/scanvus CVE-2018-5729 - https://github.com/p1ay8y3ar/cve_monitor @@ -20096,9 +21057,12 @@ CVE-2018-5740 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-5740 - https://github.com/sischkg/cve-2018-5740 CVE-2018-5741 - https://github.com/HJXSaber/bind9-my CVE-2018-5741 - https://github.com/pexip/os-bind9 +CVE-2018-5743 - https://github.com/Seabreg/bind CVE-2018-5743 - https://github.com/bg6cq/bind9 +CVE-2018-5743 - https://github.com/sischkg/dnsonsen_advent_calendar CVE-2018-5744 - https://github.com/HJXSaber/bind9-my CVE-2018-5744 - https://github.com/pexip/os-bind9 +CVE-2018-5744 - https://github.com/sischkg/dnsonsen_advent_calendar CVE-2018-5745 - https://github.com/HJXSaber/bind9-my CVE-2018-5745 - https://github.com/pexip/os-bind9 CVE-2018-5747 - https://github.com/andir/nixos-issue-db-example @@ -20112,8 +21076,11 @@ CVE-2018-5758 - https://github.com/sunzu94/AWS-CVEs CVE-2018-5759 - https://github.com/invictus1306/advisories CVE-2018-5772 - https://github.com/andir/nixos-issue-db-example CVE-2018-5773 - https://github.com/vin01/CVEs +CVE-2018-5776 - https://github.com/El-Palomo/DerpNStink CVE-2018-5776 - https://github.com/Tanvi20/Week-7-Alternative-Assignment-wp-cve +CVE-2018-5783 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark CVE-2018-5783 - https://github.com/andir/nixos-issue-db-example +CVE-2018-5783 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-5784 - https://github.com/andir/nixos-issue-db-example CVE-2018-5785 - https://github.com/andir/nixos-issue-db-example CVE-2018-5828 - https://github.com/jiayy/android_vuln_poc-exp @@ -20143,7 +21110,9 @@ CVE-2018-5958 - https://github.com/ZhiyuanWang-Chengdu-Qihoo360/No1 CVE-2018-5958 - https://github.com/ZhiyuanWang-Chengdu-Qihoo360/ZillyaAntivirus_POC CVE-2018-5968 - https://github.com/OneSourceCat/jackson-rce-via-two-new-gadgets CVE-2018-5968 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2018-5968 - https://github.com/ilmari666/cybsec CVE-2018-5968 - https://github.com/javaExploit/jackson-rce-via-two-new-gadgets +CVE-2018-5968 - https://github.com/yahoo/cubed CVE-2018-5996 - https://github.com/andir/nixos-issue-db-example CVE-2018-5996 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-5996 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 @@ -20157,6 +21126,7 @@ CVE-2018-6055 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-6056 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-6056 - https://github.com/tunz/js-vuln-db CVE-2018-6056 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-6060 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2018-6061 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-6061 - https://github.com/tunz/js-vuln-db CVE-2018-6061 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 @@ -20177,6 +21147,7 @@ CVE-2018-6106 - https://github.com/tunz/js-vuln-db CVE-2018-6106 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-6118 - https://github.com/allpaca/chrome-sbx-db CVE-2018-6122 - https://github.com/tunz/js-vuln-db +CVE-2018-6123 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2018-6127 - https://github.com/allpaca/chrome-sbx-db CVE-2018-6128 - https://github.com/0xR0/uxss-db CVE-2018-6128 - https://github.com/Metnew/uxss-db @@ -20283,23 +21254,30 @@ CVE-2018-6389 - https://github.com/CeCe2018/Codepath-Week-7-Alternative-Assignme CVE-2018-6389 - https://github.com/CnHack3r/Penetration_PoC CVE-2018-6389 - https://github.com/Daas335b/Codepath.week7 CVE-2018-6389 - https://github.com/Daas335b/Week-7 +CVE-2018-6389 - https://github.com/El-Palomo/DerpNStink CVE-2018-6389 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2018-6389 - https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups CVE-2018-6389 - https://github.com/ItinerisLtd/trellis-cve-2018-6389 CVE-2018-6389 - https://github.com/JavierOlmedo/wordpress-cve-2018-6389 CVE-2018-6389 - https://github.com/Jetserver/CVE-2018-6389-FIX CVE-2018-6389 - https://github.com/JulienGadanho/cve-2018-6389-php-patcher CVE-2018-6389 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2018-6389 - https://github.com/Saidul-M-Khan/Awesome-Bugbounty-Writeups CVE-2018-6389 - https://github.com/Scatter-Security/wordpressure CVE-2018-6389 - https://github.com/SexyBeast233/SecBooks CVE-2018-6389 - https://github.com/Tanvi20/Week-7-Alternative-Assignment-wp-cve CVE-2018-6389 - https://github.com/WazeHell/CVE-2018-6389 CVE-2018-6389 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2018-6389 - https://github.com/Zazzzles/Wordpress-DOS +CVE-2018-6389 - https://github.com/ajino2k/Awesome-Bugbounty-Writeups CVE-2018-6389 - https://github.com/alessiogilardi/PoC---CVE-2018-6389 CVE-2018-6389 - https://github.com/alexjasso/Project_7-WordPress_Pentesting CVE-2018-6389 - https://github.com/amankapoor/trellis-wordpress-starter-kit CVE-2018-6389 - https://github.com/armaanpathan12345/WP-DOS-Exploit-CVE-2018-6389 +CVE-2018-6389 - https://github.com/blitz-cmd/Bugbounty-writeups CVE-2018-6389 - https://github.com/bogdanovist2061/Project-7---WordPress-Pentesting +CVE-2018-6389 - https://github.com/bot8080/awesomeBugbounty +CVE-2018-6389 - https://github.com/chalern/Pentest-Tools CVE-2018-6389 - https://github.com/devanshbatham/Awesome-Bugbounty-Writeups CVE-2018-6389 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-6389 - https://github.com/dsfau/wordpress-CVE-2018-6389 @@ -20331,6 +21309,7 @@ CVE-2018-6396 - https://github.com/0xT11/CVE-POC CVE-2018-6396 - https://github.com/JavierOlmedo/joomla-cve-2018-6396 CVE-2018-6396 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-6396 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-6405 - https://github.com/ksyang-hj/ksyang-hj CVE-2018-6407 - https://github.com/0xT11/CVE-POC CVE-2018-6407 - https://github.com/developer3000S/PoC-in-GitHub CVE-2018-6407 - https://github.com/dreadlocked/ConceptronicIPCam_MultipleVulnerabilities @@ -20382,6 +21361,7 @@ CVE-2018-6546 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-6546 - https://github.com/securifera/CVE-2018-6546-Exploit CVE-2018-6551 - https://github.com/flyrev/security-scan-ci-presentation CVE-2018-6552 - https://github.com/Metarget/awesome-cloud-native-security +CVE-2018-6552 - https://github.com/reni2study/Cloud-Native-Security2 CVE-2018-6554 - https://github.com/hiboma/hiboma CVE-2018-6554 - https://github.com/xairy/linux-kernel-exploitation CVE-2018-6555 - https://github.com/xairy/linux-kernel-exploitation @@ -20403,6 +21383,7 @@ CVE-2018-6622 - https://github.com/0xT11/CVE-POC CVE-2018-6622 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-6622 - https://github.com/kkamagui/bitleaker CVE-2018-6622 - https://github.com/kkamagui/napper-for-tpm +CVE-2018-6622 - https://github.com/lp008/Hack-readme CVE-2018-6625 - https://github.com/ZhiyuanWang-Chengdu-Qihoo360/MalwareFox_AntiMalware_POC CVE-2018-6625 - https://github.com/ZhiyuanWang-Chengdu-Qihoo360/No1 CVE-2018-6625 - https://github.com/ZhiyuanWang-Chengdu-Qihoo360/WatchDog_AntiMalware_POC @@ -20505,6 +21486,8 @@ CVE-2018-6856 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-6856 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-6857 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-6857 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-6869 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2018-6869 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-6871 - https://github.com/duckstroms/Web-CTF-Cheatsheet CVE-2018-6871 - https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure CVE-2018-6871 - https://github.com/qazbnm456/awesome-cve-poc @@ -20526,14 +21509,18 @@ CVE-2018-6905 - https://github.com/pradeepjairamani/TYPO3-XSS-POC CVE-2018-6910 - https://github.com/0ps/pocassistdb CVE-2018-6910 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-6910 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2018-6910 - https://github.com/FDlucifer/firece-fish CVE-2018-6910 - https://github.com/jweny/pocassistdb CVE-2018-6913 - https://github.com/IBM/buildingimages CVE-2018-6924 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2018-6924 - https://github.com/fkie-cad/LuckyCAT +CVE-2018-6930 - https://github.com/ksyang-hj/ksyang-hj CVE-2018-6951 - https://github.com/andir/nixos-issue-db-example CVE-2018-6951 - https://github.com/phonito/phonito-vulnerable-container CVE-2018-6952 - https://github.com/andir/nixos-issue-db-example CVE-2018-6952 - https://github.com/phonito/phonito-vulnerable-container +CVE-2018-6952 - https://github.com/strongcourage/uafbench +CVE-2018-6952 - https://github.com/strongcourage/uafuzz CVE-2018-6954 - https://github.com/andir/nixos-issue-db-example CVE-2018-6954 - https://github.com/flyrev/security-scan-ci-presentation CVE-2018-6954 - https://github.com/qazbnm456/awesome-cve-poc @@ -20544,12 +21531,24 @@ CVE-2018-6961 - https://github.com/r3dxpl0it/CVE-2018-6961 CVE-2018-6973 - https://github.com/BLACKHAT-SSG/Vmware-Exploitation CVE-2018-6973 - https://github.com/xairy/vmware-exploitation CVE-2018-6981 - https://github.com/0xT11/CVE-POC +CVE-2018-6981 - https://github.com/Apri1y/Red-Team-links CVE-2018-6981 - https://github.com/Echocipher/Resource-list CVE-2018-6981 - https://github.com/badd1e/Disclosures CVE-2018-6981 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-6981 - https://github.com/hudunkey/Red-Team-links +CVE-2018-6981 - https://github.com/john-80/-007 +CVE-2018-6981 - https://github.com/lp008/Hack-readme CVE-2018-6981 - https://github.com/siovador/vmxnet3Hunter +CVE-2018-6981 - https://github.com/slimdaddy/RedTeam +CVE-2018-6981 - https://github.com/xiaoZ-hc/redtool +CVE-2018-6982 - https://github.com/Apri1y/Red-Team-links CVE-2018-6982 - https://github.com/Echocipher/Resource-list +CVE-2018-6982 - https://github.com/hudunkey/Red-Team-links +CVE-2018-6982 - https://github.com/john-80/-007 +CVE-2018-6982 - https://github.com/lp008/Hack-readme CVE-2018-6982 - https://github.com/siovador/vmxnet3Hunter +CVE-2018-6982 - https://github.com/slimdaddy/RedTeam +CVE-2018-6982 - https://github.com/xiaoZ-hc/redtool CVE-2018-7080 - https://github.com/engn33r/awesome-bluetooth-security CVE-2018-7081 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2018-7105 - https://github.com/Synacktiv-contrib/pcileech_hpilo4_service @@ -20621,10 +21620,12 @@ CVE-2018-7489 - https://github.com/0xT11/CVE-POC CVE-2018-7489 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2018-7489 - https://github.com/dotanuki-labs/android-oss-cves-research CVE-2018-7489 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-7489 - https://github.com/ilmari666/cybsec CVE-2018-7489 - https://github.com/klarna/kco_rest_java CVE-2018-7489 - https://github.com/pawankeshri/aws-sdk-java-master CVE-2018-7489 - https://github.com/sdstoehr/har-reader CVE-2018-7489 - https://github.com/speedycloud/java-sdk +CVE-2018-7489 - https://github.com/yahoo/cubed CVE-2018-7489 - https://github.com/zema1/oracle-vuln-crawler CVE-2018-7490 - https://github.com/0ps/pocassistdb CVE-2018-7490 - https://github.com/ARPSyndicate/kenzer-templates @@ -20655,13 +21656,16 @@ CVE-2018-7600 - https://github.com/AnonVulc/Pentest-Tools CVE-2018-7600 - https://github.com/Astrogeorgeonethree/Starred CVE-2018-7600 - https://github.com/Cyberleet1337/Payloadswebhack CVE-2018-7600 - https://github.com/Damian972/drupalgeddon-2 +CVE-2018-7600 - https://github.com/Delishsploits/PayloadsAndMethodology CVE-2018-7600 - https://github.com/DynamicDesignz/Alien-Framework CVE-2018-7600 - https://github.com/Elsfa7-110/kenzer-templates CVE-2018-7600 - https://github.com/FireFart/CVE-2018-7600 +CVE-2018-7600 - https://github.com/GuynnR/Payloads CVE-2018-7600 - https://github.com/Hestat/drupal-check CVE-2018-7600 - https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups CVE-2018-7600 - https://github.com/Jean-Francois-C/Windows-Penetration-Testing CVE-2018-7600 - https://github.com/Muhammd/Awesome-Payloads +CVE-2018-7600 - https://github.com/Nieuport/PayloadsAllTheThings CVE-2018-7600 - https://github.com/PWN-Kingdom/Test_Tasks CVE-2018-7600 - https://github.com/PaloAltoNetworks/research-notes CVE-2018-7600 - https://github.com/Prodject/Kn0ck @@ -20679,8 +21683,10 @@ CVE-2018-7600 - https://github.com/alexfrancow/Exploits CVE-2018-7600 - https://github.com/andrysec/PayloadsAllVulnerability CVE-2018-7600 - https://github.com/anhtu97/PayloadAllEverything CVE-2018-7600 - https://github.com/antonio-fr/DrupalRS +CVE-2018-7600 - https://github.com/apkadmin/PayLoadsAll CVE-2018-7600 - https://github.com/aylincetin/PayloadsAllTheThings CVE-2018-7600 - https://github.com/bigblackhat/oFx +CVE-2018-7600 - https://github.com/chanchalpatra/payload CVE-2018-7600 - https://github.com/cjgratacos/drupalgeddon2-test CVE-2018-7600 - https://github.com/cocomelonc/vulnexipy CVE-2018-7600 - https://github.com/dr-iman/CVE-2018-7600-Drupal-0day-RCE @@ -20692,6 +21698,7 @@ CVE-2018-7600 - https://github.com/g0rx/CVE-2018-7600-Drupal-RCE CVE-2018-7600 - https://github.com/gobysec/Goby CVE-2018-7600 - https://github.com/happynote3966/CVE-2018-7600 CVE-2018-7600 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-7600 - https://github.com/hellochunqiu/PayloadsAllTheThings CVE-2018-7600 - https://github.com/hktalent/myhktools CVE-2018-7600 - https://github.com/jirojo2/drupalgeddon2 CVE-2018-7600 - https://github.com/jstang9527/gofor @@ -20699,10 +21706,14 @@ CVE-2018-7600 - https://github.com/jyo-zi/CVE-2018-7600 CVE-2018-7600 - https://github.com/kk98kk0/Payloads CVE-2018-7600 - https://github.com/knqyf263/CVE-2018-7600 CVE-2018-7600 - https://github.com/koutto/jok3r-pocs +CVE-2018-7600 - https://github.com/ksw9722/PayloadsAllTheThings CVE-2018-7600 - https://github.com/lanjelot/ctfs CVE-2018-7600 - https://github.com/lorddemon/drupalgeddon2 CVE-2018-7600 - https://github.com/ludy-dev/drupal8-REST-RCE +CVE-2018-7600 - https://github.com/maya6/-scan- +CVE-2018-7600 - https://github.com/mrhacker51/ReverseShellCommands CVE-2018-7600 - https://github.com/neoblackied/drupal1 +CVE-2018-7600 - https://github.com/nevidimk0/PayloadsAllTheThings CVE-2018-7600 - https://github.com/nixawk/labs CVE-2018-7600 - https://github.com/nxme/php-uicode-issues-drupal CVE-2018-7600 - https://github.com/oneplus-x/MS17-010 @@ -20714,14 +21725,17 @@ CVE-2018-7600 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-7600 - https://github.com/qiantu88/test CVE-2018-7600 - https://github.com/r3dxpl0it/CVE-2018-7600 CVE-2018-7600 - https://github.com/samba234/Sniper +CVE-2018-7600 - https://github.com/severnake/Pentest-Tools CVE-2018-7600 - https://github.com/sl4cky/CVE-2018-7600 CVE-2018-7600 - https://github.com/sl4cky/CVE-2018-7600-Masschecker CVE-2018-7600 - https://github.com/sobinge/--1 CVE-2018-7600 - https://github.com/sobinge/PayloadsAllTheThings +CVE-2018-7600 - https://github.com/sobinge/PayloadsAllThesobinge CVE-2018-7600 - https://github.com/superfish9/pt CVE-2018-7600 - https://github.com/thehappydinoa/CVE-2018-7600 CVE-2018-7600 - https://github.com/theyoge/AD-Pentesting-Tools CVE-2018-7600 - https://github.com/unusualwork/Sn1per +CVE-2018-7600 - https://github.com/winterwolf32/PayloadsAllTheThings CVE-2018-7600 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-7600 - https://github.com/yak0d3/dDumper CVE-2018-7600 - https://github.com/zeralot/Dectect-CVE @@ -20807,6 +21821,8 @@ CVE-2018-7750 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-7750 - https://github.com/jm33-m0/CVE-2018-7750 CVE-2018-7752 - https://github.com/andir/nixos-issue-db-example CVE-2018-7812 - https://github.com/SadFud/Exploits +CVE-2018-7876 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2018-7876 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-7935 - https://github.com/0xT11/CVE-POC CVE-2018-7935 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-8000 - https://github.com/andir/nixos-issue-db-example @@ -20820,8 +21836,10 @@ CVE-2018-8006 - https://github.com/Elsfa7-110/kenzer-templates CVE-2018-8006 - https://github.com/sobinge/nuclei-templates CVE-2018-8008 - https://github.com/snyk/zip-slip-vulnerability CVE-2018-8009 - https://github.com/snyk/zip-slip-vulnerability +CVE-2018-8009 - https://github.com/yahoo/cubed CVE-2018-8013 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2018-8013 - https://github.com/andir/nixos-issue-db-example +CVE-2018-8014 - https://github.com/ilmari666/cybsec CVE-2018-8014 - https://github.com/p1ay8y3ar/cve_monitor CVE-2018-8014 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2018-8016 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet @@ -20841,6 +21859,7 @@ CVE-2018-8024 - https://github.com/RhinoSecurityLabs/CVEs CVE-2018-8024 - https://github.com/nattimmis/CVE-Collection CVE-2018-8024 - https://github.com/sunzu94/AWS-CVEs CVE-2018-8026 - https://github.com/Imanfeng/Apache-Solr-RCE +CVE-2018-8029 - https://github.com/yahoo/cubed CVE-2018-8032 - https://github.com/0xT11/CVE-POC CVE-2018-8032 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-8033 - https://github.com/ARPSyndicate/kenzer-templates @@ -20848,9 +21867,11 @@ CVE-2018-8033 - https://github.com/Elsfa7-110/kenzer-templates CVE-2018-8033 - https://github.com/amcai/myscan CVE-2018-8033 - https://github.com/jamieparfet/Apache-OFBiz-XXE CVE-2018-8033 - https://github.com/sobinge/nuclei-templates +CVE-2018-8034 - https://github.com/ilmari666/cybsec CVE-2018-8034 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2018-8035 - https://github.com/ossf-cve-benchmark/CVE-2018-8035 CVE-2018-8036 - https://github.com/rohanpadhye/JQF +CVE-2018-8037 - https://github.com/ilmari666/cybsec CVE-2018-8037 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2018-8038 - https://github.com/0xT11/CVE-POC CVE-2018-8038 - https://github.com/hectorgie/PoC-in-GitHub @@ -20899,6 +21920,7 @@ CVE-2018-8115 - https://github.com/aquasecurity/scan-cve-2018-8115 CVE-2018-8115 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-8120 - https://github.com/0xT11/CVE-POC CVE-2018-8120 - https://github.com/Al1ex/WindowsElevation +CVE-2018-8120 - https://github.com/Apri1y/Red-Team-links CVE-2018-8120 - https://github.com/Ascotbe/Kernelhub CVE-2018-8120 - https://github.com/CnHack3r/Penetration_PoC CVE-2018-8120 - https://github.com/EVOL4/CVE-2018-8120 @@ -20930,9 +21952,12 @@ CVE-2018-8120 - https://github.com/fei9747/WindowsElevation CVE-2018-8120 - https://github.com/geeksniper/windows-privilege-escalation CVE-2018-8120 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2018-8120 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-8120 - https://github.com/hudunkey/Red-Team-links CVE-2018-8120 - https://github.com/huike007/penetration_poc CVE-2018-8120 - https://github.com/huike007/poc +CVE-2018-8120 - https://github.com/john-80/-007 CVE-2018-8120 - https://github.com/leeqwind/HolicPOC +CVE-2018-8120 - https://github.com/lp008/Hack-readme CVE-2018-8120 - https://github.com/mishmashclone/SecWiki-windows-kernel-exploits CVE-2018-8120 - https://github.com/n8v79a/win-exploit CVE-2018-8120 - https://github.com/ne1llee/cve-2018-8120 @@ -20947,6 +21972,7 @@ CVE-2018-8120 - https://github.com/redteampa1/Windows CVE-2018-8120 - https://github.com/renzu0/Windows-exp CVE-2018-8120 - https://github.com/root26/bug CVE-2018-8120 - https://github.com/safesword/WindowsExp +CVE-2018-8120 - https://github.com/slimdaddy/RedTeam CVE-2018-8120 - https://github.com/uhub/awesome-cpp CVE-2018-8120 - https://github.com/unamer/CVE-2018-8120 CVE-2018-8120 - https://github.com/valentinoJones/Windows-Kernel-Exploits @@ -20955,6 +21981,7 @@ CVE-2018-8120 - https://github.com/wateroot/poc-exp CVE-2018-8120 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2018-8120 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-8120 - https://github.com/xfinest/windows-kernel-exploits +CVE-2018-8120 - https://github.com/xiaoZ-hc/redtool CVE-2018-8120 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2018-8120 - https://github.com/yedada-wei/- CVE-2018-8120 - https://github.com/yedada-wei/gongkaishouji @@ -20996,6 +22023,7 @@ CVE-2018-8172 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-8174 - https://github.com/0x09AL/CVE-2018-8174-msf CVE-2018-8174 - https://github.com/0xT11/CVE-POC CVE-2018-8174 - https://github.com/1120362990/Paper +CVE-2018-8174 - https://github.com/Apri1y/Red-Team-links CVE-2018-8174 - https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections CVE-2018-8174 - https://github.com/Echocipher/Resource-list CVE-2018-8174 - https://github.com/HacTF/poc--exp @@ -21010,18 +22038,23 @@ CVE-2018-8174 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2018-8174 - https://github.com/eric-erki/APT_CyberCriminal_Campagin_Collections CVE-2018-8174 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-8174 - https://github.com/hongriSec/Growth-Diary +CVE-2018-8174 - https://github.com/hudunkey/Red-Team-links CVE-2018-8174 - https://github.com/iwarsong/apt +CVE-2018-8174 - https://github.com/john-80/-007 CVE-2018-8174 - https://github.com/likescam/APT_CyberCriminal_Campagin_Collections CVE-2018-8174 - https://github.com/likescam/CyberMonitor-APT_CyberCriminal_Campagin_Collections +CVE-2018-8174 - https://github.com/lp008/Hack-readme CVE-2018-8174 - https://github.com/orf53975/Rig-Exploit-for-CVE-2018-8174 CVE-2018-8174 - https://github.com/piotrflorczyk/cve-2018-8174_analysis CVE-2018-8174 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-8174 - https://github.com/ruthlezs/ie11_vbscript_exploit +CVE-2018-8174 - https://github.com/slimdaddy/RedTeam CVE-2018-8174 - https://github.com/sumas/APT_CyberCriminal_Campagin_Collections CVE-2018-8174 - https://github.com/washgo/HackTool CVE-2018-8174 - https://github.com/wateroot/poc-exp CVE-2018-8174 - https://github.com/wrlu/Vulnerabilities CVE-2018-8174 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-8174 - https://github.com/xiaoZ-hc/redtool CVE-2018-8201 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-8201 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-8208 - https://github.com/0xT11/CVE-POC @@ -21053,6 +22086,7 @@ CVE-2018-8210 - https://github.com/unamer/CVE-2018-8120 CVE-2018-8210 - https://github.com/vincentfer/PENTESTING-BIBLE- CVE-2018-8211 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-8211 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-8212 - https://github.com/bohops/UltimateWDACBypassList CVE-2018-8212 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-8212 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-8214 - https://github.com/0xT11/CVE-POC @@ -21149,17 +22183,25 @@ CVE-2018-8414 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-8414 - https://github.com/whereisr0da/CVE-2018-8414-POC CVE-2018-8414 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-8414 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2018-8417 - https://github.com/bohops/UltimateWDACBypassList CVE-2018-8420 - https://github.com/0xT11/CVE-POC +CVE-2018-8420 - https://github.com/Apri1y/Red-Team-links CVE-2018-8420 - https://github.com/Echocipher/Resource-list CVE-2018-8420 - https://github.com/HacTF/poc--exp CVE-2018-8420 - https://github.com/L1ves/windows-pentesting-resources CVE-2018-8420 - https://github.com/alexfrancow/Exploits CVE-2018-8420 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-8420 - https://github.com/hudunkey/Red-Team-links CVE-2018-8420 - https://github.com/idkwim/CVE-2018-8420 +CVE-2018-8420 - https://github.com/john-80/-007 +CVE-2018-8420 - https://github.com/lp008/Hack-readme CVE-2018-8420 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2018-8420 - https://github.com/slimdaddy/RedTeam CVE-2018-8420 - https://github.com/wateroot/poc-exp CVE-2018-8420 - https://github.com/wrlu/Vulnerabilities CVE-2018-8420 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-8420 - https://github.com/xiaoZ-hc/redtool +CVE-2018-8421 - https://github.com/NHPT/ysoserial.net CVE-2018-8421 - https://github.com/pwntester/ysoserial.net CVE-2018-8421 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-8421 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 @@ -21219,6 +22261,7 @@ CVE-2018-8453 - https://github.com/pravinsrc/NOTES-windows-kernel-links CVE-2018-8453 - https://github.com/renzu0/Windows-exp CVE-2018-8453 - https://github.com/root26/bug CVE-2018-8453 - https://github.com/safesword/WindowsExp +CVE-2018-8453 - https://github.com/thepwnrip/leHACK-Analysis-of-CVE-2018-8453 CVE-2018-8453 - https://github.com/valentinoJones/Windows-Kernel-Exploits CVE-2018-8453 - https://github.com/xfinest/windows-kernel-exploits CVE-2018-8453 - https://github.com/ycdxsb/WindowsPrivilegeEscalation @@ -21243,6 +22286,7 @@ CVE-2018-8472 - https://github.com/googleprojectzero/winafl CVE-2018-8472 - https://github.com/hardik05/winafl-powermopt CVE-2018-8472 - https://github.com/s0i37/winafl_inmemory CVE-2018-8476 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2018-8492 - https://github.com/bohops/UltimateWDACBypassList CVE-2018-8494 - https://github.com/googleprojectzero/winafl CVE-2018-8494 - https://github.com/hardik05/winafl-powermopt CVE-2018-8494 - https://github.com/s0i37/winafl_inmemory @@ -21273,6 +22317,8 @@ CVE-2018-8552 - https://github.com/googleprojectzero/domato CVE-2018-8581 - https://github.com/0xT11/CVE-POC CVE-2018-8581 - https://github.com/404notf0und/Security-Data-Analysis-and-Visualization CVE-2018-8581 - https://github.com/61106960/adPEAS +CVE-2018-8581 - https://github.com/Apri1y/Red-Team-links +CVE-2018-8581 - https://github.com/CYJoe-Cyclone/Awesome-CobaltStrike CVE-2018-8581 - https://github.com/Echocipher/Resource-list CVE-2018-8581 - https://github.com/ErdemOzgen/ActiveDirectoryAttacks CVE-2018-8581 - https://github.com/Nieuport/Active-Directory-Kill-Chain-Attack-Defense @@ -21282,17 +22328,23 @@ CVE-2018-8581 - https://github.com/SycloverSecurity/http_ntlmrelayx CVE-2018-8581 - https://github.com/WyAtu/CVE-2018-8581 CVE-2018-8581 - https://github.com/geeksniper/active-directory-pentest CVE-2018-8581 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-8581 - https://github.com/hudunkey/Red-Team-links CVE-2018-8581 - https://github.com/infosecn1nja/AD-Attack-Defense +CVE-2018-8581 - https://github.com/john-80/-007 +CVE-2018-8581 - https://github.com/lp008/Hack-readme CVE-2018-8581 - https://github.com/mishmashclone/infosecn1nja-AD-Attack-Defense CVE-2018-8581 - https://github.com/phackt/Invoke-Recon CVE-2018-8581 - https://github.com/qiantu88/CVE-2018-8581 CVE-2018-8581 - https://github.com/shantanu561993/DomainUserToDomainAdminTechniques +CVE-2018-8581 - https://github.com/slimdaddy/RedTeam CVE-2018-8581 - https://github.com/sunzu94/AD-Attack-Defense CVE-2018-8581 - https://github.com/superfish9/pt CVE-2018-8581 - https://github.com/tataev/Security CVE-2018-8581 - https://github.com/tom0li/collection-document +CVE-2018-8581 - https://github.com/xiaoZ-hc/redtool CVE-2018-8581 - https://github.com/zer0yu/Awesome-CobaltStrike CVE-2018-8581 - https://github.com/zer0yu/Intranet_Penetration_CheetSheets +CVE-2018-8581 - https://github.com/zoreforlugcoiz/Devhoster CVE-2018-8584 - https://github.com/punishell/WindowsLegacyCVE CVE-2018-8589 - https://github.com/0xpetros/windows-privilage-escalation CVE-2018-8589 - https://github.com/FULLSHADE/WindowsExploitationResources @@ -21342,6 +22394,7 @@ CVE-2018-8641 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-8641 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2018-8715 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-8715 - https://github.com/SexyBeast233/SecBooks +CVE-2018-8715 - https://github.com/zmylml/yangzifun CVE-2018-8717 - https://github.com/anquanquantao/iwantacve CVE-2018-8718 - https://github.com/0xT11/CVE-POC CVE-2018-8718 - https://github.com/hectorgie/PoC-in-GitHub @@ -21382,6 +22435,7 @@ CVE-2018-8813 - https://github.com/MrR3boot/CVE-Hunting CVE-2018-8814 - https://github.com/MrR3boot/CVE-Hunting CVE-2018-8815 - https://github.com/MrR3boot/CVE-Hunting CVE-2018-8816 - https://github.com/junxzm1990/afl-pt +CVE-2018-8819 - https://github.com/deadcyph3r/Awesome-Collection CVE-2018-8819 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-8819 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2018-8820 - https://github.com/0xT11/CVE-POC @@ -21396,20 +22450,26 @@ CVE-2018-8881 - https://github.com/junxzm1990/afl-pt CVE-2018-8882 - https://github.com/junxzm1990/afl-pt CVE-2018-8883 - https://github.com/junxzm1990/afl-pt CVE-2018-8897 - https://github.com/0xT11/CVE-POC +CVE-2018-8897 - https://github.com/Apri1y/Red-Team-links CVE-2018-8897 - https://github.com/CrackerCat/Kernel-Security-Development CVE-2018-8897 - https://github.com/Echocipher/Resource-list CVE-2018-8897 - https://github.com/ExpLife0011/awesome-windows-kernel-security-development CVE-2018-8897 - https://github.com/Ondrik8/exploit CVE-2018-8897 - https://github.com/can1357/CVE-2018-8897 CVE-2018-8897 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-8897 - https://github.com/hudunkey/Red-Team-links CVE-2018-8897 - https://github.com/jiazhang0/pop-mov-ss-exploit +CVE-2018-8897 - https://github.com/john-80/-007 +CVE-2018-8897 - https://github.com/lp008/Hack-readme CVE-2018-8897 - https://github.com/nmulasmajic/CVE-2018-8897 CVE-2018-8897 - https://github.com/nmulasmajic/syscall_exploit_CVE-2018-8897 CVE-2018-8897 - https://github.com/pr0code/https-github.com-ExpLife0011-awesome-windows-kernel-security-development CVE-2018-8897 - https://github.com/pravinsrc/NOTES-windows-kernel-links CVE-2018-8897 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2018-8897 - https://github.com/slimdaddy/RedTeam CVE-2018-8897 - https://github.com/whiteHat001/Kernel-Security CVE-2018-8897 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-8897 - https://github.com/xiaoZ-hc/redtool CVE-2018-8905 - https://github.com/andir/nixos-issue-db-example CVE-2018-8905 - https://github.com/revl-ca/scan-docker-image CVE-2018-8917 - https://github.com/1N3/1N3 @@ -21452,11 +22512,13 @@ CVE-2018-9126 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-9126 - https://github.com/Elsfa7-110/kenzer-templates CVE-2018-9127 - https://github.com/andir/nixos-issue-db-example CVE-2018-9136 - https://github.com/bigric3/poc2 +CVE-2018-9138 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark CVE-2018-9138 - https://github.com/andir/nixos-issue-db-example CVE-2018-9138 - https://github.com/junxzm1990/afl-pt CVE-2018-9138 - https://github.com/mudongliang/LinuxFlaw CVE-2018-9138 - https://github.com/oneoy/cve- CVE-2018-9138 - https://github.com/revl-ca/scan-docker-image +CVE-2018-9138 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-9144 - https://github.com/andir/nixos-issue-db-example CVE-2018-9144 - https://github.com/xiaoqx/pocs CVE-2018-9145 - https://github.com/andir/nixos-issue-db-example @@ -21471,14 +22533,20 @@ CVE-2018-9175 - https://github.com/SexyBeast233/SecBooks CVE-2018-9183 - https://github.com/MrR3boot/CVE-Hunting CVE-2018-9205 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-9206 - https://github.com/0xT11/CVE-POC +CVE-2018-9206 - https://github.com/Apri1y/Red-Team-links CVE-2018-9206 - https://github.com/Den1al/CVE-2018-9206 CVE-2018-9206 - https://github.com/Echocipher/Resource-list CVE-2018-9206 - https://github.com/HacTF/poc--exp CVE-2018-9206 - https://github.com/Stahlz/JQShell CVE-2018-9206 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-9206 - https://github.com/hudunkey/Red-Team-links +CVE-2018-9206 - https://github.com/john-80/-007 +CVE-2018-9206 - https://github.com/lp008/Hack-readme CVE-2018-9206 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2018-9206 - https://github.com/slimdaddy/RedTeam CVE-2018-9206 - https://github.com/wateroot/poc-exp CVE-2018-9206 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-9206 - https://github.com/xiaoZ-hc/redtool CVE-2018-9207 - https://github.com/0xT11/CVE-POC CVE-2018-9207 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-9208 - https://github.com/0xT11/CVE-POC @@ -21489,6 +22557,7 @@ CVE-2018-9230 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2018-9234 - https://github.com/flyrev/security-scan-ci-presentation CVE-2018-9234 - https://github.com/revl-ca/scan-docker-image CVE-2018-9240 - https://github.com/andir/nixos-issue-db-example +CVE-2018-9251 - https://github.com/KorayAgaya/TrivyWeb CVE-2018-9251 - https://github.com/andir/nixos-issue-db-example CVE-2018-9251 - https://github.com/junxzm1990/afl-pt CVE-2018-9251 - https://github.com/revl-ca/scan-docker-image @@ -21499,6 +22568,7 @@ CVE-2018-9251 - https://github.com/umahari/security CVE-2018-9252 - https://github.com/andir/nixos-issue-db-example CVE-2018-9252 - https://github.com/xiaoqx/pocs CVE-2018-9276 - https://github.com/0xT11/CVE-POC +CVE-2018-9276 - https://github.com/A1vinSmith/CVE-2018-9276 CVE-2018-9276 - https://github.com/chcx/PRTG-Network-Monitor-RCE CVE-2018-9276 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-9276 - https://github.com/wildkindcc/CVE-2018-9276 @@ -21564,6 +22634,7 @@ CVE-2018-9546 - https://github.com/hectorgie/PoC-in-GitHub CVE-2018-9568 - https://github.com/xairy/linux-kernel-exploitation CVE-2018-9845 - https://github.com/ARPSyndicate/kenzer-templates CVE-2018-9860 - https://github.com/andir/nixos-issue-db-example +CVE-2018-9862 - https://github.com/sandbornm/HardenDocker CVE-2018-9919 - https://github.com/SexyBeast233/SecBooks CVE-2018-9926 - https://github.com/anquanquantao/iwantacve CVE-2018-9927 - https://github.com/anquanquantao/iwantacve @@ -21581,6 +22652,7 @@ CVE-2018-9958 - https://github.com/t3rabyt3-zz/CVE-2018-9958--Exploit CVE-2018-9995 - https://github.com/0ps/pocassistdb CVE-2018-9995 - https://github.com/0xT11/CVE-POC CVE-2018-9995 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2018-9995 - https://github.com/Apri1y/Red-Team-links CVE-2018-9995 - https://github.com/Aquilao/Toy-Box CVE-2018-9995 - https://github.com/Cyb0r9/DVR-Exploiter CVE-2018-9995 - https://github.com/Echocipher/Resource-list @@ -21591,20 +22663,30 @@ CVE-2018-9995 - https://github.com/bigblackhat/oFx CVE-2018-9995 - https://github.com/ezelf/CVE-2018-9995_dvr_credentials CVE-2018-9995 - https://github.com/gwolfs/CVE-2018-9995-ModifiedByGwolfs CVE-2018-9995 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2018-9995 - https://github.com/hudunkey/Red-Team-links +CVE-2018-9995 - https://github.com/john-80/-007 CVE-2018-9995 - https://github.com/jweny/pocassistdb +CVE-2018-9995 - https://github.com/lp008/Hack-readme CVE-2018-9995 - https://github.com/maxpowersi/CamSploit CVE-2018-9995 - https://github.com/qazbnm456/awesome-cve-poc CVE-2018-9995 - https://github.com/rufbot/rufbot CVE-2018-9995 - https://github.com/shacojx/cve-2018-9995 CVE-2018-9995 - https://github.com/sjomurodov/getDVR +CVE-2018-9995 - https://github.com/slimdaddy/RedTeam CVE-2018-9995 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2018-9995 - https://github.com/xiaoZ-hc/redtool CVE-2018-9995 - https://github.com/zzh217/CVE-2018-9995_Batch_scanning_exp +CVE-2018-9996 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark CVE-2018-9996 - https://github.com/andir/nixos-issue-db-example CVE-2018-9996 - https://github.com/junxzm1990/afl-pt CVE-2018-9996 - https://github.com/revl-ca/scan-docker-image +CVE-2018-9996 - https://github.com/tzf-key/MemLock_Benchmark CVE-2018-9999 - https://github.com/TingPing/flatpak-cve-checker +CVE-2019-0024 - https://github.com/SkyBulk/RealWorldPwn CVE-2019-0053 - https://github.com/0xT11/CVE-POC +CVE-2019-0053 - https://github.com/FritzJo/pacheck CVE-2019-0053 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-0053 - https://github.com/dreamsmasher/inetutils-CVE-2019-0053-Patched-PKGBUILD CVE-2019-0053 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-0090 - https://github.com/engstrar/WikipediaScraper CVE-2019-0142 - https://github.com/DownWithUp/CVE-Stockpile @@ -21620,10 +22702,12 @@ CVE-2019-0192 - https://github.com/0xT11/CVE-POC CVE-2019-0192 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2019-0192 - https://github.com/Imanfeng/Apache-Solr-RCE CVE-2019-0192 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2019-0192 - https://github.com/Rapidsafeguard/Solr-RCE-CVE-2019-0192 CVE-2019-0192 - https://github.com/SexyBeast233/SecBooks CVE-2019-0192 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-0192 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-0192 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-0192 - https://github.com/lp008/Hack-readme CVE-2019-0192 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2019-0192 - https://github.com/mpgn/CVE-2019-0192 CVE-2019-0192 - https://github.com/r0eXpeR/redteam_vul @@ -21634,6 +22718,7 @@ CVE-2019-0193 - https://github.com/1135/notes CVE-2019-0193 - https://github.com/1135/solr_exploit CVE-2019-0193 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-0193 - https://github.com/Imanfeng/Apache-Solr-RCE +CVE-2019-0193 - https://github.com/Loneyers/solr-rce CVE-2019-0193 - https://github.com/SexyBeast233/SecBooks CVE-2019-0193 - https://github.com/amcai/myscan CVE-2019-0193 - https://github.com/assetnote/blind-ssrf-chains @@ -21642,7 +22727,11 @@ CVE-2019-0193 - https://github.com/fengjixuchui/RedTeamer CVE-2019-0193 - https://github.com/fengwenhua/CNVD-2021-26058 CVE-2019-0193 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-0193 - https://github.com/jas502n/CVE-2019-0193 +CVE-2019-0193 - https://github.com/jaychouzzk/CVE-2019-0193-exp +CVE-2019-0193 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2019-0193 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2019-0193 - https://github.com/scxiaotan1/Docker +CVE-2019-0193 - https://github.com/tdcoming/Vulnerability-engine CVE-2019-0193 - https://github.com/tdtc7/qps CVE-2019-0193 - https://github.com/veracode-research/solr-injection CVE-2019-0193 - https://github.com/woods-sega/woodswiki @@ -21651,24 +22740,31 @@ CVE-2019-0193 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-0195 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2019-0195 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2019-0196 - https://github.com/Solhack/Team_CSI_platform +CVE-2019-0196 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2019-0196 - https://github.com/starnightcyber/vul-info-collect CVE-2019-0196 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2019-0196 - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough CVE-2019-0196 - https://github.com/vshaliii/Funbox2-rookie CVE-2019-0196 - https://github.com/vshaliii/Vegeta1-Vulhub-Walkthrough CVE-2019-0197 - https://github.com/Solhack/Team_CSI_platform +CVE-2019-0197 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2019-0197 - https://github.com/starnightcyber/vul-info-collect CVE-2019-0197 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2019-0197 - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough CVE-2019-0197 - https://github.com/vshaliii/Funbox2-rookie CVE-2019-0197 - https://github.com/vshaliii/Vegeta1-Vulhub-Walkthrough +CVE-2019-0199 - https://github.com/ilmari666/cybsec CVE-2019-0199 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough +CVE-2019-0205 - https://github.com/k1LoW/oshka CVE-2019-0205 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2019-0210 - https://github.com/k1LoW/oshka CVE-2019-0211 - https://github.com/0xT11/CVE-POC CVE-2019-0211 - https://github.com/0xbigshaq/php7-internals CVE-2019-0211 - https://github.com/SexyBeast233/SecBooks CVE-2019-0211 - https://github.com/Solhack/Team_CSI_platform +CVE-2019-0211 - https://github.com/ThePirateWhoSmellsOfSunflowers/TheHackerLinks CVE-2019-0211 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-0211 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2019-0211 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-0211 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-0211 - https://github.com/ozkanbilge/Apache-Exploit-2019 @@ -21682,13 +22778,16 @@ CVE-2019-0211 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-0215 - https://github.com/Solhack/Team_CSI_platform CVE-2019-0215 - https://github.com/vshaliii/Vegeta1-Vulhub-Walkthrough CVE-2019-0216 - https://github.com/SexyBeast233/SecBooks +CVE-2019-0217 - https://github.com/AliceMongodin/NSAPool-PenTest CVE-2019-0217 - https://github.com/Solhack/Team_CSI_platform +CVE-2019-0217 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2019-0217 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2019-0217 - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough CVE-2019-0217 - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough CVE-2019-0217 - https://github.com/vshaliii/Funbox2-rookie CVE-2019-0217 - https://github.com/vshaliii/Vegeta1-Vulhub-Walkthrough CVE-2019-0220 - https://github.com/Solhack/Team_CSI_platform +CVE-2019-0220 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2019-0220 - https://github.com/starnightcyber/vul-info-collect CVE-2019-0220 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2019-0220 - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough @@ -21699,6 +22798,7 @@ CVE-2019-0221 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-0221 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-0221 - https://github.com/SexyBeast233/SecBooks CVE-2019-0221 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-0221 - https://github.com/ilmari666/cybsec CVE-2019-0221 - https://github.com/starnightcyber/vul-info-collect CVE-2019-0221 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2019-0221 - https://github.com/woods-sega/woodswiki @@ -21710,6 +22810,8 @@ CVE-2019-0227 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-0227 - https://github.com/amcai/myscan CVE-2019-0227 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-0227 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-0227 - https://github.com/ianxtianxt/cve-2019-0227 +CVE-2019-0227 - https://github.com/lp008/Hack-readme CVE-2019-0227 - https://github.com/nattimmis/CVE-Collection CVE-2019-0227 - https://github.com/sunzu94/AWS-CVEs CVE-2019-0228 - https://github.com/bluesNbrews/SkillSearchEngine @@ -21719,12 +22821,14 @@ CVE-2019-0230 - https://github.com/360quake/papers CVE-2019-0230 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-0230 - https://github.com/BH2UOL/CVE-2019-0230 CVE-2019-0230 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2019-0230 - https://github.com/PrinceFPF/CVE-2019-0230 CVE-2019-0230 - https://github.com/SexyBeast233/SecBooks CVE-2019-0230 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2019-0230 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-0230 - https://github.com/f8al/CVE-2019-0230-PoC CVE-2019-0230 - https://github.com/fengziHK/CVE-2019-0230 CVE-2019-0230 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-0230 - https://github.com/ramoncjs3/CVE-2019-0230 CVE-2019-0230 - https://github.com/s1kr10s/Apache-Struts-v4 CVE-2019-0230 - https://github.com/woods-sega/woodswiki CVE-2019-0232 - https://github.com/0xT11/CVE-POC @@ -21734,13 +22838,16 @@ CVE-2019-0232 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-0232 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-0232 - https://github.com/flyme2bluemoon/thm-advent CVE-2019-0232 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-0232 - https://github.com/ilmari666/cybsec CVE-2019-0232 - https://github.com/jas502n/CVE-2019-0232 +CVE-2019-0232 - https://github.com/lp008/Hack-readme CVE-2019-0232 - https://github.com/pyn3rd/CVE-2019-0232 CVE-2019-0232 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-0232 - https://github.com/r0eXpeR/redteam_vul CVE-2019-0232 - https://github.com/safe6Sec/PentestNote CVE-2019-0232 - https://github.com/setrus/CVE-2019-0232 CVE-2019-0232 - https://github.com/starnightcyber/vul-info-collect +CVE-2019-0232 - https://github.com/tdcoming/Vulnerability-engine CVE-2019-0232 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2019-0232 - https://github.com/woods-sega/woodswiki CVE-2019-0232 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 @@ -21758,6 +22865,7 @@ CVE-2019-0538 - https://github.com/googleprojectzero/winafl CVE-2019-0538 - https://github.com/hardik05/winafl-powermopt CVE-2019-0538 - https://github.com/wateroot/poc-exp CVE-2019-0538 - https://github.com/wrlu/Vulnerabilities +CVE-2019-0539 - https://github.com/0x43434343/CVE-2019-0539 CVE-2019-0539 - https://github.com/0x43434343/OSEE_OSWE_review_2022 CVE-2019-0539 - https://github.com/0xT11/CVE-POC CVE-2019-0539 - https://github.com/SkyBulk/the-day-of-nightmares @@ -21769,6 +22877,7 @@ CVE-2019-0539 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-0539 - https://github.com/tunz/js-vuln-db CVE-2019-0539 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-0539 - https://github.com/yeyintminthuhtut/Awesome-Advanced-Windows-Exploitation-References +CVE-2019-0541 - https://github.com/H4xl0r/CVE_2019_0541 CVE-2019-0543 - https://github.com/punishell/WindowsLegacyCVE CVE-2019-0547 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-0552 - https://github.com/punishell/WindowsLegacyCVE @@ -21811,6 +22920,8 @@ CVE-2019-0601 - https://github.com/greenpau/py_insightvm_sdk CVE-2019-0602 - https://github.com/greenpau/py_insightvm_sdk CVE-2019-0603 - https://github.com/greenpau/py_insightvm_sdk CVE-2019-0604 - https://github.com/0xT11/CVE-POC +CVE-2019-0604 - https://github.com/H0j3n/EzpzSharepoint +CVE-2019-0604 - https://github.com/NHPT/ysoserial.net CVE-2019-0604 - https://github.com/PWN-Kingdom/Test_Tasks CVE-2019-0604 - https://github.com/QWERTSKIHACK/Active-Directory-Exploitation-Cheat-Sheet. CVE-2019-0604 - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet @@ -21823,9 +22934,11 @@ CVE-2019-0604 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-0604 - https://github.com/k8gege/CVE-2019-0604 CVE-2019-0604 - https://github.com/likescam/CVE-2019-0604_sharepoint_CVE CVE-2019-0604 - https://github.com/linhlhq/CVE-2019-0604 +CVE-2019-0604 - https://github.com/m5050/CVE-2019-0604 CVE-2019-0604 - https://github.com/michael101096/cs2020_msels CVE-2019-0604 - https://github.com/pwntester/ysoserial.net CVE-2019-0604 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2019-0604 - https://github.com/r0eXpeR/supplier CVE-2019-0604 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-0606 - https://github.com/greenpau/py_insightvm_sdk CVE-2019-0609 - https://github.com/sslab-gatech/DIE @@ -21837,10 +22950,14 @@ CVE-2019-0623 - https://github.com/Ascotbe/Kernelhub CVE-2019-0623 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-0623 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-0623 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2019-0626 - https://github.com/ThePirateWhoSmellsOfSunflowers/TheHackerLinks CVE-2019-0636 - https://github.com/saiyuki1919/BlackHat2019 CVE-2019-0636 - https://github.com/shubham0d/SymBlock +CVE-2019-0666 - https://github.com/ThePirateWhoSmellsOfSunflowers/TheHackerLinks CVE-2019-0666 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-0678 - https://github.com/0xT11/CVE-POC +CVE-2019-0678 - https://github.com/c0d3G33k/CVE-2019-0678 +CVE-2019-0678 - https://github.com/c0d3G33k/That-evil-bookmark-in-your-browser CVE-2019-0678 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-0678 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-0683 - https://github.com/ErdemOzgen/ActiveDirectoryAttacks @@ -21855,13 +22972,20 @@ CVE-2019-0685 - https://github.com/0xT11/CVE-POC CVE-2019-0685 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-0685 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-0685 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2019-0708 - https://github.com/0x0021h/exploitsearch CVE-2019-0708 - https://github.com/0x4D31/fatt +CVE-2019-0708 - https://github.com/0x6b7966/CVE-2019-0708-RCE +CVE-2019-0708 - https://github.com/0xFlag/CVE-2019-0708-test CVE-2019-0708 - https://github.com/0xT11/CVE-POC CVE-2019-0708 - https://github.com/0xeb-bp/bluekeep CVE-2019-0708 - https://github.com/0xpetros/windows-privilage-escalation +CVE-2019-0708 - https://github.com/10ocs/Dos CVE-2019-0708 - https://github.com/10ocs/bluekeep +CVE-2019-0708 - https://github.com/1aa87148377/CVE-2019-0708 CVE-2019-0708 - https://github.com/301415926/PENTESTING-BIBLE CVE-2019-0708 - https://github.com/303sec/CVE-2019-0708 +CVE-2019-0708 - https://github.com/3xploit-db/Pentest-Tools-Framework +CVE-2019-0708 - https://github.com/5l1v3r1/ISPY-WAN CVE-2019-0708 - https://github.com/61106960/adPEAS CVE-2019-0708 - https://github.com/84KaliPleXon3/PENTESTING-BIBLE CVE-2019-0708 - https://github.com/AdministratorGithub/CVE-2019-0708 @@ -21869,8 +22993,11 @@ CVE-2019-0708 - https://github.com/Ascotbe/Kernelhub CVE-2019-0708 - https://github.com/Astrogeorgeonethree/Starred CVE-2019-0708 - https://github.com/Barry-McCockiner/CVE-2019-0708 CVE-2019-0708 - https://github.com/BlackburnHax/inntinn +CVE-2019-0708 - https://github.com/ChefGordon/List-O-Tools +CVE-2019-0708 - https://github.com/ChilledChild/CVE-A-Day CVE-2019-0708 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-0708 - https://github.com/Cyb0r9/ispy +CVE-2019-0708 - https://github.com/CyberSift/CyberSift-Alerts CVE-2019-0708 - https://github.com/Ekultek/BlueKeep CVE-2019-0708 - https://github.com/ErdemOzgen/ActiveDirectoryAttacks CVE-2019-0708 - https://github.com/ExpLife0011/awesome-windows-kernel-security-development @@ -21883,9 +23010,12 @@ CVE-2019-0708 - https://github.com/HacTF/poc--exp CVE-2019-0708 - https://github.com/HackerJ0e/CVE-2019-0708 CVE-2019-0708 - https://github.com/HarkjinDev/HarkjinDev CVE-2019-0708 - https://github.com/HynekPetrak/detect_bluekeep.py +CVE-2019-0708 - https://github.com/Iamgublin/0708Test CVE-2019-0708 - https://github.com/Idoit-z/python_nmap +CVE-2019-0708 - https://github.com/JSec1337/Scanner-CVE-2019-0708 CVE-2019-0708 - https://github.com/Jaky5155/cve-2019-0708-exp CVE-2019-0708 - https://github.com/JasonLOU/CVE-2019-0708 +CVE-2019-0708 - https://github.com/Kiz619ao630/StepwisePolicy3 CVE-2019-0708 - https://github.com/Leoid/CVE-2019-0708 CVE-2019-0708 - https://github.com/Mathankumar2701/ALL-PENTESTING-BIBLE CVE-2019-0708 - https://github.com/MedoX71T/PENTESTING-BIBLE @@ -21900,6 +23030,7 @@ CVE-2019-0708 - https://github.com/NullByteSuiteDevs/CVE-2019-0708 CVE-2019-0708 - https://github.com/OCEANOFANYTHING/PENTESTING-BIBLE CVE-2019-0708 - https://github.com/Ondrik8/exploit CVE-2019-0708 - https://github.com/Pa55w0rd/CVE-2019-0708 +CVE-2019-0708 - https://github.com/PleXone2019/spy CVE-2019-0708 - https://github.com/R0B1NL1N/AD-Attack-Defense CVE-2019-0708 - https://github.com/RickGeex/msf-module-CVE-2019-0708 CVE-2019-0708 - https://github.com/Rostelecom-CERT/bluekeepscan @@ -21912,9 +23043,12 @@ CVE-2019-0708 - https://github.com/SugiB3o/Check-vuln-CVE-2019-0708 CVE-2019-0708 - https://github.com/SwitHak/SwitHak.github.io CVE-2019-0708 - https://github.com/TamilHackz/windows-exploitation CVE-2019-0708 - https://github.com/Tengrom/Python_nmap +CVE-2019-0708 - https://github.com/The-Mario/MarioB CVE-2019-0708 - https://github.com/TinToSer/bluekeep-exploit +CVE-2019-0708 - https://github.com/Tk369/Rdp0708 CVE-2019-0708 - https://github.com/Tracehowler/Bible CVE-2019-0708 - https://github.com/UraSecTeam/CVE-2019-0708 +CVE-2019-0708 - https://github.com/Wh1teZe/solo-blog CVE-2019-0708 - https://github.com/YHZX2013/CVE-2019-0709 CVE-2019-0708 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2019-0708 - https://github.com/YSheldon/MS_T120 @@ -21926,6 +23060,7 @@ CVE-2019-0708 - https://github.com/algo7/bluekeep_CVE-2019-0708_poc_to_exploit CVE-2019-0708 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-0708 - https://github.com/ambynotcoder/C-libraries CVE-2019-0708 - https://github.com/andreafioraldi/cve_searchsploit +CVE-2019-0708 - https://github.com/andripwn/CVE-2019-0708 CVE-2019-0708 - https://github.com/areusecure/CVE-2019-0708 CVE-2019-0708 - https://github.com/at0mik/CVE-2019-0708-PoC CVE-2019-0708 - https://github.com/aymankhder/PENTESTING-BIBLE2 @@ -21935,22 +23070,30 @@ CVE-2019-0708 - https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE CVE-2019-0708 - https://github.com/blacksunwen/CVE-2019-0708 CVE-2019-0708 - https://github.com/blackunixteam/rdpscan CVE-2019-0708 - https://github.com/blockchainguard/CVE-2019-0708 +CVE-2019-0708 - https://github.com/cbwang505/CVE-2019-0708-EXP-Windows +CVE-2019-0708 - https://github.com/ceskillets/DCV-Predefined-Log-Filter-of-Specific-CVE-of-EternalBlue-and-BlueKeep-with-Auto-Tag- CVE-2019-0708 - https://github.com/cgoncalves1/Infosec-Resources +CVE-2019-0708 - https://github.com/chalern/Pentest-Tools CVE-2019-0708 - https://github.com/closethe/CVE-2019-0708-POC CVE-2019-0708 - https://github.com/codereveryday/Programming-Hacking-Resources CVE-2019-0708 - https://github.com/coolboy4me/cve-2019-0708_bluekeep_rce CVE-2019-0708 - https://github.com/cream-sec/CVE-2019-0708-Msf-- +CVE-2019-0708 - https://github.com/cve-2019-0708-poc/cve-2019-0708 CVE-2019-0708 - https://github.com/cvencoder/cve-2019-0708 CVE-2019-0708 - https://github.com/czq945659538/-study CVE-2019-0708 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-0708 - https://github.com/distance-vector/CVE-2019-0708 CVE-2019-0708 - https://github.com/dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708- CVE-2019-0708 - https://github.com/eastmountyxz/CSDNBlog-Security-Based +CVE-2019-0708 - https://github.com/eastmountyxz/CVE-2019-0708-Windows CVE-2019-0708 - https://github.com/eastmountyxz/NetworkSecuritySelf-study +CVE-2019-0708 - https://github.com/eastmountyxz/SystemSecurity-ReverseAnalysis CVE-2019-0708 - https://github.com/echohun/tools CVE-2019-0708 - https://github.com/edvacco/CVE-2019-0708-POC CVE-2019-0708 - https://github.com/emtuls/Awesome-Cyber-Security-List CVE-2019-0708 - https://github.com/erSubhashThapa/pentest-bible CVE-2019-0708 - https://github.com/f8al/CVE-2019-0708-POC +CVE-2019-0708 - https://github.com/fade-vivida/CVE-2019-0708-test CVE-2019-0708 - https://github.com/fengjixuchui/RedTeamer CVE-2019-0708 - https://github.com/fourtwizzy/CVE-2019-0708-Check-Device-Patch-Status CVE-2019-0708 - https://github.com/freeide/CVE-2019-0708 @@ -21979,17 +23122,25 @@ CVE-2019-0708 - https://github.com/imNani4/PENTESTING-BIBLE CVE-2019-0708 - https://github.com/infenet/CVE-2019-0708 CVE-2019-0708 - https://github.com/infiniti-team/CVE-2019-0708 CVE-2019-0708 - https://github.com/infosecn1nja/AD-Attack-Defense +CVE-2019-0708 - https://github.com/innxrmxst/CVE-2019-0708-DOS CVE-2019-0708 - https://github.com/jeansgit/Pentest CVE-2019-0708 - https://github.com/jiansiting/CVE-2019-0708 +CVE-2019-0708 - https://github.com/jordanbertasso/MetaMap +CVE-2019-0708 - https://github.com/julienbassin/PSTenable +CVE-2019-0708 - https://github.com/k4yt3x/pwsearch CVE-2019-0708 - https://github.com/k8gege/CVE-2019-0708 CVE-2019-0708 - https://github.com/kevthehermit/attackerkb-api CVE-2019-0708 - https://github.com/kryptoslogic/rdppot CVE-2019-0708 - https://github.com/l9c/rdp0708scanner CVE-2019-0708 - https://github.com/lp008/CVE_2019_0708_Blue_screen_poc +CVE-2019-0708 - https://github.com/lp008/Hack-readme +CVE-2019-0708 - https://github.com/lwtz/CVE-2019-0708 CVE-2019-0708 - https://github.com/mai-lang-chai/System-Vulnerability CVE-2019-0708 - https://github.com/major203/cve-2019-0708-scan CVE-2019-0708 - https://github.com/matengfei000/CVE-2019-0708 +CVE-2019-0708 - https://github.com/mdiazcl/scanner-bluekeep CVE-2019-0708 - https://github.com/mekhalleh/cve-2019-0708 +CVE-2019-0708 - https://github.com/michael101096/cs2020_msels CVE-2019-0708 - https://github.com/mishmashclone/infosecn1nja-AD-Attack-Defense CVE-2019-0708 - https://github.com/morkin1792/security-tests CVE-2019-0708 - https://github.com/n0auth/CVE-2019-0708 @@ -22001,22 +23152,30 @@ CVE-2019-0708 - https://github.com/ntkernel0/CVE-2019-0708 CVE-2019-0708 - https://github.com/odimarf/blekeep CVE-2019-0708 - https://github.com/oneoy/BlueKeep CVE-2019-0708 - https://github.com/p0p0p0/CVE-2019-0708-exploit +CVE-2019-0708 - https://github.com/pengusec/awesome-netsec-articles CVE-2019-0708 - https://github.com/pentest-a2p2v/pentest-a2p2v-core CVE-2019-0708 - https://github.com/phant0n/PENTESTING-BIBLE +CVE-2019-0708 - https://github.com/pikpikcu/Pentest-Tools-Framework CVE-2019-0708 - https://github.com/pravinsrc/NOTES-windows-kernel-links +CVE-2019-0708 - https://github.com/project7io/nmap CVE-2019-0708 - https://github.com/pry0cc/BlueKeepTracker CVE-2019-0708 - https://github.com/pry0cc/cve-2019-0708-2 +CVE-2019-0708 - https://github.com/pwnhacker0x18/Wincrash CVE-2019-0708 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-0708 - https://github.com/qing-root/CVE-2019-0708-EXP-MSF- CVE-2019-0708 - https://github.com/qq431169079/CVE-2019-0709 +CVE-2019-0708 - https://github.com/r0co/bluekeep_scanner +CVE-2019-0708 - https://github.com/r0eXpeR/supplier CVE-2019-0708 - https://github.com/ridhopratama29/zimbohack CVE-2019-0708 - https://github.com/robertdavidgraham/rdpscan CVE-2019-0708 - https://github.com/rockmelodies/CVE-2019-0708-Exploit CVE-2019-0708 - https://github.com/safly/CVE-2019-0708 CVE-2019-0708 - https://github.com/sbkcbig/CVE-2019-0708-EXPloit CVE-2019-0708 - https://github.com/sbkcbig/CVE-2019-0708-EXPloit-3389 +CVE-2019-0708 - https://github.com/shishibabyq/CVE-2019-0708 CVE-2019-0708 - https://github.com/shuanx/vulnerability CVE-2019-0708 - https://github.com/shun-gg/CVE-2019-0708 +CVE-2019-0708 - https://github.com/skommando/CVE-2019-0708 CVE-2019-0708 - https://github.com/skyshell20082008/CVE-2019-0708-PoC-Hitting-Path CVE-2019-0708 - https://github.com/smallFunction/CVE-2019-0708-POC CVE-2019-0708 - https://github.com/sunzu94/AD-Attack-Defense @@ -22024,18 +23183,23 @@ CVE-2019-0708 - https://github.com/syriusbughunt/CVE-2019-0708 CVE-2019-0708 - https://github.com/t31m0/PENTESTING-BIBLE CVE-2019-0708 - https://github.com/taielab/awesome-hacking-lists CVE-2019-0708 - https://github.com/tataev/Security +CVE-2019-0708 - https://github.com/tdcoming/Vulnerability-engine CVE-2019-0708 - https://github.com/temp-user-2014/CVE-2019-0708 CVE-2019-0708 - https://github.com/thugcrowd/CVE-2019-0708 CVE-2019-0708 - https://github.com/tolgadevsec/Awesome-Deception CVE-2019-0708 - https://github.com/ttsite/CVE-2019-0708 CVE-2019-0708 - https://github.com/ttsite/CVE-2019-0708- CVE-2019-0708 - https://github.com/turingcompl33t/bluekeep +CVE-2019-0708 - https://github.com/ugur-ercan/exploit-collection +CVE-2019-0708 - https://github.com/uk45/XploitHunt +CVE-2019-0708 - https://github.com/ulisesrc/-2-CVE-2019-0708 CVE-2019-0708 - https://github.com/ulisesrc/BlueKeep CVE-2019-0708 - https://github.com/umarfarook882/CVE-2019-0708 CVE-2019-0708 - https://github.com/umeshae/BlueKeep CVE-2019-0708 - https://github.com/uoanlab/vultest CVE-2019-0708 - https://github.com/vincentfer/PENTESTING-BIBLE- CVE-2019-0708 - https://github.com/viszsec/CyberSecurity-Playground +CVE-2019-0708 - https://github.com/vulsio/go-msfdb CVE-2019-0708 - https://github.com/wateroot/poc-exp CVE-2019-0708 - https://github.com/wdfcc/CVE-2019-0708 CVE-2019-0708 - https://github.com/welove88888/888 @@ -22052,6 +23216,7 @@ CVE-2019-0708 - https://github.com/yedada-wei/gongkaishouji CVE-2019-0708 - https://github.com/yetiddbb/CVE-2019-0708-PoC CVE-2019-0708 - https://github.com/yushiro/CVE-2019-0708 CVE-2019-0708 - https://github.com/ze0r/CVE-2019-0708-exp +CVE-2019-0708 - https://github.com/zecopro/bluekeep CVE-2019-0708 - https://github.com/zhang040723/web CVE-2019-0708 - https://github.com/zjw88282740/CVE-2019-0708-win7 CVE-2019-0709 - https://github.com/0xT11/CVE-POC @@ -22095,6 +23260,7 @@ CVE-2019-0768 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-0768 - https://github.com/punishell/WindowsLegacyCVE CVE-2019-0768 - https://github.com/ruthlezs/ie11_vbscript_exploit CVE-2019-0785 - https://github.com/0xT11/CVE-POC +CVE-2019-0785 - https://github.com/Jaky5155/CVE-2019-0785 CVE-2019-0785 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-0785 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-0796 - https://github.com/0xT11/CVE-POC @@ -22157,6 +23323,8 @@ CVE-2019-0805 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-0805 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-0808 - https://github.com/0xT11/CVE-POC CVE-2019-0808 - https://github.com/Ascotbe/Kernelhub +CVE-2019-0808 - https://github.com/ChefGordon/List-O-Tools +CVE-2019-0808 - https://github.com/DreamoneOnly/CVE-2019-0808-32-64-exp CVE-2019-0808 - https://github.com/ExpLife0011/awesome-windows-kernel-security-development CVE-2019-0808 - https://github.com/Iamgublin/CVE-2020-1054 CVE-2019-0808 - https://github.com/Ondrik8/exploit @@ -22164,6 +23332,7 @@ CVE-2019-0808 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-0808 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-0808 - https://github.com/exodusintel/CVE-2019-0808 CVE-2019-0808 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-0808 - https://github.com/lp008/Hack-readme CVE-2019-0808 - https://github.com/paulveillard/cybersecurity-windows-exploitation CVE-2019-0808 - https://github.com/pravinsrc/NOTES-windows-kernel-links CVE-2019-0808 - https://github.com/qazbnm456/awesome-cve-poc @@ -22191,6 +23360,7 @@ CVE-2019-0841 - https://github.com/0xT11/CVE-POC CVE-2019-0841 - https://github.com/S3cur3Th1sSh1t/SharpByeBear CVE-2019-0841 - https://github.com/S3cur3Th1sSh1t/SharpPolarBear CVE-2019-0841 - https://github.com/S3cur3Th1sSh1t/WinPwn +CVE-2019-0841 - https://github.com/ThePirateWhoSmellsOfSunflowers/TheHackerLinks CVE-2019-0841 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-0841 - https://github.com/deadjakk/patch-checker CVE-2019-0841 - https://github.com/developer3000S/PoC-in-GitHub @@ -22205,6 +23375,8 @@ CVE-2019-0841 - https://github.com/pwninx/WinPwn CVE-2019-0841 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-0841 - https://github.com/rasta-mouse/Watson CVE-2019-0841 - https://github.com/rogue-kdc/CVE-2019-0841 +CVE-2019-0841 - https://github.com/sgabe/CVE-2019-1253 +CVE-2019-0841 - https://github.com/sgabe/CVE-2019-1476 CVE-2019-0841 - https://github.com/shubham0d/SymBlock CVE-2019-0841 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-0859 - https://github.com/0xT11/CVE-POC @@ -22218,6 +23390,7 @@ CVE-2019-0859 - https://github.com/TamilHackz/windows-exploitation CVE-2019-0859 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-0859 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-0859 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-0859 - https://github.com/lp008/Hack-readme CVE-2019-0859 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2019-0862 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-0862 - https://github.com/hectorgie/PoC-in-GitHub @@ -22242,6 +23415,7 @@ CVE-2019-0887 - https://github.com/0xT11/CVE-POC CVE-2019-0887 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-0887 - https://github.com/fengjixuchui/RedTeamer CVE-2019-0887 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-0887 - https://github.com/qianshuidewajueji/CVE-2019-0887 CVE-2019-0888 - https://github.com/0xT11/CVE-POC CVE-2019-0888 - https://github.com/ExpLife0011/awesome-windows-kernel-security-development CVE-2019-0888 - https://github.com/Ondrik8/exploit @@ -22258,6 +23432,7 @@ CVE-2019-0899 - https://github.com/googleprojectzero/winafl CVE-2019-0899 - https://github.com/hardik05/winafl-powermopt CVE-2019-0902 - https://github.com/googleprojectzero/winafl CVE-2019-0902 - https://github.com/hardik05/winafl-powermopt +CVE-2019-0913 - https://github.com/0xlane/vu1hub CVE-2019-0928 - https://github.com/AudioStakes/CVESummaryGenerator CVE-2019-0930 - https://github.com/tunz/js-vuln-db CVE-2019-0938 - https://github.com/alphaSeclab/sec-daily-2019 @@ -22298,6 +23473,8 @@ CVE-2019-1002101 - https://github.com/brompwnie/botb CVE-2019-1002101 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-1002101 - https://github.com/g3rzi/HackingKubernetes CVE-2019-1002101 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-1002101 - https://github.com/heroku/bheu19-attacking-cloud-builds +CVE-2019-1002101 - https://github.com/k1LoW/oshka CVE-2019-10028 - https://github.com/ForAllSecure/VulnerabilitiesLab CVE-2019-1003000 - https://github.com/0xT11/CVE-POC CVE-2019-1003000 - https://github.com/0xtavian/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins @@ -22307,6 +23484,7 @@ CVE-2019-1003000 - https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-po CVE-2019-1003000 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-1003000 - https://github.com/gquere/pwn_jenkins CVE-2019-1003000 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-1003000 - https://github.com/jaychouzzk/- CVE-2019-1003000 - https://github.com/superfish9/pt CVE-2019-1003000 - https://github.com/wetw0rk/Exploit-Development CVE-2019-1003000 - https://github.com/woods-sega/woodswiki @@ -22348,12 +23526,15 @@ CVE-2019-10061 - https://github.com/ossf-cve-benchmark/CVE-2019-10061 CVE-2019-10068 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-10068 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-10070 - https://github.com/afinepl/research +CVE-2019-10072 - https://github.com/ilmari666/cybsec CVE-2019-10072 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2019-10081 - https://github.com/Solhack/Team_CSI_platform +CVE-2019-10081 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2019-10081 - https://github.com/starnightcyber/vul-info-collect CVE-2019-10081 - https://github.com/vshaliii/Funbox2-rookie CVE-2019-10081 - https://github.com/vshaliii/Vegeta1-Vulhub-Walkthrough CVE-2019-10082 - https://github.com/Solhack/Team_CSI_platform +CVE-2019-10082 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2019-10082 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2019-10082 - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough CVE-2019-10082 - https://github.com/vshaliii/Funbox2-rookie @@ -22367,8 +23548,10 @@ CVE-2019-10090 - https://github.com/ossf-cve-benchmark/CVE-2019-10090 CVE-2019-10092 - https://github.com/0xT11/CVE-POC CVE-2019-10092 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-10092 - https://github.com/Solhack/Team_CSI_platform +CVE-2019-10092 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2019-10092 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-10092 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-10092 - https://github.com/motikan2010/CVE-2019-10092_Docker CVE-2019-10092 - https://github.com/sobinge/nuclei-templates CVE-2019-10092 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2019-10092 - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough @@ -22382,16 +23565,19 @@ CVE-2019-10098 - https://github.com/BitTheByte/Eagle CVE-2019-10098 - https://github.com/Solhack/Team_CSI_platform CVE-2019-10098 - https://github.com/alex14324/Eagel CVE-2019-10098 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-10098 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2019-10098 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2019-10098 - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough CVE-2019-10098 - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough CVE-2019-10098 - https://github.com/vshaliii/Funbox2-rookie CVE-2019-10098 - https://github.com/vshaliii/Vegeta1-Vulhub-Walkthrough CVE-2019-1010022 - https://github.com/garethr/snykout +CVE-2019-1010022 - https://github.com/madchap/opa-tests CVE-2019-1010023 - https://github.com/garethr/snykout CVE-2019-1010024 - https://github.com/garethr/snykout CVE-2019-1010025 - https://github.com/garethr/snykout CVE-2019-1010054 - https://github.com/0xT11/CVE-POC +CVE-2019-1010054 - https://github.com/chaizeg/CSRF-breach CVE-2019-1010054 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-1010054 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-1010266 - https://github.com/chkp-dhouari/CloudGuard-ShiftLeft-CICD @@ -22406,17 +23592,22 @@ CVE-2019-1010298 - https://github.com/0xT11/CVE-POC CVE-2019-1010298 - https://github.com/RKX1209/CVE-2019-1010298 CVE-2019-1010298 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-1010298 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-1010299 - https://github.com/Qwaz/rust-cve CVE-2019-1010299 - https://github.com/xxg1413/rust-security CVE-2019-10149 - https://github.com/0xT11/CVE-POC CVE-2019-10149 - https://github.com/0xdea/exploits CVE-2019-10149 - https://github.com/AzizMea/CVE-2019-10149-privilege-escalation +CVE-2019-10149 - https://github.com/Brets0150/StickyExim +CVE-2019-10149 - https://github.com/Chris-dev1/exim.exp CVE-2019-10149 - https://github.com/Diefunction/CVE-2019-10149 +CVE-2019-10149 - https://github.com/Dilshan-Eranda/CVE-2019-10149 CVE-2019-10149 - https://github.com/MNEMO-CERT/PoC--CVE-2019-10149_Exim CVE-2019-10149 - https://github.com/aishee/CVE-2019-10149-quick CVE-2019-10149 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2019-10149 - https://github.com/area1/exim-cve-2019-10149-data CVE-2019-10149 - https://github.com/bananaphones/exim-rce-quickfix CVE-2019-10149 - https://github.com/cowbe0x004/eximrce-CVE-2019-10149 +CVE-2019-10149 - https://github.com/darsigovrustam/CVE-2019-10149 CVE-2019-10149 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-10149 - https://github.com/dhn/exploits CVE-2019-10149 - https://github.com/hackerhouse-opensource/exploits @@ -22430,6 +23621,7 @@ CVE-2019-10173 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-10173 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2019-10173 - https://github.com/SexyBeast233/SecBooks CVE-2019-10173 - https://github.com/YIXINSHUWU/Penetration_Testing_POC +CVE-2019-10173 - https://github.com/chalern/Pentest-Tools CVE-2019-10173 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-10173 - https://github.com/huike007/penetration_poc CVE-2019-10173 - https://github.com/huike007/poc @@ -22450,7 +23642,9 @@ CVE-2019-10207 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-10207 - https://github.com/butterflyhack/CVE-2019-10207 CVE-2019-10207 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-10207 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-10210 - https://github.com/msantos/cvecat CVE-2019-10216 - https://github.com/barrracud4/image-upload-exploits +CVE-2019-10216 - https://github.com/hhc0null/GhostRule CVE-2019-10222 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2019-10222 - https://github.com/full-disclosure/repo CVE-2019-10222 - https://github.com/wuseman/TG799VAC-XTREME-17.2-MINT @@ -22464,11 +23658,13 @@ CVE-2019-10352 - https://github.com/r0eXpeR/redteam_vul CVE-2019-10392 - https://github.com/0xT11/CVE-POC CVE-2019-10392 - https://github.com/Retr0-ll/littleterm CVE-2019-10392 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-10392 - https://github.com/ftk-sostupid/CVE-2019-10392_EXP CVE-2019-10392 - https://github.com/gquere/pwn_jenkins CVE-2019-10392 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-10392 - https://github.com/jas502n/CVE-2019-10392 CVE-2019-10392 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-10392 - https://github.com/r0eXpeR/redteam_vul +CVE-2019-10392 - https://github.com/tdcoming/Vulnerability-engine CVE-2019-10392 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-10393 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-10394 - https://github.com/alphaSeclab/sec-daily-2019 @@ -22477,6 +23673,7 @@ CVE-2019-1040 - https://github.com/0xT11/CVE-POC CVE-2019-1040 - https://github.com/AnonVulc/Pentest-Tools CVE-2019-1040 - https://github.com/Ascotbe/Kernelhub CVE-2019-1040 - https://github.com/ErdemOzgen/ActiveDirectoryAttacks +CVE-2019-1040 - https://github.com/EvilAnne/2019-Read-article CVE-2019-1040 - https://github.com/Gl3bGl4z/All_NTLM_leak CVE-2019-1040 - https://github.com/Nieuport/Active-Directory-Kill-Chain-Attack-Defense CVE-2019-1040 - https://github.com/R0B1NL1N/AD-Attack-Defense @@ -22491,13 +23688,17 @@ CVE-2019-1040 - https://github.com/geeksniper/active-directory-pentest CVE-2019-1040 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-1040 - https://github.com/infosecn1nja/AD-Attack-Defense CVE-2019-1040 - https://github.com/lazaars/UltraRealy_with_CVE-2019-1040 +CVE-2019-1040 - https://github.com/lp008/Hack-readme CVE-2019-1040 - https://github.com/mishmashclone/infosecn1nja-AD-Attack-Defense +CVE-2019-1040 - https://github.com/nccgroup/Change-Lockscreen CVE-2019-1040 - https://github.com/penetrarnya-tm/WeaponizeKali.sh CVE-2019-1040 - https://github.com/preempt/ntlm-scanner +CVE-2019-1040 - https://github.com/severnake/Pentest-Tools CVE-2019-1040 - https://github.com/shantanu561993/DomainUserToDomainAdminTechniques CVE-2019-1040 - https://github.com/sunzu94/AD-Attack-Defense CVE-2019-1040 - https://github.com/tataev/Security CVE-2019-1040 - https://github.com/theyoge/AD-Pentesting-Tools +CVE-2019-1040 - https://github.com/wzxmt/CVE-2019-1040 CVE-2019-1040 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2019-1040 - https://github.com/zer0yu/Intranet_Penetration_CheetSheets CVE-2019-10400 - https://github.com/alphaSeclab/sec-daily-2019 @@ -22520,6 +23721,7 @@ CVE-2019-10542 - https://github.com/jiayy/android_vuln_poc-exp CVE-2019-10562 - https://github.com/404notf0und/CVE-Flow CVE-2019-10563 - https://github.com/jiayy/android_vuln_poc-exp CVE-2019-10566 - https://github.com/jiayy/android_vuln_poc-exp +CVE-2019-10567 - https://github.com/secmob/TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices CVE-2019-10567 - https://github.com/xairy/linux-kernel-exploitation CVE-2019-10584 - https://github.com/jiayy/android_vuln_poc-exp CVE-2019-10596 - https://github.com/404notf0und/CVE-Flow @@ -22569,6 +23771,8 @@ CVE-2019-1069 - https://github.com/pwninx/WinPwn CVE-2019-10708 - https://github.com/0xT11/CVE-POC CVE-2019-10708 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-10708 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-10708 - https://github.com/stavhaygn/CVE-2019-10708 +CVE-2019-10709 - https://github.com/telspacesystems/Asus-DOS CVE-2019-1071 - https://github.com/0xT11/CVE-POC CVE-2019-1071 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-1071 - https://github.com/developer3000S/PoC-in-GitHub @@ -22578,6 +23782,8 @@ CVE-2019-10718 - https://github.com/irbishop/CVEs CVE-2019-10719 - https://github.com/irbishop/CVEs CVE-2019-10720 - https://github.com/irbishop/CVEs CVE-2019-10721 - https://github.com/irbishop/CVEs +CVE-2019-10723 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2019-10723 - https://github.com/tzf-key/MemLock_Benchmark CVE-2019-1073 - https://github.com/0xT11/CVE-POC CVE-2019-1073 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-1073 - https://github.com/hectorgie/PoC-in-GitHub @@ -22586,17 +23792,25 @@ CVE-2019-10742 - https://github.com/huaweicloud/huaweicloud-sdk-browserjs-obs CVE-2019-10742 - https://github.com/puryersc/shiftleftv2 CVE-2019-10742 - https://github.com/puryersc/shiftleftv3 CVE-2019-10742 - https://github.com/puryersc/shiftleftv4 +CVE-2019-10742 - https://github.com/ray-tracer96024/Unintentionally-Vulnerable-Hotel-Management-Website CVE-2019-10743 - https://github.com/snyk/zip-slip-vulnerability +CVE-2019-10744 - https://github.com/A2u13/JS-Security CVE-2019-10744 - https://github.com/JoBrad/casefold CVE-2019-10744 - https://github.com/MaySoMusician/geidai-ikoi CVE-2019-10744 - https://github.com/azuqua/cassanknex CVE-2019-10744 - https://github.com/chkp-dhouari/CloudGuard-ShiftLeft-CICD CVE-2019-10744 - https://github.com/duckstroms/Web-CTF-Cheatsheet CVE-2019-10744 - https://github.com/endorama/CsvToL10nJson +CVE-2019-10744 - https://github.com/nVisium/npm-deps-parser CVE-2019-10744 - https://github.com/puryersc/shiftleftv2 CVE-2019-10744 - https://github.com/puryersc/shiftleftv3 CVE-2019-10744 - https://github.com/puryersc/shiftleftv4 +CVE-2019-10744 - https://github.com/ray-tracer96024/Unintentionally-Vulnerable-Hotel-Management-Website CVE-2019-10744 - https://github.com/w181496/Web-CTF-Cheatsheet +CVE-2019-10746 - https://github.com/nVisium/npm-deps-parser +CVE-2019-10746 - https://github.com/ray-tracer96024/Unintentionally-Vulnerable-Hotel-Management-Website +CVE-2019-10747 - https://github.com/nVisium/npm-deps-parser +CVE-2019-10747 - https://github.com/ray-tracer96024/Unintentionally-Vulnerable-Hotel-Management-Website CVE-2019-10757 - https://github.com/ossf-cve-benchmark/CVE-2019-10757 CVE-2019-10758 - https://github.com/0ps/pocassistdb CVE-2019-10758 - https://github.com/0xT11/CVE-POC @@ -22612,6 +23826,9 @@ CVE-2019-10758 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-10758 - https://github.com/huike007/penetration_poc CVE-2019-10758 - https://github.com/huike007/poc CVE-2019-10758 - https://github.com/jweny/pocassistdb +CVE-2019-10758 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection +CVE-2019-10758 - https://github.com/lp008/CVE-2019-10758 +CVE-2019-10758 - https://github.com/masahiro331/CVE-2019-10758 CVE-2019-10758 - https://github.com/tdtc7/qps CVE-2019-10758 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-10758 - https://github.com/yedada-wei/- @@ -22624,13 +23841,17 @@ CVE-2019-10776 - https://github.com/ossf-cve-benchmark/CVE-2019-10776 CVE-2019-10779 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-10779 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-10781 - https://github.com/ossf-cve-benchmark/CVE-2019-10781 +CVE-2019-10782 - https://github.com/abhisheksr01/spring-boot-microservice-best-practices CVE-2019-10785 - https://github.com/ossf-cve-benchmark/CVE-2019-10785 CVE-2019-10789 - https://github.com/hgarcia/curling CVE-2019-1082 - https://github.com/CyberMonitor/somethingweneed CVE-2019-1082 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-1082 - https://github.com/pengusec/awesome-netsec-articles CVE-2019-1083 - https://github.com/0xT11/CVE-POC CVE-2019-1083 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-1083 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-1083 - https://github.com/stevenseeley/HowCVE-2019-1083Works +CVE-2019-10842 - https://github.com/jacksimple/simple-cve-api CVE-2019-10846 - https://github.com/SexyBeast233/SecBooks CVE-2019-10848 - https://github.com/SexyBeast233/SecBooks CVE-2019-10852 - https://github.com/SexyBeast233/SecBooks @@ -22652,9 +23873,11 @@ CVE-2019-10913 - https://github.com/KerbenII/shop CVE-2019-10915 - https://github.com/0xT11/CVE-POC CVE-2019-10915 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-10915 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-10915 - https://github.com/jiansiting/CVE-2019-10915 CVE-2019-1092 - https://github.com/sslab-gatech/DIE CVE-2019-10943 - https://github.com/ic3sw0rd/S7_plus_Crash CVE-2019-1096 - https://github.com/0xT11/CVE-POC +CVE-2019-1096 - https://github.com/CrackerCat/cve-2019-1096-poc CVE-2019-1096 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-1096 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-10999 - https://github.com/0xT11/CVE-POC @@ -22664,22 +23887,33 @@ CVE-2019-10999 - https://github.com/jacobsoo/HardwareWiki CVE-2019-10999 - https://github.com/tacnetsol/CVE-2019-10999 CVE-2019-11013 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-11034 - https://github.com/vincd/search-cve +CVE-2019-11043 - https://github.com/0th3rs-Security-Team/CVE-2019-11043 CVE-2019-11043 - https://github.com/0xT11/CVE-POC CVE-2019-11043 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2019-11043 - https://github.com/AleWong/PHP-FPM-Remote-Code-Execution-Vulnerability-CVE-2019-11043- +CVE-2019-11043 - https://github.com/B1gd0g/CVE-2019-11043 CVE-2019-11043 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-11043 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2019-11043 - https://github.com/HxDDD/CVE-PoC CVE-2019-11043 - https://github.com/LubinLew/WEB-CVE +CVE-2019-11043 - https://github.com/MRdoulestar/CVE-2019-11043 CVE-2019-11043 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2019-11043 - https://github.com/SexyBeast233/SecBooks CVE-2019-11043 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2019-11043 - https://github.com/akamajoris/CVE-2019-11043-Docker +CVE-2019-11043 - https://github.com/alokaranasinghe/cve-2019-11043 CVE-2019-11043 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-11043 - https://github.com/b0o/starred +CVE-2019-11043 - https://github.com/babebbu/TNI-CWC-GGEZ-Hosting +CVE-2019-11043 - https://github.com/bollwarm/tech-news CVE-2019-11043 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-11043 - https://github.com/fairyming/CVE-2019-11043 CVE-2019-11043 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-11043 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-11043 - https://github.com/huike007/penetration_poc CVE-2019-11043 - https://github.com/huike007/poc +CVE-2019-11043 - https://github.com/huowen/CVE-2019-11043 +CVE-2019-11043 - https://github.com/ianxtianxt/CVE-2019-11043 CVE-2019-11043 - https://github.com/izj007/wechat CVE-2019-11043 - https://github.com/jas502n/CVE-2019-11043 CVE-2019-11043 - https://github.com/jdecool/stars-feed @@ -22687,15 +23921,21 @@ CVE-2019-11043 - https://github.com/jiangsir404/POC-S CVE-2019-11043 - https://github.com/k8gege/CVE-2019-11043 CVE-2019-11043 - https://github.com/kriskhub/CVE-2019-11043 CVE-2019-11043 - https://github.com/linuxserver/docker-nextcloud +CVE-2019-11043 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2019-11043 - https://github.com/ltfafei/my_POC CVE-2019-11043 - https://github.com/lucianonooijen/stargazed CVE-2019-11043 - https://github.com/m0ver/drupal-installation-issues +CVE-2019-11043 - https://github.com/moniik/CVE-2019-11043_env CVE-2019-11043 - https://github.com/neex/phuip-fpizdam CVE-2019-11043 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2019-11043 - https://github.com/shadow-horse/cve-2019-11043 CVE-2019-11043 - https://github.com/supercid/awesome-starred CVE-2019-11043 - https://github.com/superfish9/pt CVE-2019-11043 - https://github.com/tdtc7/qps CVE-2019-11043 - https://github.com/theMiddleBlue/CVE-2019-11043 +CVE-2019-11043 - https://github.com/tinker-li/CVE-2019-11043 +CVE-2019-11043 - https://github.com/tjkess/byol +CVE-2019-11043 - https://github.com/ugur-ercan/exploit-collection CVE-2019-11043 - https://github.com/whalehub/awesome-stars CVE-2019-11043 - https://github.com/whoadmin/pocs CVE-2019-11043 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- @@ -22717,6 +23957,7 @@ CVE-2019-11076 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-11076 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-11076 - https://github.com/livehybrid/poc-cribl-rce CVE-2019-1108 - https://github.com/0xT11/CVE-POC +CVE-2019-1108 - https://github.com/Lanph3re/cve-2019-1108 CVE-2019-1108 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-1108 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-11090 - https://github.com/codexlynx/hardware-attacks-state-of-the-art @@ -22734,6 +23975,7 @@ CVE-2019-11151 - https://github.com/WinMin/Protocol-Vul CVE-2019-11157 - https://github.com/0xT11/CVE-POC CVE-2019-11157 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-11157 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-11157 - https://github.com/zkenjar/v0ltpwn CVE-2019-1117 - https://github.com/google/honggfuzz CVE-2019-1117 - https://github.com/xinali/AfdkoFuzz CVE-2019-1117 - https://github.com/xinali/articles @@ -22752,9 +23994,11 @@ CVE-2019-11224 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-11231 - https://github.com/SexyBeast233/SecBooks CVE-2019-11236 - https://github.com/khodges42/Etrata CVE-2019-11236 - https://github.com/twu/skjold +CVE-2019-11242 - https://github.com/cohesity/SecAdvisory CVE-2019-11244 - https://github.com/Lee-SungYoung/Kube-Six CVE-2019-11245 - https://github.com/Metarget/awesome-cloud-native-security CVE-2019-11245 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-11245 - https://github.com/reni2study/Cloud-Native-Security2 CVE-2019-11246 - https://github.com/Metarget/awesome-cloud-native-security CVE-2019-11246 - https://github.com/Metarget/metarget CVE-2019-11246 - https://github.com/ibrahimjelliti/CKSS-Certified-Kubernetes-Security-Specialist @@ -22762,6 +24006,7 @@ CVE-2019-11246 - https://github.com/koronkowy/koronkowy CVE-2019-11246 - https://github.com/tvdvoorde/cks CVE-2019-11246 - https://github.com/vedmichv/CKS-Certified-Kubernetes-Security-Specialist CVE-2019-11247 - https://github.com/g3rzi/HackingKubernetes +CVE-2019-11247 - https://github.com/stackrox/blog-examples CVE-2019-11248 - https://github.com/0xT11/CVE-POC CVE-2019-11248 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-11248 - https://github.com/Elsfa7-110/kenzer-templates @@ -22769,17 +24014,22 @@ CVE-2019-11248 - https://github.com/sobinge/nuclei-templates CVE-2019-11249 - https://github.com/Metarget/awesome-cloud-native-security CVE-2019-11249 - https://github.com/Metarget/metarget CVE-2019-1125 - https://github.com/0xT11/CVE-POC +CVE-2019-1125 - https://github.com/bitdefender/swapgs-attack-poc CVE-2019-1125 - https://github.com/codexlynx/hardware-attacks-state-of-the-art CVE-2019-1125 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-1125 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-1125 - https://github.com/timidri/puppet-meltdown +CVE-2019-11250 - https://github.com/k1LoW/oshka CVE-2019-11251 - https://github.com/Metarget/awesome-cloud-native-security CVE-2019-11251 - https://github.com/Metarget/metarget +CVE-2019-11253 - https://github.com/Metarget/cloud-native-security-book CVE-2019-11253 - https://github.com/Metarget/metarget CVE-2019-11253 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-11253 - https://github.com/g3rzi/HackingKubernetes CVE-2019-11253 - https://github.com/microservices-devsecops-organization/movie-catalog-service-dev +CVE-2019-11254 - https://github.com/naveensrinivasan/stunning-tribble CVE-2019-11268 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-11269 - https://github.com/BBB-man/CVE-2019-3778-Spring-Security-OAuth-2.3-Open-Redirection CVE-2019-1127 - https://github.com/xinali/AfdkoFuzz CVE-2019-1127 - https://github.com/xinali/articles CVE-2019-11270 - https://github.com/alphaSeclab/sec-daily-2019 @@ -22819,6 +24069,7 @@ CVE-2019-11354 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-11354 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-11354 - https://github.com/zeropwn/vulnerability-reports-and-pocs CVE-2019-11354 - https://github.com/zeropwn/zeropwn +CVE-2019-11358 - https://github.com/0rganIzedKa0s/Mechanum-Drive-Train-Practice CVE-2019-11358 - https://github.com/0xT11/CVE-POC CVE-2019-11358 - https://github.com/11177/goal CVE-2019-11358 - https://github.com/11572MouseSpit/FreightFrenzy2021-2022 @@ -22828,9 +24079,22 @@ CVE-2019-11358 - https://github.com/14906Leviathan/FreightFrenzy2021-2022 CVE-2019-11358 - https://github.com/15303/FreightFrenzy CVE-2019-11358 - https://github.com/15534/FtcRobotController2022 CVE-2019-11358 - https://github.com/1595Dragons/FTC-TeamCode +CVE-2019-11358 - https://github.com/16209-TheDreadPirateRobots/FTC CVE-2019-11358 - https://github.com/24parida/FtcRobotController-master CVE-2019-11358 - https://github.com/24pparikh/TechIntel2020-2021 CVE-2019-11358 - https://github.com/24pparikh/Test2 +CVE-2019-11358 - https://github.com/25alis/FTC-Game +CVE-2019-11358 - https://github.com/25auchak/Project-WISER +CVE-2019-11358 - https://github.com/25guptaa/FTCRepository_2021 +CVE-2019-11358 - https://github.com/26banera/Aarushi +CVE-2019-11358 - https://github.com/26girisi/FTCRepository1 +CVE-2019-11358 - https://github.com/26guptas/Shloka +CVE-2019-11358 - https://github.com/26guptas/UltimateGoal +CVE-2019-11358 - https://github.com/26mayyav/Vaishnavi +CVE-2019-11358 - https://github.com/26moorca/Repository-Name +CVE-2019-11358 - https://github.com/26turnea/First-Tech-Challenge +CVE-2019-11358 - https://github.com/26vaidha/season2021 +CVE-2019-11358 - https://github.com/26zhenga/Code-Stuff CVE-2019-11358 - https://github.com/3397/FTC-2022 CVE-2019-11358 - https://github.com/3658BOSONS/UG3 CVE-2019-11358 - https://github.com/4H-Botsmiths/FTC-18693-Freight-Frenzy @@ -22838,25 +24102,32 @@ CVE-2019-11358 - https://github.com/5015BuffaloWings-FTC/road-runner-quickstart CVE-2019-11358 - https://github.com/535tobor/TestBotRC7.1 CVE-2019-11358 - https://github.com/5484-Enderbots-FTC/Ultimate-Goal CVE-2019-11358 - https://github.com/5667-Robominers/FtcRobotController-master +CVE-2019-11358 - https://github.com/6369Designosars/Summer_Software_6.2 CVE-2019-11358 - https://github.com/8097-Botcats/21-22-Code CVE-2019-11358 - https://github.com/8097-Botcats/NEWrobotSDK CVE-2019-11358 - https://github.com/AHS-Robotics-Club/10396-Ultimate-Goal CVE-2019-11358 - https://github.com/AHS-Robotics-Club/12864-Freight-Frenzy CVE-2019-11358 - https://github.com/AHS-Robotics-Club/12864-UltimateGoal +CVE-2019-11358 - https://github.com/AHS-Robotics-Club/9686-FreightFrenzy CVE-2019-11358 - https://github.com/AIMAcademy/9997-FTC-2020 CVE-2019-11358 - https://github.com/AJPietan/FtcRobotController-master CVE-2019-11358 - https://github.com/AJain862/MechaMantisesFTC2021 CVE-2019-11358 - https://github.com/AJain862/NewRobotMechaMantises CVE-2019-11358 - https://github.com/AJmods/UltimateGoal6547_V2 +CVE-2019-11358 - https://github.com/ASethi04/Camera-Project CVE-2019-11358 - https://github.com/ASethi04/FTC6931-2021 CVE-2019-11358 - https://github.com/AbbyW89/something-real CVE-2019-11358 - https://github.com/AbyssOnGFuel/FTC-10332-TeamCode CVE-2019-11358 - https://github.com/Adna-Robotics/FTC-2020 +CVE-2019-11358 - https://github.com/AfraIsNotAvailable/Phoenix62 CVE-2019-11358 - https://github.com/AlessioToniolo/FTC-PID CVE-2019-11358 - https://github.com/Alokxmathur/FreightFrenzy CVE-2019-11358 - https://github.com/Alokxmathur/SilverTitans2020-2021 CVE-2019-11358 - https://github.com/Alokxmathur/UltimateGoal CVE-2019-11358 - https://github.com/AlphaBit-137/AlphaBit_RO137_FreightFrenzy_Code +CVE-2019-11358 - https://github.com/AlphaBit-137/AphaBit_RO137_UltimateGoal_Code +CVE-2019-11358 - https://github.com/AlphaBit-137/Freight_Frenzy_new_test_code +CVE-2019-11358 - https://github.com/Amanzegreat1/UltimateGoal CVE-2019-11358 - https://github.com/Andover-Robotics/10331-Ultimate-Goal2 CVE-2019-11358 - https://github.com/Andrew-Renfro/Andrew-Renfro CVE-2019-11358 - https://github.com/AndrewF1234/ftc_2022_0117 @@ -22876,23 +24147,32 @@ CVE-2019-11358 - https://github.com/Asaphfirst/2021-2 CVE-2019-11358 - https://github.com/AsianKoala/FTC_14607_new CVE-2019-11358 - https://github.com/AtticFanatics14079/FreightFrenzy CVE-2019-11358 - https://github.com/AtticFanatics14079/UltimateGoal +CVE-2019-11358 - https://github.com/AtticFanatics14079/UltimateGoalFanatics +CVE-2019-11358 - https://github.com/AuslinD/rookiecamp2021 CVE-2019-11358 - https://github.com/AusreisserSF/FtcUltimateGoal CVE-2019-11358 - https://github.com/Avyuuu/Philobots-2020-2021 CVE-2019-11358 - https://github.com/Awesomeness278/UltimateGoal2020-2021 CVE-2019-11358 - https://github.com/AwesomestCode/FtcRobotController +CVE-2019-11358 - https://github.com/AyaanNazir/RogueResistProject2020-2021 CVE-2019-11358 - https://github.com/AyaanNazir/StaticVoid-master7.0 +CVE-2019-11358 - https://github.com/AyaanNazir/StaticVoid6.2 CVE-2019-11358 - https://github.com/BJJmaster316/Henryrepo CVE-2019-11358 - https://github.com/BSG9432/BSGFreightFrenzy CVE-2019-11358 - https://github.com/BSG9432/CargoCraze +CVE-2019-11358 - https://github.com/BSG9432/Ultimate-Goal-2020-2021 CVE-2019-11358 - https://github.com/BaCoNeers/UltimateGoal CVE-2019-11358 - https://github.com/Bacon14212/First-tech CVE-2019-11358 - https://github.com/Bagel03/Dread-Bytes-2020 CVE-2019-11358 - https://github.com/Balabot15358/FreightFrenzy +CVE-2019-11358 - https://github.com/Bartimus03/RoboticsCode CVE-2019-11358 - https://github.com/Bay-Bots/FTC-Ultimate-Goal CVE-2019-11358 - https://github.com/Beastmodexol/UltronsMatrix CVE-2019-11358 - https://github.com/BeckettOBrien/FreightFrenzyRobotController CVE-2019-11358 - https://github.com/BeeGuyDude/2021-Pre-Olympia-FTC-Template +CVE-2019-11358 - https://github.com/BeeGuyDude/Nautilus-Nation-2021 +CVE-2019-11358 - https://github.com/BeeGuyDude/Vision-Presentation-Testing CVE-2019-11358 - https://github.com/Ben8176/BensTest +CVE-2019-11358 - https://github.com/Ben8176/Skystone2021 CVE-2019-11358 - https://github.com/BenFTC/BenFtc CVE-2019-11358 - https://github.com/BlackOps10373/FreightFrenzy CVE-2019-11358 - https://github.com/Blue-Chariots-of-Fire/FTC-2020-21-Ultimate-Goal @@ -22906,7 +24186,10 @@ CVE-2019-11358 - https://github.com/BossBots/DriveTrain CVE-2019-11358 - https://github.com/BossBots/FreightFrenzy CVE-2019-11358 - https://github.com/BotcatsSoftware/Ultimate-Goal-SDK CVE-2019-11358 - https://github.com/BotcatsSoftware/Ultimate-Goal-SDK-master +CVE-2019-11358 - https://github.com/BotcatsSoftware/VirtualRobotMaster2020 +CVE-2019-11358 - https://github.com/BradenSiegal/Java9-6-20 CVE-2019-11358 - https://github.com/BradenSiegal/Ultimate-Goal +CVE-2019-11358 - https://github.com/Brickwolves/CC21 CVE-2019-11358 - https://github.com/Brickwolves/LR20 CVE-2019-11358 - https://github.com/BruinBots/UltimateGoal CVE-2019-11358 - https://github.com/BuffaloWings-5015/FtcGamechangerUpdated @@ -22918,6 +24201,7 @@ CVE-2019-11358 - https://github.com/CC-Early-College-High-School-Robotics/MeepMe CVE-2019-11358 - https://github.com/CC-Early-College-High-School-Robotics/comp3-6901-3-freightfrenzy CVE-2019-11358 - https://github.com/CHSrobotics21/FTCRobotController CVE-2019-11358 - https://github.com/CHSrobotics21/FtcRobotController-6.1_CHS2020-21 +CVE-2019-11358 - https://github.com/CHSrobotics21/TestBotProject CVE-2019-11358 - https://github.com/Cadmes-Creators-FTC/FTCFreightFrenzy CVE-2019-11358 - https://github.com/Cadmes-Creators-FTC/FTCUltimateGoal CVE-2019-11358 - https://github.com/Calabar-FTC/FTC_2022 @@ -22940,6 +24224,7 @@ CVE-2019-11358 - https://github.com/Chuvxjr/Phanton_FtcRobotController CVE-2019-11358 - https://github.com/ChuyChugh/ftc-2021 CVE-2019-11358 - https://github.com/Cl0ck21/CrowForce2021-2022 CVE-2019-11358 - https://github.com/Cl0ck21/HAL9001D-master +CVE-2019-11358 - https://github.com/ClashOfCoders/UltimateGoal-2020-2021 CVE-2019-11358 - https://github.com/Clayton-Toste/ScotboticsFreightFrenzy CVE-2019-11358 - https://github.com/CommandoRobotics/FTC6042_FreightFrenzy_2021 CVE-2019-11358 - https://github.com/CommandoRobotics/FTC6042_UltimateGoal_2020 @@ -22948,25 +24233,34 @@ CVE-2019-11358 - https://github.com/Cote411/15643-FTC-Code CVE-2019-11358 - https://github.com/CouGears/FTC_2021-2022 CVE-2019-11358 - https://github.com/Cris581416/18490-Season-2021 CVE-2019-11358 - https://github.com/Cud123/FTC-12241-Panther-Robotics-Code-Freight-Frenzy +CVE-2019-11358 - https://github.com/CyberPunkRobotics/ftc-ultimate-goal CVE-2019-11358 - https://github.com/CyberneticElks9567/FreightFrenzy CVE-2019-11358 - https://github.com/DCSPD-PantherRobotics/PantherRobotics_2022 CVE-2019-11358 - https://github.com/DanielRuf/snyk-js-jquery-174006 CVE-2019-11358 - https://github.com/DanielRuf/snyk-js-jquery-565129 CVE-2019-11358 - https://github.com/DarkMatter4150/FreightFrenzy2 +CVE-2019-11358 - https://github.com/DavidBNolen/Goal-BotFtc CVE-2019-11358 - https://github.com/DeanNevan/FtcRobotController-RBServer CVE-2019-11358 - https://github.com/Delta11225/11225FreightFrenzyObjectRecognition CVE-2019-11358 - https://github.com/DeltaRobotics-FTC/DR_20-21SDK6.1 +CVE-2019-11358 - https://github.com/DeltaRobotics-FTC/DR_2021_Offseason CVE-2019-11358 - https://github.com/DeltaRobotics-FTC/DR_2021_SDK_7.0 +CVE-2019-11358 - https://github.com/Devildogs11206/SummerCamp2021 +CVE-2019-11358 - https://github.com/Devildogs11206/UltimateGoal CVE-2019-11358 - https://github.com/Devin1Xbox/2020CCG-main CVE-2019-11358 - https://github.com/Devin34/TrailBlazer CVE-2019-11358 - https://github.com/DevoltRobotics/FreightFrenzy +CVE-2019-11358 - https://github.com/DhruvTryhard/Dhruv_Robot. CVE-2019-11358 - https://github.com/Dicu69/FTC- CVE-2019-11358 - https://github.com/DiegoPerez1441/FtcRobotController_DeusExMaquina CVE-2019-11358 - https://github.com/DiegoPerez1441/FtcRobotController_Hestia CVE-2019-11358 - https://github.com/DiegoPerez1441/FtcRobotController_Steminists +CVE-2019-11358 - https://github.com/DinVin24/FTC_cod_test CVE-2019-11358 - https://github.com/Dnemni/FTCJellyfishRobotController CVE-2019-11358 - https://github.com/Dnemni/FtcRobotController +CVE-2019-11358 - https://github.com/DolalaBanana/SkyStone-5.5 CVE-2019-11358 - https://github.com/DrIronfist/FTC +CVE-2019-11358 - https://github.com/DrPontificate/skystone CVE-2019-11358 - https://github.com/Dragon-Hatcher/UltimateGoalAutoDesignerTemplate CVE-2019-11358 - https://github.com/DragosBP/Teste CVE-2019-11358 - https://github.com/Dream-Machines-FTC16548/UltimateGoal @@ -22979,27 +24273,35 @@ CVE-2019-11358 - https://github.com/EastsidePreparatorySchool/FreightFrenzy CVE-2019-11358 - https://github.com/EastsidePreparatorySchool/UltimateGoal CVE-2019-11358 - https://github.com/Edgy13YearOld/pio2022 CVE-2019-11358 - https://github.com/Edward77-code/ftc_controll-master +CVE-2019-11358 - https://github.com/EdwardLiabc/Training-Project +CVE-2019-11358 - https://github.com/Eeshwar-Krishnan/RedesignedRobotcode CVE-2019-11358 - https://github.com/Eiline04/killme +CVE-2019-11358 - https://github.com/Ely31/control_hub_testing CVE-2019-11358 - https://github.com/Emerald-Knights/EK-2021-21 CVE-2019-11358 - https://github.com/Emerald-Knights/FreyhiteFrenzie +CVE-2019-11358 - https://github.com/EpRoboRaiders/AdamRobotController CVE-2019-11358 - https://github.com/EpRoboRaiders/freight-frenzy CVE-2019-11358 - https://github.com/EpRoboRaiders/freight-frenzy-test +CVE-2019-11358 - https://github.com/EricLottman/6.2ftc20-21-PADEMIC-EDITION-master CVE-2019-11358 - https://github.com/Esquimalt-Atom-Smashers/Chomper_not_working CVE-2019-11358 - https://github.com/Ethanporath/FtcRobotController-master CVE-2019-11358 - https://github.com/EvanBartekYeet/FTCRobitControlVNew CVE-2019-11358 - https://github.com/EvanBartekYeet/NewTestRambotics +CVE-2019-11358 - https://github.com/EvanCWolfe/VicRobotics2020-2021 CVE-2019-11358 - https://github.com/ExNihiloRobotics/FTC-Robot CVE-2019-11358 - https://github.com/ExcaliburGaming/2020Robotics CVE-2019-11358 - https://github.com/FIRE-Robotics-Old/FTCActual CVE-2019-11358 - https://github.com/FIRE-Robotics-Old/FTCTutorial CVE-2019-11358 - https://github.com/FIRE-Robotics-Old/UltimateGoal2021 CVE-2019-11358 - https://github.com/FIRE-Robotics/FreightFrenzy2022 +CVE-2019-11358 - https://github.com/FIRE-Robotics/UltimateGoal2021 CVE-2019-11358 - https://github.com/FIRST-4030/FTC-2020 CVE-2019-11358 - https://github.com/FIRST-4030/FTC-2021 CVE-2019-11358 - https://github.com/FIRST-Tech-Challenge/FtcRobotController CVE-2019-11358 - https://github.com/FIRST-Tech-Challenge/SkyStone CVE-2019-11358 - https://github.com/FIXIT3491/FTC_Sample CVE-2019-11358 - https://github.com/FIXIT3491/Freight_Frenzy_3491 +CVE-2019-11358 - https://github.com/FIXIT3491/Ultimate_Goal_3491 CVE-2019-11358 - https://github.com/FM493RS-FTC-Team-16944/Ultimate-Goal CVE-2019-11358 - https://github.com/FPDRobotics/Gen2 CVE-2019-11358 - https://github.com/FRC1410/FTC18677-2021 @@ -23010,6 +24312,7 @@ CVE-2019-11358 - https://github.com/FRCTeam4069/FTC16415-UltimateGoal CVE-2019-11358 - https://github.com/FRCTeam4069/FTC2020 CVE-2019-11358 - https://github.com/FTC-10195/FTC-10195-2021-2022 CVE-2019-11358 - https://github.com/FTC-16360-RC/FTC-16360-2022 +CVE-2019-11358 - https://github.com/FTC-18140/JavaClass CVE-2019-11358 - https://github.com/FTC-18477-21-22/Freight-Frenzy-2021 CVE-2019-11358 - https://github.com/FTC-18568/2021-2022-TeamCode CVE-2019-11358 - https://github.com/FTC-18663/2020 @@ -23017,6 +24320,7 @@ CVE-2019-11358 - https://github.com/FTC-327/Ultimate-Goal-Dev-FTC-327 CVE-2019-11358 - https://github.com/FTC-9277/9777FTCRobotController-FreightFrenzy CVE-2019-11358 - https://github.com/FTC-9974-THOR/Ultimate_Goal CVE-2019-11358 - https://github.com/FTC-Aztechs/Sgeophrii_UltimateGoal-master +CVE-2019-11358 - https://github.com/FTC-Freight-Frenzy-Software/Arinjay-Repository CVE-2019-11358 - https://github.com/FTC-Freight-Frenzy-Software/MasterSoftware CVE-2019-11358 - https://github.com/FTC-Gaelstrom/Gaelstrom2021-2022 CVE-2019-11358 - https://github.com/FTC-Gaelstrom/ModifiedGaelstrom2021-2022 @@ -23037,22 +24341,27 @@ CVE-2019-11358 - https://github.com/FTC6567RoboRaiders/RoboRaiders_2021_2022_ftc CVE-2019-11358 - https://github.com/FTC6934/2021-2022FreightFrenzy CVE-2019-11358 - https://github.com/FTC7729/2020-FTC-UltimateGoal CVE-2019-11358 - https://github.com/FTC8535-SuperNova/2022_21_FreightFrenzy_8535 +CVE-2019-11358 - https://github.com/FTC9013/Team-9013-ftc_app-2020-2021 CVE-2019-11358 - https://github.com/FTC9182/FTC9182-2021-2022 CVE-2019-11358 - https://github.com/FTC9837/FTC9837_UltimateGoal CVE-2019-11358 - https://github.com/FTC9889/CC_9889_2020_2021 CVE-2019-11358 - https://github.com/FTCJoeBots/2020-JoeBots-Training-Ground +CVE-2019-11358 - https://github.com/FTCNinjabots/Ninjabots-Freight-Frenzy-2021-22 CVE-2019-11358 - https://github.com/FTCNinjabots/NinjabotsFinalFF2022 CVE-2019-11358 - https://github.com/FTCPiRhos/UltimateGoal CVE-2019-11358 - https://github.com/FTCPlanB-5309/Freight-Frenzy CVE-2019-11358 - https://github.com/FTCTeam7610-Software/7610-Software-Version-7.1 CVE-2019-11358 - https://github.com/FTCTeam7610-Software/7610Software-7.1 CVE-2019-11358 - https://github.com/FUTURE-FTC10366/FTCFreightFrenzy-2021-22 +CVE-2019-11358 - https://github.com/FaltechFTC/FtcRobotController2122 CVE-2019-11358 - https://github.com/Firelement/FTC-Team-11308-Ultimate-Goal CVE-2019-11358 - https://github.com/FlamingPhoenix/FP_7423_FreightFrenzy CVE-2019-11358 - https://github.com/FlamingPhoenix/FP_7423_UltimateGoal CVE-2019-11358 - https://github.com/Friends-Robotics/main-robot-repo CVE-2019-11358 - https://github.com/Fries2005/FTCTesting21223 +CVE-2019-11358 - https://github.com/Frits-Philips-Robotics-Team/16383ultimate CVE-2019-11358 - https://github.com/Frits-Philips-Robotics-Team/ultGoal16383 +CVE-2019-11358 - https://github.com/Ftc-19374/ftc_robot_controller_6.2_ug CVE-2019-11358 - https://github.com/Ftc-EmekHefer11226/Robot2021 CVE-2019-11358 - https://github.com/Ftcamb-Al/FtcRobotController16049 CVE-2019-11358 - https://github.com/FullMetalFalcons/FTC-2020-UltimateGoal-15668 @@ -23069,13 +24378,20 @@ CVE-2019-11358 - https://github.com/Gluons-5439/FtcRobotController-7.0 CVE-2019-11358 - https://github.com/Gluons-5439/FtcRobotController6.0 CVE-2019-11358 - https://github.com/Gluons-5439/UltimateGoal6.0 CVE-2019-11358 - https://github.com/Grant12345/9956UlitmateGoalv3 +CVE-2019-11358 - https://github.com/Grant12345/FTC-2020-Ultimate-Goal CVE-2019-11358 - https://github.com/HAPPYCOWDANCE/FTC-test CVE-2019-11358 - https://github.com/HCROBOTICS/ftc-ultimate-goal +CVE-2019-11358 - https://github.com/HHS-Robotics-Archive/FtcRCWorkshop CVE-2019-11358 - https://github.com/Hav0k42/FTC-2020-Ultimate-Goal CVE-2019-11358 - https://github.com/HazenRobotics/freight-frenzy +CVE-2019-11358 - https://github.com/HazenRobotics/tile-runner +CVE-2019-11358 - https://github.com/Herberger-Robotics/2020-2021-JAVELINAS-SKYSTONE +CVE-2019-11358 - https://github.com/Herberger-Robotics/2020-2021-SKYSTONE CVE-2019-11358 - https://github.com/Herberger-Robotics/HOWLERS CVE-2019-11358 - https://github.com/Herberger-Robotics/HOWLERS2021-2022 +CVE-2019-11358 - https://github.com/Herberger-Robotics/practicerepo CVE-2019-11358 - https://github.com/Heroberg1-zz/FtcRobotController-master-Update-6.1 +CVE-2019-11358 - https://github.com/HerveSV/FTC_PantherRobotics_2021 CVE-2019-11358 - https://github.com/Hi-TechHornets/Ultimate-Goal CVE-2019-11358 - https://github.com/HighOakRobotics/11392UltimateGoal CVE-2019-11358 - https://github.com/HighOakRobotics/16457FreightFrenzy @@ -23084,9 +24400,12 @@ CVE-2019-11358 - https://github.com/HiiDeff/Duck CVE-2019-11358 - https://github.com/Hopkins-Robotics-Gray-12377/freight-frenzy-12377 CVE-2019-11358 - https://github.com/IEsneault/FreightFrenzy CVE-2019-11358 - https://github.com/IEsneault/FreightFrenzy_2.0 +CVE-2019-11358 - https://github.com/IEsneault/UltimateGoal61-master CVE-2019-11358 - https://github.com/INH14084/14084FreightFrenzyCode CVE-2019-11358 - https://github.com/ITheo154/control-robot-ultimategoal +CVE-2019-11358 - https://github.com/Iamshlokagupta/Ultimategoal_2021 CVE-2019-11358 - https://github.com/IconManiacsFTC/2020-FTC-UltimateGoal-master +CVE-2019-11358 - https://github.com/Ilgneous/Trollbot4546 CVE-2019-11358 - https://github.com/Im-not-a-bot/roboPiotr CVE-2019-11358 - https://github.com/Innov8FIRST/UltimateGoal CVE-2019-11358 - https://github.com/InspirationRobotics/inspiration_ftc @@ -23095,10 +24414,12 @@ CVE-2019-11358 - https://github.com/IronEaglesRobotics/FreightFrenzy CVE-2019-11358 - https://github.com/IronReign/FreightFrenzyPipeline CVE-2019-11358 - https://github.com/Isaac4321/Chomper CVE-2019-11358 - https://github.com/Isabella6776/FreightFrenzy +CVE-2019-11358 - https://github.com/IsaiahMcChen/FtcRobotController-master CVE-2019-11358 - https://github.com/ItsSamm/MinimumWagersRepo-master CVE-2019-11358 - https://github.com/ItzBlackMagma/Team-6189-Code-Updated CVE-2019-11358 - https://github.com/JCharatCollins/RoboRavens-UltimateGoal CVE-2019-11358 - https://github.com/JIceberg/FTCLib-Dependency-Tests +CVE-2019-11358 - https://github.com/JLee-Sin/EHSFTC CVE-2019-11358 - https://github.com/JWu0126/FTC-519-2021 CVE-2019-11358 - https://github.com/JWu0126/Updated-FTC-519-2021 CVE-2019-11358 - https://github.com/JaanviC25/GeneralRelativity21-22 @@ -23113,21 +24434,29 @@ CVE-2019-11358 - https://github.com/Java-Like-Its-Hot-Robotics/Freight-Frenzy CVE-2019-11358 - https://github.com/JayZeeKay/GGRepo CVE-2019-11358 - https://github.com/JebShortly/ftc-2022-frieght-frenzy CVE-2019-11358 - https://github.com/Jellyfish4654/FreightFrenzy +CVE-2019-11358 - https://github.com/Jfee04/Team_1_Skystone +CVE-2019-11358 - https://github.com/Johnson-Tan/Wrench-Toast-2k20 CVE-2019-11358 - https://github.com/JollyBlue19823/FtcRobotics +CVE-2019-11358 - https://github.com/Jotaroswifuhehe/FtcRobotController-master CVE-2019-11358 - https://github.com/JoxerMoe2/FTC14084FreightFrenzyCodeStore CVE-2019-11358 - https://github.com/Jschuetzle/SwampBotsCode CVE-2019-11358 - https://github.com/JustJax01/Keene-High-Robotics CVE-2019-11358 - https://github.com/Juyoung0701/FtcRobotController-master CVE-2019-11358 - https://github.com/Kalyani12849/FTC2021 CVE-2019-11358 - https://github.com/Katuna/FtcRC_Islandbots +CVE-2019-11358 - https://github.com/Kdhupar21/ELITEUltimategoal CVE-2019-11358 - https://github.com/KennedyRoboEagles/FTC2021-FreightFrenzy CVE-2019-11358 - https://github.com/Kimzs/FirstT CVE-2019-11358 - https://github.com/Knights8081/UltimateGoal +CVE-2019-11358 - https://github.com/KnutP/UltimateGoal_Ri30H +CVE-2019-11358 - https://github.com/KorayAgaya/TrivyWeb CVE-2019-11358 - https://github.com/KuriosityRobotics/UltimateGoal CVE-2019-11358 - https://github.com/KyleeCopeland/FTCFreightFrenzy CVE-2019-11358 - https://github.com/LaSalleRobots/Freight-Frenzy CVE-2019-11358 - https://github.com/LakehillBionicles/FreightFrenzy_1 +CVE-2019-11358 - https://github.com/LakehillBionicles/UltimateGoal_1 CVE-2019-11358 - https://github.com/LaneStanley/Garnet-Squadron-Freight-Frenzy +CVE-2019-11358 - https://github.com/LauraE4/LauraE CVE-2019-11358 - https://github.com/LegendarySwift123/UGBasic CVE-2019-11358 - https://github.com/LegendarySwift123/UGScrimmage5 CVE-2019-11358 - https://github.com/LenickTan/20-21ultgaol @@ -23140,6 +24469,7 @@ CVE-2019-11358 - https://github.com/LightningHawks6032/Ultimate_Goal_2020-21- CVE-2019-11358 - https://github.com/LightningShock11/Robot-X-FTC-2020-2021 CVE-2019-11358 - https://github.com/LightningShock11/Robot-X-FTC-2021-2022 CVE-2019-11358 - https://github.com/LillyFrazee05/FtcRobotController-master +CVE-2019-11358 - https://github.com/LincolnRoboticsFTC14298/FtcRobotController2020-21 CVE-2019-11358 - https://github.com/LoganLeeTwentyThree/13348_auto_code CVE-2019-11358 - https://github.com/LostInTime4324/2020-2021-code CVE-2019-11358 - https://github.com/LostInTime4324/LIT_2021-2022 @@ -23148,6 +24478,7 @@ CVE-2019-11358 - https://github.com/LucasFeldsien/UltimateGoal CVE-2019-11358 - https://github.com/LucyHarrison/FTC2021-girlboss CVE-2019-11358 - https://github.com/Lunerwalker2/FreightFrenzy1002 CVE-2019-11358 - https://github.com/Lunerwalker2/SwerveDriveTesting +CVE-2019-11358 - https://github.com/Lydia356/Sensors CVE-2019-11358 - https://github.com/Lynx-Robotics/LynxRobotics2020-2021 CVE-2019-11358 - https://github.com/LyricalMoon764/UltimateGoal CVE-2019-11358 - https://github.com/M-Karamambo/FTC-OffSeason-2022 @@ -23155,8 +24486,10 @@ CVE-2019-11358 - https://github.com/MA18548/UltimateGoal CVE-2019-11358 - https://github.com/MHS-FTC/chronobreak-20-21 CVE-2019-11358 - https://github.com/MHS-FTC/chronobreak-21-22 CVE-2019-11358 - https://github.com/MICDSRobotics-9911/Ramifications-Robot-Code +CVE-2019-11358 - https://github.com/MLin2071/FtcRobotController-6.2 CVE-2019-11358 - https://github.com/MOCOSTUDS/Studs2022 CVE-2019-11358 - https://github.com/MachineKings/MKFreightFrenzy +CVE-2019-11358 - https://github.com/MagicMonkyBoy/8204RobotCode CVE-2019-11358 - https://github.com/MagicMonkyBoy/8204RobotCode20-21 CVE-2019-11358 - https://github.com/MasterH6168/freight-frenzy-2021-2022- CVE-2019-11358 - https://github.com/Mau-MD/Voltrons2022 @@ -23166,8 +24499,12 @@ CVE-2019-11358 - https://github.com/MechanicalManiacs/OffSeasonUltimateGoal CVE-2019-11358 - https://github.com/MechanicalMonkeys/FreightFrenzy CVE-2019-11358 - https://github.com/MechanicalParadox/FtcUGRobotController CVE-2019-11358 - https://github.com/Meeeee6623/Ultimate-Goal-Dev-FTC-327 +CVE-2019-11358 - https://github.com/Melanie5710/Melanie2 +CVE-2019-11358 - https://github.com/Melanie5710/MelanieM CVE-2019-11358 - https://github.com/Meschdog18/khs-robotics-2022 CVE-2019-11358 - https://github.com/MiSalocin/BahTech-UltimateGoal +CVE-2019-11358 - https://github.com/Michael-the-Hutt/SkyStone +CVE-2019-11358 - https://github.com/Michaellsterk/FTC_UltimateGoal_2020-21 CVE-2019-11358 - https://github.com/MidnightRiver/FtcRobotController-15374 CVE-2019-11358 - https://github.com/MijaWheeler/FF_4 CVE-2019-11358 - https://github.com/MijaWheeler/FF_Test2 @@ -23175,10 +24512,13 @@ CVE-2019-11358 - https://github.com/MijaWheeler/FFtest2 CVE-2019-11358 - https://github.com/MijaWheeler/TestFF CVE-2019-11358 - https://github.com/MijaWheeler/UltimateGoal_FTC2020 CVE-2019-11358 - https://github.com/MilpitasRobotics/0669FTCUltimateGoal +CVE-2019-11358 - https://github.com/MishalMalik05/Training- CVE-2019-11358 - https://github.com/Mona-Shores-FTC-Robotics/Freight-Frenzy CVE-2019-11358 - https://github.com/MondayLXJ/FreightFrenzy-2022-master CVE-2019-11358 - https://github.com/MortalXDTroll/FtcRobotController-masterMXT +CVE-2019-11358 - https://github.com/Mosrod/BlueprintUltimateGoalFTC CVE-2019-11358 - https://github.com/MostlyOperational18119/FreightFrenzy-OpenCV +CVE-2019-11358 - https://github.com/MotamoRO/CodeForFTC2021 CVE-2019-11358 - https://github.com/MrPy5/FtcRobotController-master CVE-2019-11358 - https://github.com/Mukdonalds/IconManiacsQualifier2-master CVE-2019-11358 - https://github.com/NBPS-Robotics/FTC-Code-Team-9987-2022 @@ -23187,27 +24527,35 @@ CVE-2019-11358 - https://github.com/NBPS-Robotics/FTC_Ultimate_Goal_Eaglebotics_ CVE-2019-11358 - https://github.com/NDCLRobotics/2021-UltimateGoal CVE-2019-11358 - https://github.com/NDCLRobotics/2022-FreightFrenzy CVE-2019-11358 - https://github.com/NDRoboknights/FTC-UG-2021 +CVE-2019-11358 - https://github.com/NKKFu/bootz-code-2021 CVE-2019-11358 - https://github.com/NKKFu/roboot-ftc-code-2021 CVE-2019-11358 - https://github.com/NT2006/Ftc-vc +CVE-2019-11358 - https://github.com/NULLtm/OptimizedFTC CVE-2019-11358 - https://github.com/NateVonHagen/teststuff CVE-2019-11358 - https://github.com/NathanKe/CoachBotFreightFrenzy CVE-2019-11358 - https://github.com/Naumanbo/FreightFrenzyTeam7006 CVE-2019-11358 - https://github.com/Naumanbo/Robot CVE-2019-11358 - https://github.com/Naumanbo/Team7006 CVE-2019-11358 - https://github.com/NawaPlayz/symmetrical-chainsaw +CVE-2019-11358 - https://github.com/NayaL-26/FtcRobotController-master CVE-2019-11358 - https://github.com/NedMihnea/CODU-FREIGHT-FRENZY CVE-2019-11358 - https://github.com/Nerdettes/FTCRobotController CVE-2019-11358 - https://github.com/NerdyNarwhalPro/2020-21-UltimateGoal +CVE-2019-11358 - https://github.com/NicholasBlackburn1/Ftc-SKyStone-2020-2021 CVE-2019-11358 - https://github.com/Nikarton123/FTCUltimateGoal CVE-2019-11358 - https://github.com/NotJosh12835/freight-frenzy CVE-2019-11358 - https://github.com/NovaKnight14691/ftc14691-disabled CVE-2019-11358 - https://github.com/NovaKnight14691/ftc_14691 +CVE-2019-11358 - https://github.com/NuclearLion/SoftHoardersUG +CVE-2019-11358 - https://github.com/NuclearLion/SoftHoardersUG2 CVE-2019-11358 - https://github.com/NutAndBoltz/FreightFrenzy CVE-2019-11358 - https://github.com/OHSrobots/2021-2022-Season CVE-2019-11358 - https://github.com/OMEGA-FTC9110/FTCFreightFrenzy-2021-22 CVE-2019-11358 - https://github.com/OhBoyItsFrancis/ReMOEte-FtcRobotController CVE-2019-11358 - https://github.com/OlybotRobotics/FTCRobotController +CVE-2019-11358 - https://github.com/OnkarSama/FTC CVE-2019-11358 - https://github.com/Opgorg/FrieghtFrenzyMW +CVE-2019-11358 - https://github.com/OrigamiYoda/ftcVersionControlDemo CVE-2019-11358 - https://github.com/OurGreatLeaderEason/MyRepo CVE-2019-11358 - https://github.com/OutoftheBoxFTC/UltimateGoal6.1 CVE-2019-11358 - https://github.com/OverlakeRobotics/Nocturnal-2020-Ultimate-Goal @@ -23222,10 +24570,14 @@ CVE-2019-11358 - https://github.com/PCrocketrobotics/UltimateGoal CVE-2019-11358 - https://github.com/PHREDRobotics/FTC8892_2021 CVE-2019-11358 - https://github.com/PMBradley/CtRW_Code_2020 CVE-2019-11358 - https://github.com/ParagonFTC/freight-frenzy +CVE-2019-11358 - https://github.com/ParagonFTC/ftc18326-2021 +CVE-2019-11358 - https://github.com/ParagonFTC/summer-2021-training CVE-2019-11358 - https://github.com/ParagonFTC/ultimate-goal CVE-2019-11358 - https://github.com/Patrick-McGuire/FTC-2020 CVE-2019-11358 - https://github.com/Patriotic-Robotics-6372/FreightFrenzy +CVE-2019-11358 - https://github.com/Patriotic-Robotics-6372/FreightFrenzy-old CVE-2019-11358 - https://github.com/Patriotic-Robotics-6372/UltimateGoal +CVE-2019-11358 - https://github.com/Patriotic-Robotics-6372/UltimateGoal-old CVE-2019-11358 - https://github.com/PaulFong1/21-22_FTC16887 CVE-2019-11358 - https://github.com/PaulFong1/fright-frazy CVE-2019-11358 - https://github.com/PaulHenrik/Sandbox_UltimateGoal @@ -23251,6 +24603,7 @@ CVE-2019-11358 - https://github.com/ProjectPeacock/FreightFrenzy2021-2022 CVE-2019-11358 - https://github.com/PureTrippH/FreeShippingController CVE-2019-11358 - https://github.com/PurpleCircuits/FTC_2020-2021 CVE-2019-11358 - https://github.com/QASMT-FTC/FTC-13626-Team2 +CVE-2019-11358 - https://github.com/R3Vipers/test CVE-2019-11358 - https://github.com/RO028-ArchiTechs/Game-Changers-ArchiTechs CVE-2019-11358 - https://github.com/RaSky-122/FreightFrenzy_RCv7 CVE-2019-11358 - https://github.com/RahulB640/FTCFreightFrenzy2021-2022 @@ -23260,16 +24613,21 @@ CVE-2019-11358 - https://github.com/RapidRobots/FtcRobotController CVE-2019-11358 - https://github.com/RaresLiscan/freight-frenzy CVE-2019-11358 - https://github.com/RaresLiscan/ftc-ultimate-goal CVE-2019-11358 - https://github.com/RazvanVictor/ftc-version-control-demo +CVE-2019-11358 - https://github.com/Redfalcon5-ai/7172-Offseason2021 CVE-2019-11358 - https://github.com/Redlion010/4546-21 CVE-2019-11358 - https://github.com/RisingNinjas16391/FreightFrenzy CVE-2019-11358 - https://github.com/RoBuffs/2021-Controller +CVE-2019-11358 - https://github.com/Robert007-23/2020UG CVE-2019-11358 - https://github.com/Robin-924/SV6990FF +CVE-2019-11358 - https://github.com/RoboDilbert/2020UltimateGoal CVE-2019-11358 - https://github.com/RoboDilbert/2021FreightFrenzy CVE-2019-11358 - https://github.com/RoboKnights-FTC112/FTC-2018-White CVE-2019-11358 - https://github.com/RoboStars/FTC-real-robostars +CVE-2019-11358 - https://github.com/RoboStars/FTCTeamCode21-22 CVE-2019-11358 - https://github.com/Robosapiens-20/FTC-Ultimate-Goal-Robosapiens CVE-2019-11358 - https://github.com/Robot-X-4969/Robot-X-FTC-2021-2022 CVE-2019-11358 - https://github.com/Robot-X-4969/RobotX-FTC-2021-2022v2 +CVE-2019-11358 - https://github.com/Robot-X-4969/RobotX2021-2022 CVE-2019-11358 - https://github.com/Robot-X-4969/RobotX2021-22MiniBot CVE-2019-11358 - https://github.com/Robot-X-4969/robotx21-22 CVE-2019-11358 - https://github.com/RobotIGS/FTC11515_UltimateGoal @@ -23278,14 +24636,17 @@ CVE-2019-11358 - https://github.com/Robotic-Lancers/UltimateGoal2021 CVE-2019-11358 - https://github.com/RogueResistance/Meet4RR CVE-2019-11358 - https://github.com/RonakChaudhuri/FTC_Code_6200 CVE-2019-11358 - https://github.com/Rownee/UltimateGoal +CVE-2019-11358 - https://github.com/Rshah2067/2020-FTC-UltimateGoal-master CVE-2019-11358 - https://github.com/RuthGajj05/FtcRobotController-master CVE-2019-11358 - https://github.com/SACHSTech/FTC19446-TTG CVE-2019-11358 - https://github.com/SACHSTech/FTC19447-TT2EB +CVE-2019-11358 - https://github.com/SARossi1/SkyStone-master CVE-2019-11358 - https://github.com/SCHS-Robotics/Crow-Force-2020-2021-SCHS CVE-2019-11358 - https://github.com/SCHS-Robotics/HAL9001 CVE-2019-11358 - https://github.com/SCHSRaiderbots/UltimateGoal CVE-2019-11358 - https://github.com/SHP-Robotics/16886-Code-FreightFrenzy CVE-2019-11358 - https://github.com/SHP-Robotics/BaseBot-Template +CVE-2019-11358 - https://github.com/SHP-Robotics/base-bot-new CVE-2019-11358 - https://github.com/SV612/FTC9830CVHS CVE-2019-11358 - https://github.com/SaiBossUltra/UltimateGoal-Sai CVE-2019-11358 - https://github.com/SaladQueeny/FTC_KTM_2020_2021_ExpansionHub_6_1 @@ -23296,6 +24657,7 @@ CVE-2019-11358 - https://github.com/Satgoy152/FreightFrenzy CVE-2019-11358 - https://github.com/SchillingW/FtcFreightFrenzy_2021_2022 CVE-2019-11358 - https://github.com/SchillingW/FtcUltimateGoal_2020-2021 CVE-2019-11358 - https://github.com/SchillingW/PatentPending_14384_2021_FtcFreightFrenzy_7.0 +CVE-2019-11358 - https://github.com/Sci-Fighters-Tel-Mond/Temp-Repo CVE-2019-11358 - https://github.com/Seb-Robochoa/RogueResistanceUG CVE-2019-11358 - https://github.com/SelinaArjomand/2021-FTC-UltimateGoal-master CVE-2019-11358 - https://github.com/SequoiaRobotics/FtcRobotController-2021-4475 @@ -23303,26 +24665,34 @@ CVE-2019-11358 - https://github.com/SequoiaRobotics/FtcRobotController-2021-9578 CVE-2019-11358 - https://github.com/SequoiaRobotics/FtcRobotController-2021-gc CVE-2019-11358 - https://github.com/Servo-Stressers/FTC-Robot CVE-2019-11358 - https://github.com/Serylda/503RoadJopper +CVE-2019-11358 - https://github.com/Serylda/Temporary-11503UltimateGoal +CVE-2019-11358 - https://github.com/ShinigamiHiruzen/SteamOs +CVE-2019-11358 - https://github.com/ShivenV/FTC-FREIGHT-FRENZY-2021-22 CVE-2019-11358 - https://github.com/ShrishChou/BioBotsFreightFrenzy CVE-2019-11358 - https://github.com/SilasBehnke/UltimateGoal CVE-2019-11358 - https://github.com/SilkPDX/New7100Controller CVE-2019-11358 - https://github.com/SoftHoardersOG/FreightFrenzy7 +CVE-2019-11358 - https://github.com/SoftHoardersOG/UlltimateGoalNational CVE-2019-11358 - https://github.com/SoftHoardersOG/UltimateGoal2020 CVE-2019-11358 - https://github.com/Sova-Tech/FTC-2021-2022 CVE-2019-11358 - https://github.com/SpaceWalkr808/omegabots_2022 CVE-2019-11358 - https://github.com/Spanini2/idk CVE-2019-11358 - https://github.com/StamatieMihnea/UltimateGoal2020 +CVE-2019-11358 - https://github.com/StamatieMihnea/UltimateGoalSoftHoarders CVE-2019-11358 - https://github.com/StevenKuna/2021-FTC-Freight-Frenzy CVE-2019-11358 - https://github.com/SuhasB1/eftc CVE-2019-11358 - https://github.com/SuperNovaX100/ftc-wagar-2020 CVE-2019-11358 - https://github.com/Superman132/StaticDischargeCode CVE-2019-11358 - https://github.com/Supernova11567/Robot2021 +CVE-2019-11358 - https://github.com/SuperstellarHannah/WISER CVE-2019-11358 - https://github.com/Swampbots/FreightFrenzy +CVE-2019-11358 - https://github.com/Swampbots/UltimateGoal CVE-2019-11358 - https://github.com/Swampbots/UltimateGoal6.0 CVE-2019-11358 - https://github.com/T-Code07/FTC-LRCA-Joshua CVE-2019-11358 - https://github.com/TPNxl/ViridianUltimateGoal_Final CVE-2019-11358 - https://github.com/TToTheFourth/Fright-Frenzy CVE-2019-11358 - https://github.com/TToTheFourth/UltimateGoal +CVE-2019-11358 - https://github.com/TYW-da/FtcRobotController-master CVE-2019-11358 - https://github.com/Tarnegolden/Everglow2021-22 CVE-2019-11358 - https://github.com/Tatooine12201-ftc/ftc-21-22 CVE-2019-11358 - https://github.com/TausManifesto/FTC2021 @@ -23335,13 +24705,16 @@ CVE-2019-11358 - https://github.com/Team14561/FreightFrenzy CVE-2019-11358 - https://github.com/Team14561/UltimateGoal CVE-2019-11358 - https://github.com/Team2068/2021-ftc-code CVE-2019-11358 - https://github.com/Team2068/2021-ftc-one +CVE-2019-11358 - https://github.com/Team2338/TShirtCannon2021 CVE-2019-11358 - https://github.com/Team6633/TeamDrive CVE-2019-11358 - https://github.com/Team7593/FreightFrenzy +CVE-2019-11358 - https://github.com/TeamRobotux/UltimateGoal CVE-2019-11358 - https://github.com/TeamRoundedCube/FreightFrenzy21-22 CVE-2019-11358 - https://github.com/TeodorRuse/Test2 CVE-2019-11358 - https://github.com/Tevillo/FtcRobotController CVE-2019-11358 - https://github.com/The-Dynabots/Freight-Frenzy CVE-2019-11358 - https://github.com/The-Innovation-Story/FreightFrenzy_FTC +CVE-2019-11358 - https://github.com/The-Knights-of-Ni/Skystone2020 CVE-2019-11358 - https://github.com/The-Knights-of-Ni/UltimateGoal2021_6.2 CVE-2019-11358 - https://github.com/TheCometH/FtcRobotController-master CVE-2019-11358 - https://github.com/TheCoolGuy123/FrieghtFrenzy-Controller_and_Autonomous_Test @@ -23351,6 +24724,8 @@ CVE-2019-11358 - https://github.com/TheRookies-18508/TheRookiesUltimateGoal CVE-2019-11358 - https://github.com/TheronAma/Freight-Frenzy CVE-2019-11358 - https://github.com/TheronAma/Freight-Frenzy-Ri2W CVE-2019-11358 - https://github.com/TheronAma/Ultimate-Goal +CVE-2019-11358 - https://github.com/Thornado4/ftc-vc-test +CVE-2019-11358 - https://github.com/Thunderbots5604/2021-UltimateGoal-Final CVE-2019-11358 - https://github.com/Tiberiw/FTC_2021 CVE-2019-11358 - https://github.com/Tiberiw/Test1 CVE-2019-11358 - https://github.com/Tiberiw/Test2 @@ -23365,6 +24740,7 @@ CVE-2019-11358 - https://github.com/Trandaf03/FTC2022 CVE-2019-11358 - https://github.com/TrezzyOnCrack/FTC CVE-2019-11358 - https://github.com/TrojanDotEXE/FTC-Trojan.exe CVE-2019-11358 - https://github.com/TrojanDotEXE/Trojan.exe_148 +CVE-2019-11358 - https://github.com/TudorChirila11/cv-useless CVE-2019-11358 - https://github.com/TudorFerecus/Programare CVE-2019-11358 - https://github.com/TudorFerecus/Programare-Brave-Bots-Freight-Frenzy CVE-2019-11358 - https://github.com/TullyNYGuy/FtcRobotController @@ -23378,12 +24754,18 @@ CVE-2019-11358 - https://github.com/UnionRobotics/ftc6559_ultimategoal CVE-2019-11358 - https://github.com/UpliftRobotics/UltimateGoal18172 CVE-2019-11358 - https://github.com/VCInventerman/Sargon-FTC-2021-2022 CVE-2019-11358 - https://github.com/VamsiPasumarthi/14889-Team-Code +CVE-2019-11358 - https://github.com/VasuBanga12/FTCTest CVE-2019-11358 - https://github.com/Vector5233/UltimateGoal2 CVE-2019-11358 - https://github.com/VigneshSK17/9686-FreightFrenzy-Mecanum-Old +CVE-2019-11358 - https://github.com/VigneshSK17/TestingRepo +CVE-2019-11358 - https://github.com/Viridian-Roboics/ProgrammerPractice CVE-2019-11358 - https://github.com/VivenPuthenpurayil/2020UltimateGoal +CVE-2019-11358 - https://github.com/VivenPuthenpurayil/UltimateGoalStates CVE-2019-11358 - https://github.com/VladimirKaznacheiev/2020-FTC-UltimateGoal-6.0 +CVE-2019-11358 - https://github.com/Voltage16592/FreightFrenzy CVE-2019-11358 - https://github.com/Voltage16592/UltimateGoal CVE-2019-11358 - https://github.com/VulcanRobotics8375/FreightFrenzy8375 +CVE-2019-11358 - https://github.com/VulcanRobotics8375/OffSeason2021 CVE-2019-11358 - https://github.com/VulcanRobotics8375/UltimateGoal8375 CVE-2019-11358 - https://github.com/WAGS6037/2021_22_FTC_FreightFrenzy CVE-2019-11358 - https://github.com/WAGhostRobotics/FreightFrenzy @@ -23394,10 +24776,16 @@ CVE-2019-11358 - https://github.com/WAHS-Robotics-Club/ftc-ls CVE-2019-11358 - https://github.com/WARbotics/FTC-2022 CVE-2019-11358 - https://github.com/WHHSFTC/20-21_season CVE-2019-11358 - https://github.com/WHSRobotics/542_20-21_ftc +CVE-2019-11358 - https://github.com/WHSRobotics/542_20-21_ftc_summer +CVE-2019-11358 - https://github.com/WHSRobotics/542_21-22_Practice CVE-2019-11358 - https://github.com/WHSRobotics/542_21-22_ftc +CVE-2019-11358 - https://github.com/WHSRobotics/542_ftc_20-21_demo CVE-2019-11358 - https://github.com/WHSRobotics/ftc_21-22_practice CVE-2019-11358 - https://github.com/WRARobotics/FTC CVE-2019-11358 - https://github.com/WSRWavedroids/FreightFrenzy +CVE-2019-11358 - https://github.com/Warrior-Robotics-Salamanca/2021-Final-Goal-Code +CVE-2019-11358 - https://github.com/Watt-sUP/UltimateGoal-Ri3d +CVE-2019-11358 - https://github.com/Westly-Bouchard/Biolime-2021 CVE-2019-11358 - https://github.com/WestwoodRobotics/FTC-Arrowhead-2020 CVE-2019-11358 - https://github.com/WestwoodRobotics/FTC-Arrowhead-2021 CVE-2019-11358 - https://github.com/WestwoodRobotics/FTC-Atlatl-2020 @@ -23416,24 +24804,32 @@ CVE-2019-11358 - https://github.com/WishingWell13/FtcRobotController-Freight-Fre CVE-2019-11358 - https://github.com/WoodrowRookieRoboTeam/RookiesRobotController CVE-2019-11358 - https://github.com/WrenchDressing/UltimateGoal CVE-2019-11358 - https://github.com/Wurlie/FTC-Autonomous-Anonymous-2021-2022- +CVE-2019-11358 - https://github.com/XAXB75/Settings.java CVE-2019-11358 - https://github.com/Xterminate1818/CanadianRobotics CVE-2019-11358 - https://github.com/Xterminate1818/CanadianRobotics2021 CVE-2019-11358 - https://github.com/YahyaElGawady/HugBot2021-2022 CVE-2019-11358 - https://github.com/abdullah1alhakeem/FTC-test CVE-2019-11358 - https://github.com/abhardwaj09/ftc-19539 CVE-2019-11358 - https://github.com/abhardwaj09/ftcrobotics +CVE-2019-11358 - https://github.com/ackertech/Fix-Its_2020-21 CVE-2019-11358 - https://github.com/ackertech/Fix-Its_2021-22_V7 +CVE-2019-11358 - https://github.com/ackertech/FixIts_2021-22_V6 +CVE-2019-11358 - https://github.com/adevine22/FtcRobotController-10237 CVE-2019-11358 - https://github.com/adiga1773/pio2021 +CVE-2019-11358 - https://github.com/aditWorkspace/SkyStone-master CVE-2019-11358 - https://github.com/admiralwaffle4/InvictaCode-21-22 CVE-2019-11358 - https://github.com/ahmedCoder12424/FtcRobotController CVE-2019-11358 - https://github.com/akumar13-you/CRMS8424-FreightFrenzy CVE-2019-11358 - https://github.com/alexDHS0/FtcRobotController-10630-master CVE-2019-11358 - https://github.com/alexDHS0/FtcRobotController-master CVE-2019-11358 - https://github.com/amanda-peake/2020-FTC-UltimateGoal-master +CVE-2019-11358 - https://github.com/amanda-peake/2020-FTC-UltimateGoal-master.practice +CVE-2019-11358 - https://github.com/amanda-peake/2020-FTC-UltimateGoal-master.yayyy CVE-2019-11358 - https://github.com/amanda-peake/2020-FTC-UltimateGoal-master2 CVE-2019-11358 - https://github.com/amanster22/staticDischargeUpdated CVE-2019-11358 - https://github.com/amartinez21/Ultimate_Goal CVE-2019-11358 - https://github.com/anaypant/FTCTest1 +CVE-2019-11358 - https://github.com/andreascasanova/FTCFirsttime CVE-2019-11358 - https://github.com/andrei-27/FREIGHT-FRENZY CVE-2019-11358 - https://github.com/andrewj2k/UltimateGoal-master CVE-2019-11358 - https://github.com/aneeley05/WyvernFtcController @@ -23446,27 +24842,38 @@ CVE-2019-11358 - https://github.com/arisingh8/freightfrenzy-6183 CVE-2019-11358 - https://github.com/artemis18715/Ultimate-Goal CVE-2019-11358 - https://github.com/asarad39/FTCRepo2020-2021 CVE-2019-11358 - https://github.com/aseelke/FTC_2021 +CVE-2019-11358 - https://github.com/ash-hintz/FTC18108RobotController-6.2 CVE-2019-11358 - https://github.com/ash-hintz/FTC18108RobotController-7.0 +CVE-2019-11358 - https://github.com/ashwinj/FTC_camp +CVE-2019-11358 - https://github.com/ashwinj/Taus2021-2 CVE-2019-11358 - https://github.com/ashwinj/UltimateGoal2020 +CVE-2019-11358 - https://github.com/atkindc/IL_FTC_Minibots CVE-2019-11358 - https://github.com/atlee-circuitree/ULTIMATEGOAL CVE-2019-11358 - https://github.com/atoneyd/FtcRobotController-6.0 CVE-2019-11358 - https://github.com/avinashalamgari/VenomPracticeCode-2020-21 CVE-2019-11358 - https://github.com/ayuram/FtcRobotController CVE-2019-11358 - https://github.com/banks-4239/FtcRobotController +CVE-2019-11358 - https://github.com/barbaralau3/FTC_2021_FREIGHT-FRENZY CVE-2019-11358 - https://github.com/batcarrot/Freight-Frenzy-2021-master-2 CVE-2019-11358 - https://github.com/baylocke/UltimateGoalRepo +CVE-2019-11358 - https://github.com/bcbro/14663-UltimateGoal_2021 CVE-2019-11358 - https://github.com/bdiegorvl/Borrebots CVE-2019-11358 - https://github.com/beellyy/Treeman-Ultimate-Goal-2021 CVE-2019-11358 - https://github.com/bhintzma/FTC18108RobotController-7.0 +CVE-2019-11358 - https://github.com/bhintzma/Ftc18108RobotController-6.0 CVE-2019-11358 - https://github.com/bibanpegratar/ProgamareBraveBots CVE-2019-11358 - https://github.com/bibanpegratar/ValiRobotu +CVE-2019-11358 - https://github.com/bignaczak/eBots2020 CVE-2019-11358 - https://github.com/bignaczak/eBots2021 CVE-2019-11358 - https://github.com/binod-singh/FreightFrenzy_Omegabots +CVE-2019-11358 - https://github.com/bitnesswise/jquery-prototype-pollution-fix CVE-2019-11358 - https://github.com/blueVIII/2020_UltimateGoal CVE-2019-11358 - https://github.com/bobthejoethejoebobbob/Controllerv2.1 CVE-2019-11358 - https://github.com/bobthejoethejoebobbob/Controllerv2.3 CVE-2019-11358 - https://github.com/bobthejoethejoebobbob/Controllerv2.4 CVE-2019-11358 - https://github.com/bogdangosa/Echipa_3 +CVE-2019-11358 - https://github.com/bogdangosa/UltimateGoal_RO_025 +CVE-2019-11358 - https://github.com/braydonlu/CEBPrograms CVE-2019-11358 - https://github.com/braydonlu/cebprograms2021 CVE-2019-11358 - https://github.com/broncobots-ftc/FtcRobotController CVE-2019-11358 - https://github.com/broncobots-ftc/ftc16671_202122 @@ -23479,6 +24886,7 @@ CVE-2019-11358 - https://github.com/cameronl10/UltimateGoal2021 CVE-2019-11358 - https://github.com/carissaxchen/19508FreightFrenzy CVE-2019-11358 - https://github.com/cdavidson22/Ultimate_Goal CVE-2019-11358 - https://github.com/charliegarfield/Controllerv1 +CVE-2019-11358 - https://github.com/charliespy/Repository-3517 CVE-2019-11358 - https://github.com/chlohal/Robotics_2021_2022 CVE-2019-11358 - https://github.com/chsbacon/FTC_2022-2021_Odometry CVE-2019-11358 - https://github.com/cjmacdon89/16595_StrikeBots_UltimateGoal-master @@ -23490,17 +24898,25 @@ CVE-2019-11358 - https://github.com/cstacks/FreightFrenzy CVE-2019-11358 - https://github.com/cswebdevelopment/robot CVE-2019-11358 - https://github.com/cyberhawks14188/CyberHawks-Ultimate-Goal-Repo CVE-2019-11358 - https://github.com/cyberhawks14188/Freight-Frenzy-Repo +CVE-2019-11358 - https://github.com/cyborg48/UltimateGoal +CVE-2019-11358 - https://github.com/darmthealarm/FtcRobotController-master CVE-2019-11358 - https://github.com/darmthealarm/VEGA +CVE-2019-11358 - https://github.com/dbrus38/MustangRobotics +CVE-2019-11358 - https://github.com/denwan20/FTC-programming CVE-2019-11358 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-11358 - https://github.com/devsamuelv/Offseason-Code-Dualshock +CVE-2019-11358 - https://github.com/devsamuelv/ftc-template CVE-2019-11358 - https://github.com/discoduckbots/UltimateGoal CVE-2019-11358 - https://github.com/dpeachpeach/WPCPRobogrizzlies CVE-2019-11358 - https://github.com/duckstroms/Web-CTF-Cheatsheet CVE-2019-11358 - https://github.com/egorfajn/robotics CVE-2019-11358 - https://github.com/ehssteelhornets/FreightFrenzy21-22 CVE-2019-11358 - https://github.com/elliptical0/17700_2021 +CVE-2019-11358 - https://github.com/emadkhan713/UltimateGoal CVE-2019-11358 - https://github.com/entech281/FTC_753_Robot_2020 CVE-2019-11358 - https://github.com/epicgamer0690/TeamAlphabots CVE-2019-11358 - https://github.com/erdos1913/FreightFrenzy +CVE-2019-11358 - https://github.com/erdos1913/FtcRobotController-master CVE-2019-11358 - https://github.com/escape-velocity-14343/Ultimate-Goal-2020-21 CVE-2019-11358 - https://github.com/example-org3rwer324/fjisdfjosdjfodsf CVE-2019-11358 - https://github.com/formula-r-ftc/ftcapp-freightfrenzy @@ -23513,10 +24929,12 @@ CVE-2019-11358 - https://github.com/ftc-16244/IL_FTC_Minibots CVE-2019-11358 - https://github.com/ftc-9773/UltimateGoal CVE-2019-11358 - https://github.com/ftc-team-8813/ftc_app CVE-2019-11358 - https://github.com/ftc10131/UltimateGoal +CVE-2019-11358 - https://github.com/ftc11109/FtcRobotController2020 CVE-2019-11358 - https://github.com/ftc13100/FreightFrenzy-2022 CVE-2019-11358 - https://github.com/ftc13100/UltimateGoal-2021 CVE-2019-11358 - https://github.com/ftc14158/FreightFrenzy2 CVE-2019-11358 - https://github.com/ftc16072/2020preseason +CVE-2019-11358 - https://github.com/ftc16072/2021preseason CVE-2019-11358 - https://github.com/ftc16072/FreightFrenzy21-22 CVE-2019-11358 - https://github.com/ftc16072/UltimateGoal20-21 CVE-2019-11358 - https://github.com/ftc16253/FtcRobotController-master @@ -23528,6 +24946,7 @@ CVE-2019-11358 - https://github.com/ftc358/Team19888_2021-2022 CVE-2019-11358 - https://github.com/ftc358/Team359_2021-2022 CVE-2019-11358 - https://github.com/ftc358/UltimateFerretGoal CVE-2019-11358 - https://github.com/ftc6282/ultimate_goal +CVE-2019-11358 - https://github.com/ftc8120/FIRSTTECHCHALLENGE2021 CVE-2019-11358 - https://github.com/ftc8120/FtcRobotController2 CVE-2019-11358 - https://github.com/ftc8120/TeamCode21-22 CVE-2019-11358 - https://github.com/ftc8120/TeleOp2021 @@ -23540,20 +24959,28 @@ CVE-2019-11358 - https://github.com/ftcTwisted-Metal9433/tmfreightfrenzy CVE-2019-11358 - https://github.com/ftcdontblink/FFEarlySeason CVE-2019-11358 - https://github.com/ftcshortcircuits/Artemis6 CVE-2019-11358 - https://github.com/ftcsimplycomplex/Ultimate +CVE-2019-11358 - https://github.com/ftcsimplycomplex/jimmy CVE-2019-11358 - https://github.com/ftcteam14126/FtcRobotController2021 +CVE-2019-11358 - https://github.com/ftcteam6085emc2/Season21and22 CVE-2019-11358 - https://github.com/ftcteam8645/UG_Quickstart_FTC +CVE-2019-11358 - https://github.com/ftctwistedmetal9433/Ultimate-Goal-2020 CVE-2019-11358 - https://github.com/fwprobotics/3507-ultimategoal-rc CVE-2019-11358 - https://github.com/gagne-3/DRSS_20_21_Road_Runner_Testing CVE-2019-11358 - https://github.com/gagne-3/DRSS_20_21_Season_Auto_Update CVE-2019-11358 - https://github.com/gagne-3/DRSS_20_21_Season_Auto_Update_OLD CVE-2019-11358 - https://github.com/gagne-3/DRSS_21_22_Season_Auto_Update +CVE-2019-11358 - https://github.com/gagne-3/DRSS_Baby_Bot_Auto_Update +CVE-2019-11358 - https://github.com/gearheadsswteam/FrieghtFrenzy CVE-2019-11358 - https://github.com/gearheadsswteam/gamechangers2020 +CVE-2019-11358 - https://github.com/gemp22/Summer2021 CVE-2019-11358 - https://github.com/geomancer79/FtcRobotController CVE-2019-11358 - https://github.com/geomancer79/Tutorial_Ultimate_Goal +CVE-2019-11358 - https://github.com/ghs-robotics/FreightFrenzy4042 CVE-2019-11358 - https://github.com/ghs-robotics/Offseason20212022 CVE-2019-11358 - https://github.com/ghs-robotics/UltimateGoal12788 CVE-2019-11358 - https://github.com/ghs-robotics/UltimateGoal4042 CVE-2019-11358 - https://github.com/ghs-robotics/UltimateGoalShared +CVE-2019-11358 - https://github.com/glftc3888/ftc_code_2020-2021 CVE-2019-11358 - https://github.com/glftc3888/ftc_code_2021-2022 CVE-2019-11358 - https://github.com/goncalvesm1/Robot_Project CVE-2019-11358 - https://github.com/greasedlightning/FTC-API-source-code-version-2020-2021 @@ -23562,29 +24989,37 @@ CVE-2019-11358 - https://github.com/griffinrobotics11666/18421-2021 CVE-2019-11358 - https://github.com/griffinrobotics11666/18421FreightFrenzy CVE-2019-11358 - https://github.com/griffinrobotics11666/18421_UltimateGoal CVE-2019-11358 - https://github.com/griffinrobotics11666/FtcRobotController-master +CVE-2019-11358 - https://github.com/griffinrobotics11666/MetalMastersFreightFrenzy18420 CVE-2019-11358 - https://github.com/griffinrobotics11666/TestRobot CVE-2019-11358 - https://github.com/griffinrobotics11666/Ultimate-Goal-18420 CVE-2019-11358 - https://github.com/griffinrobotics11666/UltimateGoal_18420_6.1 CVE-2019-11358 - https://github.com/haifengchicago/FTC2021NB +CVE-2019-11358 - https://github.com/hammerrae/FC_YMCA_FtcRobotController +CVE-2019-11358 - https://github.com/hannacheung/FtcRobotController-6.2 CVE-2019-11358 - https://github.com/heavydriver/ftc_jasper CVE-2019-11358 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-11358 - https://github.com/helenrw/teamcode-FTC-Ultimate-Goal-Master CVE-2019-11358 - https://github.com/hhstitan7831/TitanFreightFrenzy CVE-2019-11358 - https://github.com/hollybots/ftc_2020_12731 +CVE-2019-11358 - https://github.com/hortonvilleroboticskung/UltimateGoal CVE-2019-11358 - https://github.com/hydropony/FreightFrenzy11044 CVE-2019-11358 - https://github.com/iklein53579/FTCRobotController CVE-2019-11358 - https://github.com/imaperson1060/Ftc22 CVE-2019-11358 - https://github.com/imsa-ftc-robotics/UltimateGoalMeet1 +CVE-2019-11358 - https://github.com/invjar/FTCtesting CVE-2019-11358 - https://github.com/isaackrementsov/ultimate-goal CVE-2019-11358 - https://github.com/jacen214/Jack2020 CVE-2019-11358 - https://github.com/jackroedel/UltimateGoal4042 CVE-2019-11358 - https://github.com/jai-kapoor/UP2021-2022 +CVE-2019-11358 - https://github.com/jakcharvat/Ultimate-Goal-Prep +CVE-2019-11358 - https://github.com/jalvarez5625/2021-2022_Regis_FTC_code CVE-2019-11358 - https://github.com/jdesai22/roboGray2020 CVE-2019-11358 - https://github.com/jeffreyqdd/ultimate-goal CVE-2019-11358 - https://github.com/jhadenfeldt/vue-uhf CVE-2019-11358 - https://github.com/jingyi9/UltimateGoal-Parham_Baghbanbashi CVE-2019-11358 - https://github.com/jkenney2/TestHub CVE-2019-11358 - https://github.com/joelkidsclub/CBFreightFrenzy +CVE-2019-11358 - https://github.com/johnduval/SkyStone-scafold CVE-2019-11358 - https://github.com/joshuazye/test1 CVE-2019-11358 - https://github.com/jpc405/KermitUltimateGoal CVE-2019-11358 - https://github.com/jpc405/Kermitultimate @@ -23605,27 +25040,37 @@ CVE-2019-11358 - https://github.com/kchrobotics/tubularcode2020ultimategoal CVE-2019-11358 - https://github.com/kennhung/FTC_2021_Playground CVE-2019-11358 - https://github.com/kermodes19767/freightfrenzy CVE-2019-11358 - https://github.com/kevinthegreat1/FTC-2021-2022-Team-15943 +CVE-2019-11358 - https://github.com/khakiali/FTC CVE-2019-11358 - https://github.com/kierancullen/FTCRobotController CVE-2019-11358 - https://github.com/kirstenpolk10/8648_FreightFrenzy CVE-2019-11358 - https://github.com/kirstenpolk10/9788_FreightFrenzy CVE-2019-11358 - https://github.com/kkbrown123/St.JagoFTC2022_2.0 CVE-2019-11358 - https://github.com/klee111287/2021-2022_FTC10937 CVE-2019-11358 - https://github.com/krill11/RoboRavens-FreightFrenzyUnofficial +CVE-2019-11358 - https://github.com/kunhantsai/FtcRobotController CVE-2019-11358 - https://github.com/kwobny/Robotics-21-22 CVE-2019-11358 - https://github.com/larrytao05/FtcRobotController +CVE-2019-11358 - https://github.com/laupetre/FTC-2021 +CVE-2019-11358 - https://github.com/lehiller/2021-FTC-UltimateGoal-Wembley CVE-2019-11358 - https://github.com/leoschen/FreightFrenzy CVE-2019-11358 - https://github.com/lilSonal/ftc-18544-2020 CVE-2019-11358 - https://github.com/litehed/FTC-Goal-2020 +CVE-2019-11358 - https://github.com/litehed/FTCLibTesting CVE-2019-11358 - https://github.com/lknox23/FTCCodingClass CVE-2019-11358 - https://github.com/lknox23/FtcRobotController-master CVE-2019-11358 - https://github.com/lordofthebricks/FtcRobotController CVE-2019-11358 - https://github.com/luckys301/10862_2021 +CVE-2019-11358 - https://github.com/luisc04/robotics CVE-2019-11358 - https://github.com/marciaklovas/ftc-ultimategoal CVE-2019-11358 - https://github.com/markfontecchio/FtcRobotController-6.1-9376 +CVE-2019-11358 - https://github.com/marsh135/FTC_RET CVE-2019-11358 - https://github.com/mbanham/uchs-ftc +CVE-2019-11358 - https://github.com/mbcaftc/SkyStone-scafolding CVE-2019-11358 - https://github.com/mechlemon/UltimateGoal CVE-2019-11358 - https://github.com/metalworksftc/UltimateGoal CVE-2019-11358 - https://github.com/micahreich/14943-FreightFrenzy-Sample +CVE-2019-11358 - https://github.com/midlandsstembotics/FTC2020-2021 +CVE-2019-11358 - https://github.com/mihir-jain/HelloPranav CVE-2019-11358 - https://github.com/minhle30964/FTC-Team-17288-Season-2020-2021 CVE-2019-11358 - https://github.com/modengann/Robotics CVE-2019-11358 - https://github.com/motherboard7444/2021-FTC-FreightFrenzy-master @@ -23647,27 +25092,35 @@ CVE-2019-11358 - https://github.com/oaleksander/FTCFreightFrenzy18742 CVE-2019-11358 - https://github.com/olivermorris/Goal2020 CVE-2019-11358 - https://github.com/olivermorris/boysrobotics-code CVE-2019-11358 - https://github.com/omega9656/summer-robot-2021 +CVE-2019-11358 - https://github.com/otaylor2023/Vuforia-Build CVE-2019-11358 - https://github.com/owens3364/FTC-Public-21-22 CVE-2019-11358 - https://github.com/owens3364/FTC20-21Public CVE-2019-11358 - https://github.com/owenstuckman/GolfBot CVE-2019-11358 - https://github.com/panthera2021/FtcRobotController +CVE-2019-11358 - https://github.com/panthera2021/Ultimate-Goal-6.1 CVE-2019-11358 - https://github.com/parthiftc/test1 CVE-2019-11358 - https://github.com/paulgobble/Team_Red_2020 +CVE-2019-11358 - https://github.com/paytonfrizzell/ftc CVE-2019-11358 - https://github.com/pchusdb/FtcRobotController-20211223-120805-release-candidate CVE-2019-11358 - https://github.com/pheitman/FreightFrenzy +CVE-2019-11358 - https://github.com/pingryrobotics/FTC-2021-Offseason CVE-2019-11358 - https://github.com/pingryrobotics/FTC-6069-2021 CVE-2019-11358 - https://github.com/pingryrobotics/FTC-6069-2021-2022 CVE-2019-11358 - https://github.com/polarcow285/FreightFrenzy-master +CVE-2019-11358 - https://github.com/polarcow285/InHouseFTC2021-master CVE-2019-11358 - https://github.com/polarcow285/JVFreightFrenzy-master +CVE-2019-11358 - https://github.com/polarcow285/robotArm-master CVE-2019-11358 - https://github.com/powersurge2/2021UltimateGoal CVE-2019-11358 - https://github.com/pranavnightsforrobotics/FtcRobotController-master CVE-2019-11358 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2019-11358 - https://github.com/raresNagy/mecanum CVE-2019-11358 - https://github.com/retrorobotics/ftc-vc CVE-2019-11358 - https://github.com/rh-robotics/2021-22_Varsity CVE-2019-11358 - https://github.com/rhindle/FF_Om_FtcRobotController2021-22 CVE-2019-11358 - https://github.com/rhindle/FtcRobotController-ftc265-example CVE-2019-11358 - https://github.com/rhindle/Old_FF_Om_FtcRobotController2021-22 CVE-2019-11358 - https://github.com/rhsftc/freightfrenzy +CVE-2019-11358 - https://github.com/rhunter-NTatC/FtcRobotController-master CVE-2019-11358 - https://github.com/richpant/16010TeamCode CVE-2019-11358 - https://github.com/richpant/17111TeamCode CVE-2019-11358 - https://github.com/richpant/17114TeamCode @@ -23681,6 +25134,7 @@ CVE-2019-11358 - https://github.com/rlorenzo81/10-30-V2.1 CVE-2019-11358 - https://github.com/rlorenzo81/11180-for-Oct-30 CVE-2019-11358 - https://github.com/rmdettmar/Ultimate-Goal-6.1 CVE-2019-11358 - https://github.com/roboass/frc2022-Freight-Frenzy +CVE-2019-11358 - https://github.com/roboass/ftc2021-2 CVE-2019-11358 - https://github.com/roboken-dev/FtcRobotController-master-Roboken2021 CVE-2019-11358 - https://github.com/roboken-dev/FtcRobotControllerLlamas CVE-2019-11358 - https://github.com/roboken-dev/FtcRobotControllerLllamasMiniBot @@ -23688,7 +25142,9 @@ CVE-2019-11358 - https://github.com/roboken-dev/Llamas-FtcRobotController-master CVE-2019-11358 - https://github.com/roboken-dev/MiniBotRoboken2021-22 CVE-2019-11358 - https://github.com/roboken-dev/Roboken2021-22 CVE-2019-11358 - https://github.com/robossauros/FtcFreightFrenzy +CVE-2019-11358 - https://github.com/robotgenis/ParallaxUltimateGoal CVE-2019-11358 - https://github.com/robotgenis/ParallaxUltimateGoalOfficial +CVE-2019-11358 - https://github.com/roboticsTeam6942v2/6.2ftc20-21-PADEMIC-EDITION CVE-2019-11358 - https://github.com/roboticswithcassie/RWC_Main CVE-2019-11358 - https://github.com/rohan335/BHSRoboticsFTC CVE-2019-11358 - https://github.com/rohand2412/Freight-Frenzy-2021 @@ -23699,22 +25155,26 @@ CVE-2019-11358 - https://github.com/rubiefoster/7604FreightFrenzy CVE-2019-11358 - https://github.com/rusclark16151/RUSerious CVE-2019-11358 - https://github.com/sKadooshman/FtcRobotController-master CVE-2019-11358 - https://github.com/saeephalke/Athena_EV_FTC +CVE-2019-11358 - https://github.com/samgcode/ftc-19041-2021 CVE-2019-11358 - https://github.com/samuelkroot/EggCheese18638 CVE-2019-11358 - https://github.com/savitri-broncobot/ftc16671_202122-master CVE-2019-11358 - https://github.com/sbdevelops/FtcRobotController_CI-Test CVE-2019-11358 - https://github.com/scdRobotics/14365-FTC-2021 CVE-2019-11358 - https://github.com/scdRobotics/14365-FTC-Tournament2 CVE-2019-11358 - https://github.com/scdRobotics/14365_FreightFrenzy_7.1 +CVE-2019-11358 - https://github.com/scdRobotics/14365_Freight_Frenzy CVE-2019-11358 - https://github.com/scdRobotics/14365_Freight_Frenzy_SDK_7 CVE-2019-11358 - https://github.com/scdRobotics/FtcRobotController-6.2 CVE-2019-11358 - https://github.com/segalll/FTC-Freight-Frenzy CVE-2019-11358 - https://github.com/sgutierrez8c54/Ftc2020 +CVE-2019-11358 - https://github.com/shaurya2709/FTCCodestuff CVE-2019-11358 - https://github.com/shellbots-team/Freight-Frenzy CVE-2019-11358 - https://github.com/shellbots-team/Ultimate-Goal CVE-2019-11358 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-11358 - https://github.com/signalxp/ftc2020 CVE-2019-11358 - https://github.com/silkysmooth812/freightfrenzylearning CVE-2019-11358 - https://github.com/simiyo/trivy +CVE-2019-11358 - https://github.com/skbushula/SkyStone-master CVE-2019-11358 - https://github.com/skeole/skeole-ftcrobotcontroller CVE-2019-11358 - https://github.com/smert-WoEN/FTCWoENPublic CVE-2019-11358 - https://github.com/sms-robotics/UltimateGoal2020 @@ -23726,6 +25186,7 @@ CVE-2019-11358 - https://github.com/standerryan/Marburn-2122 CVE-2019-11358 - https://github.com/stcline/FtcRobotController-master CVE-2019-11358 - https://github.com/sungayu/BotzNBolts-FTC-2020-2021 CVE-2019-11358 - https://github.com/sungayu/BotzNBolts-FTC-2021-2022 +CVE-2019-11358 - https://github.com/superarash1/Arash-FTC-Programming CVE-2019-11358 - https://github.com/susier2016/UltimateGoal2021 CVE-2019-11358 - https://github.com/suzannahfigler/Team-Code-16520 CVE-2019-11358 - https://github.com/sweesal/2021_PractiseBots @@ -23735,6 +25196,7 @@ CVE-2019-11358 - https://github.com/tacotuesrobotics/2021-freight-frenzy CVE-2019-11358 - https://github.com/taigabots/UltimateGoal CVE-2019-11358 - https://github.com/tdt2845/tdt-2022-code CVE-2019-11358 - https://github.com/team10415/UltimateGoal +CVE-2019-11358 - https://github.com/team13413/FTCFirst CVE-2019-11358 - https://github.com/team16736/FreightFrenzy CVE-2019-11358 - https://github.com/teamfaraday/2021FreightFrenzy CVE-2019-11358 - https://github.com/teamftc8466/UltimateGoal @@ -23743,9 +25205,12 @@ CVE-2019-11358 - https://github.com/techbrick-ftc/team4234 CVE-2019-11358 - https://github.com/techbrick-ftc/team7gamechangers CVE-2019-11358 - https://github.com/techbrick-ftc/vslamcam CVE-2019-11358 - https://github.com/techiesrobotics/FreightFrenzy +CVE-2019-11358 - https://github.com/techiesrobotics/UltimateGoal2 CVE-2019-11358 - https://github.com/technototes/TechnoLib-Quickstart CVE-2019-11358 - https://github.com/techristy/CB-2021-2022 CVE-2019-11358 - https://github.com/techristy/CB_2021-2022 +CVE-2019-11358 - https://github.com/techtronicchallengers/FTC2020-UltimateGoal +CVE-2019-11358 - https://github.com/test456789022/FTCTestCode CVE-2019-11358 - https://github.com/the-michael-albert/UltimateGoal CVE-2019-11358 - https://github.com/the-winsor-school/Wildbots-2020-2021 CVE-2019-11358 - https://github.com/the-winsor-school/Wildbots-2021-2022 @@ -23761,17 +25226,22 @@ CVE-2019-11358 - https://github.com/titanium-knights/team-a-2020-2021 CVE-2019-11358 - https://github.com/titanium-knights/team-a-2021-2022 CVE-2019-11358 - https://github.com/titanium-knights/team-b-2020-2021 CVE-2019-11358 - https://github.com/titanium-knights/team-b-2021-2022 +CVE-2019-11358 - https://github.com/tmetelev/FtcRobotController-master CVE-2019-11358 - https://github.com/tnwebdev/jquery-2.2.4-patched CVE-2019-11358 - https://github.com/tobortechftc/Kraxberger +CVE-2019-11358 - https://github.com/tomglennhs/ultimategoal CVE-2019-11358 - https://github.com/totoro987123/16568-Codebase-SDK CVE-2019-11358 - https://github.com/trc492/Ftc2022FreightFrenzy CVE-2019-11358 - https://github.com/trinayhari/final0s1s CVE-2019-11358 - https://github.com/tsdch-robotics/FreightFrenzy2021-2022 CVE-2019-11358 - https://github.com/tsdch-robotics/Goal-BotFtc CVE-2019-11358 - https://github.com/tundrabots/2021-2022-Robot-Code +CVE-2019-11358 - https://github.com/udayamaddi/FTC-9686-2021-22 +CVE-2019-11358 - https://github.com/ukshat/FTCTrainingLabs CVE-2019-11358 - https://github.com/ukshat/UltimateGoal CVE-2019-11358 - https://github.com/umahari/security CVE-2019-11358 - https://github.com/valerymao/FTC_Coding_Tutorial +CVE-2019-11358 - https://github.com/varun-bharadwaj/542_20-21_ftc CVE-2019-11358 - https://github.com/vijayshastri/11347-Freight-Frenzy-Modified CVE-2019-11358 - https://github.com/villaneaven/ftcultimategoal CVE-2019-11358 - https://github.com/vintasoftware/awesome-django-security @@ -23791,6 +25261,7 @@ CVE-2019-11358 - https://github.com/williethewinner/2020-2021-FTC-Team-16278 CVE-2019-11358 - https://github.com/wjorgensen/FTC CVE-2019-11358 - https://github.com/wyrobotics/freightfrenzy-robophins CVE-2019-11358 - https://github.com/wyrobotics/ultimategoal-robophins +CVE-2019-11358 - https://github.com/wyrobotics/ultimategoal-youngdroids CVE-2019-11358 - https://github.com/x16140/rc CVE-2019-11358 - https://github.com/xRoALex/ProgrammingLessons CVE-2019-11358 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 @@ -23804,6 +25275,7 @@ CVE-2019-11358 - https://github.com/yyhJohn/FTC-2022 CVE-2019-11358 - https://github.com/zema1/oracle-vuln-crawler CVE-2019-11358 - https://github.com/zerozerodone/FTC_2021-2022 CVE-2019-11358 - https://github.com/ziming-g/SBSFTC10738 +CVE-2019-11371 - https://github.com/H4niz/CVE CVE-2019-11374 - https://github.com/SexyBeast233/SecBooks CVE-2019-11380 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-11383 - https://github.com/enderphan94/CVE @@ -23817,6 +25289,7 @@ CVE-2019-11447 - https://github.com/0xT11/CVE-POC CVE-2019-11447 - https://github.com/404notf0und/CVE-Flow CVE-2019-11447 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-11447 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-11447 - https://github.com/iainr/CuteNewsRCE CVE-2019-11477 - https://github.com/0xT11/CVE-POC CVE-2019-11477 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-11477 - https://github.com/fengjian/kpatch-sack-panic @@ -23825,6 +25298,7 @@ CVE-2019-11477 - https://github.com/hightemp/docLinux CVE-2019-11477 - https://github.com/kaosagnt/ansible-everyday CVE-2019-11477 - https://github.com/lucassbeiler/linux_hardening_arsenal CVE-2019-11477 - https://github.com/misanthropos/FFFFM +CVE-2019-11477 - https://github.com/sasqwatch/cve-2019-11477-poc CVE-2019-11477 - https://github.com/sonoransun/tcp_sack_fix CVE-2019-11478 - https://github.com/hightemp/docLinux CVE-2019-11478 - https://github.com/kaosagnt/ansible-everyday @@ -23833,6 +25307,8 @@ CVE-2019-11479 - https://github.com/hightemp/docLinux CVE-2019-11479 - https://github.com/kaosagnt/ansible-everyday CVE-2019-11479 - https://github.com/misanthropos/FFFFM CVE-2019-11486 - https://github.com/Sec20-Paper310/Paper310 +CVE-2019-11507 - https://github.com/jaychouzzk/Pulse-Secure-SSL-VPN-CVE-2019 +CVE-2019-11508 - https://github.com/jaychouzzk/Pulse-Secure-SSL-VPN-CVE-2019 CVE-2019-11510 - https://github.com/0ps/pocassistdb CVE-2019-11510 - https://github.com/0xT11/CVE-POC CVE-2019-11510 - https://github.com/ARPSyndicate/kenzer-templates @@ -23844,10 +25320,15 @@ CVE-2019-11510 - https://github.com/SexyBeast233/SecBooks CVE-2019-11510 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2019-11510 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-11510 - https://github.com/amcai/myscan +CVE-2019-11510 - https://github.com/antichown/vpn-ssl-pulse +CVE-2019-11510 - https://github.com/aqhmal/pulsexploit +CVE-2019-11510 - https://github.com/chalern/Pentest-Tools +CVE-2019-11510 - https://github.com/cisagov/check-your-pulse CVE-2019-11510 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-11510 - https://github.com/dnif/content CVE-2019-11510 - https://github.com/es0/CVE-2019-11510_poc CVE-2019-11510 - https://github.com/fengjixuchui/RedTeamer +CVE-2019-11510 - https://github.com/gquere/PulseSecure_session_hijacking CVE-2019-11510 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-11510 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-11510 - https://github.com/huike007/penetration_poc @@ -23855,10 +25336,15 @@ CVE-2019-11510 - https://github.com/huike007/poc CVE-2019-11510 - https://github.com/iGotRootSRC/Dorkers CVE-2019-11510 - https://github.com/imjdl/CVE-2019-11510-poc CVE-2019-11510 - https://github.com/jas502n/CVE-2019-11510-1 +CVE-2019-11510 - https://github.com/jason3e7/CVE-2019-11510 +CVE-2019-11510 - https://github.com/jaychouzzk/Pulse-Secure-SSL-VPN-CVE-2019 CVE-2019-11510 - https://github.com/jweny/pocassistdb +CVE-2019-11510 - https://github.com/nuc13us/Pulse +CVE-2019-11510 - https://github.com/popyue/Pulse_exploit CVE-2019-11510 - https://github.com/projectzeroindia/CVE-2019-11510 CVE-2019-11510 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-11510 - https://github.com/r00tpgp/http-pulse_ssl_vpn.nse +CVE-2019-11510 - https://github.com/r0eXpeR/supplier CVE-2019-11510 - https://github.com/sobinge/nuclei-templates CVE-2019-11510 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-11510 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 @@ -23870,28 +25356,40 @@ CVE-2019-11523 - https://github.com/0xT11/CVE-POC CVE-2019-11523 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-11523 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-11523 - https://github.com/wizlab-it/anviz-m3-rfid-cve-2019-11523-poc +CVE-2019-11538 - https://github.com/jaychouzzk/Pulse-Secure-SSL-VPN-CVE-2019 CVE-2019-11539 - https://github.com/0xDezzy/CVE-2019-11539 CVE-2019-11539 - https://github.com/0xT11/CVE-POC +CVE-2019-11539 - https://github.com/BraveLittleRoaster/pulsar CVE-2019-11539 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-11539 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-11539 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-11539 - https://github.com/jaychouzzk/Pulse-Secure-SSL-VPN-CVE-2019 +CVE-2019-11539 - https://github.com/r0eXpeR/supplier +CVE-2019-11540 - https://github.com/gquere/PulseSecure_session_hijacking +CVE-2019-11540 - https://github.com/jaychouzzk/Pulse-Secure-SSL-VPN-CVE-2019 +CVE-2019-11542 - https://github.com/jaychouzzk/Pulse-Secure-SSL-VPN-CVE-2019 CVE-2019-11580 - https://github.com/0xT11/CVE-POC CVE-2019-11580 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-11580 - https://github.com/Ares-X/VulWiki CVE-2019-11580 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-11580 - https://github.com/SexyBeast233/SecBooks CVE-2019-11580 - https://github.com/SouthWind0/southwind0.github.io +CVE-2019-11580 - https://github.com/ThePirateWhoSmellsOfSunflowers/TheHackerLinks CVE-2019-11580 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-11580 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-11580 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-11580 - https://github.com/jas502n/CVE-2019-11580 +CVE-2019-11580 - https://github.com/lp008/Hack-readme CVE-2019-11580 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2019-11580 - https://github.com/shelld3v/CVE-2019-11580 CVE-2019-11580 - https://github.com/sobinge/nuclei-templates CVE-2019-11580 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-11581 - https://github.com/0ps/pocassistdb +CVE-2019-11581 - https://github.com/0x48piraj/Jiraffe CVE-2019-11581 - https://github.com/0xT11/CVE-POC CVE-2019-11581 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-11581 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2019-11581 - https://github.com/PetrusViet/CVE-2021-39115 CVE-2019-11581 - https://github.com/SexyBeast233/SecBooks CVE-2019-11581 - https://github.com/afinepl/research CVE-2019-11581 - https://github.com/amcai/myscan @@ -23902,7 +25400,10 @@ CVE-2019-11581 - https://github.com/jweny/pocassistdb CVE-2019-11581 - https://github.com/kobs0N/CVE-2019-11581 CVE-2019-11581 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-11581 - https://github.com/r0eXpeR/redteam_vul +CVE-2019-11581 - https://github.com/r0hack/RCE-in-Jira CVE-2019-11581 - https://github.com/sobinge/nuclei-templates +CVE-2019-11581 - https://github.com/sushantdhopat/JIRA_testing +CVE-2019-11581 - https://github.com/tdcoming/Vulnerability-engine CVE-2019-11581 - https://github.com/woods-sega/woodswiki CVE-2019-11581 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-1159 - https://github.com/alphaSeclab/sec-daily-2019 @@ -23932,24 +25433,30 @@ CVE-2019-11623 - https://github.com/itodaro/doorGets_cve CVE-2019-11624 - https://github.com/itodaro/doorGets_cve CVE-2019-11625 - https://github.com/itodaro/doorGets_cve CVE-2019-11626 - https://github.com/itodaro/doorGets_cve +CVE-2019-11634 - https://github.com/r0eXpeR/supplier CVE-2019-11636 - https://github.com/saplingwoodchipper/saplingwoodchipper.github.io CVE-2019-1166 - https://github.com/preempt/ntlm-scanner CVE-2019-11687 - https://github.com/0xT11/CVE-POC CVE-2019-11687 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-11687 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-11687 - https://github.com/kosmokato/bad-dicom +CVE-2019-11687 - https://github.com/rjhorniii/DICOM-YARA-rules CVE-2019-1170 - https://github.com/punishell/WindowsLegacyCVE CVE-2019-11704 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-11707 - https://github.com/0xT11/CVE-POC CVE-2019-11707 - https://github.com/De4dCr0w/Browser-pwn +CVE-2019-11707 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2019-11707 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-11707 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-11707 - https://github.com/googleprojectzero/fuzzilli CVE-2019-11707 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-11707 - https://github.com/m1ghtym0/browser-pwn +CVE-2019-11707 - https://github.com/tunnelshade/cve-2019-11707 CVE-2019-11707 - https://github.com/vigneshsrao/CVE-2019-11707 CVE-2019-11708 - https://github.com/0vercl0k/0vercl0k CVE-2019-11708 - https://github.com/0vercl0k/CVE-2019-11708 CVE-2019-11708 - https://github.com/0xT11/CVE-POC +CVE-2019-11708 - https://github.com/ChefGordon/List-O-Tools CVE-2019-11708 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-11708 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2019-11708 - https://github.com/YIXINSHUWU/Penetration_Testing_POC @@ -23968,8 +25475,10 @@ CVE-2019-11719 - https://github.com/revl-ca/scan-docker-image CVE-2019-1172 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2019-11729 - https://github.com/revl-ca/scan-docker-image CVE-2019-11730 - https://github.com/0xT11/CVE-POC +CVE-2019-11730 - https://github.com/alidnf/CVE-2019-11730 CVE-2019-11730 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-11730 - https://github.com/eniocarboni/p7m +CVE-2019-11730 - https://github.com/ficstamas/advanced-graphics-project CVE-2019-11730 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-11730 - https://github.com/lanjelot/ctfs CVE-2019-11730 - https://github.com/sudo-bmitch/presentations @@ -24002,17 +25511,28 @@ CVE-2019-11931 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-11931 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-11931 - https://github.com/kasif-dekel/whatsapp-rce-patched CVE-2019-11932 - https://github.com/0xT11/CVE-POC +CVE-2019-11932 - https://github.com/5l1v3r1/CVE-2019-11932 +CVE-2019-11932 - https://github.com/Err0r-ICA/WhatsPayloadRCE +CVE-2019-11932 - https://github.com/JasonJerry/WhatsRCE +CVE-2019-11932 - https://github.com/PleXone2019/WhatsRCE +CVE-2019-11932 - https://github.com/SmoZy92/CVE-2019-11932 CVE-2019-11932 - https://github.com/TinToSer/whatsapp_rce +CVE-2019-11932 - https://github.com/TortugaAttack/pen-testing +CVE-2019-11932 - https://github.com/TulungagungCyberLink/CVE-2019-11932 CVE-2019-11932 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-11932 - https://github.com/awakened1712/CVE-2019-11932 +CVE-2019-11932 - https://github.com/dashtic172/abdul CVE-2019-11932 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-11932 - https://github.com/dorkerdevil/CVE-2019-11932 CVE-2019-11932 - https://github.com/fastmo/CVE-2019-11932 CVE-2019-11932 - https://github.com/frankzappasmustache/starred-repos CVE-2019-11932 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-11932 - https://github.com/infiniteLoopers/CVE-2019-11932 +CVE-2019-11932 - https://github.com/jsn-OO7/whatsapp CVE-2019-11932 - https://github.com/mRanonyMousTZ/CVE-2019-11932-whatsApp-exploit CVE-2019-11932 - https://github.com/valbrux/CVE-2019-11932-SupportApp CVE-2019-11933 - https://github.com/0xT11/CVE-POC +CVE-2019-11933 - https://github.com/NatleoJ/CVE-2019-11933 CVE-2019-11933 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-11933 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-12041 - https://github.com/ossf-cve-benchmark/CVE-2019-12041 @@ -24020,15 +25540,21 @@ CVE-2019-12042 - https://github.com/SouhailHammou/Panda-Antivirus-LPE CVE-2019-12042 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-12043 - https://github.com/ossf-cve-benchmark/CVE-2019-12043 CVE-2019-12083 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs +CVE-2019-12083 - https://github.com/Qwaz/rust-cve CVE-2019-12083 - https://github.com/xxg1413/rust-security CVE-2019-12086 - https://github.com/0xT11/CVE-POC CVE-2019-12086 - https://github.com/SugarP1g/LearningSecurity CVE-2019-12086 - https://github.com/codeplutos/CVE-2019-12086-jackson-databind-file-read CVE-2019-12086 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-12086 - https://github.com/galimba/Jackson-deserialization-PoC CVE-2019-12086 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-12086 - https://github.com/ilmari666/cybsec CVE-2019-12086 - https://github.com/kiwitcms/junit-plugin CVE-2019-12086 - https://github.com/klarna/kco_rest_java +CVE-2019-12086 - https://github.com/lp008/Hack-readme CVE-2019-12086 - https://github.com/migupl/poc-yaas-server +CVE-2019-12097 - https://github.com/huanshenyi/appium-test +CVE-2019-12101 - https://github.com/ThingzDefense/IoT-Flock CVE-2019-12103 - https://github.com/geeksniper/reverse-engineering-toolkit CVE-2019-1211 - https://github.com/meherarfaoui09/meher CVE-2019-1215 - https://github.com/0xT11/CVE-POC @@ -24055,6 +25581,7 @@ CVE-2019-12170 - https://github.com/fuzzlove/ATutor-Instructor-Backup-Arbitrary- CVE-2019-12170 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-12175 - https://github.com/mxmssh/manul CVE-2019-1218 - https://github.com/0xT11/CVE-POC +CVE-2019-1218 - https://github.com/d0gukank/CVE-2019-1218 CVE-2019-1218 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-1218 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-12180 - https://github.com/0x-nope/CVE-2019-12180 @@ -24063,6 +25590,7 @@ CVE-2019-12180 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12180 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-12181 - https://github.com/0xT11/CVE-POC CVE-2019-12181 - https://github.com/anoaghost/Localroot_Compile +CVE-2019-12181 - https://github.com/b9q/Serv-U-FTP-Server-15.1.7---Local-Privilege-Escalation CVE-2019-12181 - https://github.com/bcoles/local-exploits CVE-2019-12181 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12181 - https://github.com/guywhataguy/CVE-2019-12181 @@ -24099,6 +25627,7 @@ CVE-2019-12255 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12255 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-12255 - https://github.com/sud0woodo/Urgent11-Suricata-LUA-scripts CVE-2019-12256 - https://github.com/sud0woodo/Urgent11-Suricata-LUA-scripts +CVE-2019-12258 - https://github.com/ArmisSecurity/urgent11-detector CVE-2019-12258 - https://github.com/sud0woodo/Urgent11-Suricata-LUA-scripts CVE-2019-1226 - https://github.com/0xT11/CVE-POC CVE-2019-1226 - https://github.com/developer3000S/PoC-in-GitHub @@ -24108,6 +25637,7 @@ CVE-2019-12272 - https://github.com/0xT11/CVE-POC CVE-2019-12272 - https://github.com/HACHp1/LuCI_RCE_exp CVE-2019-12272 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12272 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-12272 - https://github.com/roguedream/lede-17.01.3 CVE-2019-12276 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-12276 - https://github.com/Calistamu/graduation-project CVE-2019-12290 - https://github.com/garethr/snykout @@ -24118,6 +25648,7 @@ CVE-2019-12314 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-12314 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-12314 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12314 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-12314 - https://github.com/ras313/CVE-2019-12314 CVE-2019-12314 - https://github.com/sobinge/nuclei-templates CVE-2019-1234 - https://github.com/ashdsetty/Detection CVE-2019-12356 - https://github.com/brejoc/bscdiff @@ -24131,11 +25662,14 @@ CVE-2019-12384 - https://github.com/SugarP1g/LearningSecurity CVE-2019-12384 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-12384 - https://github.com/amcai/myscan CVE-2019-12384 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-12384 - https://github.com/diakogiannis/moviebook CVE-2019-12384 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-12384 - https://github.com/ilmari666/cybsec CVE-2019-12384 - https://github.com/jas502n/CVE-2019-12384 CVE-2019-12384 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2019-12384 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-12384 - https://github.com/shashihacks/OSCP +CVE-2019-12384 - https://github.com/tzwlhack/Vulnerability CVE-2019-12384 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-12395 - https://github.com/abhav/nvd_scrapper CVE-2019-12400 - https://github.com/ik21191/java-saml @@ -24173,6 +25707,8 @@ CVE-2019-12450 - https://github.com/revl-ca/scan-docker-image CVE-2019-12453 - https://github.com/0xT11/CVE-POC CVE-2019-12453 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12453 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-12453 - https://github.com/undefinedmode/CVE-2019-12453 +CVE-2019-12453 - https://github.com/undefinedmode/CVE-2019-12475 CVE-2019-12457 - https://github.com/EmreOvunc/FileRun-Vulnerabilities CVE-2019-12458 - https://github.com/EmreOvunc/FileRun-Vulnerabilities CVE-2019-12459 - https://github.com/EmreOvunc/FileRun-Vulnerabilities @@ -24187,14 +25723,17 @@ CVE-2019-12461 - https://github.com/sobinge/nuclei-templates CVE-2019-12475 - https://github.com/0xT11/CVE-POC CVE-2019-12475 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12475 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-12475 - https://github.com/undefinedmode/CVE-2019-12475 CVE-2019-12476 - https://github.com/0katz/CVE-2019-12476 CVE-2019-12476 - https://github.com/0xT11/CVE-POC CVE-2019-12476 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12476 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-12476 - https://github.com/lp008/Hack-readme CVE-2019-12480 - https://github.com/neutrinoguy/awesome-ics-writeups CVE-2019-12489 - https://github.com/garis/Fastgate CVE-2019-12489 - https://github.com/lwtz/CVE-2019-0708 CVE-2019-12489 - https://github.com/singletrackseeker/CVE-2019-7482 +CVE-2019-12491 - https://github.com/benjeems/packetStrider CVE-2019-1250 - https://github.com/googleprojectzero/winafl CVE-2019-1250 - https://github.com/hardik05/winafl-powermopt CVE-2019-12526 - https://github.com/qazbnm456/awesome-cve-poc @@ -24217,6 +25756,7 @@ CVE-2019-1253 - https://github.com/hlldz/dazzleUP CVE-2019-1253 - https://github.com/huike007/penetration_poc CVE-2019-1253 - https://github.com/huike007/poc CVE-2019-1253 - https://github.com/lawrenceamer/0xsp-Mongoose +CVE-2019-1253 - https://github.com/likescam/CVE-2019-1253 CVE-2019-1253 - https://github.com/mishmashclone/rasta-mouse-Watson CVE-2019-1253 - https://github.com/padovah4ck/CVE-2019-1253 CVE-2019-1253 - https://github.com/paramint/Watson-Windows-check-KB @@ -24227,10 +25767,13 @@ CVE-2019-1253 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-1253 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2019-1253 - https://github.com/yedada-wei/- CVE-2019-1253 - https://github.com/yedada-wei/gongkaishouji +CVE-2019-12537 - https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine CVE-2019-12538 - https://github.com/0xT11/CVE-POC CVE-2019-12538 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12538 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-12538 - https://github.com/tarantula-team/CVE-2019-12538 +CVE-2019-12539 - https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine +CVE-2019-12540 - https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine CVE-2019-12541 - https://github.com/0xT11/CVE-POC CVE-2019-12541 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12541 - https://github.com/hectorgie/PoC-in-GitHub @@ -24261,11 +25804,17 @@ CVE-2019-12577 - https://github.com/mirchr/security-research CVE-2019-12578 - https://github.com/mirchr/security-research CVE-2019-12579 - https://github.com/mirchr/security-research CVE-2019-12586 - https://github.com/0xT11/CVE-POC +CVE-2019-12586 - https://github.com/84KaliPleXon3/esp32_esp8266_attacks CVE-2019-12586 - https://github.com/Matheus-Garbelini/esp32_esp8266_attacks CVE-2019-12586 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12586 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-12586 - https://github.com/ruimarinho/mota +CVE-2019-12587 - https://github.com/84KaliPleXon3/esp32_esp8266_attacks CVE-2019-12587 - https://github.com/Matheus-Garbelini/esp32_esp8266_attacks +CVE-2019-12587 - https://github.com/ruimarinho/mota +CVE-2019-12588 - https://github.com/84KaliPleXon3/esp32_esp8266_attacks CVE-2019-12588 - https://github.com/Matheus-Garbelini/esp32_esp8266_attacks +CVE-2019-12588 - https://github.com/ruimarinho/mota CVE-2019-12593 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-12593 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-12593 - https://github.com/sobinge/nuclei-templates @@ -24273,6 +25822,9 @@ CVE-2019-12594 - https://github.com/0xT11/CVE-POC CVE-2019-12594 - https://github.com/Alexandre-Bartel/CVE-2019-12594 CVE-2019-12594 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12594 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-12595 - https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine +CVE-2019-12596 - https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine +CVE-2019-12597 - https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine CVE-2019-12616 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-12616 - https://github.com/SexyBeast233/SecBooks CVE-2019-12630 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs @@ -24284,6 +25836,7 @@ CVE-2019-12725 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-12725 - https://github.com/SexyBeast233/SecBooks CVE-2019-12725 - https://github.com/Sma11New/PocList CVE-2019-12725 - https://github.com/sobinge/nuclei-templates +CVE-2019-12730 - https://github.com/homoluctus/ecranner CVE-2019-12735 - https://github.com/0xT11/CVE-POC CVE-2019-12735 - https://github.com/JasonLOU/security CVE-2019-12735 - https://github.com/developer3000S/PoC-in-GitHub @@ -24292,6 +25845,7 @@ CVE-2019-12735 - https://github.com/numirias/security CVE-2019-12735 - https://github.com/oldthree3/CVE-2019-12735-VIM-NEOVIM CVE-2019-12735 - https://github.com/pcy190/ace-vim-neovim CVE-2019-12735 - https://github.com/vicmej/modeline-vim +CVE-2019-12735 - https://github.com/whunt1/makevim CVE-2019-12747 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-12749 - https://github.com/fbreton/lacework CVE-2019-12749 - https://github.com/revl-ca/scan-docker-image @@ -24300,12 +25854,14 @@ CVE-2019-12750 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-12750 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12750 - https://github.com/fengjixuchui/RedTeamer CVE-2019-12750 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-12750 - https://github.com/v-p-b/cve-2019-12750 CVE-2019-12760 - https://github.com/kaashmonee/rM2FS CVE-2019-1278 - https://github.com/0xT11/CVE-POC CVE-2019-1278 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-1278 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-1278 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2019-12780 - https://github.com/travispaul/node-nvd-search +CVE-2019-12780 - https://github.com/travispaul/node-nvd-search-cli CVE-2019-12796 - https://github.com/0xT11/CVE-POC CVE-2019-12796 - https://github.com/PeterUpfold/CVE-2019-12796 CVE-2019-12796 - https://github.com/developer3000S/PoC-in-GitHub @@ -24313,13 +25869,18 @@ CVE-2019-12796 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-1280 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-12813 - https://github.com/sungjungk/fp-scanner-hacking CVE-2019-12814 - https://github.com/0xT11/CVE-POC +CVE-2019-12814 - https://github.com/Al1ex/CVE-2019-12814 CVE-2019-12814 - https://github.com/BorderTech/java-common CVE-2019-12814 - https://github.com/SexyBeast233/SecBooks CVE-2019-12814 - https://github.com/SugarP1g/LearningSecurity CVE-2019-12814 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-12814 - https://github.com/diakogiannis/moviebook CVE-2019-12814 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-12814 - https://github.com/ilmari666/cybsec CVE-2019-12814 - https://github.com/paolodenti/telegram-types CVE-2019-12815 - https://github.com/0xT11/CVE-POC +CVE-2019-12815 - https://github.com/KTN1990/CVE-2019-12815 +CVE-2019-12815 - https://github.com/Universe1122/URL-crawler CVE-2019-12815 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12815 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-12820 - https://github.com/sebastian-porling/JISIWEI-Vacuum-Cleaner-Robot-Hack @@ -24335,6 +25896,8 @@ CVE-2019-12836 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12836 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-12840 - https://github.com/0xT11/CVE-POC CVE-2019-12840 - https://github.com/KrE80r/webmin_cve-2019-12840_poc +CVE-2019-12840 - https://github.com/anasbousselham/webminscan +CVE-2019-12840 - https://github.com/bkaraceylan/CVE-2019-12840_POC CVE-2019-12840 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12840 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-12868 - https://github.com/dawid-czarnecki/public-vulnerabilities @@ -24343,7 +25906,9 @@ CVE-2019-12881 - https://github.com/oxagast/oxasploits CVE-2019-12889 - https://github.com/0xT11/CVE-POC CVE-2019-12889 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12889 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-12889 - https://github.com/nulsect0r/CVE-2019-12889 CVE-2019-12890 - https://github.com/0xT11/CVE-POC +CVE-2019-12890 - https://github.com/EthicalHCOP/CVE-2019-12890_RedxploitHQ CVE-2019-12890 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12890 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-12900 - https://github.com/bubbleguuum/zypperdiff @@ -24353,6 +25918,11 @@ CVE-2019-12904 - https://github.com/revl-ca/scan-docker-image CVE-2019-12905 - https://github.com/EmreOvunc/FileRun-Vulnerabilities CVE-2019-12921 - https://github.com/barrracud4/image-upload-exploits CVE-2019-12922 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-12922 - https://github.com/tdcoming/Vulnerability-engine +CVE-2019-12941 - https://github.com/jmatss/thesis-cuda +CVE-2019-12941 - https://github.com/jmatss/thesis-go +CVE-2019-12941 - https://github.com/jmatss/thesis-java +CVE-2019-12941 - https://github.com/jmatss/thesis-rust CVE-2019-12949 - https://github.com/0xT11/CVE-POC CVE-2019-12949 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12949 - https://github.com/hectorgie/PoC-in-GitHub @@ -24365,18 +25935,23 @@ CVE-2019-12999 - https://github.com/chaincodelabs/lightning-curriculum CVE-2019-12999 - https://github.com/davidshares/Lightning-Network CVE-2019-12999 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-12999 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-12999 - https://github.com/lightninglabs/chanleakcheck CVE-2019-1300 - https://github.com/sslab-gatech/DIE CVE-2019-13000 - https://github.com/0xT11/CVE-POC +CVE-2019-13000 - https://github.com/ACINQ/detection-tool-cve-2019-13000 CVE-2019-13000 - https://github.com/chaincodelabs/lightning-curriculum CVE-2019-13000 - https://github.com/davidshares/Lightning-Network CVE-2019-13000 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-13000 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-13000 - https://github.com/lightninglabs/chanleakcheck CVE-2019-1301 - https://github.com/RetireNet/dotnet-retire CVE-2019-13012 - https://github.com/revl-ca/scan-docker-image CVE-2019-1302 - https://github.com/RetireNet/dotnet-retire CVE-2019-13024 - https://github.com/0xT11/CVE-POC +CVE-2019-13024 - https://github.com/YeezyTaughtMe1/htb-wall-writeup CVE-2019-13024 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-13024 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-13024 - https://github.com/get-get-get-get/Centreon-RCE CVE-2019-13024 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-13024 - https://github.com/mhaskar/CVE-2019-13024 CVE-2019-13025 - https://github.com/0xT11/CVE-POC @@ -24384,6 +25959,7 @@ CVE-2019-13025 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-13025 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-13025 - https://github.com/x1tan/CVE-2019-13025 CVE-2019-13027 - https://github.com/0xT11/CVE-POC +CVE-2019-13027 - https://github.com/IckoGZ/CVE-2019-13027 CVE-2019-13027 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-13027 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-13029 - https://github.com/Orange-Cyberdefense/CVE-repository @@ -24411,16 +25987,21 @@ CVE-2019-13051 - https://github.com/pr0tean/CVE-2019-13051 CVE-2019-13051 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-13051 - https://github.com/yedada-wei/- CVE-2019-13051 - https://github.com/yedada-wei/gongkaishouji +CVE-2019-13052 - https://github.com/10ocs/LOGITaker- CVE-2019-13052 - https://github.com/RoganDawes/LOGITacker CVE-2019-13052 - https://github.com/RoganDawes/munifying CVE-2019-13052 - https://github.com/mame82/UnifyingVulnsDisclosureRepo CVE-2019-13052 - https://github.com/mame82/munifying_pre_release +CVE-2019-13053 - https://github.com/10ocs/LOGITaker- CVE-2019-13053 - https://github.com/RoganDawes/LOGITacker CVE-2019-13053 - https://github.com/mame82/UnifyingVulnsDisclosureRepo +CVE-2019-13054 - https://github.com/10ocs/LOGITaker- CVE-2019-13054 - https://github.com/RoganDawes/LOGITacker CVE-2019-13054 - https://github.com/RoganDawes/munifying +CVE-2019-13054 - https://github.com/RoganDawes/munifying-web CVE-2019-13054 - https://github.com/mame82/UnifyingVulnsDisclosureRepo CVE-2019-13054 - https://github.com/mame82/munifying_pre_release +CVE-2019-13055 - https://github.com/10ocs/LOGITaker- CVE-2019-13055 - https://github.com/RoganDawes/LOGITacker CVE-2019-13055 - https://github.com/RoganDawes/munifying CVE-2019-13055 - https://github.com/mame82/UnifyingVulnsDisclosureRepo @@ -24430,6 +26011,7 @@ CVE-2019-1306 - https://github.com/mishmashclone/qazbnm456-awesome-web-security CVE-2019-1306 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-1306 - https://github.com/qazbnm456/awesome-web-security CVE-2019-1306 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2019-13063 - https://github.com/0x6b7966/CVE-2019-13063-POC CVE-2019-13063 - https://github.com/0xT11/CVE-POC CVE-2019-13063 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-13063 - https://github.com/hectorgie/PoC-in-GitHub @@ -24443,6 +26025,7 @@ CVE-2019-13086 - https://github.com/0xT11/CVE-POC CVE-2019-13086 - https://github.com/SexyBeast233/SecBooks CVE-2019-13086 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-13086 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-13086 - https://github.com/lingchuL/CVE_POC_test CVE-2019-13096 - https://github.com/enderphan94/CVE CVE-2019-13097 - https://github.com/enderphan94/CVE CVE-2019-13098 - https://github.com/enderphan94/CVE @@ -24451,15 +26034,18 @@ CVE-2019-13100 - https://github.com/enderphan94/CVE CVE-2019-13101 - https://github.com/0xT11/CVE-POC CVE-2019-13101 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-13101 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-13101 - https://github.com/halencarjunior/dlkploit600 CVE-2019-13101 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-13103 - https://github.com/ForAllSecure/VulnerabilitiesLab CVE-2019-13107 - https://github.com/ForAllSecure/VulnerabilitiesLab CVE-2019-1311 - https://github.com/googleprojectzero/winafl CVE-2019-1311 - https://github.com/hardik05/winafl-powermopt CVE-2019-13115 - https://github.com/0xT11/CVE-POC +CVE-2019-13115 - https://github.com/CSSProject/libssh2-Exploit CVE-2019-13115 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-13115 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-13115 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-13115 - https://github.com/viz27/Libssh2-Exploit CVE-2019-13116 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2019-13117 - https://github.com/revl-ca/scan-docker-image CVE-2019-13118 - https://github.com/revl-ca/scan-docker-image @@ -24488,6 +26074,7 @@ CVE-2019-1320 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2019-1322 - https://github.com/Ascotbe/Kernelhub CVE-2019-1322 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-1322 - https://github.com/DeEpinGh0st/Erebus +CVE-2019-1322 - https://github.com/Gl3bGl4z/knowledge CVE-2019-1322 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2019-1322 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2019-1322 - https://github.com/alphaSeclab/sec-daily-2019 @@ -24497,14 +26084,17 @@ CVE-2019-1322 - https://github.com/geeksniper/windows-privilege-escalation CVE-2019-1322 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-1322 - https://github.com/huike007/penetration_poc CVE-2019-1322 - https://github.com/huike007/poc +CVE-2019-1322 - https://github.com/pengusec/awesome-netsec-articles CVE-2019-1322 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-1322 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2019-1322 - https://github.com/yedada-wei/- CVE-2019-1322 - https://github.com/yedada-wei/gongkaishouji CVE-2019-13224 - https://github.com/ForAllSecure/VulnerabilitiesLab CVE-2019-13224 - https://github.com/kkos/oniguruma +CVE-2019-13224 - https://github.com/onivim/esy-oniguruma CVE-2019-13224 - https://github.com/winlibs/oniguruma CVE-2019-13225 - https://github.com/kkos/oniguruma +CVE-2019-13225 - https://github.com/onivim/esy-oniguruma CVE-2019-13225 - https://github.com/winlibs/oniguruma CVE-2019-13232 - https://github.com/revl-ca/scan-docker-image CVE-2019-13233 - https://github.com/Sec20-Paper310/Paper310 @@ -24558,14 +26148,20 @@ CVE-2019-13272 - https://github.com/Cyc1eC/CVE-2019-13272 CVE-2019-13272 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp CVE-2019-13272 - https://github.com/Getshell/LinuxTQ CVE-2019-13272 - https://github.com/H0j3n/EzpzCheatSheet +CVE-2019-13272 - https://github.com/Huandtx/CVE-2019-13272 CVE-2019-13272 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2019-13272 - https://github.com/ONQLin/OS-CourseDesign +CVE-2019-13272 - https://github.com/RashmikaEkanayake/Privilege-Escalation-CVE-2019-13272- CVE-2019-13272 - https://github.com/S3cur3Th1sSh1t/Pentest-Tools CVE-2019-13272 - https://github.com/SexyBeast233/SecBooks CVE-2019-13272 - https://github.com/Snoopy-Sec/Localroot-ALL-CVE +CVE-2019-13272 - https://github.com/Tharana/Exploiting-a-Linux-kernel-vulnerability +CVE-2019-13272 - https://github.com/Tharana/vulnerability-exploitation CVE-2019-13272 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2019-13272 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-13272 - https://github.com/anoaghost/Localroot_Compile CVE-2019-13272 - https://github.com/bcoles/kernel-exploits +CVE-2019-13272 - https://github.com/bigbigliang-malwarebenchmark/cve-2019-13272 CVE-2019-13272 - https://github.com/cedelasen/htb-laboratory CVE-2019-13272 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-13272 - https://github.com/fei9747/LinuxEelvation @@ -24577,15 +26173,21 @@ CVE-2019-13272 - https://github.com/huike007/poc CVE-2019-13272 - https://github.com/icecliffs/Linux-For-Root CVE-2019-13272 - https://github.com/jas502n/CVE-2019-13272 CVE-2019-13272 - https://github.com/jiayy/android_vuln_poc-exp +CVE-2019-13272 - https://github.com/karlhat/Ksplice-demo CVE-2019-13272 - https://github.com/n3t1nv4d3/kernel-exploits CVE-2019-13272 - https://github.com/oneoy/CVE-2019-13272 +CVE-2019-13272 - https://github.com/polosec/CVE-2019-13272 CVE-2019-13272 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-13272 - https://github.com/rakjong/LinuxElevation +CVE-2019-13272 - https://github.com/severnake/Pentest-Tools +CVE-2019-13272 - https://github.com/sumedhaDharmasena/-Kernel-ptrace-c-mishandles-vulnerability-CVE-2019-13272 +CVE-2019-13272 - https://github.com/teddy47/CVE-2019-13272---Documentation CVE-2019-13272 - https://github.com/theyoge/AD-Pentesting-Tools CVE-2019-13272 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-13272 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-13272 - https://github.com/yedada-wei/- CVE-2019-13272 - https://github.com/yedada-wei/gongkaishouji +CVE-2019-1333 - https://github.com/tdcoming/Vulnerability-engine CVE-2019-1333 - https://github.com/tom0li/collection-document CVE-2019-13330 - https://github.com/googleprojectzero/winafl CVE-2019-13330 - https://github.com/hardik05/winafl-powermopt @@ -24597,6 +26199,7 @@ CVE-2019-13360 - https://github.com/i3umi3iei3ii/CentOS-Control-Web-Panel-CVE CVE-2019-13361 - https://github.com/0xT11/CVE-POC CVE-2019-13361 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-13361 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-13361 - https://github.com/lodi-g/CVE-2019-13361 CVE-2019-13376 - https://github.com/SexyBeast233/SecBooks CVE-2019-1338 - https://github.com/bodik/awesome-potatoes CVE-2019-1338 - https://github.com/preempt/ntlm-scanner @@ -24615,9 +26218,11 @@ CVE-2019-13392 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-13396 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-1340 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2019-13403 - https://github.com/0xT11/CVE-POC +CVE-2019-13403 - https://github.com/B3Bo1d/CVE-2019-13403 CVE-2019-13403 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-13403 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-13404 - https://github.com/0xT11/CVE-POC +CVE-2019-13404 - https://github.com/alidnf/CVE-2019-13404 CVE-2019-13404 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-13404 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-1342 - https://github.com/0xT11/CVE-POC @@ -24648,6 +26253,7 @@ CVE-2019-13496 - https://github.com/FurqanKhan1/CVE-2019-13496 CVE-2019-13496 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-13496 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-13497 - https://github.com/0xT11/CVE-POC +CVE-2019-13497 - https://github.com/FurqanKhan1/CVE-2019-13497 CVE-2019-13497 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-13497 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-13498 - https://github.com/0xT11/CVE-POC @@ -24658,10 +26264,12 @@ CVE-2019-13498 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-1350 - https://github.com/meherarfaoui09/meher CVE-2019-13503 - https://github.com/MyKings/security-study-tutorial CVE-2019-13503 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-13503 - https://github.com/hazedic/fuzzenv-exiv2 CVE-2019-13504 - https://github.com/0xT11/CVE-POC CVE-2019-13504 - https://github.com/MyKings/security-study-tutorial CVE-2019-13504 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-13504 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-13504 - https://github.com/hazedic/fuzzenv-exiv2 CVE-2019-13504 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-13506 - https://github.com/ossf-cve-benchmark/CVE-2019-13506 CVE-2019-1351 - https://github.com/0xT11/CVE-POC @@ -24674,37 +26282,46 @@ CVE-2019-1354 - https://github.com/meherarfaoui09/meher CVE-2019-13574 - https://github.com/0xT11/CVE-POC CVE-2019-13574 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-13574 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-13574 - https://github.com/masahiro331/CVE-2019-13574 CVE-2019-13599 - https://github.com/i3umi3iei3ii/CentOS-Control-Web-Panel-CVE CVE-2019-13600 - https://github.com/0xT11/CVE-POC CVE-2019-13600 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-13600 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-13603 - https://github.com/sungjungk/fp-scanner-hacking +CVE-2019-13604 - https://github.com/sungjungk/fp-img-key-crack CVE-2019-13605 - https://github.com/i3umi3iei3ii/CentOS-Control-Web-Panel-CVE CVE-2019-13621 - https://github.com/sungjungk/fp-scanner-hacking CVE-2019-13627 - https://github.com/garethr/snykout CVE-2019-13627 - https://github.com/simonsdave/clair-cicd CVE-2019-13633 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-13633 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-13636 - https://github.com/irsl/gnu-patch-vulnerabilities +CVE-2019-13638 - https://github.com/irsl/gnu-patch-vulnerabilities CVE-2019-1367 - https://github.com/0xT11/CVE-POC CVE-2019-1367 - https://github.com/HackOvert/awesome-bugs CVE-2019-1367 - https://github.com/Panopticon-Project/panopticon-DarkHotel CVE-2019-1367 - https://github.com/alphaSeclab/sec-daily-2020 +CVE-2019-1367 - https://github.com/cufarvid/Tools CVE-2019-1367 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-1367 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-1367 - https://github.com/mandarenmanman/CVE-2019-1367 CVE-2019-1367 - https://github.com/wugedz/CVEs CVE-2019-13685 - https://github.com/allpaca/chrome-sbx-db CVE-2019-13686 - https://github.com/allpaca/chrome-sbx-db CVE-2019-13687 - https://github.com/allpaca/chrome-sbx-db CVE-2019-13688 - https://github.com/allpaca/chrome-sbx-db CVE-2019-13693 - https://github.com/allpaca/chrome-sbx-db +CVE-2019-13694 - https://github.com/james0x40/chrome-webrtc-pocs CVE-2019-13695 - https://github.com/allpaca/chrome-sbx-db CVE-2019-13699 - https://github.com/allpaca/chrome-sbx-db CVE-2019-13700 - https://github.com/allpaca/chrome-sbx-db CVE-2019-1372 - https://github.com/ashdsetty/Detection CVE-2019-13720 - https://github.com/0xT11/CVE-POC +CVE-2019-13720 - https://github.com/ChoKyuWon/CVE-2019-13720 CVE-2019-13720 - https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections CVE-2019-13720 - https://github.com/De4dCr0w/Browser-pwn CVE-2019-13720 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-13720 - https://github.com/cve-2019-13720/cve-2019-13720 CVE-2019-13720 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-13720 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-13720 - https://github.com/qazbnm456/awesome-cve-poc @@ -24728,6 +26345,7 @@ CVE-2019-1385 - https://github.com/deadjakk/patch-checker CVE-2019-1385 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-1385 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-1385 - https://github.com/hlldz/dazzleUP +CVE-2019-1385 - https://github.com/klinix5/CVE-2019-1385 CVE-2019-1385 - https://github.com/lawrenceamer/0xsp-Mongoose CVE-2019-1385 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2019-1387 - https://github.com/meherarfaoui09/meher @@ -24736,8 +26354,10 @@ CVE-2019-1388 - https://github.com/Ascotbe/Kernelhub CVE-2019-1388 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-1388 - https://github.com/Faridbg/THM_Advent_of_Cyber CVE-2019-1388 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2019-1388 - https://github.com/Mrq123/solo-blog CVE-2019-1388 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2019-1388 - https://github.com/SexyBeast233/SecBooks +CVE-2019-1388 - https://github.com/TCM-Course-Resources/Windows-Privilege-Escalation-Resources CVE-2019-1388 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2019-1388 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-1388 - https://github.com/chriskaliX/AD-Pentest-Notes @@ -24749,11 +26369,14 @@ CVE-2019-1388 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-1388 - https://github.com/hlldz/dazzleUP CVE-2019-1388 - https://github.com/huike007/penetration_poc CVE-2019-1388 - https://github.com/huike007/poc +CVE-2019-1388 - https://github.com/is0late/Tools CVE-2019-1388 - https://github.com/izj007/wechat CVE-2019-1388 - https://github.com/jas502n/CVE-2019-1388 +CVE-2019-1388 - https://github.com/jaychouzzk/CVE-2019-1388 CVE-2019-1388 - https://github.com/lawrenceamer/0xsp-Mongoose CVE-2019-1388 - https://github.com/mai-lang-chai/System-Vulnerability CVE-2019-1388 - https://github.com/merlinxcy/ToolBox +CVE-2019-1388 - https://github.com/nickswink/Retro-Writeup CVE-2019-1388 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-1388 - https://github.com/superhero1/OSCP-Prep CVE-2019-1388 - https://github.com/sv3nbeast/CVE-2019-1388 @@ -24770,6 +26393,7 @@ CVE-2019-13955 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-13956 - https://github.com/0xT11/CVE-POC CVE-2019-13956 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-13956 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-13956 - https://github.com/rhbb/CVE-2019-13956 CVE-2019-13992 - https://github.com/404notf0und/CVE-Flow CVE-2019-13994 - https://github.com/404notf0und/CVE-Flow CVE-2019-13995 - https://github.com/404notf0und/CVE-Flow @@ -24778,14 +26402,17 @@ CVE-2019-13999 - https://github.com/404notf0und/CVE-Flow CVE-2019-1402 - https://github.com/0xT11/CVE-POC CVE-2019-1402 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-1402 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-1402 - https://github.com/lauxjpn/CorruptQueryAccessWorkaround CVE-2019-14025 - https://github.com/404notf0und/CVE-Flow CVE-2019-14040 - https://github.com/0xT11/CVE-POC CVE-2019-14040 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14040 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-14040 - https://github.com/tamirzb/CVE-2019-14040 CVE-2019-14040 - https://github.com/xairy/linux-kernel-exploitation CVE-2019-14041 - https://github.com/0xT11/CVE-POC CVE-2019-14041 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14041 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-14041 - https://github.com/tamirzb/CVE-2019-14041 CVE-2019-14041 - https://github.com/xairy/linux-kernel-exploitation CVE-2019-1405 - https://github.com/0xT11/CVE-POC CVE-2019-1405 - https://github.com/Al1ex/WindowsElevation @@ -24805,6 +26432,7 @@ CVE-2019-1405 - https://github.com/hlldz/dazzleUP CVE-2019-1405 - https://github.com/huike007/penetration_poc CVE-2019-1405 - https://github.com/huike007/poc CVE-2019-1405 - https://github.com/lawrenceamer/0xsp-Mongoose +CVE-2019-1405 - https://github.com/pengusec/awesome-netsec-articles CVE-2019-1405 - https://github.com/shubham0d/SymBlock CVE-2019-1405 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-1405 - https://github.com/ycdxsb/WindowsPrivilegeEscalation @@ -24842,6 +26470,7 @@ CVE-2019-1422 - https://github.com/ze0r/cve-2019-1422 CVE-2019-14220 - https://github.com/0xT11/CVE-POC CVE-2019-14220 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14220 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-14221 - https://github.com/cccaaasser/1CRM-CVE CVE-2019-14223 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-14223 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-14223 - https://github.com/sobinge/nuclei-templates @@ -24859,60 +26488,102 @@ CVE-2019-14246 - https://github.com/i3umi3iei3ii/CentOS-Control-Web-Panel-CVE CVE-2019-14267 - https://github.com/0xT11/CVE-POC CVE-2019-14267 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14267 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-14267 - https://github.com/snappyJack/pdfresurrect_CVE-2019-14267 +CVE-2019-14271 - https://github.com/Metarget/cloud-native-security-book CVE-2019-14271 - https://github.com/Metarget/metarget CVE-2019-14271 - https://github.com/PercussiveElbow/docker-escape-tool CVE-2019-14271 - https://github.com/SexyBeast233/SecBooks CVE-2019-14271 - https://github.com/SugarP1g/LearningSecurity CVE-2019-14271 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-14271 - https://github.com/chrisguest75/docker_build_examples +CVE-2019-14271 - https://github.com/heroku/bheu19-attacking-cloud-builds CVE-2019-14271 - https://github.com/ssst0n3/docker_archive +CVE-2019-14277 - https://github.com/ugur-ercan/exploit-collection CVE-2019-14277 - https://github.com/zeropwn/vulnerability-reports-and-pocs CVE-2019-14277 - https://github.com/zeropwn/zeropwn CVE-2019-14287 - https://github.com/0xT11/CVE-POC CVE-2019-14287 - https://github.com/AfvanMoopen/tryhackme- +CVE-2019-14287 - https://github.com/CMNatic/Dockerized-CVE-2019-14287 +CVE-2019-14287 - https://github.com/CMNatic/UoG-CTF +CVE-2019-14287 - https://github.com/CashWilliams/CVE-2019-14287-demo +CVE-2019-14287 - https://github.com/DewmiApsara/CVE-2019-14287 +CVE-2019-14287 - https://github.com/FauxFaux/sudo-cve-2019-14287 CVE-2019-14287 - https://github.com/Getshell/LinuxTQ +CVE-2019-14287 - https://github.com/HussyCool/CVE-2019-14287-IT18030372- +CVE-2019-14287 - https://github.com/Janette88/cve-2019-14287sudoexp +CVE-2019-14287 - https://github.com/RoqueNight/Linux-Privilege-Escalation-Basics +CVE-2019-14287 - https://github.com/SachinthaDeSilva-cmd/Exploit-CVE-2019-14287 CVE-2019-14287 - https://github.com/SexyBeast233/SecBooks +CVE-2019-14287 - https://github.com/ShianTrish/sudo-Security-Bypass-vulnerability-CVE-2019-14287 +CVE-2019-14287 - https://github.com/Sindadziy/cve-2019-14287 +CVE-2019-14287 - https://github.com/Sindayifu/CVE-2019-14287-CVE-2014-6271 CVE-2019-14287 - https://github.com/Sithma/SNP +CVE-2019-14287 - https://github.com/TCM-Course-Resources/Linux-Privilege-Escalation-Resources +CVE-2019-14287 - https://github.com/Tharana/Exploiting-a-Linux-kernel-vulnerability +CVE-2019-14287 - https://github.com/Tharana/vulnerability-exploitation +CVE-2019-14287 - https://github.com/agariy/MyFirstWebShell CVE-2019-14287 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-14287 - https://github.com/axax002/sudo-vulnerability-CVE-2019-14287 +CVE-2019-14287 - https://github.com/bianfusia/CTF-writeup CVE-2019-14287 - https://github.com/catsecorg/CatSec-TryHackMe-WriteUps CVE-2019-14287 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-14287 - https://github.com/dhniroshan/offensive_hacking +CVE-2019-14287 - https://github.com/ejlevin99/Sudo-Security-Bypass-Vulnerability CVE-2019-14287 - https://github.com/emtuls/Awesome-Cyber-Security-List +CVE-2019-14287 - https://github.com/gurneesh/CVE-2019-14287-write-up CVE-2019-14287 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-14287 - https://github.com/huang919/cve-2019-14287-PPT +CVE-2019-14287 - https://github.com/janod313/-CVE-2019-14287-SUDO-bypass-vulnerability CVE-2019-14287 - https://github.com/jordansinclair1990/TryHackMeAgentSudo CVE-2019-14287 - https://github.com/mai-lang-chai/System-Vulnerability +CVE-2019-14287 - https://github.com/malangalothbrok/linux-bypass CVE-2019-14287 - https://github.com/malangalothbrok/sudo-linux-bypass CVE-2019-14287 - https://github.com/n0w4n/CVE-2019-14287 CVE-2019-14287 - https://github.com/shallvhack/Sudo-Security-Bypass-CVE-2019-14287 CVE-2019-14287 - https://github.com/shashihacks/OSCP CVE-2019-14287 - https://github.com/shrishtydayal2304/100-days-of-code CVE-2019-14287 - https://github.com/stefanman125/CyberSci-pizzashop +CVE-2019-14287 - https://github.com/thinuri99/Sudo-Security-Bypass-Vulnerability-CVE-2019-14287- +CVE-2019-14287 - https://github.com/wenyu1999/sudo- CVE-2019-14287 - https://github.com/xyongcn/exploit CVE-2019-14312 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-14314 - https://github.com/0xT11/CVE-POC CVE-2019-14314 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14314 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-14314 - https://github.com/imthoe/CVE-2019-14314 CVE-2019-14318 - https://github.com/crocs-muni/ECTester CVE-2019-14319 - https://github.com/0xT11/CVE-POC +CVE-2019-14319 - https://github.com/MelroyB/CVE-2019-14319 CVE-2019-14319 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14319 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-14322 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-14322 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-14322 - https://github.com/EmreOvunc/Odoo-12.0-LFI-Vulnerabilities CVE-2019-14322 - https://github.com/sobinge/nuclei-templates +CVE-2019-14325 - https://github.com/seqred-s-a/cve-2019-14326 CVE-2019-14326 - https://github.com/0xT11/CVE-POC CVE-2019-14326 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14326 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-14326 - https://github.com/seqred-s-a/cve-2019-14326 CVE-2019-14339 - https://github.com/0x48piraj/CVE-2019-14339 CVE-2019-14339 - https://github.com/0xT11/CVE-POC CVE-2019-14339 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14339 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-14363 - https://github.com/reevesrs24/CVE CVE-2019-14378 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-14379 - https://github.com/diakogiannis/moviebook +CVE-2019-14379 - https://github.com/galimba/Jackson-deserialization-PoC CVE-2019-14379 - https://github.com/heike2718/commons +CVE-2019-14379 - https://github.com/ilmari666/cybsec CVE-2019-14407 - https://github.com/SpiderLabs/cve_server CVE-2019-14439 - https://github.com/0xT11/CVE-POC CVE-2019-14439 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-14439 - https://github.com/diakogiannis/moviebook +CVE-2019-14439 - https://github.com/galimba/Jackson-deserialization-PoC CVE-2019-14439 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-14439 - https://github.com/heike2718/commons +CVE-2019-14439 - https://github.com/ilmari666/cybsec +CVE-2019-14439 - https://github.com/jas502n/CVE-2019-14439 CVE-2019-14450 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14450 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-14451 - https://github.com/developer3000S/PoC-in-GitHub @@ -24921,15 +26592,19 @@ CVE-2019-14470 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-14514 - https://github.com/0xT11/CVE-POC CVE-2019-14514 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14514 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-14514 - https://github.com/seqred-s-a/cve-2019-14514 CVE-2019-14521 - https://github.com/afinepl/research CVE-2019-14529 - https://github.com/0xT11/CVE-POC +CVE-2019-14529 - https://github.com/Wezery/CVE-2019-14529 CVE-2019-14529 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14529 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-14530 - https://github.com/0xT11/CVE-POC CVE-2019-14530 - https://github.com/Hacker5preme/Exploits +CVE-2019-14530 - https://github.com/Wezery/CVE-2019-14530 CVE-2019-14530 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14530 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-14537 - https://github.com/0xT11/CVE-POC +CVE-2019-14537 - https://github.com/Wocanilo/CVE-2019-14537 CVE-2019-14537 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14537 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-14540 - https://github.com/0xT11/CVE-POC @@ -24939,12 +26614,15 @@ CVE-2019-14540 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2019-14540 - https://github.com/SexyBeast233/SecBooks CVE-2019-14540 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14540 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-14540 - https://github.com/ilmari666/cybsec CVE-2019-14540 - https://github.com/kiwitcms/junit-plugin CVE-2019-14540 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +CVE-2019-14540 - https://github.com/yahoo/cubed CVE-2019-1458 - https://github.com/0xT11/CVE-POC CVE-2019-1458 - https://github.com/0xpetros/windows-privilage-escalation CVE-2019-1458 - https://github.com/Ascotbe/Kernelhub CVE-2019-1458 - https://github.com/CnHack3r/Penetration_PoC +CVE-2019-1458 - https://github.com/DreamoneOnly/CVE-2019-1458-malware CVE-2019-1458 - https://github.com/FULLSHADE/WindowsExploitationResources CVE-2019-1458 - https://github.com/Jkrasher/WindowsThreatResearch_JKrasher CVE-2019-1458 - https://github.com/Mr-xn/Penetration_Testing_POC @@ -24966,9 +26644,11 @@ CVE-2019-1458 - https://github.com/huike007/poc CVE-2019-1458 - https://github.com/mishmashclone/SecWiki-windows-kernel-exploits CVE-2019-1458 - https://github.com/nicolas-gagnon/windows-kernel-exploits CVE-2019-1458 - https://github.com/paramint/windows-kernel-exploits +CVE-2019-1458 - https://github.com/piotrflorczyk/cve-2019-1458_POC CVE-2019-1458 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-1458 - https://github.com/root26/bug CVE-2019-1458 - https://github.com/safesword/WindowsExp +CVE-2019-1458 - https://github.com/unamer/CVE-2019-1458 CVE-2019-1458 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-1458 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-1458 - https://github.com/ycdxsb/WindowsPrivilegeEscalation @@ -24986,20 +26666,26 @@ CVE-2019-14694 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-14696 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-14696 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-14696 - https://github.com/sobinge/nuclei-templates +CVE-2019-14697 - https://github.com/admmasters/docker-node10 +CVE-2019-14697 - https://github.com/admmasters/docker-node12 CVE-2019-14697 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-14697 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2019-14697 - https://github.com/umahari/security +CVE-2019-14697 - https://github.com/vinamra28/tekton-image-scan-trivy CVE-2019-14744 - https://github.com/zeropwn/vulnerability-reports-and-pocs CVE-2019-14744 - https://github.com/zeropwn/zeropwn CVE-2019-14745 - https://github.com/0xT11/CVE-POC CVE-2019-14745 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14745 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-14745 - https://github.com/xooxo/CVE-2019-14745 CVE-2019-14751 - https://github.com/0xT11/CVE-POC CVE-2019-14751 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14751 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-14751 - https://github.com/mssalvatore/CVE-2019-14751_PoC CVE-2019-1476 - https://github.com/0xT11/CVE-POC CVE-2019-1476 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-1476 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-1476 - https://github.com/sgabe/CVE-2019-1476 CVE-2019-1476 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2019-1477 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-1477 - https://github.com/hectorgie/PoC-in-GitHub @@ -25007,23 +26693,34 @@ CVE-2019-1477 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2019-14772 - https://github.com/ossf-cve-benchmark/CVE-2019-14772 CVE-2019-1481 - https://github.com/barrracud4/image-upload-exploits CVE-2019-14811 - https://github.com/barrracud4/image-upload-exploits +CVE-2019-14811 - https://github.com/hhc0null/GhostRule CVE-2019-14812 - https://github.com/barrracud4/image-upload-exploits +CVE-2019-14812 - https://github.com/hhc0null/GhostRule CVE-2019-14813 - https://github.com/barrracud4/image-upload-exploits +CVE-2019-14813 - https://github.com/hhc0null/GhostRule CVE-2019-1483 - https://github.com/0xT11/CVE-POC CVE-2019-1483 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-1483 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-1483 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2019-14830 - https://github.com/0xT11/CVE-POC +CVE-2019-14830 - https://github.com/Fr3d-/moodle-token-stealer CVE-2019-14830 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14830 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-14835 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-14835 - https://github.com/kaosagnt/ansible-everyday +CVE-2019-14838 - https://github.com/cbsuresh/rh6_jbosseap724 +CVE-2019-14843 - https://github.com/cbsuresh/rh6_jbosseap724 CVE-2019-14850 - https://github.com/cttynul/ana +CVE-2019-14855 - https://github.com/SHA-mbles/SHA-mbles.github.io CVE-2019-14855 - https://github.com/garethr/snykout CVE-2019-14855 - https://github.com/hannob/pgpbugs CVE-2019-14862 - https://github.com/ossf-cve-benchmark/CVE-2019-14862 +CVE-2019-14865 - https://github.com/taviso/scanlimits +CVE-2019-14889 - https://github.com/tom-dell/CVELK CVE-2019-14892 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2019-14893 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2019-14893 - https://github.com/yahoo/cubed +CVE-2019-14899 - https://github.com/SailfishOS-sdm660/SailfishOS_Kernel_Defconfig CVE-2019-14899 - https://github.com/Whonix/security-misc CVE-2019-14899 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14899 - https://github.com/hectorgie/PoC-in-GitHub @@ -25031,8 +26728,10 @@ CVE-2019-14899 - https://github.com/slingamn/namespaced-openvpn CVE-2019-14900 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14907 - https://github.com/google/honggfuzz CVE-2019-14912 - https://github.com/0xT11/CVE-POC +CVE-2019-14912 - https://github.com/Wocanilo/adaPwn CVE-2019-14912 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-14912 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-14941 - https://github.com/nathunandwani/shareit-cwe-789 CVE-2019-14974 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-14974 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-14974 - https://github.com/sobinge/nuclei-templates @@ -25045,22 +26744,26 @@ CVE-2019-15001 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-15029 - https://github.com/0xT11/CVE-POC CVE-2019-15029 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-15029 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-15029 - https://github.com/mhaskar/CVE-2019-15029 CVE-2019-15043 - https://github.com/0xT11/CVE-POC CVE-2019-15043 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-15043 - https://github.com/DNTYO/F5_Vulnerability CVE-2019-15043 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-15043 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-15043 - https://github.com/h0ffayyy/CVE-2019-15043 CVE-2019-15043 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-15043 - https://github.com/n1sh1th/CVE-POC CVE-2019-15043 - https://github.com/sobinge/nuclei-templates CVE-2019-15053 - https://github.com/0xT11/CVE-POC CVE-2019-15053 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-15053 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-15053 - https://github.com/l0nax/CVE-2019-15053 CVE-2019-15055 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-15063 - https://github.com/engn33r/awesome-bluetooth-security CVE-2019-15078 - https://github.com/sjmini/icse2020-Solidity CVE-2019-15079 - https://github.com/sjmini/icse2020-Solidity CVE-2019-15080 - https://github.com/sjmini/icse2020-Solidity +CVE-2019-15081 - https://github.com/nipunsomani/Opencart-3.x.x-Authenticated-Stored-XSS CVE-2019-15092 - https://github.com/301415926/PENTESTING-BIBLE CVE-2019-15092 - https://github.com/84KaliPleXon3/PENTESTING-BIBLE CVE-2019-15092 - https://github.com/Mathankumar2701/ALL-PENTESTING-BIBLE @@ -25087,46 +26790,71 @@ CVE-2019-15107 - https://github.com/0xaniketB/TryHackMe-Wreath CVE-2019-15107 - https://github.com/3gstudent/Homework-of-Python CVE-2019-15107 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-15107 - https://github.com/AdministratorGithub/CVE-2019-15107 +CVE-2019-15107 - https://github.com/AleWong/WebminRCE-EXP-CVE-2019-15107- +CVE-2019-15107 - https://github.com/ChakoMoonFish/webmin_CVE-2019-15107 CVE-2019-15107 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-15107 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2019-15107 - https://github.com/HACHp1/webmin_docker_and_exp CVE-2019-15107 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2019-15107 - https://github.com/Pichuuuuu/CVE-2019-15107 +CVE-2019-15107 - https://github.com/Rayferrufino/Make-and-Break CVE-2019-15107 - https://github.com/SexyBeast233/SecBooks CVE-2019-15107 - https://github.com/YIXINSHUWU/Penetration_Testing_POC +CVE-2019-15107 - https://github.com/YeezyTaughtMe1/HTB-Postman +CVE-2019-15107 - https://github.com/cd6629/Python-scripts +CVE-2019-15107 - https://github.com/chalern/Pentest-Tools CVE-2019-15107 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-15107 - https://github.com/fengjixuchui/RedTeamer +CVE-2019-15107 - https://github.com/fofapro/vulfocus +CVE-2019-15107 - https://github.com/foxsin34/WebMin-1.890-Exploit-unauthorized-RCE +CVE-2019-15107 - https://github.com/g0db0x/CVE_2019_15107 CVE-2019-15107 - https://github.com/hanc00l/some_pocsuite +CVE-2019-15107 - https://github.com/hannob/webminex CVE-2019-15107 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-15107 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-15107 - https://github.com/huike007/penetration_poc CVE-2019-15107 - https://github.com/huike007/poc +CVE-2019-15107 - https://github.com/ianxtianxt/CVE-2019-15107 CVE-2019-15107 - https://github.com/jas502n/CVE-2019-15107 CVE-2019-15107 - https://github.com/jas502n/CVE-2019-15642 +CVE-2019-15107 - https://github.com/ketlerd/CVE-2019-15107 +CVE-2019-15107 - https://github.com/lonehand/TIPS CVE-2019-15107 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-15107 - https://github.com/sobinge/nuclei-templates CVE-2019-15107 - https://github.com/tom0li/collection-document +CVE-2019-15107 - https://github.com/ugur-ercan/exploit-collection +CVE-2019-15107 - https://github.com/whokilleddb/CVE-2019-15107 CVE-2019-15107 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-15107 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-15107 - https://github.com/yedada-wei/- CVE-2019-15107 - https://github.com/yedada-wei/gongkaishouji CVE-2019-15120 - https://github.com/0xT11/CVE-POC CVE-2019-15120 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-15120 - https://github.com/h3llraiser/CVE-2019-15120 CVE-2019-15120 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-15126 - https://github.com/0x13enny/kr00k CVE-2019-15126 - https://github.com/0xT11/CVE-POC CVE-2019-15126 - https://github.com/Astrogeorgeonethree/Starred CVE-2019-15126 - https://github.com/WinMin/Protocol-Vul CVE-2019-15126 - https://github.com/akabe1/kr00ker CVE-2019-15126 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-15126 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-15126 - https://github.com/hexway/r00kie-kr00kie CVE-2019-15126 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-15126 - https://github.com/raw-packet/raw-packet CVE-2019-15126 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-15224 - https://github.com/0xT11/CVE-POC +CVE-2019-15224 - https://github.com/chef-cft/inspec_cve_2019_15224 CVE-2019-15224 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-15224 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-15225 - https://github.com/dgn/killenvoy +CVE-2019-15231 - https://github.com/hannob/webminex CVE-2019-15231 - https://github.com/p1ay8y3ar/cve_monitor CVE-2019-15233 - https://github.com/0xT11/CVE-POC CVE-2019-15233 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-15233 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-15233 - https://github.com/l0nax/CVE-2019-15233 +CVE-2019-15234 - https://github.com/nathunandwani/shareit-cwe-789 CVE-2019-15253 - https://github.com/Orange-Cyberdefense/CVE-repository CVE-2019-15293 - https://github.com/googleprojectzero/winafl CVE-2019-15315 - https://github.com/hazcod/security-slacker @@ -25140,38 +26868,58 @@ CVE-2019-1539 - https://github.com/404notf0und/CVE-Flow CVE-2019-1540 - https://github.com/404notf0und/CVE-Flow CVE-2019-1541 - https://github.com/404notf0und/CVE-Flow CVE-2019-1542 - https://github.com/404notf0und/CVE-Flow +CVE-2019-1543 - https://github.com/KorayAgaya/TrivyWeb CVE-2019-1543 - https://github.com/aquasecurity/trivy +CVE-2019-1543 - https://github.com/fhirfactory/pegacorn-scanner-trivy +CVE-2019-1543 - https://github.com/georgearce24/aquasecurity-trivy +CVE-2019-1543 - https://github.com/immydestiny/trivy-file +CVE-2019-1543 - https://github.com/jntass/TASSL-1.1.1k +CVE-2019-1543 - https://github.com/justPray/1122 +CVE-2019-1543 - https://github.com/kaisenlinux/trivy CVE-2019-1543 - https://github.com/pottava/trivy-restapi CVE-2019-1543 - https://github.com/ronomon/crypto-async CVE-2019-1543 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-1543 - https://github.com/simiyo/trivy CVE-2019-1543 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers +CVE-2019-1543 - https://github.com/thecyberbaby/Trivy-by-aquaSecurity CVE-2019-1543 - https://github.com/umahari/security CVE-2019-1544 - https://github.com/404notf0und/CVE-Flow CVE-2019-1545 - https://github.com/404notf0und/CVE-Flow CVE-2019-1546 - https://github.com/404notf0und/CVE-Flow +CVE-2019-1547 - https://github.com/djschleen/ash +CVE-2019-1547 - https://github.com/jntass/TASSL-1.1.1k CVE-2019-1547 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-1547 - https://github.com/simiyo/trivy CVE-2019-1547 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers +CVE-2019-1547 - https://github.com/thecyberbaby/Trivy-by-aquaSecurity CVE-2019-1547 - https://github.com/umahari/security +CVE-2019-1547 - https://github.com/vinamra28/tekton-image-scan-trivy CVE-2019-15478 - https://github.com/ossf-cve-benchmark/CVE-2019-15478 CVE-2019-15479 - https://github.com/ossf-cve-benchmark/CVE-2019-15479 CVE-2019-1548 - https://github.com/404notf0und/CVE-Flow CVE-2019-15482 - https://github.com/ossf-cve-benchmark/CVE-2019-15482 +CVE-2019-1549 - https://github.com/djschleen/ash +CVE-2019-1549 - https://github.com/jntass/TASSL-1.1.1k CVE-2019-1549 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-1549 - https://github.com/simiyo/trivy CVE-2019-1549 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers +CVE-2019-1549 - https://github.com/thecyberbaby/Trivy-by-aquaSecurity CVE-2019-1549 - https://github.com/umahari/security +CVE-2019-1549 - https://github.com/vinamra28/tekton-image-scan-trivy CVE-2019-1550 - https://github.com/404notf0und/CVE-Flow CVE-2019-15501 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-1551 - https://github.com/garethr/snykout CVE-2019-1551 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-1551 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers +CVE-2019-1551 - https://github.com/thecyberbaby/Trivy-by-aquaSecurity CVE-2019-1551 - https://github.com/umahari/security +CVE-2019-1551 - https://github.com/vinamra28/tekton-image-scan-trivy CVE-2019-15511 - https://github.com/0xT11/CVE-POC +CVE-2019-15511 - https://github.com/adenkiewicz/CVE-2019-15511 CVE-2019-15511 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-15511 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-15514 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2019-1552 - https://github.com/jntass/TASSL-1.1.1k CVE-2019-15529 - https://github.com/SexyBeast233/SecBooks CVE-2019-1553 - https://github.com/404notf0und/CVE-Flow CVE-2019-15532 - https://github.com/ossf-cve-benchmark/CVE-2019-15532 @@ -25194,26 +26942,34 @@ CVE-2019-1557 - https://github.com/404notf0und/CVE-Flow CVE-2019-1558 - https://github.com/404notf0und/CVE-Flow CVE-2019-15588 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-15588 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-15588 - https://github.com/tdcoming/Vulnerability-engine +CVE-2019-1559 - https://github.com/daTourist/Centos-6-openssl-1.0.1e-58.pd1trfir CVE-2019-1559 - https://github.com/revl-ca/scan-docker-image CVE-2019-1559 - https://github.com/tls-attacker/TLS-Padding-Oracles CVE-2019-1560 - https://github.com/404notf0und/CVE-Flow CVE-2019-15605 - https://github.com/0xT11/CVE-POC CVE-2019-15605 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-15605 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-15605 - https://github.com/jlcarruda/node-poc-http-smuggling CVE-2019-15606 - https://github.com/0xT11/CVE-POC CVE-2019-1561 - https://github.com/404notf0und/CVE-Flow CVE-2019-15614 - https://github.com/Eriner/eriner CVE-2019-1562 - https://github.com/404notf0und/CVE-Flow CVE-2019-15628 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-1563 - https://github.com/djschleen/ash +CVE-2019-1563 - https://github.com/jntass/TASSL-1.1.1k CVE-2019-1563 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-1563 - https://github.com/simiyo/trivy CVE-2019-1563 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers +CVE-2019-1563 - https://github.com/thecyberbaby/Trivy-by-aquaSecurity CVE-2019-1563 - https://github.com/umahari/security +CVE-2019-1563 - https://github.com/vinamra28/tekton-image-scan-trivy CVE-2019-1564 - https://github.com/404notf0und/CVE-Flow CVE-2019-15642 - https://github.com/0xT11/CVE-POC CVE-2019-15642 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-15642 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2019-15642 - https://github.com/YIXINSHUWU/Penetration_Testing_POC +CVE-2019-15642 - https://github.com/chalern/Pentest-Tools CVE-2019-15642 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-15642 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-15642 - https://github.com/hectorgie/PoC-in-GitHub @@ -25236,19 +26992,27 @@ CVE-2019-15666 - https://github.com/siddicky/yotjf CVE-2019-15689 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-15713 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-15715 - https://github.com/SexyBeast233/SecBooks +CVE-2019-15745 - https://github.com/iamckn/eques CVE-2019-1579 - https://github.com/0xT11/CVE-POC CVE-2019-1579 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-1579 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-1579 - https://github.com/fischbach/gp_vulnerability CVE-2019-1579 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-1579 - https://github.com/pengusec/awesome-netsec-articles +CVE-2019-1579 - https://github.com/r0eXpeR/supplier CVE-2019-1579 - https://github.com/securifera/CVE-2019-1579 +CVE-2019-15799 - https://github.com/jasperla/realtek_turnkey_decrypter +CVE-2019-15801 - https://github.com/jasperla/realtek_turnkey_decrypter CVE-2019-15802 - https://github.com/0xT11/CVE-POC CVE-2019-15802 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-15802 - https://github.com/jasperla/realtek_turnkey_decrypter CVE-2019-15813 - https://github.com/0xT11/CVE-POC CVE-2019-15813 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-15813 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-15846 - https://github.com/0xT11/CVE-POC CVE-2019-15846 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-15846 - https://github.com/area1/exim-cve-2019-10149-data +CVE-2019-15846 - https://github.com/d3k4z/nmap-cve2019-15846 CVE-2019-15846 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-15846 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-15846 - https://github.com/iGotRootSRC/Dorkers @@ -25266,9 +27030,16 @@ CVE-2019-15859 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-15859 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-15866 - https://github.com/SexyBeast233/SecBooks CVE-2019-15889 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2019-15910 - https://github.com/chengcheng227/CVE-POC +CVE-2019-15911 - https://github.com/chengcheng227/CVE-POC +CVE-2019-15912 - https://github.com/chengcheng227/CVE-POC +CVE-2019-15913 - https://github.com/chengcheng227/CVE-POC +CVE-2019-15914 - https://github.com/chengcheng227/CVE-POC +CVE-2019-15915 - https://github.com/chengcheng227/CVE-POC CVE-2019-15947 - https://github.com/oxagast/oxasploits CVE-2019-15949 - https://github.com/AfvanMoopen/tryhackme- CVE-2019-15949 - https://github.com/catsecorg/CatSec-TryHackMe-WriteUps +CVE-2019-15949 - https://github.com/jakgibb/nagiosxi-root-rce-exploit CVE-2019-15972 - https://github.com/0xT11/CVE-POC CVE-2019-15972 - https://github.com/FSecureLABS/Cisco-UCM-SQLi-Scripts CVE-2019-15972 - https://github.com/developer3000S/PoC-in-GitHub @@ -25277,15 +27048,23 @@ CVE-2019-15975 - https://github.com/epi052/CiscoNotes CVE-2019-15976 - https://github.com/epi052/CiscoNotes CVE-2019-15977 - https://github.com/epi052/CiscoNotes CVE-2019-1609 - https://github.com/dacade/cve-2019-16097 +CVE-2019-1609 - https://github.com/tdcoming/Vulnerability-engine CVE-2019-16097 - https://github.com/0xT11/CVE-POC CVE-2019-16097 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-16097 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-16097 - https://github.com/SexyBeast233/SecBooks +CVE-2019-16097 - https://github.com/TeraSecTeam/ary CVE-2019-16097 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-16097 - https://github.com/dacade/cve-2019-16097 CVE-2019-16097 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-16097 - https://github.com/evilAdan0s/CVE-2019-16097 CVE-2019-16097 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-16097 - https://github.com/ianxtianxt/CVE-2019-16097 +CVE-2019-16097 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection +CVE-2019-16097 - https://github.com/luckybool1020/CVE-2019-16097 +CVE-2019-16097 - https://github.com/rockmelodies/CVE-2019-16097-batch CVE-2019-16097 - https://github.com/tdtc7/qps +CVE-2019-16097 - https://github.com/theLSA/harbor-give-me-admin CVE-2019-16098 - https://github.com/0xT11/CVE-POC CVE-2019-16098 - https://github.com/Barakat/CVE-2019-16098 CVE-2019-16098 - https://github.com/ExpLife0011/awesome-windows-kernel-security-development @@ -25297,15 +27076,21 @@ CVE-2019-16098 - https://github.com/pravinsrc/NOTES-windows-kernel-links CVE-2019-16112 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2019-16113 - https://github.com/0xT11/CVE-POC CVE-2019-16113 - https://github.com/cocomelonc/vulnexipy +CVE-2019-16113 - https://github.com/cybervaca/CVE-2019-16113 CVE-2019-16113 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-16113 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-16113 - https://github.com/ynots0ups/CVE-2019-16113 CVE-2019-16116 - https://github.com/RhinoSecurityLabs/CVEs CVE-2019-16116 - https://github.com/sunzu94/AWS-CVEs +CVE-2019-16117 - https://github.com/El-Palomo/EVM1 +CVE-2019-16118 - https://github.com/El-Palomo/EVM1 +CVE-2019-16119 - https://github.com/El-Palomo/EVM1 CVE-2019-16123 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-16131 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-16131 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2019-16131 - https://github.com/SexyBeast233/SecBooks CVE-2019-16131 - https://github.com/YIXINSHUWU/Penetration_Testing_POC +CVE-2019-16131 - https://github.com/chalern/Pentest-Tools CVE-2019-16131 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-16131 - https://github.com/huike007/penetration_poc CVE-2019-16131 - https://github.com/huike007/poc @@ -25316,6 +27101,7 @@ CVE-2019-16132 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-16132 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2019-16132 - https://github.com/SexyBeast233/SecBooks CVE-2019-16132 - https://github.com/YIXINSHUWU/Penetration_Testing_POC +CVE-2019-16132 - https://github.com/chalern/Pentest-Tools CVE-2019-16132 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-16132 - https://github.com/huike007/penetration_poc CVE-2019-16132 - https://github.com/huike007/poc @@ -25330,14 +27116,17 @@ CVE-2019-16141 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2019-16142 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2019-16144 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2019-16163 - https://github.com/kkos/oniguruma +CVE-2019-16163 - https://github.com/onivim/esy-oniguruma CVE-2019-16163 - https://github.com/winlibs/oniguruma CVE-2019-16168 - https://github.com/garethr/snykout +CVE-2019-16201 - https://github.com/MarioBarbarino/planet.rb CVE-2019-16201 - https://github.com/feedreader/planet.rb CVE-2019-16218 - https://github.com/El-Palomo/SYMFONOS CVE-2019-16219 - https://github.com/El-Palomo/SYMFONOS CVE-2019-16219 - https://github.com/SexyBeast233/SecBooks CVE-2019-16220 - https://github.com/El-Palomo/SYMFONOS CVE-2019-16221 - https://github.com/El-Palomo/SYMFONOS +CVE-2019-16222 - https://github.com/El-Palomo/DerpNStink CVE-2019-16222 - https://github.com/El-Palomo/SYMFONOS CVE-2019-16223 - https://github.com/El-Palomo/SYMFONOS CVE-2019-16253 - https://github.com/alphaSeclab/sec-daily-2019 @@ -25348,20 +27137,29 @@ CVE-2019-16278 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-16278 - https://github.com/AnubisSec/CVE-2019-16278 CVE-2019-16278 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-16278 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2019-16278 - https://github.com/Kr0ff/cve-2019-16278 CVE-2019-16278 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2019-16278 - https://github.com/NHPT/CVE-2019-16278 CVE-2019-16278 - https://github.com/SexyBeast233/SecBooks CVE-2019-16278 - https://github.com/YIXINSHUWU/Penetration_Testing_POC +CVE-2019-16278 - https://github.com/YeezyTaughtMe1/Traverxec CVE-2019-16278 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-16278 - https://github.com/darkerego/Nostromo_Python3 CVE-2019-16278 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-16278 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-16278 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-16278 - https://github.com/holmes-py/King-of-the-hill CVE-2019-16278 - https://github.com/huike007/penetration_poc CVE-2019-16278 - https://github.com/huike007/poc CVE-2019-16278 - https://github.com/ianxtianxt/CVE-2019-16278 +CVE-2019-16278 - https://github.com/imjdl/CVE-2019-16278-PoC CVE-2019-16278 - https://github.com/jas502n/CVE-2019-16278 CVE-2019-16278 - https://github.com/jweny/pocassistdb +CVE-2019-16278 - https://github.com/keshiba/cve-2019-16278 CVE-2019-16278 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-16278 - https://github.com/sobinge/nuclei-templates +CVE-2019-16278 - https://github.com/theRealFr13nd/CVE-2019-16278-Nostromo_1.9.6-RCE +CVE-2019-16278 - https://github.com/ugur-ercan/exploit-collection CVE-2019-16278 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-16278 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-16278 - https://github.com/yedada-wei/- @@ -25377,6 +27175,7 @@ CVE-2019-16279 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-16279 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-16279 - https://github.com/huike007/penetration_poc CVE-2019-16279 - https://github.com/huike007/poc +CVE-2019-16279 - https://github.com/ianxtianxt/CVE-2019-16279 CVE-2019-16279 - https://github.com/jas502n/CVE-2019-16278 CVE-2019-16279 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-16279 - https://github.com/yedada-wei/- @@ -25386,6 +27185,7 @@ CVE-2019-16303 - https://github.com/JLLeitschuh/bulk-security-pr-generator CVE-2019-16309 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-16309 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2019-16309 - https://github.com/YIXINSHUWU/Penetration_Testing_POC +CVE-2019-16309 - https://github.com/chalern/Pentest-Tools CVE-2019-16309 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-16309 - https://github.com/huike007/penetration_poc CVE-2019-16309 - https://github.com/huike007/poc @@ -25399,9 +27199,11 @@ CVE-2019-16313 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2019-16313 - https://github.com/SexyBeast233/SecBooks CVE-2019-16313 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2019-16313 - https://github.com/bigblackhat/oFx +CVE-2019-16313 - https://github.com/chalern/Pentest-Tools CVE-2019-16313 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-16313 - https://github.com/huike007/penetration_poc CVE-2019-16313 - https://github.com/huike007/poc +CVE-2019-16313 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2019-16313 - https://github.com/tdtc7/qps CVE-2019-16313 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-16313 - https://github.com/yedada-wei/- @@ -25409,6 +27211,7 @@ CVE-2019-16313 - https://github.com/yedada-wei/gongkaishouji CVE-2019-16314 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-16314 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2019-16314 - https://github.com/YIXINSHUWU/Penetration_Testing_POC +CVE-2019-16314 - https://github.com/chalern/Pentest-Tools CVE-2019-16314 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-16314 - https://github.com/huike007/penetration_poc CVE-2019-16314 - https://github.com/huike007/poc @@ -25416,7 +27219,9 @@ CVE-2019-16314 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC CVE-2019-16314 - https://github.com/yedada-wei/- CVE-2019-16314 - https://github.com/yedada-wei/gongkaishouji CVE-2019-16332 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2019-16335 - https://github.com/ilmari666/cybsec CVE-2019-16335 - https://github.com/kiwitcms/junit-plugin +CVE-2019-16335 - https://github.com/yahoo/cubed CVE-2019-16336 - https://github.com/Matheus-Garbelini/sweyntooth_bluetooth_low_energy_attacks CVE-2019-16336 - https://github.com/engn33r/awesome-bluetooth-security CVE-2019-16346 - https://github.com/Marsman1996/pocs @@ -25437,9 +27242,11 @@ CVE-2019-16385 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-16394 - https://github.com/0xT11/CVE-POC CVE-2019-16394 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-16394 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-16394 - https://github.com/trungnd51/Silent_CVE_2019_16394 CVE-2019-16404 - https://github.com/lodestone-security/CVEs CVE-2019-16404 - https://github.com/mynameiswillporter/resume CVE-2019-16405 - https://github.com/0xT11/CVE-POC +CVE-2019-16405 - https://github.com/TheCyberGeek/CVE-2019-16405.rb CVE-2019-16405 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-16405 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-16406 - https://github.com/SpengeSec/CVE-2019-19699 @@ -25475,21 +27282,27 @@ CVE-2019-1653 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-1653 - https://github.com/k8gege/CiscoExploit CVE-2019-1653 - https://github.com/shaheemirza/CiscoSpill CVE-2019-1653 - https://github.com/sobinge/nuclei-templates +CVE-2019-16531 - https://github.com/0xB9/LayerBB-1.1.3-CSRF CVE-2019-1660 - https://github.com/rayiik/cs-reaource-links CVE-2019-1663 - https://github.com/SexyBeast233/SecBooks CVE-2019-1663 - https://github.com/welove88888/Cisco-RV130W +CVE-2019-16634 - https://github.com/RoqueNight/Linux-Privilege-Escalation-Basics CVE-2019-16662 - https://github.com/0xT11/CVE-POC CVE-2019-16662 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-16662 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-16662 - https://github.com/SexyBeast233/SecBooks +CVE-2019-16662 - https://github.com/TheCyberGeek/CVE-2019-19268 CVE-2019-16662 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-16662 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-16662 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-16662 - https://github.com/mhaskar/CVE-2019-16662 +CVE-2019-16662 - https://github.com/mhaskar/CVE-2019-16663 CVE-2019-16662 - https://github.com/sobinge/nuclei-templates +CVE-2019-16662 - https://github.com/ugur-ercan/exploit-collection CVE-2019-16663 - https://github.com/0ps/pocassistdb CVE-2019-16663 - https://github.com/0xT11/CVE-POC CVE-2019-16663 - https://github.com/SexyBeast233/SecBooks +CVE-2019-16663 - https://github.com/TheCyberGeek/CVE-2019-19268 CVE-2019-16663 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-16663 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-16663 - https://github.com/hectorgie/PoC-in-GitHub @@ -25501,27 +27314,41 @@ CVE-2019-16692 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-16692 - https://github.com/kkirsche/CVE-2019-16692 CVE-2019-16724 - https://github.com/0xhuesca/CVE-2019-18655 CVE-2019-16724 - https://github.com/FULLSHADE/OSCE +CVE-2019-16724 - https://github.com/GihanJ/Structured-Exception-Handling-SEH-Buffer-Overflow CVE-2019-16724 - https://github.com/Mrnmap/ShellCode CVE-2019-16724 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-16728 - https://github.com/imjdl/CVE-2019-16278-PoC +CVE-2019-16729 - https://github.com/stealth/papyrus CVE-2019-16759 - https://github.com/0xT11/CVE-POC CVE-2019-16759 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-16759 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-16759 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2019-16759 - https://github.com/FarjaalAhmad/CVE-2019-16759 +CVE-2019-16759 - https://github.com/M0sterHxck/CVE-2019-16759-Vbulletin-rce-exploit CVE-2019-16759 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2019-16759 - https://github.com/SexyBeast233/SecBooks CVE-2019-16759 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2019-16759 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2019-16759 - https://github.com/amcai/myscan +CVE-2019-16759 - https://github.com/andripwn/pwn-vbulletin +CVE-2019-16759 - https://github.com/ardzz/vbulletin-bot +CVE-2019-16759 - https://github.com/chalern/Pentest-Tools CVE-2019-16759 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-16759 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-16759 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-16759 - https://github.com/huike007/penetration_poc CVE-2019-16759 - https://github.com/huike007/poc +CVE-2019-16759 - https://github.com/huyanshuhan/NekoBotV1 CVE-2019-16759 - https://github.com/jas502n/CVE-2019-16759 +CVE-2019-16759 - https://github.com/mas1337/CVE-2019-16759 CVE-2019-16759 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2019-16759 - https://github.com/p0megranate/makura +CVE-2019-16759 - https://github.com/psychoxploit/vbull CVE-2019-16759 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2019-16759 - https://github.com/r00tpgp/http-vuln-CVE-2019-16759 CVE-2019-16759 - https://github.com/sobinge/nuclei-templates +CVE-2019-16759 - https://github.com/theLSA/vbulletin5-rce +CVE-2019-16759 - https://github.com/ugur-ercan/exploit-collection CVE-2019-16759 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-16759 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-16759 - https://github.com/yedada-wei/- @@ -25530,13 +27357,19 @@ CVE-2019-16760 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2019-16760 - https://github.com/xxg1413/rust-security CVE-2019-16763 - https://github.com/ossf-cve-benchmark/CVE-2019-16763 CVE-2019-16769 - https://github.com/ossf-cve-benchmark/CVE-2019-16769 +CVE-2019-16769 - https://github.com/ray-tracer96024/Unintentionally-Vulnerable-Hotel-Management-Website +CVE-2019-16773 - https://github.com/El-Palomo/DerpNStink CVE-2019-16773 - https://github.com/El-Palomo/SYMFONOS CVE-2019-16773 - https://github.com/SexyBeast233/SecBooks +CVE-2019-16780 - https://github.com/El-Palomo/DerpNStink CVE-2019-16780 - https://github.com/El-Palomo/SYMFONOS +CVE-2019-16781 - https://github.com/El-Palomo/DerpNStink CVE-2019-16781 - https://github.com/El-Palomo/SYMFONOS CVE-2019-16784 - https://github.com/0xT11/CVE-POC +CVE-2019-16784 - https://github.com/AlterSolutions/PyInstallerPrivEsc CVE-2019-16784 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-16784 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-16788 - https://github.com/El-Palomo/DerpNStink CVE-2019-16788 - https://github.com/El-Palomo/SYMFONOS CVE-2019-16861 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-16862 - https://github.com/lodestone-security/CVEs @@ -25548,14 +27381,18 @@ CVE-2019-16881 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2019-16882 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2019-16884 - https://github.com/Metarget/awesome-cloud-native-security CVE-2019-16884 - https://github.com/Metarget/metarget +CVE-2019-16884 - https://github.com/PRISHIta123/Securing_Open_Source_Components_on_Containers CVE-2019-16884 - https://github.com/ssst0n3/docker_archive CVE-2019-16889 - https://github.com/0xT11/CVE-POC CVE-2019-16889 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-16889 - https://github.com/grampae/meep +CVE-2019-16889 - https://github.com/grampae/meep2 CVE-2019-16889 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-16891 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2019-16891 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2019-16891 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2019-16897 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-16902 - https://github.com/Almorabea/Arforms-Exploit CVE-2019-16905 - https://github.com/phx/cvescan CVE-2019-16905 - https://github.com/siddicky/git-and-crumpets CVE-2019-16911 - https://github.com/rochesecurity/Roche-CVEs @@ -25586,29 +27423,51 @@ CVE-2019-16941 - https://github.com/0xT11/CVE-POC CVE-2019-16941 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-16941 - https://github.com/geeksniper/reverse-engineering-toolkit CVE-2019-16941 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-16941 - https://github.com/purpleracc00n/CVE-2019-16941 +CVE-2019-16942 - https://github.com/glambert22/movieManager +CVE-2019-16942 - https://github.com/ilmari666/cybsec CVE-2019-16942 - https://github.com/kiwitcms/junit-plugin +CVE-2019-16942 - https://github.com/yahoo/cubed +CVE-2019-16943 - https://github.com/ilmari666/cybsec +CVE-2019-16943 - https://github.com/yahoo/cubed CVE-2019-16951 - https://github.com/404notf0und/CVE-Flow CVE-2019-16996 - https://github.com/0ps/pocassistdb CVE-2019-16996 - https://github.com/jweny/pocassistdb CVE-2019-16997 - https://github.com/0ps/pocassistdb CVE-2019-16997 - https://github.com/jweny/pocassistdb +CVE-2019-17003 - https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups +CVE-2019-17003 - https://github.com/Saidul-M-Khan/Awesome-Bugbounty-Writeups +CVE-2019-17003 - https://github.com/ajino2k/Awesome-Bugbounty-Writeups CVE-2019-17003 - https://github.com/arijitdirghanji/100DaysofLearning +CVE-2019-17003 - https://github.com/blitz-cmd/Bugbounty-writeups +CVE-2019-17003 - https://github.com/bot8080/awesomeBugbounty +CVE-2019-17003 - https://github.com/c0d3G33k/Firefox-QR-Code-Reader-XSS CVE-2019-17003 - https://github.com/devanshbatham/Awesome-Bugbounty-Writeups +CVE-2019-17004 - https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups +CVE-2019-17004 - https://github.com/Saidul-M-Khan/Awesome-Bugbounty-Writeups +CVE-2019-17004 - https://github.com/ajino2k/Awesome-Bugbounty-Writeups +CVE-2019-17004 - https://github.com/blitz-cmd/Bugbounty-writeups +CVE-2019-17004 - https://github.com/bot8080/awesomeBugbounty CVE-2019-17004 - https://github.com/devanshbatham/Awesome-Bugbounty-Writeups CVE-2019-17006 - https://github.com/project-zot/zot CVE-2019-17026 - https://github.com/0xT11/CVE-POC CVE-2019-17026 - https://github.com/HackOvert/awesome-bugs CVE-2019-17026 - https://github.com/alphaSeclab/sec-daily-2020 +CVE-2019-17026 - https://github.com/cloudrise/lansweeper-reports CVE-2019-17026 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-17026 - https://github.com/forrest-orr/DoubleStar CVE-2019-17026 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-17026 - https://github.com/maxpl0it/CVE-2019-17026-Exploit CVE-2019-17026 - https://github.com/mgaudet/SpiderMonkeyBibliography +CVE-2019-17026 - https://github.com/v3nt4n1t0/DetectMozillaFirefoxVulnDomain.ps1 CVE-2019-17041 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-17041 - https://github.com/fbreton/lacework CVE-2019-17041 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-17042 - https://github.com/fbreton/lacework +CVE-2019-17043 - https://github.com/blogresponder/BMC-Patrol-Agent-local-root-privilege-escalation +CVE-2019-17044 - https://github.com/blogresponder/BMC-Patrol-Agent-local-root-privilege-escalation CVE-2019-17059 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-17059 - https://github.com/pengusec/awesome-netsec-articles CVE-2019-17060 - https://github.com/Matheus-Garbelini/sweyntooth_bluetooth_low_energy_attacks CVE-2019-17060 - https://github.com/engn33r/awesome-bluetooth-security CVE-2019-17061 - https://github.com/Matheus-Garbelini/sweyntooth_bluetooth_low_energy_attacks @@ -25616,9 +27475,11 @@ CVE-2019-17061 - https://github.com/engn33r/awesome-bluetooth-security CVE-2019-17067 - https://github.com/kaleShashi/PuTTY CVE-2019-17067 - https://github.com/pbr94/PuTTy- CVE-2019-17080 - https://github.com/0xT11/CVE-POC +CVE-2019-17080 - https://github.com/Andhrimnirr/Mintinstall-object-injection CVE-2019-17080 - https://github.com/SexyBeast233/SecBooks CVE-2019-17080 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-17080 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-17080 - https://github.com/materaj2/Mintinstall-object-injection CVE-2019-17114 - https://github.com/irbishop/CVEs CVE-2019-17115 - https://github.com/irbishop/CVEs CVE-2019-17116 - https://github.com/irbishop/CVEs @@ -25630,6 +27491,7 @@ CVE-2019-17123 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-17124 - https://github.com/0xT11/CVE-POC CVE-2019-17124 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-17124 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-17124 - https://github.com/hessandrew/CVE-2019-17124 CVE-2019-17132 - https://github.com/SexyBeast233/SecBooks CVE-2019-17137 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-17147 - https://github.com/p1ay8y3ar/cve_monitor @@ -25639,27 +27501,60 @@ CVE-2019-17181 - https://github.com/FULLSHADE/OSCE CVE-2019-17181 - https://github.com/Mrnmap/ShellCode CVE-2019-17195 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-17195 - https://github.com/somatrasss/weblogic2021 +CVE-2019-17195 - https://github.com/yahoo/cubed CVE-2019-17221 - https://github.com/0xT11/CVE-POC CVE-2019-17221 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-17221 - https://github.com/h4ckologic/CVE-2019-17221 CVE-2019-17221 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-17234 - https://github.com/0xT11/CVE-POC +CVE-2019-17234 - https://github.com/administra1tor/CVE-2019-17234b-Exploit CVE-2019-17234 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-17234 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-17240 - https://github.com/0xT11/CVE-POC +CVE-2019-17240 - https://github.com/CasperGN/tooling CVE-2019-17240 - https://github.com/LucaReggiannini/LDS CVE-2019-17240 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2019-17240 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-17240 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-17240 - https://github.com/noraj/Bludit-auth-BF-bypass CVE-2019-17240 - https://github.com/pwnd-root/exploits-and-stuff CVE-2019-17240 - https://github.com/tobor88/Python3-Tools +CVE-2019-17241 - https://github.com/linhlhq/research +CVE-2019-17242 - https://github.com/linhlhq/research +CVE-2019-17243 - https://github.com/linhlhq/research +CVE-2019-17244 - https://github.com/linhlhq/research +CVE-2019-17245 - https://github.com/linhlhq/research +CVE-2019-17246 - https://github.com/linhlhq/research +CVE-2019-17247 - https://github.com/linhlhq/research +CVE-2019-17248 - https://github.com/linhlhq/research +CVE-2019-17249 - https://github.com/linhlhq/research +CVE-2019-17250 - https://github.com/linhlhq/research +CVE-2019-17251 - https://github.com/linhlhq/research +CVE-2019-17252 - https://github.com/linhlhq/research +CVE-2019-17253 - https://github.com/linhlhq/research +CVE-2019-17254 - https://github.com/linhlhq/research +CVE-2019-17255 - https://github.com/linhlhq/research +CVE-2019-17256 - https://github.com/linhlhq/research +CVE-2019-17257 - https://github.com/linhlhq/research +CVE-2019-17258 - https://github.com/linhlhq/research +CVE-2019-17259 - https://github.com/linhlhq/research +CVE-2019-17260 - https://github.com/linhlhq/research +CVE-2019-17261 - https://github.com/linhlhq/research +CVE-2019-17262 - https://github.com/linhlhq/research +CVE-2019-17267 - https://github.com/ilmari666/cybsec +CVE-2019-17267 - https://github.com/yahoo/cubed CVE-2019-17268 - https://github.com/beenhero/omniauth-weibo-oauth2 CVE-2019-17270 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-17270 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-17359 - https://github.com/rohanpadhye/JQF +CVE-2019-17367 - https://github.com/paragmhatre10/OpenWrt-vulnerabilities +CVE-2019-17372 - https://github.com/zer0yu/CVE_Request +CVE-2019-17373 - https://github.com/zer0yu/CVE_Request CVE-2019-17382 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-17382 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-17382 - https://github.com/sobinge/nuclei-templates CVE-2019-17400 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-17408 - https://github.com/Tardis07/CVE_GO CVE-2019-17409 - https://github.com/lodestone-security/CVEs CVE-2019-17409 - https://github.com/mynameiswillporter/resume CVE-2019-17415 - https://github.com/0xhuesca/CVE-2019-18655 @@ -25672,6 +27567,7 @@ CVE-2019-17424 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2019-17424 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2019-17424 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-17424 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-17424 - https://github.com/guywhataguy/CVE-2019-17424 CVE-2019-17424 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-17424 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-17424 - https://github.com/huike007/penetration_poc @@ -25680,10 +27576,12 @@ CVE-2019-17424 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC CVE-2019-17424 - https://github.com/yedada-wei/- CVE-2019-17424 - https://github.com/yedada-wei/gongkaishouji CVE-2019-17427 - https://github.com/0xT11/CVE-POC +CVE-2019-17427 - https://github.com/RealLinkers/CVE-2019-17427 CVE-2019-17427 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-17427 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-17449 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-17495 - https://github.com/0xT11/CVE-POC +CVE-2019-17495 - https://github.com/SecT0uch/CVE-2019-17495-test CVE-2019-17495 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-17495 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-17495 - https://github.com/p1ay8y3ar/cve_monitor @@ -25712,12 +27610,20 @@ CVE-2019-17520 - https://github.com/engn33r/awesome-bluetooth-security CVE-2019-17525 - https://github.com/0xT11/CVE-POC CVE-2019-17525 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-17525 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-17525 - https://github.com/huzaifahussain98/CVE-2019-17525 CVE-2019-17531 - https://github.com/dotanuki-labs/android-oss-cves-research CVE-2019-17531 - https://github.com/gredler/aegis4j +CVE-2019-17531 - https://github.com/ilmari666/cybsec CVE-2019-17531 - https://github.com/tomtom-international/goji-http-client +CVE-2019-17531 - https://github.com/yahoo/cubed +CVE-2019-17532 - https://github.com/badnack/wemo_dos CVE-2019-17538 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-17538 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2019-17541 - https://github.com/007Alice/crashes CVE-2019-17543 - https://github.com/garethr/snykout +CVE-2019-17545 - https://github.com/deepakdba/cve_checklist +CVE-2019-17549 - https://github.com/U-Mark-CYR3CON/CYR3CON_Demo +CVE-2019-17549 - https://github.com/cyr3con-ai/cyRating-check-action CVE-2019-17551 - https://github.com/rauschecker/CVEs CVE-2019-17555 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-17556 - https://github.com/CnHack3r/Penetration_PoC @@ -25746,6 +27652,7 @@ CVE-2019-17558 - https://github.com/hanc00l/some_pocsuite CVE-2019-17558 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-17558 - https://github.com/huike007/penetration_poc CVE-2019-17558 - https://github.com/koala2099/GitHub-Chinese-Top-Charts +CVE-2019-17558 - https://github.com/neilzhang1/Chinese-Charts CVE-2019-17558 - https://github.com/pinkieli/GitHub-Chinese-Top-Charts CVE-2019-17558 - https://github.com/qingyuanfeiniao/Chinese-Top-Charts CVE-2019-17558 - https://github.com/sobinge/nuclei-templates @@ -25757,23 +27664,32 @@ CVE-2019-17563 - https://github.com/raner/projo CVE-2019-17563 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2019-17564 - https://github.com/0xT11/CVE-POC CVE-2019-17564 - https://github.com/CnHack3r/Penetration_PoC +CVE-2019-17564 - https://github.com/Dor-Tumarkin/CVE-2019-17564-FastJson-Gadget +CVE-2019-17564 - https://github.com/Exploit-3389/CVE-2019-17564 CVE-2019-17564 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet +CVE-2019-17564 - https://github.com/Hu3sky/CVE-2019-17564 +CVE-2019-17564 - https://github.com/Jaky5155/CVE-2019-17564 CVE-2019-17564 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2019-17564 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2019-17564 - https://github.com/SexyBeast233/SecBooks CVE-2019-17564 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2019-17564 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-17564 - https://github.com/fairyming/CVE-2019-17564 CVE-2019-17564 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-17564 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-17564 - https://github.com/huike007/penetration_poc CVE-2019-17564 - https://github.com/huike007/poc +CVE-2019-17564 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection +CVE-2019-17564 - https://github.com/lz2y/DubboPOC CVE-2019-17564 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2019-17564 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2019-17564 - https://github.com/r00t4dm/CVE-2019-17564 CVE-2019-17564 - https://github.com/tdtc7/qps CVE-2019-17564 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-17564 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-17564 - https://github.com/yedada-wei/- CVE-2019-17564 - https://github.com/yedada-wei/gongkaishouji +CVE-2019-17567 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2019-17569 - https://github.com/mklmfane/betvictor CVE-2019-17569 - https://github.com/raner/projo CVE-2019-17570 - https://github.com/0xT11/CVE-POC @@ -25781,6 +27697,7 @@ CVE-2019-17570 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2019-17570 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-17570 - https://github.com/fbeasts/xmlrpc-common-deserialization CVE-2019-17570 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-17570 - https://github.com/r00t4dm/CVE-2019-17570 CVE-2019-17571 - https://github.com/0xT11/CVE-POC CVE-2019-17571 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2019-17571 - https://github.com/HackJava/Log4j2 @@ -25805,13 +27722,16 @@ CVE-2019-17571 - https://github.com/ltslog/ltslog CVE-2019-17571 - https://github.com/marklogic/marklogic-contentpump CVE-2019-17571 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2019-17571 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2019-17571 - https://github.com/shadow-horse/CVE-2019-17571 CVE-2019-17571 - https://github.com/thl-cmk/CVE-log4j-check_mk-plugin CVE-2019-17571 - https://github.com/woods-sega/woodswiki CVE-2019-17571 - https://github.com/x-f1v3/Vulnerability_Environment +CVE-2019-17571 - https://github.com/yahoo/cubed CVE-2019-17582 - https://github.com/carter-yagemann/ARCUS CVE-2019-1759 - https://github.com/0xT11/CVE-POC CVE-2019-1759 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-1759 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-1759 - https://github.com/r3m0t3nu11/CVE-2019-1759-csrf-js-rce CVE-2019-17592 - https://github.com/endorama/CsvToL10nJson CVE-2019-17592 - https://github.com/ossf-cve-benchmark/CVE-2019-17592 CVE-2019-17594 - https://github.com/jaydenaung/CloudGuard-ShiftLeft-CICD-AWS @@ -25823,15 +27743,18 @@ CVE-2019-17595 - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln CVE-2019-17596 - https://github.com/0xT11/CVE-POC CVE-2019-17596 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-17596 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-17596 - https://github.com/pquerna/poc-dsa-verify-CVE-2019-17596 CVE-2019-17603 - https://github.com/dhn/exploits CVE-2019-17621 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-17621 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2019-17621 - https://github.com/SexyBeast233/SecBooks CVE-2019-17621 - https://github.com/YIXINSHUWU/Penetration_Testing_POC +CVE-2019-17621 - https://github.com/firmianay/IoT-vulhub CVE-2019-17621 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-17621 - https://github.com/huike007/penetration_poc CVE-2019-17621 - https://github.com/huike007/poc CVE-2019-17621 - https://github.com/s1kr10s/D-Link-DIR-859-RCE +CVE-2019-17621 - https://github.com/secenv/GoInputProxy CVE-2019-17621 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-17621 - https://github.com/yedada-wei/- CVE-2019-17621 - https://github.com/yedada-wei/gongkaishouji @@ -25839,35 +27762,50 @@ CVE-2019-17625 - https://github.com/0xT11/CVE-POC CVE-2019-17625 - https://github.com/Ekultek/CVE-2019-17625 CVE-2019-17625 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-17625 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-17626 - https://github.com/asa1997/topgear_test CVE-2019-17633 - https://github.com/0xT11/CVE-POC CVE-2019-17633 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-17633 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-17633 - https://github.com/mgrube/CVE-2019-17633 CVE-2019-17638 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-17658 - https://github.com/0xT11/CVE-POC +CVE-2019-17658 - https://github.com/Ibonok/CVE-2019-17658 CVE-2019-17658 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-17658 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-17662 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-17662 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2019-17662 - https://github.com/OriGlassman/Workshop-in-Information-Security CVE-2019-17662 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2019-17662 - https://github.com/dayaramb/dayaramb.github.io CVE-2019-17662 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-17662 - https://github.com/huike007/penetration_poc CVE-2019-17662 - https://github.com/huike007/poc +CVE-2019-17662 - https://github.com/rnbochsr/atlas CVE-2019-17662 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-17662 - https://github.com/yedada-wei/- CVE-2019-17662 - https://github.com/yedada-wei/gongkaishouji CVE-2019-17666 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-17669 - https://github.com/El-Palomo/DerpNStink CVE-2019-17669 - https://github.com/El-Palomo/SYMFONOS +CVE-2019-17670 - https://github.com/El-Palomo/DerpNStink CVE-2019-17670 - https://github.com/El-Palomo/SYMFONOS CVE-2019-17671 - https://github.com/0xT11/CVE-POC +CVE-2019-17671 - https://github.com/El-Palomo/DerpNStink CVE-2019-17671 - https://github.com/El-Palomo/SYMFONOS CVE-2019-17671 - https://github.com/SexyBeast233/SecBooks CVE-2019-17671 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-17671 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-17671 - https://github.com/rhbb/CVE-2019-17671 +CVE-2019-17672 - https://github.com/El-Palomo/DerpNStink CVE-2019-17672 - https://github.com/El-Palomo/SYMFONOS +CVE-2019-17673 - https://github.com/El-Palomo/DerpNStink CVE-2019-17673 - https://github.com/El-Palomo/SYMFONOS +CVE-2019-17674 - https://github.com/El-Palomo/DerpNStink CVE-2019-17674 - https://github.com/El-Palomo/SYMFONOS +CVE-2019-17675 - https://github.com/El-Palomo/DerpNStink CVE-2019-17675 - https://github.com/El-Palomo/SYMFONOS +CVE-2019-18182 - https://github.com/FritzJo/pacheck +CVE-2019-18183 - https://github.com/FritzJo/pacheck CVE-2019-18187 - https://github.com/v-p-b/avpwn CVE-2019-1821 - https://github.com/0xT11/CVE-POC CVE-2019-1821 - https://github.com/ARPSyndicate/kenzer-templates @@ -25880,13 +27818,18 @@ CVE-2019-18217 - https://github.com/google/honggfuzz CVE-2019-18217 - https://github.com/vshaliii/Funbox2-rookie CVE-2019-18218 - https://github.com/phonito/phonito-vulnerable-container CVE-2019-18251 - https://github.com/abhav/nvd_scrapper +CVE-2019-18276 - https://github.com/broadinstitute/dsp-appsec-trivy-cicd CVE-2019-18276 - https://github.com/dispera/giant-squid +CVE-2019-18276 - https://github.com/docker/scan-cli-plugin +CVE-2019-18276 - https://github.com/domyrtille/interview_project +CVE-2019-18276 - https://github.com/epequeno/devops-demo CVE-2019-18276 - https://github.com/garethr/snykout CVE-2019-18276 - https://github.com/nedenwalker/spring-boot-app-using-gradle CVE-2019-18276 - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln CVE-2019-18276 - https://github.com/onzack/trivy-multiscanner CVE-2019-18276 - https://github.com/psifertex/ctf-vs-the-real-world CVE-2019-18277 - https://github.com/Spacial/awesome-csirt +CVE-2019-18277 - https://github.com/chenjj/Awesome-HTTPRequestSmuggling CVE-2019-18348 - https://github.com/phonito/phonito-vulnerable-container CVE-2019-18350 - https://github.com/ossf-cve-benchmark/CVE-2019-18350 CVE-2019-18364 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs @@ -25900,6 +27843,7 @@ CVE-2019-18370 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-18370 - https://github.com/huike007/penetration_poc CVE-2019-18370 - https://github.com/huike007/poc CVE-2019-18370 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2019-18370 - https://github.com/tomsiwik/xiaomi-router-patch CVE-2019-18370 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-18370 - https://github.com/yedada-wei/- CVE-2019-18370 - https://github.com/yedada-wei/gongkaishouji @@ -25928,10 +27872,12 @@ CVE-2019-18413 - https://github.com/p1ay8y3ar/cve_monitor CVE-2019-18418 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-18418 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-18426 - https://github.com/0xT11/CVE-POC +CVE-2019-18426 - https://github.com/PerimeterX/CVE-2019-18426 CVE-2019-18426 - https://github.com/abhav/nvd_scrapper CVE-2019-18426 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-18426 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-18426 - https://github.com/weizman/weizman +CVE-2019-1853 - https://github.com/r0eXpeR/supplier CVE-2019-18580 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2019-18614 - https://github.com/seemoo-lab/frankenstein CVE-2019-1862 - https://github.com/alphaSeclab/sec-daily-2019 @@ -25939,18 +27885,30 @@ CVE-2019-18622 - https://github.com/SexyBeast233/SecBooks CVE-2019-18634 - https://github.com/0xT11/CVE-POC CVE-2019-18634 - https://github.com/0xsyr0/OSCP CVE-2019-18634 - https://github.com/AfvanMoopen/tryhackme- +CVE-2019-18634 - https://github.com/Dinesh-999/Hacking_contents +CVE-2019-18634 - https://github.com/N1et/CVE-2019-18634 +CVE-2019-18634 - https://github.com/Plazmaz/CVE-2019-18634 CVE-2019-18634 - https://github.com/Retr0-ll/littleterm +CVE-2019-18634 - https://github.com/RoqueNight/Linux-Privilege-Escalation-Basics +CVE-2019-18634 - https://github.com/TCM-Course-Resources/Linux-Privilege-Escalation-Resources +CVE-2019-18634 - https://github.com/Timirepo/CVE_Exploits CVE-2019-18634 - https://github.com/Y3A/CVE-2019-18634 CVE-2019-18634 - https://github.com/catsecorg/CatSec-TryHackMe-WriteUps CVE-2019-18634 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-18634 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-18634 - https://github.com/klecko/exploits CVE-2019-18634 - https://github.com/lockedbyte/CVE-Exploits +CVE-2019-18634 - https://github.com/ptef/CVE-2019-18634 +CVE-2019-18634 - https://github.com/saleemrashid/sudo-cve-2019-18634 +CVE-2019-18634 - https://github.com/sbonds/custom-inspec CVE-2019-18634 - https://github.com/siddicky/yotjf CVE-2019-18653 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-18654 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-18655 - https://github.com/0xhuesca/CVE-2019-18655 CVE-2019-18655 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-18670 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-18674 - https://github.com/schokokeksorg/freewvs +CVE-2019-18675 - https://github.com/deShal3v/Public-Vulnerabilities CVE-2019-18675 - https://github.com/xairy/linux-kernel-exploitation CVE-2019-18679 - https://github.com/SexyBeast233/SecBooks CVE-2019-18683 - https://github.com/0xT11/CVE-POC @@ -25958,6 +27916,7 @@ CVE-2019-18683 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp CVE-2019-18683 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-18683 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-18683 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2019-18683 - https://github.com/sanjana123-cloud/CVE-2019-18683 CVE-2019-18683 - https://github.com/xairy/linux-kernel-exploitation CVE-2019-18683 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-18775 - https://github.com/sjmini/icse2020-Solidity @@ -25990,11 +27949,17 @@ CVE-2019-18873 - https://github.com/0xT11/CVE-POC CVE-2019-18873 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-18873 - https://github.com/fuzzlove/FUDforum-XSS-RCE CVE-2019-18873 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-18874 - https://github.com/asa1997/topgear_test CVE-2019-18885 - https://github.com/0xT11/CVE-POC +CVE-2019-18885 - https://github.com/bobfuzzer/CVE-2019-18885 CVE-2019-18885 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-18885 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-18888 - https://github.com/cs278/composer-audit +CVE-2019-18888 - https://github.com/ray-tracer96024/Unintentionally-Vulnerable-Hotel-Management-Website +CVE-2019-18889 - https://github.com/alex700/phar_deserialization CVE-2019-18890 - https://github.com/0xT11/CVE-POC +CVE-2019-18890 - https://github.com/RealLinkers/CVE-2019-17427 +CVE-2019-18890 - https://github.com/RealLinkers/CVE-2019-18890 CVE-2019-18890 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-18890 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-18922 - https://github.com/ARPSyndicate/kenzer-templates @@ -26007,14 +27972,19 @@ CVE-2019-18935 - https://github.com/1amUnvalid/Telerik-UI-Exploit CVE-2019-18935 - https://github.com/AnonVulc/Pentest-Tools CVE-2019-18935 - https://github.com/RodricBr/OffSec-MISC CVE-2019-18935 - https://github.com/S3cur3Th1sSh1t/Pentest-Tools +CVE-2019-18935 - https://github.com/ThanHuuTuan/Telerik_CVE-2019-18935 +CVE-2019-18935 - https://github.com/ahpaleus/ahp_cheatsheet CVE-2019-18935 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-18935 - https://github.com/bao7uo/RAU_crypto +CVE-2019-18935 - https://github.com/becrevex/Telerik_CVE-2019-18935 CVE-2019-18935 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-18935 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-18935 - https://github.com/mcgyver5/scrap_telerik CVE-2019-18935 - https://github.com/murataydemir/CVE-2019-18935 CVE-2019-18935 - https://github.com/noperator/CVE-2019-18935 CVE-2019-18935 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-18935 - https://github.com/rishaldwivedi/Public_Disclosure +CVE-2019-18935 - https://github.com/severnake/Pentest-Tools CVE-2019-18935 - https://github.com/theyoge/AD-Pentesting-Tools CVE-2019-18935 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-18937 - https://github.com/abhav/nvd_scrapper @@ -26024,24 +27994,32 @@ CVE-2019-18952 - https://github.com/SexyBeast233/SecBooks CVE-2019-18954 - https://github.com/ossf-cve-benchmark/CVE-2019-18954 CVE-2019-18956 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2019-18988 - https://github.com/0xT11/CVE-POC +CVE-2019-18988 - https://github.com/V1V1/DecryptTeamViewer CVE-2019-18988 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-18988 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-18988 - https://github.com/zaphoxx/WatchTV +CVE-2019-189888 - https://github.com/corneacristian/Notes +CVE-2019-18992 - https://github.com/paragmhatre10/OpenWrt-vulnerabilities CVE-2019-19004 - https://github.com/carter-yagemann/ARCUS CVE-2019-19005 - https://github.com/carter-yagemann/ARCUS CVE-2019-19012 - https://github.com/0xT11/CVE-POC +CVE-2019-19012 - https://github.com/ManhNDd/CVE-2019-19012 CVE-2019-19012 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19012 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-19012 - https://github.com/kkos/oniguruma +CVE-2019-19012 - https://github.com/onivim/esy-oniguruma CVE-2019-19012 - https://github.com/tarantula-team/CVE-2019-19012 CVE-2019-19012 - https://github.com/winlibs/oniguruma CVE-2019-19033 - https://github.com/0xT11/CVE-POC CVE-2019-19033 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19033 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19033 - https://github.com/ricardojoserf/CVE-2019-19033 CVE-2019-19036 - https://github.com/DelspoN/CVE +CVE-2019-19041 - https://github.com/gotenigatien/Xorux-critical-vulnerability CVE-2019-19113 - https://github.com/SexyBeast233/SecBooks CVE-2019-19117 - https://github.com/SexyBeast233/SecBooks CVE-2019-19118 - https://github.com/Pad0y/Django2_dailyfresh +CVE-2019-19118 - https://github.com/Vimru/taps CVE-2019-19118 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-19126 - https://github.com/garethr/snykout CVE-2019-19129 - https://github.com/afinepl/research @@ -26060,22 +28038,32 @@ CVE-2019-19195 - https://github.com/engn33r/awesome-bluetooth-security CVE-2019-19196 - https://github.com/Matheus-Garbelini/sweyntooth_bluetooth_low_energy_attacks CVE-2019-19196 - https://github.com/engn33r/awesome-bluetooth-security CVE-2019-19203 - https://github.com/0xT11/CVE-POC +CVE-2019-19203 - https://github.com/ManhNDd/CVE-2019-19203 CVE-2019-19203 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19203 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-19203 - https://github.com/kkos/oniguruma +CVE-2019-19203 - https://github.com/onivim/esy-oniguruma +CVE-2019-19203 - https://github.com/tarantula-team/CVE-2019-19203 CVE-2019-19203 - https://github.com/winlibs/oniguruma CVE-2019-19204 - https://github.com/0xT11/CVE-POC +CVE-2019-19204 - https://github.com/ManhNDd/CVE-2019-19204 CVE-2019-19204 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19204 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-19204 - https://github.com/kkos/oniguruma +CVE-2019-19204 - https://github.com/onivim/esy-oniguruma +CVE-2019-19204 - https://github.com/tarantula-team/CVE-2019-19204 CVE-2019-19204 - https://github.com/winlibs/oniguruma CVE-2019-19208 - https://github.com/Hacker5preme/Exploits CVE-2019-19231 - https://github.com/0xT11/CVE-POC CVE-2019-19231 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19231 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19231 - https://github.com/hessandrew/CVE-2019-19231 CVE-2019-19242 - https://github.com/garethr/snykout +CVE-2019-19242 - https://github.com/vinamra28/tekton-image-scan-trivy CVE-2019-19244 - https://github.com/garethr/snykout +CVE-2019-19244 - https://github.com/vinamra28/tekton-image-scan-trivy CVE-2019-19246 - https://github.com/kkos/oniguruma +CVE-2019-19246 - https://github.com/onivim/esy-oniguruma CVE-2019-19246 - https://github.com/winlibs/oniguruma CVE-2019-19248 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-19268 - https://github.com/0xT11/CVE-POC @@ -26085,29 +28073,37 @@ CVE-2019-19268 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-19270 - https://github.com/vshaliii/Funbox2-rookie CVE-2019-19271 - https://github.com/vshaliii/Funbox2-rookie CVE-2019-19272 - https://github.com/vshaliii/Funbox2-rookie +CVE-2019-19307 - https://github.com/asdyxcyxc/Hermes CVE-2019-19315 - https://github.com/0xT11/CVE-POC CVE-2019-19315 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19315 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19315 - https://github.com/monoxgas/mailorder CVE-2019-19356 - https://github.com/0xT11/CVE-POC CVE-2019-19356 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19356 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19356 - https://github.com/qq1515406085/CVE-2019-19356 +CVE-2019-19356 - https://github.com/shadowgatt/CVE-2019-19356 CVE-2019-19363 - https://github.com/geeksniper/windows-privilege-escalation CVE-2019-19363 - https://github.com/jacob-baines/concealed_position CVE-2019-19368 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-19368 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-19368 - https://github.com/sobinge/nuclei-templates CVE-2019-19369 - https://github.com/0xT11/CVE-POC +CVE-2019-19369 - https://github.com/TheCyberGeek/CVE-2019-19369 CVE-2019-19369 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19369 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-19377 - https://github.com/xairy/linux-kernel-exploitation CVE-2019-19383 - https://github.com/0xT11/CVE-POC CVE-2019-19383 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19383 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19383 - https://github.com/killvxk/CVE-2019-19383 CVE-2019-19393 - https://github.com/0xT11/CVE-POC CVE-2019-19393 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19393 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-19393 - https://github.com/miguelhamal/CVE-2019-19393 +CVE-2019-19469 - https://github.com/robertchrk/zmanda_exploit CVE-2019-19470 - https://github.com/juliourena/plaintext +CVE-2019-19495 - https://github.com/Lyrebirds/technicolor-tc7230-exploit CVE-2019-19497 - https://github.com/Dmitriy-area51/Exploit CVE-2019-19499 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2019-19507 - https://github.com/ossf-cve-benchmark/CVE-2019-19507 @@ -26117,6 +28113,7 @@ CVE-2019-19509 - https://github.com/v1k1ngfr/exploits-rconfig CVE-2019-19511 - https://github.com/0xT11/CVE-POC CVE-2019-19511 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19511 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19511 - https://github.com/jra89/CVE-2019-19511 CVE-2019-19520 - https://github.com/0xT11/CVE-POC CVE-2019-19520 - https://github.com/anoaghost/Localroot_Compile CVE-2019-19520 - https://github.com/bcoles/local-exploits @@ -26137,12 +28134,14 @@ CVE-2019-19550 - https://github.com/underprotection/CVE-2019-19550 CVE-2019-19576 - https://github.com/0xT11/CVE-POC CVE-2019-19576 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19576 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19576 - https://github.com/jra89/CVE-2019-19576 CVE-2019-19576 - https://github.com/jra89/CVE-2019-19634 CVE-2019-19585 - https://github.com/Orange-Cyberdefense/CVE-repository CVE-2019-19585 - https://github.com/SexyBeast233/SecBooks CVE-2019-19585 - https://github.com/v1k1ngfr/exploits-rconfig CVE-2019-19589 - https://github.com/V1n1v131r4/My-CVEs CVE-2019-19596 - https://github.com/SexyBeast233/SecBooks +CVE-2019-19596 - https://github.com/ianxtianxt/gitbook-xss CVE-2019-19603 - https://github.com/garethr/snykout CVE-2019-19604 - https://github.com/meherarfaoui09/meher CVE-2019-19633 - https://github.com/0xT11/CVE-POC @@ -26166,21 +28165,29 @@ CVE-2019-19645 - https://github.com/garethr/snykout CVE-2019-19651 - https://github.com/0xT11/CVE-POC CVE-2019-19651 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19651 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19651 - https://github.com/jra89/CVE-2019-19651 CVE-2019-19652 - https://github.com/0xT11/CVE-POC CVE-2019-19652 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19652 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19652 - https://github.com/jra89/CVE-2019-19652 CVE-2019-19653 - https://github.com/0xT11/CVE-POC CVE-2019-19653 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19653 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19653 - https://github.com/jra89/CVE-2019-19653 CVE-2019-19654 - https://github.com/0xT11/CVE-POC CVE-2019-19654 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19654 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19654 - https://github.com/jra89/CVE-2019-19654 CVE-2019-19658 - https://github.com/0xT11/CVE-POC CVE-2019-19658 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19658 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19658 - https://github.com/jra89/CVE-2019-19658 CVE-2019-19699 - https://github.com/0xT11/CVE-POC +CVE-2019-19699 - https://github.com/SpengeSec/CVE-2019-19699 +CVE-2019-19699 - https://github.com/SpengeSec/Centreon-Vulnerable-Images CVE-2019-19699 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19699 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19709 - https://github.com/schokokeksorg/freewvs CVE-2019-19719 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-19719 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-19726 - https://github.com/alphaSeclab/sec-daily-2019 @@ -26190,31 +28197,44 @@ CVE-2019-19726 - https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough CVE-2019-19732 - https://github.com/0xT11/CVE-POC CVE-2019-19732 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19732 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19732 - https://github.com/jra89/CVE-2019-19732 CVE-2019-19733 - https://github.com/0xT11/CVE-POC CVE-2019-19733 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19733 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19733 - https://github.com/jra89/CVE-2019-19733 CVE-2019-19734 - https://github.com/0xT11/CVE-POC CVE-2019-19734 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19734 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19734 - https://github.com/jra89/CVE-2019-19734 CVE-2019-19735 - https://github.com/0xT11/CVE-POC CVE-2019-19735 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19735 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19735 - https://github.com/jra89/CVE-2019-19735 CVE-2019-19738 - https://github.com/0xT11/CVE-POC CVE-2019-19738 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19738 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19738 - https://github.com/jra89/CVE-2019-19738 +CVE-2019-19770 - https://github.com/mcgrof/break-blktrace CVE-2019-19781 - https://github.com/0ps/pocassistdb CVE-2019-19781 - https://github.com/0xT11/CVE-POC +CVE-2019-19781 - https://github.com/5l1v3r1/Citrix_CVE-2019-19781 CVE-2019-19781 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-19781 - https://github.com/AnonVulc/Pentest-Tools CVE-2019-19781 - https://github.com/Astrogeorgeonethree/Starred CVE-2019-19781 - https://github.com/Azeemering/CVE-2019-19781-DFIR-Notes +CVE-2019-19781 - https://github.com/Castaldio86/Detect-CVE-2019-19781 CVE-2019-19781 - https://github.com/CnHack3r/Penetration_PoC +CVE-2019-19781 - https://github.com/DanielWep/CVE-NetScalerFileSystemCheck CVE-2019-19781 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2019-19781 - https://github.com/GuardaCyber/covid19-response CVE-2019-19781 - https://github.com/JamesG-Zero/Shitrix-CVE-2019-19781 CVE-2019-19781 - https://github.com/Jean-Francois-C/Windows-Penetration-Testing +CVE-2019-19781 - https://github.com/L4r1k/CitrixNetscalerAnalysis CVE-2019-19781 - https://github.com/LeapBeyond/cve_2019_19781 +CVE-2019-19781 - https://github.com/MalwareTech/CitrixHoneypot CVE-2019-19781 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2019-19781 - https://github.com/MrSeccubus/jekyll-secinfo +CVE-2019-19781 - https://github.com/RaulCalvoLaorden/CVE-2019-19781 CVE-2019-19781 - https://github.com/S3cur3Th1sSh1t/Pentest-Tools CVE-2019-19781 - https://github.com/SexyBeast233/SecBooks CVE-2019-19781 - https://github.com/Staubgeborener/stars @@ -26222,10 +28242,17 @@ CVE-2019-19781 - https://github.com/VDISEC/CVE-2019-19871-AuditGuide CVE-2019-19781 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2019-19781 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2019-19781 - https://github.com/amcai/myscan +CVE-2019-19781 - https://github.com/aqhmal/CVE-2019-19781 +CVE-2019-19781 - https://github.com/azams/go-citrixmash +CVE-2019-19781 - https://github.com/b510/CVE-2019-19781 +CVE-2019-19781 - https://github.com/becrevex/Citrix_CVE-2019-19781 CVE-2019-19781 - https://github.com/bhassani/Recent-CVE CVE-2019-19781 - https://github.com/cisagov/check-cve-2019-19781 +CVE-2019-19781 - https://github.com/cisagov/check-your-pulse CVE-2019-19781 - https://github.com/citrix/ioc-scanner-CVE-2019-19781 CVE-2019-19781 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-19781 - https://github.com/digitalgangst/massCitrix +CVE-2019-19781 - https://github.com/digitalshadows/CVE-2019-19781_IOCs CVE-2019-19781 - https://github.com/dnif/content CVE-2019-19781 - https://github.com/faisal6me/DFIR-Note CVE-2019-19781 - https://github.com/fcp999/centos @@ -26234,41 +28261,71 @@ CVE-2019-19781 - https://github.com/gobysec/Goby CVE-2019-19781 - https://github.com/hackingyseguridad/nmap CVE-2019-19781 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-19781 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19781 - https://github.com/hollerith/CVE-2019-19781 CVE-2019-19781 - https://github.com/huike007/penetration_poc CVE-2019-19781 - https://github.com/huike007/poc +CVE-2019-19781 - https://github.com/ianxtianxt/CVE-2019-19781 +CVE-2019-19781 - https://github.com/inveteck/citrix-vuln-checker CVE-2019-19781 - https://github.com/itsreallynick/pcap +CVE-2019-19781 - https://github.com/j81blog/ADC-19781 +CVE-2019-19781 - https://github.com/jamesjguthrie/Shitrix-CVE-2019-19781 CVE-2019-19781 - https://github.com/jas502n/CVE-2019-19781 CVE-2019-19781 - https://github.com/jiangsir404/POC-S CVE-2019-19781 - https://github.com/juan157/noqsg.github.io CVE-2019-19781 - https://github.com/jweny/pocassistdb +CVE-2019-19781 - https://github.com/krayzpipes/trickt +CVE-2019-19781 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2019-19781 - https://github.com/mandiant/ioc-scanner-CVE-2019-19781 +CVE-2019-19781 - https://github.com/mekhalleh/citrix_dir_traversal_rce +CVE-2019-19781 - https://github.com/mekoko/CVE-2019-19781 CVE-2019-19781 - https://github.com/mpgn/CVE-2019-19781 +CVE-2019-19781 - https://github.com/nmanzi/webcvescanner +CVE-2019-19781 - https://github.com/onSec-fr/CVE-2019-19781-Forensic +CVE-2019-19781 - https://github.com/oways/CVE-2019-19781 +CVE-2019-19781 - https://github.com/projectzeroindia/CVE-2019-19781 CVE-2019-19781 - https://github.com/ptresearch/Pentest-Detections CVE-2019-19781 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2019-19781 - https://github.com/r0eXpeR/supplier +CVE-2019-19781 - https://github.com/redscan/CVE-2019-19781 +CVE-2019-19781 - https://github.com/severnake/Pentest-Tools CVE-2019-19781 - https://github.com/sobinge/nuclei-templates CVE-2019-19781 - https://github.com/tdtc7/qps CVE-2019-19781 - https://github.com/theyoge/AD-Pentesting-Tools +CVE-2019-19781 - https://github.com/trustedsec/cve-2019-19781 +CVE-2019-19781 - https://github.com/unknowndevice64/Exploits_CVE-2019-19781 CVE-2019-19781 - https://github.com/w4fz5uck5/CVE-2019-19781-CitrixRCE CVE-2019-19781 - https://github.com/whoadmin/pocs CVE-2019-19781 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +CVE-2019-19781 - https://github.com/x1sec/CVE-2019-19781 CVE-2019-19781 - https://github.com/x1sec/citrix-honeypot +CVE-2019-19781 - https://github.com/x1sec/citrixmash_scanner +CVE-2019-19781 - https://github.com/x1sec/xpasn CVE-2019-19781 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-19781 - https://github.com/yedada-wei/- CVE-2019-19781 - https://github.com/yedada-wei/gongkaishouji +CVE-2019-19781 - https://github.com/ynsmroztas/citrix.sh +CVE-2019-19781 - https://github.com/zenturacp/cve-2019-19781-web +CVE-2019-19781 - https://github.com/zgelici/CVE-2019-19781-Checker CVE-2019-19793 - https://github.com/shubham0d/SymBlock +CVE-2019-19794 - https://github.com/k1LoW/oshka +CVE-2019-19794 - https://github.com/naveensrinivasan/stunning-tribble CVE-2019-19797 - https://github.com/p1ay8y3ar/cve_monitor CVE-2019-19824 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-19824 - https://github.com/ker2x/DearDiary CVE-2019-19844 - https://github.com/0xT11/CVE-POC +CVE-2019-19844 - https://github.com/0xsha/CVE_2019_19844 CVE-2019-19844 - https://github.com/CnHack3r/Penetration_PoC +CVE-2019-19844 - https://github.com/HxDDD/CVE-PoC CVE-2019-19844 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2019-19844 - https://github.com/Pad0y/Django2_dailyfresh CVE-2019-19844 - https://github.com/YIXINSHUWU/Penetration_Testing_POC +CVE-2019-19844 - https://github.com/andripwn/django_cve201919844 CVE-2019-19844 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19844 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-19844 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-19844 - https://github.com/huike007/penetration_poc CVE-2019-19844 - https://github.com/huike007/poc +CVE-2019-19844 - https://github.com/ryu22e/django_cve_2019_19844_poc CVE-2019-19844 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-19844 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2019-19844 - https://github.com/umahari/security @@ -26277,6 +28334,7 @@ CVE-2019-19844 - https://github.com/yedada-wei/- CVE-2019-19844 - https://github.com/yedada-wei/gongkaishouji CVE-2019-19846 - https://github.com/HoangKien1020/Joomla-SQLinjection CVE-2019-19846 - https://github.com/SexyBeast233/SecBooks +CVE-2019-19846 - https://github.com/schokokeksorg/freewvs CVE-2019-1987 - https://github.com/0xT11/CVE-POC CVE-2019-1987 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-19871 - https://github.com/0xT11/CVE-POC @@ -26285,16 +28343,21 @@ CVE-2019-19871 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19871 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-19882 - https://github.com/garethr/snykout CVE-2019-19886 - https://github.com/SexyBeast233/SecBooks +CVE-2019-19886 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2019-19886 - https://github.com/tdtc7/qps +CVE-2019-19889 - https://github.com/V1n1v131r4/HGB10R-2 CVE-2019-19889 - https://github.com/V1n1v131r4/My-CVEs +CVE-2019-19890 - https://github.com/V1n1v131r4/HGB10R-2 CVE-2019-19890 - https://github.com/V1n1v131r4/My-CVEs CVE-2019-19905 - https://github.com/0xT11/CVE-POC CVE-2019-19905 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-19905 - https://github.com/dpmdpm2/CVE-2019-19905 CVE-2019-19905 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-19908 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-19908 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-19908 - https://github.com/sobinge/nuclei-templates CVE-2019-19916 - https://github.com/V1n1v131r4/Bypass-CSP-against-MIME-Confusion-Attack +CVE-2019-19916 - https://github.com/V1n1v131r4/MIME-Confusion-Attack-on-Midori-Browser CVE-2019-19916 - https://github.com/V1n1v131r4/My-CVEs CVE-2019-19921 - https://github.com/Metarget/awesome-cloud-native-security CVE-2019-19923 - https://github.com/garethr/snykout @@ -26304,16 +28367,21 @@ CVE-2019-19943 - https://github.com/0xT11/CVE-POC CVE-2019-19943 - https://github.com/5l1v3r1/CVE-2019-19943 CVE-2019-19943 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-19943 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-19945 - https://github.com/mclab-hbrs/openwrt-dos-poc CVE-2019-19954 - https://github.com/mirchr/security-research CVE-2019-19959 - https://github.com/garethr/snykout CVE-2019-19967 - https://github.com/filipi86/ConnectBoxDOCSIS-3.0 CVE-2019-19985 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-19985 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2019-19985 - https://github.com/RandomRobbieBF/wordpress-exploits CVE-2019-19985 - https://github.com/sobinge/nuclei-templates CVE-2019-1999 - https://github.com/Sec20-Paper310/Paper310 CVE-2019-2000 - https://github.com/xairy/linux-kernel-exploitation +CVE-2019-20041 - https://github.com/El-Palomo/DerpNStink CVE-2019-20041 - https://github.com/El-Palomo/SYMFONOS +CVE-2019-20043 - https://github.com/El-Palomo/DerpNStink CVE-2019-20043 - https://github.com/El-Palomo/SYMFONOS +CVE-2019-20057 - https://github.com/V0lk3n/OSMR-CheatSheet CVE-2019-20059 - https://github.com/0xT11/CVE-POC CVE-2019-20059 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-20059 - https://github.com/hectorgie/PoC-in-GitHub @@ -26322,21 +28390,28 @@ CVE-2019-20082 - https://github.com/pr0v3rbs/FirmAE CVE-2019-20084 - https://github.com/pr0v3rbs/FirmAE CVE-2019-20085 - https://github.com/0xT11/CVE-POC CVE-2019-20085 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2019-20085 - https://github.com/AleDiBen/NVMS1000-Exploit +CVE-2019-20085 - https://github.com/AruN4Sa7/Manual-Exploitation-Development-For-TVT-NVMS-1000-suffers-from-a-directory-traversal-vulnerabilit CVE-2019-20085 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-20085 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-20141 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-20141 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-20141 - https://github.com/sobinge/nuclei-templates +CVE-2019-20149 - https://github.com/leoiancu21/Web-server CVE-2019-20149 - https://github.com/ossf-cve-benchmark/CVE-2019-20149 CVE-2019-20174 - https://github.com/ossf-cve-benchmark/CVE-2019-20174 CVE-2019-20183 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-20197 - https://github.com/0xT11/CVE-POC CVE-2019-20197 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-20197 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-20197 - https://github.com/jas502n/CVE-2019-20197 +CVE-2019-20197 - https://github.com/lp008/CVE-2019-20197 CVE-2019-20197 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-20197 - https://github.com/r0eXpeR/redteam_vul CVE-2019-20197 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2019-20203 - https://github.com/V1n1v131r4/Exploiting-Postie-WordPress-Plugin- CVE-2019-20203 - https://github.com/V1n1v131r4/My-CVEs +CVE-2019-20204 - https://github.com/V1n1v131r4/Exploiting-Postie-WordPress-Plugin- CVE-2019-20204 - https://github.com/V1n1v131r4/My-CVEs CVE-2019-20213 - https://github.com/SexyBeast233/SecBooks CVE-2019-20215 - https://github.com/CnHack3r/Penetration_PoC @@ -26345,9 +28420,12 @@ CVE-2019-20215 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2019-20215 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-20215 - https://github.com/huike007/penetration_poc CVE-2019-20215 - https://github.com/huike007/poc +CVE-2019-20215 - https://github.com/secenv/GoInputProxy CVE-2019-20215 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-20215 - https://github.com/yedada-wei/- CVE-2019-20215 - https://github.com/yedada-wei/gongkaishouji +CVE-2019-20216 - https://github.com/secenv/GoInputProxy +CVE-2019-20217 - https://github.com/secenv/GoInputProxy CVE-2019-20218 - https://github.com/garethr/snykout CVE-2019-20218 - https://github.com/p1ay8y3ar/cve_monitor CVE-2019-20224 - https://github.com/0ps/pocassistdb @@ -26360,8 +28438,10 @@ CVE-2019-2025 - https://github.com/Sec20-Paper310/Paper310 CVE-2019-2025 - https://github.com/jltxgcy/CVE_2019_2025_EXP CVE-2019-2025 - https://github.com/xairy/linux-kernel-exploitation CVE-2019-20326 - https://github.com/0xT11/CVE-POC +CVE-2019-20326 - https://github.com/Fysac/CVE-2019-20326 CVE-2019-20326 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-20326 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-20330 - https://github.com/yahoo/cubed CVE-2019-20336 - https://github.com/Mad-robot/CVE-List CVE-2019-20337 - https://github.com/Mad-robot/CVE-List CVE-2019-20367 - https://github.com/Azure/container-scan @@ -26372,10 +28452,18 @@ CVE-2019-20372 - https://github.com/woods-sega/woodswiki CVE-2019-20386 - https://github.com/garethr/snykout CVE-2019-20388 - https://github.com/Exein-io/kepler CVE-2019-20443 - https://github.com/cybersecurityworks553/Security-Advisories +CVE-2019-20444 - https://github.com/yahoo/cubed +CVE-2019-20445 - https://github.com/yahoo/cubed CVE-2019-20502 - https://github.com/s1kr10s/EasyChatServer-DOS CVE-2019-20503 - https://github.com/allpaca/chrome-sbx-db +CVE-2019-20633 - https://github.com/strongcourage/uafbench +CVE-2019-20633 - https://github.com/strongcourage/uafuzz +CVE-2019-20634 - https://github.com/moohax/Proof-Pudding CVE-2019-20790 - https://github.com/chenjj/espoofer +CVE-2019-20838 - https://github.com/brandoncamenisch/release-the-code-litecoin CVE-2019-20838 - https://github.com/dispera/giant-squid +CVE-2019-20838 - https://github.com/domyrtille/interview_project +CVE-2019-20838 - https://github.com/epequeno/devops-demo CVE-2019-20838 - https://github.com/garethr/snykout CVE-2019-20838 - https://github.com/nedenwalker/spring-boot-app-using-gradle CVE-2019-20838 - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln @@ -26383,11 +28471,13 @@ CVE-2019-20838 - https://github.com/onzack/trivy-multiscanner CVE-2019-20839 - https://github.com/raminfp/raminfp CVE-2019-20907 - https://github.com/kinners00/yum_tasks CVE-2019-20916 - https://github.com/404notf0und/CVE-Flow +CVE-2019-20916 - https://github.com/noseka1/deep-dive-into-clair CVE-2019-20917 - https://github.com/404notf0und/CVE-Flow CVE-2019-20918 - https://github.com/404notf0und/CVE-Flow CVE-2019-20933 - https://github.com/0xsyr0/OSCP CVE-2019-20933 - https://github.com/The-Cracker-Technology/jwt_tool CVE-2019-20933 - https://github.com/mishmashclone/ticarpi-jwt_tool +CVE-2019-20933 - https://github.com/puckiestyle/jwt_tool CVE-2019-20933 - https://github.com/ticarpi/jwt_tool CVE-2019-2107 - https://github.com/0xT11/CVE-POC CVE-2019-2107 - https://github.com/CnHack3r/Penetration_PoC @@ -26400,16 +28490,21 @@ CVE-2019-2107 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-2107 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-2107 - https://github.com/huike007/penetration_poc CVE-2019-2107 - https://github.com/huike007/poc +CVE-2019-2107 - https://github.com/infiniteLoopers/CVE-2019-2107 CVE-2019-2107 - https://github.com/marcinguy/CVE-2019-2107 CVE-2019-2107 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-2107 - https://github.com/yedada-wei/- CVE-2019-2107 - https://github.com/yedada-wei/gongkaishouji +CVE-2019-2114 - https://github.com/Aucode-n/AndroidSec +CVE-2019-2114 - https://github.com/iamsarvagyaa/AndroidSecNotes CVE-2019-2181 - https://github.com/xairy/linux-kernel-exploitation CVE-2019-2194 - https://github.com/TinyNiko/android_bulletin_notes CVE-2019-2196 - https://github.com/0xT11/CVE-POC +CVE-2019-2196 - https://github.com/IOActive/AOSP-DownloadProviderDbDumperSQLiLimit CVE-2019-2196 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-2196 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-2198 - https://github.com/0xT11/CVE-POC +CVE-2019-2198 - https://github.com/IOActive/AOSP-DownloadProviderDbDumperSQLiWhere CVE-2019-2198 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-2198 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-2205 - https://github.com/p1ay8y3ar/cve_monitor @@ -26419,9 +28514,12 @@ CVE-2019-2215 - https://github.com/0xT11/CVE-POC CVE-2019-2215 - https://github.com/Al1ex/LinuxEelvation CVE-2019-2215 - https://github.com/Byte-Master-101/CVE-2019-2215 CVE-2019-2215 - https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections +CVE-2019-2215 - https://github.com/DimitriFourny/cve-2019-2215 CVE-2019-2215 - https://github.com/HacTF/poc--exp +CVE-2019-2215 - https://github.com/LIznzn/CVE-2019-2215 CVE-2019-2215 - https://github.com/Panopticon-Project/panopticon-Donot CVE-2019-2215 - https://github.com/Panopticon-Project/panopticon-Sidewinder +CVE-2019-2215 - https://github.com/aguerriero1998/Umass-CS-590J-Capstone-Project CVE-2019-2215 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-2215 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-2215 - https://github.com/fei9747/LinuxEelvation @@ -26430,10 +28528,16 @@ CVE-2019-2215 - https://github.com/grant-h/qu1ckr00t CVE-2019-2215 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-2215 - https://github.com/kangtastic/cve-2019-2215 CVE-2019-2215 - https://github.com/marcinguy/CVE-2019-2215 +CVE-2019-2215 - https://github.com/pengusec/awesome-netsec-articles +CVE-2019-2215 - https://github.com/qre0ct/android-kernel-exploitation-ashfaq-CVE-2019-2215 +CVE-2019-2215 - https://github.com/raystyle/CVE-2019-2215 +CVE-2019-2215 - https://github.com/sharif-dev/AndroidKernelVulnerability +CVE-2019-2215 - https://github.com/tdcoming/Vulnerability-engine CVE-2019-2215 - https://github.com/timwr/CVE-2019-2215 CVE-2019-2215 - https://github.com/wateroot/poc-exp CVE-2019-2215 - https://github.com/wrlu/Vulnerabilities CVE-2019-2215 - https://github.com/xairy/linux-kernel-exploitation +CVE-2019-2219 - https://github.com/7homasSutter/SimpleSpyware CVE-2019-2225 - https://github.com/wrlu/Vulnerabilities CVE-2019-2234 - https://github.com/wrlu/Vulnerabilities CVE-2019-2297 - https://github.com/jiayy/android_vuln_poc-exp @@ -26442,8 +28546,12 @@ CVE-2019-2302 - https://github.com/jiayy/android_vuln_poc-exp CVE-2019-2312 - https://github.com/jiayy/android_vuln_poc-exp CVE-2019-2314 - https://github.com/jiayy/android_vuln_poc-exp CVE-2019-2426 - https://github.com/SycloverSecurity/http_ntlmrelayx +CVE-2019-2494 - https://github.com/ycamper/censys-scripts CVE-2019-25013 - https://github.com/YaleSpinup/ecr-api +CVE-2019-25013 - https://github.com/brandoncamenisch/release-the-code-litecoin CVE-2019-25013 - https://github.com/dispera/giant-squid +CVE-2019-25013 - https://github.com/domyrtille/interview_project +CVE-2019-25013 - https://github.com/epequeno/devops-demo CVE-2019-25013 - https://github.com/nedenwalker/spring-boot-app-using-gradle CVE-2019-25013 - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln CVE-2019-25013 - https://github.com/onzack/trivy-multiscanner @@ -26453,12 +28561,18 @@ CVE-2019-25024 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-25025 - https://github.com/rails/activerecord-session_store CVE-2019-2525 - https://github.com/0xT11/CVE-POC CVE-2019-2525 - https://github.com/FSecureLABS/3d-accelerated-exploitation +CVE-2019-2525 - https://github.com/Lanph3re/virtualbox-1-day-exploit +CVE-2019-2525 - https://github.com/Phantomn/VirtualBox_CVE-2019-2525-CVE-2019-2548 CVE-2019-2525 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-2525 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-2525 - https://github.com/wotmd/VirtualBox-6.0.0-Exploit-1-day CVE-2019-2548 - https://github.com/0xT11/CVE-POC CVE-2019-2548 - https://github.com/FSecureLABS/3d-accelerated-exploitation +CVE-2019-2548 - https://github.com/Lanph3re/virtualbox-1-day-exploit +CVE-2019-2548 - https://github.com/Phantomn/VirtualBox_CVE-2019-2525-CVE-2019-2548 CVE-2019-2548 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-2548 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-2548 - https://github.com/wotmd/VirtualBox-6.0.0-Exploit-1-day CVE-2019-2556 - https://github.com/psifertex/ctf-vs-the-real-world CVE-2019-2576 - https://github.com/omurugur/Oracle_Attip_XML_Entity_Exploit CVE-2019-2578 - https://github.com/ARPSyndicate/kenzer-templates @@ -26468,6 +28582,7 @@ CVE-2019-2588 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-2588 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-2588 - https://github.com/sobinge/nuclei-templates CVE-2019-2588 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2019-2593 - https://github.com/ycamper/censys-scripts CVE-2019-2615 - https://github.com/0xT11/CVE-POC CVE-2019-2615 - https://github.com/SexyBeast233/SecBooks CVE-2019-2615 - https://github.com/chiaifan/CVE-2019-2615 @@ -26486,7 +28601,9 @@ CVE-2019-2618 - https://github.com/cross2to/betaseclab_tools CVE-2019-2618 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-2618 - https://github.com/dr0op/WeblogicScan CVE-2019-2618 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-2618 - https://github.com/ianxtianxt/cve-2019-2618 CVE-2019-2618 - https://github.com/jas502n/cve-2019-2618 +CVE-2019-2618 - https://github.com/lp008/Hack-readme CVE-2019-2618 - https://github.com/pyn3rd/CVE-2019-2618 CVE-2019-2618 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-2618 - https://github.com/r0eXpeR/redteam_vul @@ -26507,15 +28624,19 @@ CVE-2019-2725 - https://github.com/404notf0und/Security-Data-Analysis-and-Visual CVE-2019-2725 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-2725 - https://github.com/AnonVulc/Pentest-Tools CVE-2019-2725 - https://github.com/BitTheByte/Eagle +CVE-2019-2725 - https://github.com/Bywalks/WeblogicScan CVE-2019-2725 - https://github.com/CVCLabs/cve-2019-2725 CVE-2019-2725 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-2725 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-2725 - https://github.com/FlyfishSec/weblogic_rce CVE-2019-2725 - https://github.com/FoolMitAh/WeblogicScan +CVE-2019-2725 - https://github.com/GGyao/weblogic_2019_2725_wls_batch CVE-2019-2725 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2019-2725 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2019-2725 - https://github.com/N0b1e6/CVE-2019-2725-POC CVE-2019-2725 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2019-2725 - https://github.com/ParrotSec-CN/ParrotSecCN_Community_QQbot +CVE-2019-2725 - https://github.com/Quinn-Yan/HackerWithDocker CVE-2019-2725 - https://github.com/S3cur3Th1sSh1t/Pentest-Tools CVE-2019-2725 - https://github.com/SexyBeast233/SecBooks CVE-2019-2725 - https://github.com/SkyBlueEternal/CNVD-C-2019-48814-CNNVD-201904-961 @@ -26529,13 +28650,16 @@ CVE-2019-2725 - https://github.com/black-mirror/Weblogic CVE-2019-2725 - https://github.com/cross2to/betaseclab_tools CVE-2019-2725 - https://github.com/davidmthomsen/CVE-2019-2725 CVE-2019-2725 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-2725 - https://github.com/diggid4ever/Weblogic-XMLDecoder-POC CVE-2019-2725 - https://github.com/dr0op/WeblogicScan CVE-2019-2725 - https://github.com/fengjixuchui/RedTeamer CVE-2019-2725 - https://github.com/hanc00l/some_pocsuite CVE-2019-2725 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2019-2725 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-2725 - https://github.com/hmoytx/weblogicscan CVE-2019-2725 - https://github.com/huike007/penetration_poc CVE-2019-2725 - https://github.com/huike007/poc +CVE-2019-2725 - https://github.com/ianxtianxt/CVE-2019-2725 CVE-2019-2725 - https://github.com/iceMatcha/CNTA-2019-0014xCVE-2019-2725 CVE-2019-2725 - https://github.com/jas502n/CNVD-C-2019-48814 CVE-2019-2725 - https://github.com/jiangsir404/POC-S @@ -26546,15 +28670,19 @@ CVE-2019-2725 - https://github.com/koutto/jok3r-pocs CVE-2019-2725 - https://github.com/lasensio/cve-2019-2725 CVE-2019-2725 - https://github.com/leerina/CVE-2019-2725 CVE-2019-2725 - https://github.com/lowliness9/sectools +CVE-2019-2725 - https://github.com/lp008/Hack-readme CVE-2019-2725 - https://github.com/lufeirider/CVE-2019-2725 CVE-2019-2725 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2019-2725 - https://github.com/mishmashclone/qazbnm456-awesome-web-security CVE-2019-2725 - https://github.com/mmioimm/weblogic_test +CVE-2019-2725 - https://github.com/mrzzy/govware-2019-demos CVE-2019-2725 - https://github.com/pimps/CVE-2019-2725 +CVE-2019-2725 - https://github.com/pwnagelabs/VEF CVE-2019-2725 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-2725 - https://github.com/qazbnm456/awesome-web-security CVE-2019-2725 - https://github.com/r0eXpeR/redteam_vul CVE-2019-2725 - https://github.com/rabbitmask/WeblogicScanLot +CVE-2019-2725 - https://github.com/severnake/Pentest-Tools CVE-2019-2725 - https://github.com/shack2/javaserializetools CVE-2019-2725 - https://github.com/skytina/CNVD-C-2019-48814-COMMON CVE-2019-2725 - https://github.com/sobinge/nuclei-templates @@ -26573,6 +28701,7 @@ CVE-2019-2729 - https://github.com/0ps/pocassistdb CVE-2019-2729 - https://github.com/0xT11/CVE-POC CVE-2019-2729 - https://github.com/0xn0ne/weblogicScanner CVE-2019-2729 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2019-2729 - https://github.com/Bywalks/WeblogicScan CVE-2019-2729 - https://github.com/FoolMitAh/WeblogicScan CVE-2019-2729 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2019-2729 - https://github.com/ParrotSec-CN/ParrotSecCN_Community_QQbot @@ -26585,14 +28714,21 @@ CVE-2019-2729 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-2729 - https://github.com/dr0op/WeblogicScan CVE-2019-2729 - https://github.com/fengjixuchui/RedTeamer CVE-2019-2729 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-2729 - https://github.com/hmoytx/weblogicscan CVE-2019-2729 - https://github.com/jiangsir404/POC-S CVE-2019-2729 - https://github.com/jweny/pocassistdb CVE-2019-2729 - https://github.com/koutto/jok3r-pocs +CVE-2019-2729 - https://github.com/lp008/Hack-readme CVE-2019-2729 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2019-2729 - https://github.com/pimps/CVE-2019-2725 +CVE-2019-2729 - https://github.com/pwnagelabs/VEF +CVE-2019-2729 - https://github.com/qianxiao996/FrameScan CVE-2019-2729 - https://github.com/rabbitmask/WeblogicScanLot +CVE-2019-2729 - https://github.com/ruthlezs/CVE-2019-2729-Exploit +CVE-2019-2729 - https://github.com/safe6Sec/wlsEnv CVE-2019-2729 - https://github.com/superfish9/pt CVE-2019-2729 - https://github.com/veo/vscan +CVE-2019-2729 - https://github.com/waffl3ss/CVE-2019-2729 CVE-2019-2729 - https://github.com/whoadmin/pocs CVE-2019-2729 - https://github.com/zema1/oracle-vuln-crawler CVE-2019-2745 - https://github.com/revl-ca/scan-docker-image @@ -26624,22 +28760,27 @@ CVE-2019-2888 - https://github.com/zema1/oracle-vuln-crawler CVE-2019-2890 - https://github.com/0xT11/CVE-POC CVE-2019-2890 - https://github.com/0xn0ne/weblogicScanner CVE-2019-2890 - https://github.com/AnonVulc/Pentest-Tools +CVE-2019-2890 - https://github.com/Ky0-HVA/CVE-2019-2890 CVE-2019-2890 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2019-2890 - https://github.com/S3cur3Th1sSh1t/Pentest-Tools CVE-2019-2890 - https://github.com/SexyBeast233/SecBooks CVE-2019-2890 - https://github.com/SukaraLin/CVE-2019-2890 CVE-2019-2890 - https://github.com/ZO1RO/CVE-2019-2890 CVE-2019-2890 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-2890 - https://github.com/freeide/weblogic_cve-2019-2890 CVE-2019-2890 - https://github.com/hanc00l/some_pocsuite CVE-2019-2890 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-2890 - https://github.com/ianxtianxt/CVE-2019-2890 CVE-2019-2890 - https://github.com/jas502n/CVE-2019-2888 CVE-2019-2890 - https://github.com/jas502n/CVE-2019-2890 CVE-2019-2890 - https://github.com/koutto/jok3r-pocs CVE-2019-2890 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2019-2890 - https://github.com/severnake/Pentest-Tools CVE-2019-2890 - https://github.com/theyoge/AD-Pentesting-Tools CVE-2019-2890 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-2890 - https://github.com/zema1/oracle-vuln-crawler CVE-2019-2890 - https://github.com/zhzhdoai/Weblogic_Vuln +CVE-2019-2891 - https://github.com/tdcoming/Vulnerability-engine CVE-2019-2931 - https://github.com/0x0FB0/MiscSploits CVE-2019-2958 - https://github.com/dirs-dev/directories-jvm CVE-2019-2983 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs @@ -26647,10 +28788,12 @@ CVE-2019-3010 - https://github.com/0xT11/CVE-POC CVE-2019-3010 - https://github.com/0xdea/advisories CVE-2019-3010 - https://github.com/0xdea/exploits CVE-2019-3010 - https://github.com/0xdea/raptor_infiltrate20 +CVE-2019-3010 - https://github.com/chaizeg/privilege-escalation-breach CVE-2019-3010 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-3010 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-3014 - https://github.com/0x0FB0/MiscSploits CVE-2019-3015 - https://github.com/0x0FB0/MiscSploits +CVE-2019-3025 - https://github.com/walidfaour/Pentesting CVE-2019-3394 - https://github.com/0xT11/CVE-POC CVE-2019-3394 - https://github.com/SexyBeast233/SecBooks CVE-2019-3394 - https://github.com/developer3000S/PoC-in-GitHub @@ -26659,21 +28802,27 @@ CVE-2019-3394 - https://github.com/jas502n/CVE-2019-3394 CVE-2019-3394 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-3394 - https://github.com/woods-sega/woodswiki CVE-2019-3394 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2019-3395 - https://github.com/lp008/Hack-readme CVE-2019-3395 - https://github.com/pen4uin/vulnerability-lab CVE-2019-3396 - https://github.com/0ps/pocassistdb CVE-2019-3396 - https://github.com/0xT11/CVE-POC CVE-2019-3396 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-3396 - https://github.com/BitTheByte/Eagle +CVE-2019-3396 - https://github.com/FDlucifer/firece-fish +CVE-2019-3396 - https://github.com/JonathanZhou348/CVE-2019-3396TEST CVE-2019-3396 - https://github.com/Metarget/metarget CVE-2019-3396 - https://github.com/SexyBeast233/SecBooks +CVE-2019-3396 - https://github.com/W2Ning/CVE-2019-3396 CVE-2019-3396 - https://github.com/Yt1g3r/CVE-2019-3396_EXP CVE-2019-3396 - https://github.com/alex14324/Eagel CVE-2019-3396 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-3396 - https://github.com/am6539/CVE-2019-3396 CVE-2019-3396 - https://github.com/amcai/myscan CVE-2019-3396 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-3396 - https://github.com/dothanthitiendiettiende/CVE-2019-3396 CVE-2019-3396 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-3396 - https://github.com/jandersoncampelo/InfosecBookmarks +CVE-2019-3396 - https://github.com/jas502n/CVE-2019-3394 CVE-2019-3396 - https://github.com/jas502n/CVE-2019-3396 CVE-2019-3396 - https://github.com/jweny/pocassistdb CVE-2019-3396 - https://github.com/koamania/confluence_ssrf_malware_cleaner @@ -26681,10 +28830,13 @@ CVE-2019-3396 - https://github.com/mntn0x/POC CVE-2019-3396 - https://github.com/pyn3rd/CVE-2019-3396 CVE-2019-3396 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-3396 - https://github.com/quanpt103/CVE-2019-3396 +CVE-2019-3396 - https://github.com/r0eXpeR/supplier CVE-2019-3396 - https://github.com/s1xg0d/CVE-2019-3396 +CVE-2019-3396 - https://github.com/skommando/CVE-2019-3396-confluence-poc CVE-2019-3396 - https://github.com/sobinge/nuclei-templates CVE-2019-3396 - https://github.com/superfish9/pt CVE-2019-3396 - https://github.com/tanw923/test1 +CVE-2019-3396 - https://github.com/tdcoming/Vulnerability-engine CVE-2019-3396 - https://github.com/underattack-today/underattack-py CVE-2019-3396 - https://github.com/vntest11/confluence_CVE-2019-3396 CVE-2019-3396 - https://github.com/woods-sega/woodswiki @@ -26704,12 +28856,18 @@ CVE-2019-3401 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-3402 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-3402 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-3402 - https://github.com/sobinge/nuclei-templates +CVE-2019-3402 - https://github.com/sushantdhopat/JIRA_testing CVE-2019-3403 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-3403 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2019-3403 - https://github.com/sushantdhopat/JIRA_testing CVE-2019-3403 - https://github.com/und3sc0n0c1d0/UserEnumJira CVE-2019-3420 - https://github.com/qq431169079/ZTE +CVE-2019-3420 - https://github.com/qq431169079/Zata-Router-Takeover +CVE-2019-3461 - https://github.com/google/path-auditor CVE-2019-3462 - https://github.com/0xT11/CVE-POC CVE-2019-3462 - https://github.com/Azure/container-scan +CVE-2019-3462 - https://github.com/KorayAgaya/TrivyWeb +CVE-2019-3462 - https://github.com/Tufin/securecloud-image-analysis-action CVE-2019-3462 - https://github.com/atilacastro/update-apt-package CVE-2019-3462 - https://github.com/cynalytica/container-scan CVE-2019-3462 - https://github.com/drjhunter/container-scan @@ -26728,6 +28886,7 @@ CVE-2019-3465 - https://github.com/onelogin/php-saml CVE-2019-3465 - https://github.com/onewelcome/php-saml CVE-2019-3465 - https://github.com/parkbenchsolutions/odinapi-onelogin CVE-2019-3466 - https://github.com/mirchr/security-research +CVE-2019-3498 - https://github.com/Crossroadsman/treehouse-techdegree-python-project9 CVE-2019-3498 - https://github.com/garethr/snyksh CVE-2019-3498 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-3498 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers @@ -26746,6 +28905,7 @@ CVE-2019-3568 - https://github.com/maddiestone/ConPresentations CVE-2019-3648 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-3663 - https://github.com/0xT11/CVE-POC CVE-2019-3663 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-3663 - https://github.com/funoverip/mcafee_atd_CVE-2019-3663 CVE-2019-3663 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-3719 - https://github.com/0xT11/CVE-POC CVE-2019-3719 - https://github.com/D4stiny/Dell-Support-Assist-RCE-PoC @@ -26755,7 +28915,11 @@ CVE-2019-3719 - https://github.com/jiansiting/CVE-2019-3719 CVE-2019-3722 - https://github.com/RhinoSecurityLabs/CVEs CVE-2019-3726 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-3726 - https://github.com/shubham0d/SymBlock +CVE-2019-3746 - https://github.com/cltempleton1127/Red-Team_Blue-Team-Project2 +CVE-2019-3746 - https://github.com/joshblack07/UR-Cyber-Security-Red_vs_Blue +CVE-2019-3746 - https://github.com/laurapratt87/Capstone-Engagement-Project-Red-Team-v.-Blue-Team CVE-2019-3778 - https://github.com/0xT11/CVE-POC +CVE-2019-3778 - https://github.com/BBB-man/CVE-2019-3778-Spring-Security-OAuth-2.3-Open-Redirection CVE-2019-3778 - https://github.com/SexyBeast233/SecBooks CVE-2019-3778 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-3778 - https://github.com/hectorgie/PoC-in-GitHub @@ -26776,11 +28940,13 @@ CVE-2019-3799 - https://github.com/tom0li/collection-document CVE-2019-3810 - https://github.com/farisv/Moodle-CVE-2019-3810 CVE-2019-3810 - https://github.com/taielab/awesome-hacking-lists CVE-2019-3820 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2019-3822 - https://github.com/KorayAgaya/TrivyWeb CVE-2019-3822 - https://github.com/saiyuki1919/BlackHat2019 CVE-2019-3822 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-3822 - https://github.com/simiyo/trivy CVE-2019-3822 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2019-3822 - https://github.com/umahari/security +CVE-2019-3823 - https://github.com/KorayAgaya/TrivyWeb CVE-2019-3823 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-3823 - https://github.com/simiyo/trivy CVE-2019-3823 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers @@ -26794,43 +28960,52 @@ CVE-2019-3847 - https://github.com/danielthatcher/moodle-login-csrf CVE-2019-3847 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-3847 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-3855 - https://github.com/0xT11/CVE-POC +CVE-2019-3855 - https://github.com/KorayAgaya/TrivyWeb CVE-2019-3855 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-3855 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-3855 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-3855 - https://github.com/simiyo/trivy CVE-2019-3855 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2019-3855 - https://github.com/umahari/security +CVE-2019-3856 - https://github.com/KorayAgaya/TrivyWeb CVE-2019-3856 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-3856 - https://github.com/simiyo/trivy CVE-2019-3856 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2019-3856 - https://github.com/umahari/security +CVE-2019-3857 - https://github.com/KorayAgaya/TrivyWeb CVE-2019-3857 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-3857 - https://github.com/simiyo/trivy CVE-2019-3857 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2019-3857 - https://github.com/umahari/security +CVE-2019-3858 - https://github.com/KorayAgaya/TrivyWeb CVE-2019-3858 - https://github.com/revl-ca/scan-docker-image CVE-2019-3858 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-3858 - https://github.com/simiyo/trivy CVE-2019-3858 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2019-3858 - https://github.com/umahari/security +CVE-2019-3859 - https://github.com/KorayAgaya/TrivyWeb CVE-2019-3859 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-3859 - https://github.com/simiyo/trivy CVE-2019-3859 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2019-3859 - https://github.com/umahari/security +CVE-2019-3860 - https://github.com/KorayAgaya/TrivyWeb CVE-2019-3860 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-3860 - https://github.com/simiyo/trivy CVE-2019-3860 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2019-3860 - https://github.com/umahari/security +CVE-2019-3861 - https://github.com/KorayAgaya/TrivyWeb CVE-2019-3861 - https://github.com/revl-ca/scan-docker-image CVE-2019-3861 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-3861 - https://github.com/simiyo/trivy CVE-2019-3861 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2019-3861 - https://github.com/umahari/security +CVE-2019-3862 - https://github.com/KorayAgaya/TrivyWeb CVE-2019-3862 - https://github.com/revl-ca/scan-docker-image CVE-2019-3862 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-3862 - https://github.com/simiyo/trivy CVE-2019-3862 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2019-3862 - https://github.com/umahari/security +CVE-2019-3863 - https://github.com/KorayAgaya/TrivyWeb CVE-2019-3863 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-3863 - https://github.com/simiyo/trivy CVE-2019-3863 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers @@ -26843,13 +29018,16 @@ CVE-2019-3929 - https://github.com/0xT11/CVE-POC CVE-2019-3929 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-3929 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-3929 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-3929 - https://github.com/xfox64x/CVE-2019-3929 CVE-2019-3948 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-3948 - https://github.com/gobysec/Goby CVE-2019-3969 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-3969 - https://github.com/pengusec/awesome-netsec-articles CVE-2019-3980 - https://github.com/0xT11/CVE-POC CVE-2019-3980 - https://github.com/S3cur3Th1sSh1t/Pentest-Tools CVE-2019-3980 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-3980 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-3980 - https://github.com/warferik/CVE-2019-3980 CVE-2019-4233 - https://github.com/UrbanCode/jenkins-publisher-ucd-plugin CVE-2019-4279 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2019-4279 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet @@ -26858,11 +29036,16 @@ CVE-2019-48814 - https://github.com/0xT11/CVE-POC CVE-2019-48814 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-48814 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-48814 - https://github.com/wucj001/cve-2019-48814 +CVE-2019-5007 - https://github.com/msantos/cvecat +CVE-2019-5008 - https://github.com/msantos/cvecat +CVE-2019-5009 - https://github.com/msantos/cvecat CVE-2019-5010 - https://github.com/0xT11/CVE-POC +CVE-2019-5010 - https://github.com/JonathanWilbur/CVE-2019-5010 CVE-2019-5010 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-5010 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-5010 - https://github.com/revl-ca/scan-docker-image CVE-2019-5018 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-5021 - https://github.com/Metarget/cloud-native-security-book CVE-2019-5021 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-5021 - https://github.com/jdickey/hanami-1.3.1-base CVE-2019-5021 - https://github.com/slow-but-steady/Fun-Projects @@ -26871,6 +29054,7 @@ CVE-2019-5096 - https://github.com/0xT11/CVE-POC CVE-2019-5096 - https://github.com/SexyBeast233/SecBooks CVE-2019-5096 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-5096 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-5096 - https://github.com/ianxtianxt/CVE-2019-5096-GoAhead-Web-Server-Dos-Exploit CVE-2019-5127 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-5127 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-5127 - https://github.com/sobinge/nuclei-templates @@ -26881,6 +29065,7 @@ CVE-2019-5241 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-5241 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-5312 - https://github.com/superfish9/pt CVE-2019-5326 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2019-5392 - https://github.com/crazywifi/HPE-Intelligent-Management-Center-dbman-Command-10001-Information-Disclosure CVE-2019-5413 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-5414 - https://github.com/ossf-cve-benchmark/CVE-2019-5414 CVE-2019-5418 - https://github.com/0xT11/CVE-POC @@ -26907,35 +29092,53 @@ CVE-2019-5418 - https://github.com/mpgn/Rails-doubletap-RCE CVE-2019-5418 - https://github.com/n1sh1th/CVE-POC CVE-2019-5418 - https://github.com/omarkurt/CVE-2019-5418 CVE-2019-5418 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2019-5418 - https://github.com/random-robbie/CVE-2019-5418 CVE-2019-5418 - https://github.com/shuanx/vulnerability CVE-2019-5418 - https://github.com/sobinge/nuclei-templates CVE-2019-5418 - https://github.com/superfish9/pt CVE-2019-5418 - https://github.com/takeokunn/CVE-2019-5418 CVE-2019-5418 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2019-5418 - https://github.com/ztgrace/CVE-2019-5418-Rails3 CVE-2019-5419 - https://github.com/mpgn/CVE-2019-5418 CVE-2019-5419 - https://github.com/mpgn/Rails-doubletap-RCE CVE-2019-5420 - https://github.com/0xT11/CVE-POC CVE-2019-5420 - https://github.com/0xedward/awesome-rails-security +CVE-2019-5420 - https://github.com/Delishsploits/PayloadsAndMethodology +CVE-2019-5420 - https://github.com/GuynnR/Payloads +CVE-2019-5420 - https://github.com/Nieuport/PayloadsAllTheThings CVE-2019-5420 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-5420 - https://github.com/apkadmin/PayLoadsAll +CVE-2019-5420 - https://github.com/chanchalpatra/payload CVE-2019-5420 - https://github.com/cved-sources/cve-2019-5420 CVE-2019-5420 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-5420 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-5420 - https://github.com/hellochunqiu/PayloadsAllTheThings CVE-2019-5420 - https://github.com/knqyf263/CVE-2019-5420 CVE-2019-5420 - https://github.com/koutto/jok3r-pocs +CVE-2019-5420 - https://github.com/ksw9722/PayloadsAllTheThings CVE-2019-5420 - https://github.com/mpgn/Rails-doubletap-RCE +CVE-2019-5420 - https://github.com/mrhacker51/ReverseShellCommands +CVE-2019-5420 - https://github.com/nevidimk0/PayloadsAllTheThings +CVE-2019-5420 - https://github.com/scumdestroy/pentest-scripts-for-dangerous-boys +CVE-2019-5420 - https://github.com/sobinge/PayloadsAllThesobinge +CVE-2019-5420 - https://github.com/winterwolf32/PayloadsAllTheThings CVE-2019-5423 - https://github.com/ossf-cve-benchmark/CVE-2019-5423 CVE-2019-5427 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-5427 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-5428 - https://github.com/DanielRuf/snyk-js-jquery-174006 CVE-2019-5428 - https://github.com/DanielRuf/snyk-js-jquery-565129 +CVE-2019-5428 - https://github.com/KorayAgaya/TrivyWeb CVE-2019-5428 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-5428 - https://github.com/simiyo/trivy CVE-2019-5428 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers CVE-2019-5428 - https://github.com/umahari/security +CVE-2019-54321 - https://github.com/limkokholefork/ubuntu-cve-oval CVE-2019-5436 - https://github.com/revl-ca/scan-docker-image CVE-2019-5439 - https://github.com/litneet64/containerized-bomb-disposal +CVE-2019-5443 - https://github.com/EmilioBerlanda/cURL CVE-2019-5443 - https://github.com/curl/curl-for-win CVE-2019-5444 - https://github.com/ossf-cve-benchmark/CVE-2019-5444 +CVE-2019-5449 - https://github.com/schokokeksorg/freewvs CVE-2019-5454 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-5454 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-5475 - https://github.com/0xT11/CVE-POC @@ -26944,6 +29147,7 @@ CVE-2019-5475 - https://github.com/TesterCC/exp_poc_library CVE-2019-5475 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-5475 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-5475 - https://github.com/jaychouzzk/CVE-2019-5475-Nexus-Repository-Manager- +CVE-2019-5475 - https://github.com/rabbitmask/CVE-2019-5475-EXP CVE-2019-5477 - https://github.com/Hamid-K/bookmarks CVE-2019-5478 - https://github.com/f-secure-foundry/advisories CVE-2019-5479 - https://github.com/ossf-cve-benchmark/CVE-2019-5479 @@ -26956,14 +29160,17 @@ CVE-2019-5484 - https://github.com/ESAPI/owasp-esapi-js CVE-2019-5489 - https://github.com/0xT11/CVE-POC CVE-2019-5489 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-5489 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-5489 - https://github.com/mmxsrup/CVE-2019-5489 CVE-2019-5512 - https://github.com/punishell/WindowsLegacyCVE CVE-2019-5513 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-5516 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-5544 - https://github.com/ARPSyndicate/cvemon +CVE-2019-5544 - https://github.com/HynekPetrak/CVE-2019-5544_CVE-2020-3992 CVE-2019-5544 - https://github.com/WinMin/Protocol-Vul CVE-2019-5544 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-5544 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-5544 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2019-5591 - https://github.com/r0eXpeR/supplier CVE-2019-5596 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-5597 - https://github.com/secdev/awesome-scapy CVE-2019-5602 - https://github.com/alphaSeclab/sec-daily-2019 @@ -26978,6 +29185,7 @@ CVE-2019-5624 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-5630 - https://github.com/0xT11/CVE-POC CVE-2019-5630 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-5630 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-5630 - https://github.com/rbeede/CVE-2019-5630 CVE-2019-5643 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-5644 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-5645 - https://github.com/404notf0und/CVE-Flow @@ -26986,18 +29194,28 @@ CVE-2019-5674 - https://github.com/RhinoSecurityLabs/CVEs CVE-2019-5674 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-5674 - https://github.com/sunzu94/AWS-CVEs CVE-2019-5678 - https://github.com/RhinoSecurityLabs/CVEs +CVE-2019-5678 - https://github.com/pengusec/awesome-netsec-articles CVE-2019-5678 - https://github.com/sunzu94/AWS-CVEs CVE-2019-5699 - https://github.com/oscardagrach/CVE-2019-5700 CVE-2019-5700 - https://github.com/0xT11/CVE-POC CVE-2019-5700 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-5700 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-5700 - https://github.com/oscardagrach/CVE-2019-5700 CVE-2019-5736 - https://github.com/0xT11/CVE-POC CVE-2019-5736 - https://github.com/0xsyr0/OSCP CVE-2019-5736 - https://github.com/BBRathnayaka/POC-CVE-2019-5736 +CVE-2019-5736 - https://github.com/Billith/CVE-2019-5736-PoC +CVE-2019-5736 - https://github.com/BurlakaR/tpc +CVE-2019-5736 - https://github.com/EvilAnne/2019-Read-article CVE-2019-5736 - https://github.com/Frichetten/CVE-2019-5736-PoC +CVE-2019-5736 - https://github.com/GiverOfGifts/CVE-2019-5736-Custom-Runtime +CVE-2019-5736 - https://github.com/Keramas/Blowhole +CVE-2019-5736 - https://github.com/Lee-SungYoung/cve-2019-5736-study CVE-2019-5736 - https://github.com/Malamunza/Nvedia CVE-2019-5736 - https://github.com/Malamunza/update2 CVE-2019-5736 - https://github.com/Metarget/awesome-cloud-native-security +CVE-2019-5736 - https://github.com/Metarget/cloud-native-security-book +CVE-2019-5736 - https://github.com/Metarget/k0otkit CVE-2019-5736 - https://github.com/Metarget/metarget CVE-2019-5736 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2019-5736 - https://github.com/PercussiveElbow/docker-escape-tool @@ -27012,19 +29230,26 @@ CVE-2019-5736 - https://github.com/b3d3c/poc-cve-2019-5736 CVE-2019-5736 - https://github.com/bitdefender/vbh_sample CVE-2019-5736 - https://github.com/brompwnie/botb CVE-2019-5736 - https://github.com/cdk-team/CDK +CVE-2019-5736 - https://github.com/chosam2/cve-2019-5736-poc CVE-2019-5736 - https://github.com/cometkim/awesome-list CVE-2019-5736 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-5736 - https://github.com/epsteina16/Docker-Escape-Miner +CVE-2019-5736 - https://github.com/geropl/CVE-2019-5736 CVE-2019-5736 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-5736 - https://github.com/heroku/bheu19-attacking-cloud-builds CVE-2019-5736 - https://github.com/jakubkrawczyk/cve-2019-5736 CVE-2019-5736 - https://github.com/jas502n/CVE-2019-5736 CVE-2019-5736 - https://github.com/jeansgit/Pentest CVE-2019-5736 - https://github.com/kaosagnt/ansible-everyday +CVE-2019-5736 - https://github.com/kdada/imkira.com CVE-2019-5736 - https://github.com/kindredgroupsec/venom CVE-2019-5736 - https://github.com/likescam/CVE-2019-5736 CVE-2019-5736 - https://github.com/likescam/cve-2019-5736-poc +CVE-2019-5736 - https://github.com/lp008/Hack-readme CVE-2019-5736 - https://github.com/m4r1k/k8s_5g_lab CVE-2019-5736 - https://github.com/manoelt/50M_CTF_Writeup CVE-2019-5736 - https://github.com/milloni/cve-2019-5736-exp +CVE-2019-5736 - https://github.com/mrzzy/govware-2019-demos CVE-2019-5736 - https://github.com/myugan/awesome-docker-security CVE-2019-5736 - https://github.com/owen800q/Awesome-Stars CVE-2019-5736 - https://github.com/panzouh/Docker-Runc-Exploit @@ -27033,12 +29258,17 @@ CVE-2019-5736 - https://github.com/pyperanger/dockerevil CVE-2019-5736 - https://github.com/q3k/cve-2019-5736-poc CVE-2019-5736 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-5736 - https://github.com/rancher/runc-cve +CVE-2019-5736 - https://github.com/reni2study/Cloud-Native-Security2 +CVE-2019-5736 - https://github.com/sandbornm/HardenDocker CVE-2019-5736 - https://github.com/saucer-man/exploit +CVE-2019-5736 - https://github.com/shen54/IT19172088 CVE-2019-5736 - https://github.com/stillan00b/CVE-2019-5736 CVE-2019-5736 - https://github.com/taielab/awesome-hacking-lists CVE-2019-5736 - https://github.com/twistlock/RunC-CVE-2019-5736 +CVE-2019-5736 - https://github.com/twistlock/whoc CVE-2019-5736 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-5736 - https://github.com/yyqs2008/CVE-2019-5736-PoC-2 +CVE-2019-5736 - https://github.com/zhonghual1206/biyi-sealidentify CVE-2019-5736 - https://github.com/zyriuse75/CVE-2019-5736-PoC CVE-2019-5737 - https://github.com/0xT11/CVE-POC CVE-2019-5737 - https://github.com/beelzebruh/cve-2019-5737 @@ -27049,6 +29279,8 @@ CVE-2019-5763 - https://github.com/BBRathnayaka/POC-CVE-2019-5736 CVE-2019-5763 - https://github.com/LukeJYK/CVE-2019_VIM_test CVE-2019-5763 - https://github.com/teddy47/CVE-2019-13272---Documentation CVE-2019-5763 - https://github.com/twistlock/RunC-CVE-2019-5736 +CVE-2019-5765 - https://github.com/Aucode-n/AndroidSec +CVE-2019-5765 - https://github.com/iamsarvagyaa/AndroidSecNotes CVE-2019-5782 - https://github.com/De4dCr0w/Browser-pwn CVE-2019-5782 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-5782 - https://github.com/hectorgie/PoC-in-GitHub @@ -27059,13 +29291,16 @@ CVE-2019-5784 - https://github.com/tunz/js-vuln-db CVE-2019-5786 - https://github.com/0xT11/CVE-POC CVE-2019-5786 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2019-5786 - https://github.com/SexyBeast233/SecBooks +CVE-2019-5786 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2019-5786 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-5786 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-5786 - https://github.com/emtuls/Awesome-Cyber-Security-List CVE-2019-5786 - https://github.com/exodusintel/CVE-2019-0808 CVE-2019-5786 - https://github.com/exodusintel/CVE-2019-5786 +CVE-2019-5786 - https://github.com/fengjixuchui/Just-pwn-it-for-fun CVE-2019-5786 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-5786 - https://github.com/liukonen/WinFrost +CVE-2019-5786 - https://github.com/lp008/Hack-readme CVE-2019-5786 - https://github.com/m1ghtym0/browser-pwn CVE-2019-5786 - https://github.com/taielab/awesome-hacking-lists CVE-2019-5788 - https://github.com/allpaca/chrome-sbx-db @@ -27076,13 +29311,16 @@ CVE-2019-5790 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-5790 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-5797 - https://github.com/allpaca/chrome-sbx-db CVE-2019-5806 - https://github.com/sslab-gatech/freedom +CVE-2019-5808 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2019-5809 - https://github.com/allpaca/chrome-sbx-db CVE-2019-5817 - https://github.com/sslab-gatech/freedom CVE-2019-5822 - https://github.com/0xT11/CVE-POC +CVE-2019-5822 - https://github.com/Silence-Rain/14-828_Exploitation_of_CVE-2019-5822 CVE-2019-5822 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-5822 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-5825 - https://github.com/0xT11/CVE-POC CVE-2019-5825 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-5825 - https://github.com/fs0c-sh/exploits CVE-2019-5825 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-5825 - https://github.com/timwr/CVE-2019-5825 CVE-2019-5826 - https://github.com/Kiprey/Skr_Learning @@ -27096,10 +29334,14 @@ CVE-2019-5850 - https://github.com/allpaca/chrome-sbx-db CVE-2019-5853 - https://github.com/googleprojectzero/fuzzilli CVE-2019-5859 - https://github.com/allpaca/chrome-sbx-db CVE-2019-5870 - https://github.com/allpaca/chrome-sbx-db +CVE-2019-5870 - https://github.com/secmob/TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices CVE-2019-5874 - https://github.com/allpaca/chrome-sbx-db CVE-2019-5876 - https://github.com/allpaca/chrome-sbx-db +CVE-2019-5877 - https://github.com/secmob/TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices CVE-2019-5893 - https://github.com/0xT11/CVE-POC CVE-2019-5893 - https://github.com/EmreOvunc/OpenSource-ERP-SQL-Injection +CVE-2019-6013 - https://github.com/msantos/cvecat +CVE-2019-6109 - https://github.com/KorayAgaya/TrivyWeb CVE-2019-6109 - https://github.com/revl-ca/scan-docker-image CVE-2019-6109 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-6109 - https://github.com/simiyo/trivy @@ -27113,6 +29355,8 @@ CVE-2019-6110 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrou CVE-2019-6110 - https://github.com/vshaliii/DC-4-Vulnhub-Walkthrough CVE-2019-6110 - https://github.com/vshaliii/Funbox2-rookie CVE-2019-6111 - https://github.com/0xT11/CVE-POC +CVE-2019-6111 - https://github.com/53n7hu/SNP +CVE-2019-6111 - https://github.com/KorayAgaya/TrivyWeb CVE-2019-6111 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-6111 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-6111 - https://github.com/scmanjarrez/CVEScannerV2 @@ -27131,6 +29375,7 @@ CVE-2019-6116 - https://github.com/SexyBeast233/SecBooks CVE-2019-6116 - https://github.com/barrracud4/image-upload-exploits CVE-2019-6116 - https://github.com/superfish9/pt CVE-2019-6126 - https://github.com/Mad-robot/CVE-List +CVE-2019-6128 - https://github.com/FritzJo/pacheck CVE-2019-6145 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-6171 - https://github.com/hamishcoleman/thinkpad-ec CVE-2019-6177 - https://github.com/alphaSeclab/sec-daily-2019 @@ -27140,6 +29385,7 @@ CVE-2019-6203 - https://github.com/geeksniper/reverse-engineering-toolkit CVE-2019-6203 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-6203 - https://github.com/qingxp9/CVE-2019-6203-PoC CVE-2019-6207 - https://github.com/0xT11/CVE-POC +CVE-2019-6207 - https://github.com/DimitriFourny/cve-2019-6207 CVE-2019-6207 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-6207 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-6207 - https://github.com/dothanthitiendiettiende/CVE-2019-6207 @@ -27162,6 +29408,8 @@ CVE-2019-6225 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-6225 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2019-6225 - https://github.com/iFenixx/voucher_swap-Exploit-for-iOS-12.1.2 CVE-2019-6225 - https://github.com/pagazp/Chaos +CVE-2019-6225 - https://github.com/raystyle/jailbreak-iOS12 +CVE-2019-6225 - https://github.com/ugksoft/OsirisJailbreak12 CVE-2019-6231 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2019-6231 - https://github.com/kai5263499/osx-security-awesome CVE-2019-6249 - https://github.com/0xT11/CVE-POC @@ -27176,14 +29424,25 @@ CVE-2019-6260 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-6260 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-6263 - https://github.com/0xT11/CVE-POC CVE-2019-6263 - https://github.com/praveensutar/CVE-2019-6263-Joomla-POC +CVE-2019-6285 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2019-6285 - https://github.com/tzf-key/MemLock_Benchmark +CVE-2019-6290 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2019-6290 - https://github.com/tzf-key/MemLock_Benchmark CVE-2019-6290 - https://github.com/wcventure/MemLock-Fuzz +CVE-2019-6291 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2019-6291 - https://github.com/tzf-key/MemLock_Benchmark CVE-2019-6291 - https://github.com/wcventure/MemLock-Fuzz +CVE-2019-6292 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2019-6292 - https://github.com/tzf-key/MemLock_Benchmark CVE-2019-6292 - https://github.com/wcventure/MemLock-Fuzz +CVE-2019-6293 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2019-6293 - https://github.com/tzf-key/MemLock_Benchmark CVE-2019-6293 - https://github.com/wcventure/MemLock-Fuzz CVE-2019-6328 - https://github.com/0xT11/CVE-POC CVE-2019-6328 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-6328 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-6329 - https://github.com/0xT11/CVE-POC +CVE-2019-6329 - https://github.com/ManhNDd/CVE-2019-6329 CVE-2019-6329 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-6329 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-6333 - https://github.com/alphaSeclab/sec-daily-2019 @@ -27195,9 +29454,12 @@ CVE-2019-6340 - https://github.com/Aprillia01/auto-Exploiter CVE-2019-6340 - https://github.com/DevDungeon/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass CVE-2019-6340 - https://github.com/DynamicDesignz/Alien-Framework CVE-2019-6340 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2019-6340 - https://github.com/PleXone2019/ICG-AutoExploiterBoT CVE-2019-6340 - https://github.com/SexyBeast233/SecBooks CVE-2019-6340 - https://github.com/amcai/myscan CVE-2019-6340 - https://github.com/antonio-fr/DrupalRS +CVE-2019-6340 - https://github.com/anuslok2/IC +CVE-2019-6340 - https://github.com/borahan951/priv8.mechploit CVE-2019-6340 - https://github.com/cved-sources/cve-2019-6340 CVE-2019-6340 - https://github.com/d1vious/cve-2019-6340-bits CVE-2019-6340 - https://github.com/developer3000S/PoC-in-GitHub @@ -27208,7 +29470,9 @@ CVE-2019-6340 - https://github.com/jas502n/CVE-2019-6340 CVE-2019-6340 - https://github.com/knqyf263/CVE-2019-6340 CVE-2019-6340 - https://github.com/koala2099/GitHub-Chinese-Top-Charts CVE-2019-6340 - https://github.com/koutto/jok3r-pocs +CVE-2019-6340 - https://github.com/lp008/Hack-readme CVE-2019-6340 - https://github.com/ludy-dev/drupal8-REST-RCE +CVE-2019-6340 - https://github.com/neilzhang1/Chinese-Charts CVE-2019-6340 - https://github.com/opflep/Drupalgeddon-Toolkit CVE-2019-6340 - https://github.com/oways/CVE-2019-6340 CVE-2019-6340 - https://github.com/pinkieli/GitHub-Chinese-Top-Charts @@ -27219,6 +29483,7 @@ CVE-2019-6340 - https://github.com/tolgadevsec/Awesome-Deception CVE-2019-6340 - https://github.com/zeralot/Dectect-CVE CVE-2019-6340 - https://github.com/zhzyker/exphub CVE-2019-6341 - https://github.com/SexyBeast233/SecBooks +CVE-2019-6439 - https://github.com/blueboxsec/wolfssl CVE-2019-6439 - https://github.com/xblbaby/wolfssl CVE-2019-6440 - https://github.com/0xT11/CVE-POC CVE-2019-6440 - https://github.com/developer3000S/PoC-in-GitHub @@ -27232,6 +29497,7 @@ CVE-2019-6446 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-6446 - https://github.com/w181496/Web-CTF-Cheatsheet CVE-2019-6447 - https://github.com/0xT11/CVE-POC CVE-2019-6447 - https://github.com/H0j3n/EzpzCheatSheet +CVE-2019-6447 - https://github.com/SandaRuFdo/ES-File-Explorer-Open-Port-Vulnerability---CVE-2019-6447 CVE-2019-6447 - https://github.com/angristan/awesome-stars CVE-2019-6447 - https://github.com/codeonlinux/esexplorervuln CVE-2019-6447 - https://github.com/developer3000S/PoC-in-GitHub @@ -27239,6 +29505,7 @@ CVE-2019-6447 - https://github.com/fs0c131y/ESFileExplorerOpenPortVuln CVE-2019-6447 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-6447 - https://github.com/mooyoul/awesome-stars CVE-2019-6453 - https://github.com/0xT11/CVE-POC +CVE-2019-6453 - https://github.com/andripwn/mIRC-CVE-2019-6453 CVE-2019-6453 - https://github.com/astroicers/pentest_guide CVE-2019-6453 - https://github.com/b9q/EAOrigin_remote_code CVE-2019-6453 - https://github.com/developer3000S/PoC-in-GitHub @@ -27246,17 +29513,22 @@ CVE-2019-6453 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-6453 - https://github.com/proofofcalc/cve-2019-6453-poc CVE-2019-6454 - https://github.com/fbreton/lacework CVE-2019-6454 - https://github.com/flyrev/security-scan-ci-presentation +CVE-2019-6455 - https://github.com/strongcourage/uafbench +CVE-2019-6461 - https://github.com/facebookincubator/meta-fbvuln CVE-2019-6461 - https://github.com/revl-ca/scan-docker-image +CVE-2019-6462 - https://github.com/facebookincubator/meta-fbvuln CVE-2019-6462 - https://github.com/revl-ca/scan-docker-image CVE-2019-6465 - https://github.com/HJXSaber/bind9-my CVE-2019-6465 - https://github.com/pexip/os-bind9 CVE-2019-6467 - https://github.com/0xT11/CVE-POC CVE-2019-6467 - https://github.com/NetW0rK1le3r/awesome-hacking-lists +CVE-2019-6467 - https://github.com/Seabreg/bind CVE-2019-6467 - https://github.com/bg6cq/bind9 CVE-2019-6467 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-6467 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-6467 - https://github.com/knqyf263/CVE-2019-6467 CVE-2019-6467 - https://github.com/taielab/awesome-hacking-lists +CVE-2019-6471 - https://github.com/Seabreg/bind CVE-2019-6471 - https://github.com/bg6cq/bind9 CVE-2019-6475 - https://github.com/bg6cq/bind9 CVE-2019-6476 - https://github.com/bg6cq/bind9 @@ -27269,6 +29541,9 @@ CVE-2019-6492 - https://github.com/DownWithUp/CVE-Stockpile CVE-2019-6493 - https://github.com/DownWithUp/CVE-Stockpile CVE-2019-6494 - https://github.com/DownWithUp/CVE-Stockpile CVE-2019-6503 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2019-6579 - https://github.com/cltempleton1127/Red-Team_Blue-Team-Project2 +CVE-2019-6579 - https://github.com/joshblack07/UR-Cyber-Security-Red_vs_Blue +CVE-2019-6579 - https://github.com/laurapratt87/Capstone-Engagement-Project-Red-Team-v.-Blue-Team CVE-2019-6593 - https://github.com/tls-attacker/TLS-Padding-Oracles CVE-2019-6617 - https://github.com/mirchr/security-research CVE-2019-6690 - https://github.com/0xT11/CVE-POC @@ -27280,23 +29555,49 @@ CVE-2019-6690 - https://github.com/stigtsp/CVE-2019-6690-python-gnupg-vulnerabil CVE-2019-6693 - https://github.com/p1ay8y3ar/cve_monitor CVE-2019-6713 - https://github.com/17734027950/thinkcmf CVE-2019-6713 - https://github.com/2499659968/mychen +CVE-2019-6713 - https://github.com/405149071/thinkcmf5.1 +CVE-2019-6713 - https://github.com/CrowdYellow/thinkcmf CVE-2019-6713 - https://github.com/JeasonLaung/mmp +CVE-2019-6713 - https://github.com/Pein-mo/cuishou CVE-2019-6713 - https://github.com/Pengchu/system +CVE-2019-6713 - https://github.com/RuanShan/ruanshan_psite +CVE-2019-6713 - https://github.com/bo-ouyang/mall +CVE-2019-6713 - https://github.com/bomzhi/thinkcmf +CVE-2019-6713 - https://github.com/cp930725/exchange +CVE-2019-6713 - https://github.com/cp930725/jiaoyisuo +CVE-2019-6713 - https://github.com/cspangge/admin +CVE-2019-6713 - https://github.com/gongweisong/haotian CVE-2019-6713 - https://github.com/haodaxia/cmf CVE-2019-6713 - https://github.com/haodaxia/thinkcmf +CVE-2019-6713 - https://github.com/jianzi0307/sendmail +CVE-2019-6713 - https://github.com/kimcastle/thinkcmf CVE-2019-6713 - https://github.com/kongbai18/cmftest +CVE-2019-6713 - https://github.com/lenyueocy/thimkcmf +CVE-2019-6713 - https://github.com/liuqian1115/cpoeSystem +CVE-2019-6713 - https://github.com/loopoxs/web CVE-2019-6713 - https://github.com/luandly/thinkcmf CVE-2019-6713 - https://github.com/lym360722/TC CVE-2019-6713 - https://github.com/new-asia/thinkcmf CVE-2019-6713 - https://github.com/qq951169144/thinkcmf +CVE-2019-6713 - https://github.com/ring888/meikuang +CVE-2019-6713 - https://github.com/shushengqiutu/thinkcmfcloud +CVE-2019-6713 - https://github.com/shuyekafeiting/jw163 +CVE-2019-6713 - https://github.com/smart817/abc CVE-2019-6713 - https://github.com/tthxn/thinkcmf51 CVE-2019-6713 - https://github.com/wangmode/site_system +CVE-2019-6713 - https://github.com/wilgx0/tp_im +CVE-2019-6713 - https://github.com/xialonghao/CMF CVE-2019-6713 - https://github.com/xialonghao/draw +CVE-2019-6713 - https://github.com/xunexploit/huicheng.zexploit.com +CVE-2019-6713 - https://github.com/yukinohatsune/UP2U_web CVE-2019-6713 - https://github.com/zhangxianhao418/fenrun +CVE-2019-6713 - https://github.com/zhaobingjie/thinkcmf CVE-2019-6713 - https://github.com/zhuweiheng/chaowang CVE-2019-6713 - https://github.com/zhuweiheng/tengma CVE-2019-6713 - https://github.com/zhuweiheng/thinkcmf CVE-2019-6713 - https://github.com/zy1720/gateway +CVE-2019-6713 - https://github.com/zylteam/crm +CVE-2019-6713 - https://github.com/zylteam/ml CVE-2019-6714 - https://github.com/AfvanMoopen/tryhackme- CVE-2019-6714 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-6714 - https://github.com/dayaramb/dayaramb.github.io @@ -27305,6 +29606,7 @@ CVE-2019-6715 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-6715 - https://github.com/assetnote/blind-ssrf-chains CVE-2019-6715 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-6715 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-6715 - https://github.com/random-robbie/cve-2019-6715 CVE-2019-6715 - https://github.com/sobinge/nuclei-templates CVE-2019-6716 - https://github.com/0v3rride/0v3rride.github.io CVE-2019-6716 - https://github.com/0v3rride/PoCs @@ -27315,12 +29617,17 @@ CVE-2019-6778 - https://github.com/0xKira/qemu-vm-escape CVE-2019-6778 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-6778 - https://github.com/ray-cp/Vuln_Analysis CVE-2019-6788 - https://github.com/V1NKe/learning-qemu +CVE-2019-6788 - https://github.com/tina2114/skr_learn_list CVE-2019-6798 - https://github.com/0xUhaw/CVE-Bins CVE-2019-6798 - https://github.com/eddietcc/CVEnotes +CVE-2019-6966 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2019-6966 - https://github.com/tzf-key/MemLock_Benchmark CVE-2019-6971 - https://github.com/MalFuzzer/Vulnerability-Research CVE-2019-6972 - https://github.com/MalFuzzer/Vulnerability-Research CVE-2019-6973 - https://github.com/bitfu/sricam-gsoap2.8-dos-exploit CVE-2019-6974 - https://github.com/Sec20-Paper310/Paper310 +CVE-2019-6975 - https://github.com/Crossroadsman/treehouse-techdegree-python-project9 +CVE-2019-6975 - https://github.com/KorayAgaya/TrivyWeb CVE-2019-6975 - https://github.com/davidlares/budget-webapp-django CVE-2019-6975 - https://github.com/davidlares/budget-webapp-django-testing CVE-2019-6975 - https://github.com/garethr/snyksh @@ -27334,32 +29641,43 @@ CVE-2019-6977 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-6977 - https://github.com/ozkanbilge/Apache-Exploit-2019 CVE-2019-6977 - https://github.com/scannells/exploits CVE-2019-6980 - https://github.com/3gstudent/Homework-of-Python +CVE-2019-6988 - https://github.com/FritzJo/pacheck +CVE-2019-6988 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2019-6988 - https://github.com/tzf-key/MemLock_Benchmark CVE-2019-6991 - https://github.com/rishaldwivedi/Public_Disclosure CVE-2019-6998 - https://github.com/0xUhaw/CVE-Bins CVE-2019-6999 - https://github.com/0xUhaw/CVE-Bins CVE-2019-7045 - https://github.com/googleprojectzero/winafl CVE-2019-7045 - https://github.com/hardik05/winafl-powermopt +CVE-2019-7125 - https://github.com/SkyBulk/RealWorldPwn CVE-2019-7128 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-7139 - https://github.com/koutto/jok3r-pocs CVE-2019-7148 - https://github.com/flyrev/security-scan-ci-presentation CVE-2019-7148 - https://github.com/wcventure/MemLock-Fuzz CVE-2019-7149 - https://github.com/flyrev/security-scan-ci-presentation CVE-2019-7150 - https://github.com/flyrev/security-scan-ci-presentation +CVE-2019-7164 - https://github.com/18F/10x-dux-vuls-eval CVE-2019-7167 - https://github.com/JinBean/CVE-Extension CVE-2019-7176 - https://github.com/JinBean/CVE-Extension CVE-2019-7192 - https://github.com/0xT11/CVE-POC CVE-2019-7192 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-7192 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-7192 - https://github.com/amcai/myscan +CVE-2019-7192 - https://github.com/cycraft-corp/cve-2019-7192-check CVE-2019-7192 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-7192 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-7192 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2019-7192 - https://github.com/th3gundy/CVE-2019-7192_QNAP_Exploit CVE-2019-7192 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2019-7193 - https://github.com/cycraft-corp/cve-2019-7192-check CVE-2019-7193 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-7193 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2019-7194 - https://github.com/cycraft-corp/cve-2019-7192-check CVE-2019-7194 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-7194 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2019-7195 - https://github.com/cycraft-corp/cve-2019-7192-check CVE-2019-7195 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2019-7195 - https://github.com/th3gundy/CVE-2019-7192_QNAP_Exploit CVE-2019-7195 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-7214 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-7214 - https://github.com/hectorgie/PoC-in-GitHub @@ -27376,6 +29694,7 @@ CVE-2019-7219 - https://github.com/verifysecurity/CVE-2019-7219 CVE-2019-7238 - https://github.com/0xT11/CVE-POC CVE-2019-7238 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-7238 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2019-7238 - https://github.com/HxDDD/CVE-PoC CVE-2019-7238 - https://github.com/SexyBeast233/SecBooks CVE-2019-7238 - https://github.com/SugarP1g/LearningSecurity CVE-2019-7238 - https://github.com/alphaSeclab/sec-daily-2019 @@ -27383,6 +29702,8 @@ CVE-2019-7238 - https://github.com/amcai/myscan CVE-2019-7238 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-7238 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-7238 - https://github.com/jas502n/CVE-2019-7238 +CVE-2019-7238 - https://github.com/lp008/Hack-readme +CVE-2019-7238 - https://github.com/magicming200/CVE-2019-7238_Nexus_RCE_Tool CVE-2019-7238 - https://github.com/mpgn/CVE-2019-7238 CVE-2019-7238 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-7238 - https://github.com/verctor/nexus_rce_CVE-2019-7238 @@ -27420,6 +29741,7 @@ CVE-2019-7308 - https://github.com/xairy/linux-kernel-exploitation CVE-2019-7309 - https://github.com/flyrev/security-scan-ci-presentation CVE-2019-7310 - https://github.com/mxmssh/manul CVE-2019-7314 - https://github.com/aflnet/aflnet +CVE-2019-7314 - https://github.com/mlgiraud/aflnet CVE-2019-7316 - https://github.com/0xUhaw/CVE-Bins CVE-2019-7316 - https://github.com/eddietcc/CVEnotes CVE-2019-7356 - https://github.com/developer3000S/PoC-in-GitHub @@ -27436,11 +29758,14 @@ CVE-2019-7477 - https://github.com/tls-attacker/TLS-Padding-Oracles CVE-2019-7481 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-7481 - https://github.com/b4bay/CVE-2019-7482 CVE-2019-7481 - https://github.com/pipiscrew/timeline +CVE-2019-7481 - https://github.com/r0eXpeR/supplier CVE-2019-7482 - https://github.com/0xT11/CVE-POC CVE-2019-7482 - https://github.com/b4bay/CVE-2019-7482 CVE-2019-7482 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-7482 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-7482 - https://github.com/r0eXpeR/supplier CVE-2019-7483 - https://github.com/b4bay/CVE-2019-7482 +CVE-2019-7483 - https://github.com/r0eXpeR/supplier CVE-2019-7484 - https://github.com/b4bay/CVE-2019-7482 CVE-2019-7485 - https://github.com/b4bay/CVE-2019-7482 CVE-2019-7486 - https://github.com/b4bay/CVE-2019-7482 @@ -27467,7 +29792,11 @@ CVE-2019-7580 - https://github.com/huike007/poc CVE-2019-7580 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2019-7580 - https://github.com/yedada-wei/- CVE-2019-7580 - https://github.com/yedada-wei/gongkaishouji +CVE-2019-7581 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2019-7581 - https://github.com/tzf-key/MemLock_Benchmark +CVE-2019-7582 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark CVE-2019-7582 - https://github.com/ZwCreatePhoton/CVE-2019-5782_CVE-2019-13768 +CVE-2019-7582 - https://github.com/tzf-key/MemLock_Benchmark CVE-2019-7609 - https://github.com/0xT11/CVE-POC CVE-2019-7609 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-7609 - https://github.com/AfvanMoopen/tryhackme- @@ -27475,6 +29804,7 @@ CVE-2019-7609 - https://github.com/CnHack3r/Penetration_PoC CVE-2019-7609 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-7609 - https://github.com/LandGrey/CVE-2019-7609 CVE-2019-7609 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2019-7609 - https://github.com/Mrnmap/KibanaRce CVE-2019-7609 - https://github.com/SexyBeast233/SecBooks CVE-2019-7609 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2019-7609 - https://github.com/alphaSeclab/sec-daily-2019 @@ -27490,11 +29820,14 @@ CVE-2019-7609 - https://github.com/huike007/poc CVE-2019-7609 - https://github.com/izj007/wechat CVE-2019-7609 - https://github.com/jas502n/kibana-RCE CVE-2019-7609 - https://github.com/jiangsir404/POC-S +CVE-2019-7609 - https://github.com/kimmobrunfeldt/lodash-merge-pollution-example +CVE-2019-7609 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2019-7609 - https://github.com/mishmashclone/qazbnm456-awesome-web-security CVE-2019-7609 - https://github.com/mpgn/CVE-2019-7609 CVE-2019-7609 - https://github.com/p1ay8y3ar/cve_monitor CVE-2019-7609 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-7609 - https://github.com/qazbnm456/awesome-web-security +CVE-2019-7609 - https://github.com/rhbb/CVE-2019-7609 CVE-2019-7609 - https://github.com/sobinge/nuclei-templates CVE-2019-7609 - https://github.com/tdtc7/qps CVE-2019-7609 - https://github.com/whoami0622/CVE-2019-7610 @@ -27510,16 +29843,21 @@ CVE-2019-7610 - https://github.com/whoami0622/CVE-2019-7610 CVE-2019-7616 - https://github.com/0xT11/CVE-POC CVE-2019-7616 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-7616 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-7616 - https://github.com/random-robbie/CVE-2019-7616 CVE-2019-7642 - https://github.com/0xT11/CVE-POC CVE-2019-7642 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-7642 - https://github.com/xw77cve/CVE-2019-7642 CVE-2019-7646 - https://github.com/MyKings/security-study-tutorial CVE-2019-7660 - https://github.com/0xUhaw/CVE-Bins CVE-2019-7661 - https://github.com/0xUhaw/CVE-Bins +CVE-2019-7663 - https://github.com/FritzJo/pacheck CVE-2019-7663 - https://github.com/revl-ca/scan-docker-image CVE-2019-7664 - https://github.com/flyrev/security-scan-ci-presentation CVE-2019-7665 - https://github.com/flyrev/security-scan-ci-presentation +CVE-2019-7690 - https://github.com/lp008/Hack-readme CVE-2019-7690 - https://github.com/yogeshshe1ke/CVE +CVE-2019-7698 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2019-7698 - https://github.com/tzf-key/MemLock_Benchmark CVE-2019-7698 - https://github.com/wcventure/MemLock-Fuzz CVE-2019-7704 - https://github.com/wcventure/MemLock-Fuzz CVE-2019-7711 - https://github.com/bl4ckic3/GHS-Bugs @@ -27541,6 +29879,7 @@ CVE-2019-7748 - https://github.com/0xUhaw/CVE-Bins CVE-2019-7748 - https://github.com/eddietcc/CVEnotes CVE-2019-7751 - https://github.com/0v3rride/PoCs CVE-2019-7794 - https://github.com/ronwai/jp2k_fuzz +CVE-2019-7813 - https://github.com/SkyBulk/RealWorldPwn CVE-2019-7839 - https://github.com/0xT11/CVE-POC CVE-2019-7839 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2019-7839 - https://github.com/NickstaDB/PoC @@ -27551,17 +29890,28 @@ CVE-2019-7839 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-7839 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2019-7839 - https://github.com/securifera/CVE-2019-7839 CVE-2019-8014 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-8038 - https://github.com/fengjixuchui/pdf +CVE-2019-8039 - https://github.com/fengjixuchui/pdf CVE-2019-8075 - https://github.com/barmey/XS-Search CVE-2019-8086 - https://github.com/0ang3el/aem-hacker CVE-2019-8118 - https://github.com/ConvertGroupsAS/magento2-patches +CVE-2019-8312 - https://github.com/E4ck/vuls CVE-2019-8312 - https://github.com/raystyle/vuls +CVE-2019-8313 - https://github.com/E4ck/vuls CVE-2019-8313 - https://github.com/raystyle/vuls +CVE-2019-8314 - https://github.com/E4ck/vuls CVE-2019-8314 - https://github.com/raystyle/vuls +CVE-2019-8315 - https://github.com/E4ck/vuls CVE-2019-8315 - https://github.com/raystyle/vuls +CVE-2019-8316 - https://github.com/E4ck/vuls CVE-2019-8316 - https://github.com/raystyle/vuls +CVE-2019-8317 - https://github.com/E4ck/vuls CVE-2019-8317 - https://github.com/raystyle/vuls +CVE-2019-8318 - https://github.com/E4ck/vuls CVE-2019-8318 - https://github.com/raystyle/vuls +CVE-2019-8319 - https://github.com/E4ck/vuls CVE-2019-8319 - https://github.com/raystyle/vuls +CVE-2019-8331 - https://github.com/MuDiAhmed/invitation_system CVE-2019-8331 - https://github.com/andersoncontreira/http-tunnel-node CVE-2019-8331 - https://github.com/pdobb/pronto-bundler_audit CVE-2019-8339 - https://github.com/alphaSeclab/sec-daily-2019 @@ -27588,12 +29938,15 @@ CVE-2019-8442 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-8442 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-8442 - https://github.com/jweny/pocassistdb CVE-2019-8442 - https://github.com/sobinge/nuclei-templates +CVE-2019-8442 - https://github.com/sushantdhopat/JIRA_testing CVE-2019-8446 - https://github.com/0xT11/CVE-POC CVE-2019-8446 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2019-8446 - https://github.com/CyberTrashPanda/CVE-2019-8446 CVE-2019-8446 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-8446 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-8446 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-8449 - https://github.com/0ps/pocassistdb +CVE-2019-8449 - https://github.com/0x48piraj/Jiraffe CVE-2019-8449 - https://github.com/0xT11/CVE-POC CVE-2019-8449 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-8449 - https://github.com/Elsfa7-110/kenzer-templates @@ -27603,13 +29956,19 @@ CVE-2019-8449 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-8449 - https://github.com/hackerhackrat/R-poc CVE-2019-8449 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-8449 - https://github.com/jweny/pocassistdb +CVE-2019-8449 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection +CVE-2019-8449 - https://github.com/mufeedvh/CVE-2019-8449 CVE-2019-8449 - https://github.com/r0eXpeR/redteam_vul +CVE-2019-8449 - https://github.com/r0lh/CVE-2019-8449 CVE-2019-8449 - https://github.com/sobinge/nuclei-templates +CVE-2019-8449 - https://github.com/sushantdhopat/JIRA_testing CVE-2019-8449 - https://github.com/tdtc7/qps CVE-2019-8449 - https://github.com/und3sc0n0c1d0/UserEnumJira CVE-2019-8449 - https://github.com/woods-sega/woodswiki CVE-2019-8451 - https://github.com/0ps/pocassistdb +CVE-2019-8451 - https://github.com/0x48piraj/Jiraffe CVE-2019-8451 - https://github.com/0xT11/CVE-POC +CVE-2019-8451 - https://github.com/0xbug/CVE-2019-8451 CVE-2019-8451 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-8451 - https://github.com/BitTheByte/Eagle CVE-2019-8451 - https://github.com/Elsfa7-110/kenzer-templates @@ -27622,14 +29981,18 @@ CVE-2019-8451 - https://github.com/c26root/hb CVE-2019-8451 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-8451 - https://github.com/h0ffayyy/Jira-CVE-2019-8451 CVE-2019-8451 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-8451 - https://github.com/ianxtianxt/CVE-2019-8451 CVE-2019-8451 - https://github.com/jas502n/CVE-2019-8451 CVE-2019-8451 - https://github.com/jweny/pocassistdb CVE-2019-8451 - https://github.com/n1sh1th/CVE-POC CVE-2019-8451 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-8451 - https://github.com/r0eXpeR/redteam_vul CVE-2019-8451 - https://github.com/sobinge/nuclei-templates +CVE-2019-8451 - https://github.com/sushantdhopat/JIRA_testing CVE-2019-8451 - https://github.com/woods-sega/woodswiki CVE-2019-8451 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2019-8457 - https://github.com/colonelmeow/appsecctf +CVE-2019-8457 - https://github.com/jrak1204/overstock_test CVE-2019-8457 - https://github.com/revl-ca/scan-docker-image CVE-2019-8460 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-8460 - https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough @@ -27640,6 +30003,7 @@ CVE-2019-8507 - https://github.com/hwiewie/IS CVE-2019-8507 - https://github.com/whiteHat001/Kernel-Security CVE-2019-8513 - https://github.com/0xT11/CVE-POC CVE-2019-8513 - https://github.com/ChiChou/sploits +CVE-2019-8513 - https://github.com/ThePirateWhoSmellsOfSunflowers/TheHackerLinks CVE-2019-8513 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-8513 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-8513 - https://github.com/genknife/cve-2019-8513 @@ -27652,6 +30016,8 @@ CVE-2019-8518 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-8521 - https://github.com/ChiChou/sploits CVE-2019-8526 - https://github.com/LinusHenze/Keysteal CVE-2019-8526 - https://github.com/TH3-HUNT3R/Root-MacOS +CVE-2019-8526 - https://github.com/amanszpapaya/MacPer +CVE-2019-8526 - https://github.com/lp008/Hack-readme CVE-2019-8526 - https://github.com/thehappydinoa/rootOS CVE-2019-8530 - https://github.com/ChiChou/sploits CVE-2019-8540 - https://github.com/0xT11/CVE-POC @@ -27676,17 +30042,22 @@ CVE-2019-8565 - https://github.com/qazbnm456/awesome-cve-poc CVE-2019-8565 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2019-8568 - https://github.com/DanyL/lockdownd_playground CVE-2019-8591 - https://github.com/0xT11/CVE-POC +CVE-2019-8591 - https://github.com/WRFan/jailbreak10.3.3 CVE-2019-8591 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-8591 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-8591 - https://github.com/jsherman212/used_sock CVE-2019-8593 - https://github.com/DanyL/lockdownd_playground CVE-2019-8596 - https://github.com/sslab-gatech/freedom CVE-2019-8601 - https://github.com/0xT11/CVE-POC +CVE-2019-8601 - https://github.com/BadAccess11/CVE-2019-8601 CVE-2019-8601 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-8601 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-8603 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-8605 - https://github.com/WRFan/jailbreak10.3.3 CVE-2019-8605 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-8605 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-8605 - https://github.com/houjingyi233/macOS-iOS-system-security +CVE-2019-8605 - https://github.com/jsherman212/used_sock CVE-2019-8609 - https://github.com/sslab-gatech/freedom CVE-2019-8611 - https://github.com/googleprojectzero/fuzzilli CVE-2019-8622 - https://github.com/googleprojectzero/fuzzilli @@ -27710,12 +30081,17 @@ CVE-2019-8641 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-8641 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-8641 - https://github.com/nitishbadole/PENTESTING-BIBLE CVE-2019-8641 - https://github.com/phant0n/PENTESTING-BIBLE +CVE-2019-8641 - https://github.com/satan1a/awesome-ios-security-cn CVE-2019-8646 - https://github.com/Siguza/ios-resources +CVE-2019-8646 - https://github.com/TinToSer/ios-RCE-Vulnerability CVE-2019-8646 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-8647 - https://github.com/TinToSer/ios-RCE-Vulnerability CVE-2019-8656 - https://github.com/0xT11/CVE-POC CVE-2019-8656 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-8656 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-8658 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2019-8660 - https://github.com/TinToSer/ios-RCE-Vulnerability +CVE-2019-8662 - https://github.com/TinToSer/ios-RCE-Vulnerability CVE-2019-8671 - https://github.com/googleprojectzero/fuzzilli CVE-2019-8672 - https://github.com/googleprojectzero/fuzzilli CVE-2019-8673 - https://github.com/sslab-gatech/DIE @@ -27733,6 +30109,7 @@ CVE-2019-8761 - https://github.com/pipiscrew/timeline CVE-2019-8765 - https://github.com/googleprojectzero/fuzzilli CVE-2019-8781 - https://github.com/0xT11/CVE-POC CVE-2019-8781 - https://github.com/A2nkF/macOS-Kernel-Exploit +CVE-2019-8781 - https://github.com/TrungNguyen1909/CVE-2019-8781-macOS CVE-2019-8781 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-8781 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-8791 - https://github.com/developer3000S/PoC-in-GitHub @@ -27740,6 +30117,8 @@ CVE-2019-8792 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-8794 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2019-8795 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2019-8797 - https://github.com/houjingyi233/macOS-iOS-system-security +CVE-2019-8802 - https://github.com/V0lk3n/OSMR-CheatSheet +CVE-2019-8805 - https://github.com/V0lk3n/OSMR-CheatSheet CVE-2019-8807 - https://github.com/didi/kemon CVE-2019-8811 - https://github.com/sslab-gatech/DIE CVE-2019-8816 - https://github.com/sslab-gatech/DIE @@ -27755,14 +30134,17 @@ CVE-2019-8903 - https://github.com/sobinge/nuclei-templates CVE-2019-8936 - https://github.com/0xT11/CVE-POC CVE-2019-8936 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-8936 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-8936 - https://github.com/snappyJack/CVE-2019-8936 CVE-2019-8937 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-8942 - https://github.com/0xT11/CVE-POC +CVE-2019-8942 - https://github.com/El-Palomo/DerpNStink CVE-2019-8942 - https://github.com/brianwrf/WordPress_4.9.8_RCE_POC CVE-2019-8942 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-8942 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-8942 - https://github.com/synacktiv/CVE-2019-8942 CVE-2019-8942 - https://github.com/synod2/WP_CROP_RCE CVE-2019-8943 - https://github.com/0xT11/CVE-POC +CVE-2019-8943 - https://github.com/El-Palomo/DerpNStink CVE-2019-8943 - https://github.com/SexyBeast233/SecBooks CVE-2019-8943 - https://github.com/brianwrf/WordPress_4.9.8_RCE_POC CVE-2019-8943 - https://github.com/developer3000S/PoC-in-GitHub @@ -27775,12 +30157,15 @@ CVE-2019-8956 - https://github.com/bsauce/kernel-exploit-factory CVE-2019-8956 - https://github.com/bsauce/kernel-security-learning CVE-2019-8956 - https://github.com/butterflyhack/CVE-2019-8956 CVE-2019-8956 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-8956 - https://github.com/exube/sctp_uaf CVE-2019-8956 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-8956 - https://github.com/now4yreal/linux_pwn CVE-2019-8978 - https://github.com/0xT11/CVE-POC CVE-2019-8978 - https://github.com/JoshuaMulliken/CVE-2019-8978 CVE-2019-8978 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-8978 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-8979 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-8979 - https://github.com/elttam/ko7demo CVE-2019-8979 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-8982 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-8982 - https://github.com/Elsfa7-110/kenzer-templates @@ -27789,6 +30174,7 @@ CVE-2019-8997 - https://github.com/0xT11/CVE-POC CVE-2019-8997 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-8997 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-8997 - https://github.com/nxkennedy/CVE-2019-8997 +CVE-2019-9004 - https://github.com/ThingzDefense/IoT-Flock CVE-2019-9015 - https://github.com/MRdoulestar/MRdoulestar CVE-2019-9016 - https://github.com/MRdoulestar/MRdoulestar CVE-2019-9020 - https://github.com/syadg123/pigat @@ -27803,14 +30189,26 @@ CVE-2019-9041 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-9041 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-9041 - https://github.com/sobinge/nuclei-templates CVE-2019-9053 - https://github.com/AfvanMoopen/tryhackme- +CVE-2019-9053 - https://github.com/Faridbg/THM_Simple_CTF CVE-2019-9053 - https://github.com/catsecorg/CatSec-TryHackMe-WriteUps +CVE-2019-9053 - https://github.com/cloudkevin/HTB-Writeup CVE-2019-9060 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2019-9070 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2019-9070 - https://github.com/tzf-key/MemLock_Benchmark +CVE-2019-9071 - https://github.com/ICSE2020-MemLock/MemLock_Benchmark +CVE-2019-9071 - https://github.com/tzf-key/MemLock_Benchmark CVE-2019-9081 - https://github.com/SexyBeast233/SecBooks CVE-2019-9082 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-9082 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-9082 - https://github.com/veo/vscan CVE-2019-9116 - https://github.com/followboy1999/cve +CVE-2019-9117 - https://github.com/E4ck/vuls +CVE-2019-9118 - https://github.com/E4ck/vuls +CVE-2019-9119 - https://github.com/E4ck/vuls +CVE-2019-9120 - https://github.com/E4ck/vuls +CVE-2019-9121 - https://github.com/E4ck/vuls CVE-2019-9153 - https://github.com/0xT11/CVE-POC +CVE-2019-9153 - https://github.com/ZenyWay/opgp-service-cve-2019-9153 CVE-2019-9153 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-9153 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-9162 - https://github.com/TimesysGit/meta-timesys @@ -27835,10 +30233,12 @@ CVE-2019-9193 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-9193 - https://github.com/ngadminq/Bei-Gai-penetration-test-guide CVE-2019-9193 - https://github.com/superfish9/pt CVE-2019-9193 - https://github.com/w181496/Web-CTF-Cheatsheet +CVE-2019-9193 - https://github.com/wkjung0624/CVE-2019-9193 CVE-2019-9194 - https://github.com/0xT11/CVE-POC CVE-2019-9194 - https://github.com/cved-sources/cve-2019-9194 CVE-2019-9194 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-9194 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-9195 - https://github.com/DogecoinBoss/Dogecoin2 CVE-2019-9195 - https://github.com/mimblewimble/grin-pm CVE-2019-9202 - https://github.com/0xT11/CVE-POC CVE-2019-9202 - https://github.com/developer3000S/PoC-in-GitHub @@ -27870,6 +30270,7 @@ CVE-2019-9451 - https://github.com/jiayy/android_vuln_poc-exp CVE-2019-9452 - https://github.com/jiayy/android_vuln_poc-exp CVE-2019-9458 - https://github.com/Sec20-Paper310/Paper310 CVE-2019-9465 - https://github.com/0xT11/CVE-POC +CVE-2019-9465 - https://github.com/alexbakker/CVE-2019-9465 CVE-2019-9465 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-9465 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-9465 - https://github.com/p1ay8y3ar/cve_monitor @@ -27904,10 +30305,12 @@ CVE-2019-9506 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-9506 - https://github.com/engn33r/awesome-bluetooth-security CVE-2019-9506 - https://github.com/francozappa/knob CVE-2019-9506 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-9506 - https://github.com/u10427687/bluetooth-KNOB CVE-2019-9506 - https://github.com/winterheart/broadcom-bt-firmware CVE-2019-9511 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-9511 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-9511 - https://github.com/vshaliii/DC-4-Vulnhub-Walkthrough +CVE-2019-9512 - https://github.com/Metarget/cloud-native-security-book CVE-2019-9512 - https://github.com/Metarget/metarget CVE-2019-9512 - https://github.com/UCloudDocs/uk8s CVE-2019-9512 - https://github.com/alphaSeclab/sec-daily-2019 @@ -27950,6 +30353,7 @@ CVE-2019-9638 - https://github.com/syadg123/pigat CVE-2019-9638 - https://github.com/teamssix/pigat CVE-2019-9639 - https://github.com/syadg123/pigat CVE-2019-9639 - https://github.com/teamssix/pigat +CVE-2019-9641 - https://github.com/janforman/php-5 CVE-2019-9641 - https://github.com/syadg123/pigat CVE-2019-9641 - https://github.com/teamssix/pigat CVE-2019-9653 - https://github.com/0xT11/CVE-POC @@ -27965,16 +30369,19 @@ CVE-2019-9670 - https://github.com/3gstudent/Homework-of-Python CVE-2019-9670 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-9670 - https://github.com/Elsfa7-110/kenzer-templates CVE-2019-9670 - https://github.com/SexyBeast233/SecBooks +CVE-2019-9670 - https://github.com/attackgithub/Zimbra-RCE CVE-2019-9670 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-9670 - https://github.com/fengjixuchui/RedTeamer CVE-2019-9670 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-9670 - https://github.com/rek7/Zimbra-RCE CVE-2019-9670 - https://github.com/sobinge/nuclei-templates +CVE-2019-9670 - https://github.com/ugur-ercan/exploit-collection CVE-2019-9673 - https://github.com/0xT11/CVE-POC CVE-2019-9673 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-9673 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-9673 - https://github.com/mgrube/CVE-2019-9673 CVE-2019-9692 - https://github.com/certimetergroup/metasploit-modules +CVE-2019-9704 - https://github.com/devmatic-it/debcvescan CVE-2019-9723 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-9729 - https://github.com/0xT11/CVE-POC CVE-2019-9729 - https://github.com/HyperSine/SdoKeyCrypt-sys-local-privilege-elevation @@ -27988,6 +30395,7 @@ CVE-2019-9730 - https://github.com/hectorgie/PoC-in-GitHub CVE-2019-9730 - https://github.com/jthuraisamy/CVE-2019-9730 CVE-2019-9733 - https://github.com/ARPSyndicate/kenzer-templates CVE-2019-9733 - https://github.com/sobinge/nuclei-templates +CVE-2019-9740 - https://github.com/Tiaonmmn/renderer CVE-2019-9740 - https://github.com/lanjelot/ctfs CVE-2019-9740 - https://github.com/ltfafei/my_POC CVE-2019-9740 - https://github.com/revl-ca/scan-docker-image @@ -28005,11 +30413,18 @@ CVE-2019-9760 - https://github.com/w4fz5uck5/FTPGetter CVE-2019-9766 - https://github.com/0xT11/CVE-POC CVE-2019-9766 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-9766 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-9766 - https://github.com/moonheadobj/CVE-2019-9766 CVE-2019-9787 - https://github.com/0xT11/CVE-POC +CVE-2019-9787 - https://github.com/El-Palomo/DerpNStink +CVE-2019-9787 - https://github.com/PalmTreeForest/CodePath_Week_7-8 CVE-2019-9787 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-9787 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-9787 - https://github.com/matinciel/Wordpress_CVE-2019-9787 CVE-2019-9787 - https://github.com/rkatogit/cve-2019-9787_csrf_poc +CVE-2019-9787 - https://github.com/sijiahi/Wordpress_cve-2019-9787_defense CVE-2019-9787 - https://github.com/smfils1/Cybersecurity-WordPress-Pentesting +CVE-2019-9787 - https://github.com/who909/WordPress-vs.-Kali +CVE-2019-9791 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2019-9791 - https://github.com/googleprojectzero/fuzzilli CVE-2019-9791 - https://github.com/tunz/js-vuln-db CVE-2019-9791 - https://github.com/ulexec/Exploits @@ -28018,17 +30433,22 @@ CVE-2019-9810 - https://github.com/0vercl0k/0vercl0k CVE-2019-9810 - https://github.com/0vercl0k/CVE-2019-11708 CVE-2019-9810 - https://github.com/0vercl0k/CVE-2019-9810 CVE-2019-9810 - https://github.com/0xT11/CVE-POC +CVE-2019-9810 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2019-9810 - https://github.com/a0viedo/demystifying-js-engines CVE-2019-9810 - https://github.com/alphaSeclab/sec-daily-2019 CVE-2019-9810 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2019-9810 - https://github.com/b0o/starred CVE-2019-9810 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2019-9810 - https://github.com/fengjixuchui/Just-pwn-it-for-fun CVE-2019-9810 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2019-9810 - https://github.com/lp008/Hack-readme CVE-2019-9810 - https://github.com/m1ghtym0/browser-pwn CVE-2019-9810 - https://github.com/mgaudet/SpiderMonkeyBibliography +CVE-2019-9810 - https://github.com/tunnelshade/cve-2019-11707 CVE-2019-9810 - https://github.com/vintagesucks/awesome-stars CVE-2019-9810 - https://github.com/xuechiyaobai/CVE-2019-9810-PoC CVE-2019-9811 - https://github.com/MyKings/security-study-tutorial +CVE-2019-9813 - https://github.com/ZihanYe/web-browser-vulnerabilities CVE-2019-9813 - https://github.com/googleprojectzero/fuzzilli CVE-2019-9813 - https://github.com/tunz/js-vuln-db CVE-2019-9816 - https://github.com/googleprojectzero/fuzzilli @@ -28056,8 +30476,10 @@ CVE-2019-9919 - https://github.com/azd-cert/CVE CVE-2019-9920 - https://github.com/azd-cert/CVE CVE-2019-9921 - https://github.com/azd-cert/CVE CVE-2019-9922 - https://github.com/azd-cert/CVE +CVE-2019-9923 - https://github.com/brandoncamenisch/release-the-code-litecoin CVE-2019-9923 - https://github.com/garethr/snykout CVE-2019-9923 - https://github.com/revl-ca/scan-docker-image +CVE-2019-9924 - https://github.com/KorayAgaya/TrivyWeb CVE-2019-9924 - https://github.com/revl-ca/scan-docker-image CVE-2019-9924 - https://github.com/siddharthraopotukuchi/trivy CVE-2019-9924 - https://github.com/simiyo/trivy @@ -28071,6 +30493,7 @@ CVE-2019-9946 - https://github.com/Lee-SungYoung/Kube-Six CVE-2019-9946 - https://github.com/Metarget/awesome-cloud-native-security CVE-2019-9946 - https://github.com/Metarget/metarget CVE-2019-9946 - https://github.com/champtar/blog +CVE-2019-9946 - https://github.com/reni2study/Cloud-Native-Security2 CVE-2019-9947 - https://github.com/revl-ca/scan-docker-image CVE-2019-9948 - https://github.com/revl-ca/scan-docker-image CVE-2019-9949 - https://github.com/bnbdr/wd-rce @@ -28097,6 +30520,7 @@ CVE-2019-9978 - https://github.com/sobinge/nuclei-templates CVE-2019-9978 - https://github.com/vavkamil/dvwp CVE-2019-9999 - https://github.com/HackOvert/awesome-bugs CVE-2019-9999 - https://github.com/alphaSeclab/sec-daily-2019 +CVE-2020-0001 - https://github.com/Zachinio/CVE-2020-0001 CVE-2020-0001 - https://github.com/anthonyharrison/CVSS CVE-2020-0001 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-0001 - https://github.com/he1m4n6a/cve-db @@ -28124,6 +30548,7 @@ CVE-2020-0017 - https://github.com/he1m4n6a/cve-db CVE-2020-0018 - https://github.com/he1m4n6a/cve-db CVE-2020-0019 - https://github.com/TinyNiko/android_bulletin_notes CVE-2020-0022 - https://github.com/0xT11/CVE-POC +CVE-2020-0022 - https://github.com/5k1l/cve-2020-0022 CVE-2020-0022 - https://github.com/Polo35/CVE-2020-0022 CVE-2020-0022 - https://github.com/Roo4L/BlueFrag_PoC CVE-2020-0022 - https://github.com/WinMin/Protocol-Vul @@ -28199,11 +30624,13 @@ CVE-2020-0099 - https://github.com/TinyNiko/android_bulletin_notes CVE-2020-0104 - https://github.com/CrackerCat/ServiceCheater CVE-2020-0108 - https://github.com/0xT11/CVE-POC CVE-2020-0108 - https://github.com/CrackerCat/ServiceCheater +CVE-2020-0108 - https://github.com/XDo0/ServiceCheater CVE-2020-0108 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-0108 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-0108 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-0108 - https://github.com/wrlu/Vulnerabilities CVE-2020-0108 - https://github.com/xfhy/increase-process-priority +CVE-2020-0113 - https://github.com/XDo0/ServiceCheater CVE-2020-0113 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-0113 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-0113 - https://github.com/nomi-sec/PoC-in-GitHub @@ -28303,11 +30730,13 @@ CVE-2020-0549 - https://github.com/codexlynx/hardware-attacks-state-of-the-art CVE-2020-0549 - https://github.com/savchenko/windows10 CVE-2020-0551 - https://github.com/0xT11/CVE-POC CVE-2020-0551 - https://github.com/AngrySilver/incubator-teaclave-sgx-sdk +CVE-2020-0551 - https://github.com/UzL-ITS/util-lookup CVE-2020-0551 - https://github.com/apache/incubator-teaclave-sgx-sdk CVE-2020-0551 - https://github.com/bitdefender/lvi-lfb-attack-poc CVE-2020-0551 - https://github.com/codexlynx/hardware-attacks-state-of-the-art CVE-2020-0551 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-0551 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-0551 - https://github.com/intel-secl/crypto-api-toolkit CVE-2020-0551 - https://github.com/intel/crypto-api-toolkit CVE-2020-0551 - https://github.com/intel/intel-sgx-ssl CVE-2020-0551 - https://github.com/nomi-sec/PoC-in-GitHub @@ -28320,6 +30749,7 @@ CVE-2020-0554 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2020-0554 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2020-0554 - https://github.com/huike007/penetration_poc CVE-2020-0554 - https://github.com/huike007/poc +CVE-2020-0554 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-0554 - https://github.com/tdtc7/qps CVE-2020-0554 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-0554 - https://github.com/yedada-wei/- @@ -28381,6 +30811,7 @@ CVE-2020-0601 - https://github.com/eastmountyxz/CSDNBlog-Security-Based CVE-2020-0601 - https://github.com/eastmountyxz/CVE-2018-20250-WinRAR CVE-2020-0601 - https://github.com/eastmountyxz/CVE-2020-0601-EXP CVE-2020-0601 - https://github.com/eastmountyxz/NetworkSecuritySelf-study +CVE-2020-0601 - https://github.com/eastmountyxz/SystemSecurity-ReverseAnalysis CVE-2020-0601 - https://github.com/exploitblizzard/CVE-2020-0601-spoofkey CVE-2020-0601 - https://github.com/gentilkiwi/curveball CVE-2020-0601 - https://github.com/gremwell/cve-2020-0601_poc @@ -28400,6 +30831,7 @@ CVE-2020-0601 - https://github.com/pravinsrc/NOTES-windows-kernel-links CVE-2020-0601 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-0601 - https://github.com/robmichel2854/robs-links CVE-2020-0601 - https://github.com/saleemrashid/badecparams +CVE-2020-0601 - https://github.com/sourcx/zeekweek-2021 CVE-2020-0601 - https://github.com/talbeerysec/CurveBallDetection CVE-2020-0601 - https://github.com/thimelp/cve-2020-0601-Perl CVE-2020-0601 - https://github.com/tobor88/PowerShell-Blue-Team @@ -28431,6 +30863,7 @@ CVE-2020-0609 - https://github.com/ly4k/BlueGate CVE-2020-0609 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-0609 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-0609 - https://github.com/ruppde/rdg_scanner_cve-2020-0609 +CVE-2020-0609 - https://github.com/ruppde/scan_CVE-2020-29583 CVE-2020-0609 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-0609 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2020-0609 - https://github.com/ycdxsb/WindowsPrivilegeEscalation @@ -28479,6 +30912,8 @@ CVE-2020-0618 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-0618 - https://github.com/huike007/penetration_poc CVE-2020-0618 - https://github.com/huike007/poc CVE-2020-0618 - https://github.com/jumpif0/test +CVE-2020-0618 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection +CVE-2020-0618 - https://github.com/michael101096/cs2020_msels CVE-2020-0618 - https://github.com/nitishbadole/PENTESTING-BIBLE CVE-2020-0618 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-0618 - https://github.com/phant0n/PENTESTING-BIBLE @@ -28504,6 +30939,8 @@ CVE-2020-0642 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-0642 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-0642 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2020-0646 - https://github.com/SexyBeast233/SecBooks +CVE-2020-0646 - https://github.com/Viralmaniar/BigBountyRecon +CVE-2020-0646 - https://github.com/michael101096/cs2020_msels CVE-2020-0646 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-0646 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2020-0648 - https://github.com/404notf0und/CVE-Flow @@ -28604,6 +31041,7 @@ CVE-2020-0683 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-0683 - https://github.com/padovah4ck/CVE-2020-0683 CVE-2020-0683 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-0683 - https://github.com/shubham0d/SymBlock +CVE-2020-0683 - https://github.com/tzwlhack/Vulnerability CVE-2020-0683 - https://github.com/vaibhavkrjha/shufti CVE-2020-0683 - https://github.com/viszsec/CyberSecurity-Playground CVE-2020-0683 - https://github.com/wateroot/poc-exp @@ -28625,14 +31063,17 @@ CVE-2020-0688 - https://github.com/3gstudent/Homework-of-C-Sharp CVE-2020-0688 - https://github.com/61106960/adPEAS CVE-2020-0688 - https://github.com/AnonVulc/Pentest-Tools CVE-2020-0688 - https://github.com/CnHack3r/Penetration_PoC +CVE-2020-0688 - https://github.com/EvilAnne/2020-Read-article CVE-2020-0688 - https://github.com/Jean-Francois-C/Windows-Penetration-Testing CVE-2020-0688 - https://github.com/Jumbo-WJB/CVE-2020-0688 CVE-2020-0688 - https://github.com/Ken-Abruzzi/cve_2020_0688 CVE-2020-0688 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2020-0688 - https://github.com/MrTiz/CVE-2020-0688 CVE-2020-0688 - https://github.com/QWERTSKIHACK/Active-Directory-Exploitation-Cheat-Sheet. CVE-2020-0688 - https://github.com/Ridter/cve-2020-0688 CVE-2020-0688 - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet CVE-2020-0688 - https://github.com/S3cur3Th1sSh1t/Pentest-Tools +CVE-2020-0688 - https://github.com/SLSteff/CVE-2020-0688-Scanner CVE-2020-0688 - https://github.com/SexyBeast233/SecBooks CVE-2020-0688 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2020-0688 - https://github.com/Yt1g3r/CVE-2020-0688_EXP @@ -28640,6 +31081,7 @@ CVE-2020-0688 - https://github.com/awsassets/CVE-2020-0692 CVE-2020-0688 - https://github.com/bhdresh/SnortRules CVE-2020-0688 - https://github.com/cepxeo/redteambins CVE-2020-0688 - https://github.com/cert-lv/CVE-2020-0688 +CVE-2020-0688 - https://github.com/certat/exchange-scans CVE-2020-0688 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-0688 - https://github.com/dnif/content CVE-2020-0688 - https://github.com/fengjixuchui/RedTeamer @@ -28651,8 +31093,10 @@ CVE-2020-0688 - https://github.com/huike007/penetration_poc CVE-2020-0688 - https://github.com/huike007/poc CVE-2020-0688 - https://github.com/justin-p/PSForgot2kEyXCHANGE CVE-2020-0688 - https://github.com/ktpdpro/CVE-2020-0688 +CVE-2020-0688 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-0688 - https://github.com/mahyarx/Exploit_CVE-2020-0688 CVE-2020-0688 - https://github.com/med0x2e/GadgetToJScript +CVE-2020-0688 - https://github.com/michael101096/cs2020_msels CVE-2020-0688 - https://github.com/murataydemir/CVE-2020-0688 CVE-2020-0688 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-0688 - https://github.com/onSec-fr/CVE-2020-0688-Scanner @@ -28663,6 +31107,7 @@ CVE-2020-0688 - https://github.com/r0eXpeR/redteam_vul CVE-2020-0688 - https://github.com/random-robbie/cve-2020-0688 CVE-2020-0688 - https://github.com/ravinacademy/CVE-2020-0688 CVE-2020-0688 - https://github.com/righter83/CVE-2020-0688 +CVE-2020-0688 - https://github.com/severnake/Pentest-Tools CVE-2020-0688 - https://github.com/superfish9/pt CVE-2020-0688 - https://github.com/taielab/awesome-hacking-lists CVE-2020-0688 - https://github.com/tdtc7/qps @@ -28708,6 +31153,7 @@ CVE-2020-0713 - https://github.com/404notf0und/CVE-Flow CVE-2020-0713 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-0713 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-0713 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-0714 - https://github.com/V0lk3n/OSMR-CheatSheet CVE-2020-0718 - https://github.com/404notf0und/CVE-Flow CVE-2020-0728 - https://github.com/0xT11/CVE-POC CVE-2020-0728 - https://github.com/CnHack3r/Penetration_PoC @@ -28831,12 +31277,14 @@ CVE-2020-0796 - https://github.com/BOFs/CobaltStrike CVE-2020-0796 - https://github.com/Barriuso/SMBGhost_AutomateExploitation CVE-2020-0796 - https://github.com/BinaryShadow94/SMBv3.1.1-scan---CVE-2020-0796 CVE-2020-0796 - https://github.com/ButrintKomoni/cve-2020-0796 +CVE-2020-0796 - https://github.com/CYJoe-Cyclone/Awesome-CobaltStrike CVE-2020-0796 - https://github.com/CnHack3r/Penetration_PoC CVE-2020-0796 - https://github.com/CyberMonitor/somethingweneed CVE-2020-0796 - https://github.com/Dhoomralochana/Scanners-for-CVE-2020-0796-Testing CVE-2020-0796 - https://github.com/DreamoneOnly/CVE-2020-0796-LPE CVE-2020-0796 - https://github.com/EncodeGroup/BOF-RegSave CVE-2020-0796 - https://github.com/FULLSHADE/WindowsExploitationResources +CVE-2020-0796 - https://github.com/GryllsAaron/CVE-2020-0796-POC CVE-2020-0796 - https://github.com/GuoKerS/Some_Script CVE-2020-0796 - https://github.com/GuoKerS/aioScan_CVE-2020-0796 CVE-2020-0796 - https://github.com/HackOvert/awesome-bugs @@ -28846,9 +31294,11 @@ CVE-2020-0796 - https://github.com/Jkrasher/WindowsThreatResearch_JKrasher CVE-2020-0796 - https://github.com/Ken-Abruzzi/cve_2020_0796 CVE-2020-0796 - https://github.com/LabDookhtegan/CVE-2020-0796-EXP CVE-2020-0796 - https://github.com/Loveforkeeps/Lemon-Duck +CVE-2020-0796 - https://github.com/MasterSploit/LPE---CVE-2020-0796 CVE-2020-0796 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-0796 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2020-0796 - https://github.com/NullArray/WinKernel-Resources +CVE-2020-0796 - https://github.com/ORCA666/CVE-2020-0796 CVE-2020-0796 - https://github.com/QWERTSKIHACK/Active-Directory-Exploitation-Cheat-Sheet. CVE-2020-0796 - https://github.com/Ra7mo0on/SMBGhost CVE-2020-0796 - https://github.com/RonnieNiu/CVE-2020_0796-exp @@ -28886,6 +31336,7 @@ CVE-2020-0796 - https://github.com/dickens88/cve-2020-0796-scanner CVE-2020-0796 - https://github.com/eastmountyxz/CSDNBlog-Security-Based CVE-2020-0796 - https://github.com/eastmountyxz/CVE-2020-0796-SMB CVE-2020-0796 - https://github.com/eastmountyxz/NetworkSecuritySelf-study +CVE-2020-0796 - https://github.com/eastmountyxz/SystemSecurity-ReverseAnalysis CVE-2020-0796 - https://github.com/eerykitty/CVE-2020-0796-PoC CVE-2020-0796 - https://github.com/ericzhong2010/GUI-Check-CVE-2020-0976 CVE-2020-0796 - https://github.com/eventsentry/scripts @@ -28922,6 +31373,7 @@ CVE-2020-0796 - https://github.com/manasmbellani/gocmdscanner CVE-2020-0796 - https://github.com/marcinguy/CVE-2020-0796 CVE-2020-0796 - https://github.com/mathisvickie/KMAC CVE-2020-0796 - https://github.com/maxpl0it/Unauthenticated-CVE-2020-0796-PoC +CVE-2020-0796 - https://github.com/michael101096/cs2020_msels CVE-2020-0796 - https://github.com/mishmashclone/SecWiki-windows-kernel-exploits CVE-2020-0796 - https://github.com/msuiche/smbaloo CVE-2020-0796 - https://github.com/netscylla/SMBGhost @@ -28930,6 +31382,7 @@ CVE-2020-0796 - https://github.com/niudaii/go-crack CVE-2020-0796 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-0796 - https://github.com/paramint/windows-kernel-exploits CVE-2020-0796 - https://github.com/pathakabhi24/Awesome-C +CVE-2020-0796 - https://github.com/pengusec/awesome-netsec-articles CVE-2020-0796 - https://github.com/psc4re/NSE-scripts CVE-2020-0796 - https://github.com/pwninx/WinPwn CVE-2020-0796 - https://github.com/qazbnm456/awesome-cve-poc @@ -28943,6 +31396,7 @@ CVE-2020-0796 - https://github.com/sujitawake/smbghost CVE-2020-0796 - https://github.com/sung3r/CobaltStrike CVE-2020-0796 - https://github.com/syadg123/CVE-2020-0796 CVE-2020-0796 - https://github.com/syadg123/SMBGhost +CVE-2020-0796 - https://github.com/t0rt3ll1n0/cms-scanner CVE-2020-0796 - https://github.com/taielab/awesome-hacking-lists CVE-2020-0796 - https://github.com/tango-j/CVE-2020-0796 CVE-2020-0796 - https://github.com/technion/DisableSMBCompression @@ -29097,6 +31551,7 @@ CVE-2020-0929 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-0929 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2020-0931 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-0931 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2020-0932 - https://github.com/H0j3n/EzpzSharepoint CVE-2020-0932 - https://github.com/QWERTSKIHACK/Active-Directory-Exploitation-Cheat-Sheet. CVE-2020-0932 - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet CVE-2020-0932 - https://github.com/pwntester/ysoserial.net @@ -29141,6 +31596,7 @@ CVE-2020-0983 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-0983 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-0983 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-0983 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2020-0984 - https://github.com/V0lk3n/OSMR-CheatSheet CVE-2020-0984 - https://github.com/dfrankland/xpc-connection-rs CVE-2020-0984 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-0986 - https://github.com/SexyBeast233/SecBooks @@ -29174,6 +31630,9 @@ CVE-2020-1011 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-1011 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-1011 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-1011 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2020-10110 - https://github.com/stratosphereips/nist-cve-search-tool +CVE-2020-10111 - https://github.com/stratosphereips/nist-cve-search-tool +CVE-2020-10112 - https://github.com/stratosphereips/nist-cve-search-tool CVE-2020-1012 - https://github.com/404notf0und/CVE-Flow CVE-2020-1013 - https://github.com/404notf0und/CVE-Flow CVE-2020-1013 - https://github.com/GoSecure/WSuspicious @@ -29194,9 +31653,11 @@ CVE-2020-10136 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-10137 - https://github.com/CNK2100/VFuzz-public CVE-2020-10148 - https://github.com/0ps/pocassistdb CVE-2020-10148 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2020-10148 - https://github.com/B1anda0/CVE-2020-10148 CVE-2020-10148 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-10148 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-10148 - https://github.com/SexyBeast233/SecBooks +CVE-2020-10148 - https://github.com/Udyz/CVE-2020-10148-Solarwinds-Orion CVE-2020-10148 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-10148 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-10148 - https://github.com/hectorgie/PoC-in-GitHub @@ -29204,7 +31665,9 @@ CVE-2020-10148 - https://github.com/jaeles-project/jaeles CVE-2020-10148 - https://github.com/jaeles-project/jaeles-signatures CVE-2020-10148 - https://github.com/jweny/pocassistdb CVE-2020-10148 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-10148 - https://github.com/rdoix/CVE-2020-10148-Solarwinds-Orion CVE-2020-10148 - https://github.com/sobinge/nuclei-templates +CVE-2020-10148 - https://github.com/tzwlhack/Vulnerability CVE-2020-1015 - https://github.com/0xT11/CVE-POC CVE-2020-1015 - https://github.com/0xeb-bp/cve-2020-1015 CVE-2020-1015 - https://github.com/Ascotbe/Kernelhub @@ -29230,6 +31693,7 @@ CVE-2020-10189 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2020-10189 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-10189 - https://github.com/huike007/penetration_poc CVE-2020-10189 - https://github.com/huike007/poc +CVE-2020-10189 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-10189 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2020-10189 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-10189 - https://github.com/tdtc7/qps @@ -29251,8 +31715,10 @@ CVE-2020-10199 - https://github.com/huike007/penetration_poc CVE-2020-10199 - https://github.com/huike007/poc CVE-2020-10199 - https://github.com/jas502n/CVE-2020-10199 CVE-2020-10199 - https://github.com/koala2099/GitHub-Chinese-Top-Charts +CVE-2020-10199 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-10199 - https://github.com/magicming200/CVE-2020-10199_CVE-2020-10204 CVE-2020-10199 - https://github.com/muzai/Clog +CVE-2020-10199 - https://github.com/neilzhang1/Chinese-Charts CVE-2020-10199 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-10199 - https://github.com/pinkieli/GitHub-Chinese-Top-Charts CVE-2020-10199 - https://github.com/qingyuanfeiniao/Chinese-Top-Charts @@ -29279,7 +31745,9 @@ CVE-2020-10204 - https://github.com/huike007/penetration_poc CVE-2020-10204 - https://github.com/huike007/poc CVE-2020-10204 - https://github.com/jas502n/CVE-2020-10199 CVE-2020-10204 - https://github.com/koala2099/GitHub-Chinese-Top-Charts +CVE-2020-10204 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-10204 - https://github.com/magicming200/CVE-2020-10199_CVE-2020-10204 +CVE-2020-10204 - https://github.com/neilzhang1/Chinese-Charts CVE-2020-10204 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-10204 - https://github.com/pinkieli/GitHub-Chinese-Top-Charts CVE-2020-10204 - https://github.com/qingyuanfeiniao/Chinese-Top-Charts @@ -29413,6 +31881,7 @@ CVE-2020-1054 - https://github.com/Al1ex/WindowsElevation CVE-2020-1054 - https://github.com/Ascotbe/Kernelhub CVE-2020-1054 - https://github.com/CnHack3r/Penetration_PoC CVE-2020-1054 - https://github.com/FULLSHADE/WindowsExploitationResources +CVE-2020-1054 - https://github.com/Graham382/CVE-2020-1054 CVE-2020-1054 - https://github.com/Iamgublin/CVE-2020-1054 CVE-2020-1054 - https://github.com/KaLendsi/CVE-2020-1054 CVE-2020-1054 - https://github.com/Mr-xn/Penetration_Testing_POC @@ -29463,6 +31932,7 @@ CVE-2020-10560 - https://github.com/kevthehermit/CVE-2020-10560 CVE-2020-10560 - https://github.com/kevthehermit/attackerkb-api CVE-2020-10560 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-10564 - https://github.com/ChoiSG/vwp +CVE-2020-10564 - https://github.com/PaulBorie/kubernetes-security CVE-2020-10564 - https://github.com/vavkamil/dvwp CVE-2020-10565 - https://github.com/renorobert/grub-bhyve-bugs CVE-2020-10566 - https://github.com/renorobert/grub-bhyve-bugs @@ -29502,6 +31972,7 @@ CVE-2020-10663 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-10663 - https://github.com/qoqa/gem-mandrill-api CVE-2020-10663 - https://github.com/rails-lts/json_cve_2020_10663 CVE-2020-10663 - https://github.com/rainchen/code_quality +CVE-2020-10663 - https://github.com/retailzipline/mandrill-api-ruby CVE-2020-10665 - https://github.com/0xT11/CVE-POC CVE-2020-10665 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-10665 - https://github.com/developer3000S/PoC-in-GitHub @@ -29509,6 +31980,7 @@ CVE-2020-10665 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-10665 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-10665 - https://github.com/spaceraccoon/CVE-2020-10665 CVE-2020-10672 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2020-10672 - https://github.com/yahoo/cubed CVE-2020-10673 - https://github.com/0xT11/CVE-POC CVE-2020-10673 - https://github.com/Al1ex/CVE-2020-10673 CVE-2020-10673 - https://github.com/CnHack3r/Penetration_PoC @@ -29527,8 +31999,11 @@ CVE-2020-10673 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-10673 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-10673 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-10673 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2020-10673 - https://github.com/yahoo/cubed CVE-2020-10673 - https://github.com/yedada-wei/- CVE-2020-10673 - https://github.com/yedada-wei/gongkaishouji +CVE-2020-10675 - https://github.com/k1LoW/oshka +CVE-2020-10675 - https://github.com/naveensrinivasan/stunning-tribble CVE-2020-10693 - https://github.com/IBM/websphere-automation-lab CVE-2020-1070 - https://github.com/0xT11/CVE-POC CVE-2020-1070 - https://github.com/developer3000S/PoC-in-GitHub @@ -29540,6 +32015,8 @@ CVE-2020-10713 - https://github.com/CnHack3r/Penetration_PoC CVE-2020-10713 - https://github.com/Jetico/shim-review CVE-2020-10713 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-10713 - https://github.com/YIXINSHUWU/Penetration_Testing_POC +CVE-2020-10713 - https://github.com/YeongSeokLee/shim-review +CVE-2020-10713 - https://github.com/amzdev0401/shim-review-backup CVE-2020-10713 - https://github.com/bitraser/shim-review-15.4 CVE-2020-10713 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-10713 - https://github.com/eclypsium/BootHole @@ -29548,6 +32025,7 @@ CVE-2020-10713 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-10713 - https://github.com/huike007/penetration_poc CVE-2020-10713 - https://github.com/jason-chang-atrust/shim-review CVE-2020-10713 - https://github.com/kaosagnt/ansible-everyday +CVE-2020-10713 - https://github.com/luojc123/shim-nsdl CVE-2020-10713 - https://github.com/lzap/redhat-kernel-shim-signatures CVE-2020-10713 - https://github.com/neverware/shim-review CVE-2020-10713 - https://github.com/nomi-sec/PoC-in-GitHub @@ -29571,6 +32049,7 @@ CVE-2020-10749 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-10749 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-10749 - https://github.com/knqyf263/CVE-2020-10749 CVE-2020-10749 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-10749 - https://github.com/reni2study/Cloud-Native-Security2 CVE-2020-10758 - https://github.com/Eriner/eriner CVE-2020-10758 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-10759 - https://github.com/0xT11/CVE-POC @@ -29621,6 +32100,7 @@ CVE-2020-10873 - https://github.com/0xbigshaq/php7-internals CVE-2020-10878 - https://github.com/Azure/publish-security-assessments CVE-2020-10878 - https://github.com/dragon7-fc/misc CVE-2020-10878 - https://github.com/garethr/snykout +CVE-2020-10878 - https://github.com/hisashin0728/AmazonECRScanSecurityHub CVE-2020-1088 - https://github.com/CnHack3r/Penetration_PoC CVE-2020-1088 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-1088 - https://github.com/YIXINSHUWU/Penetration_Testing_POC @@ -29648,7 +32128,9 @@ CVE-2020-10925 - https://github.com/rdomanski/Exploits_and_Advisories CVE-2020-10926 - https://github.com/rdomanski/Exploits_and_Advisories CVE-2020-10927 - https://github.com/rdomanski/Exploits_and_Advisories CVE-2020-10963 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-10968 - https://github.com/yahoo/cubed CVE-2020-10969 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2020-10969 - https://github.com/yahoo/cubed CVE-2020-1097 - https://github.com/404notf0und/CVE-Flow CVE-2020-10971 - https://github.com/bubbadestroy/Jetstream_AC3000 CVE-2020-10971 - https://github.com/sudo-jtcsec/CVE @@ -29656,19 +32138,24 @@ CVE-2020-10972 - https://github.com/bubbadestroy/Jetstream_AC3000 CVE-2020-10972 - https://github.com/sudo-jtcsec/CVE CVE-2020-10973 - https://github.com/sudo-jtcsec/CVE CVE-2020-10974 - https://github.com/sudo-jtcsec/CVE +CVE-2020-10977 - https://github.com/CYJoe-Cyclone/PenetrationTesttips CVE-2020-10977 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-10977 - https://github.com/JustMichi/CVE-2020-10977.py CVE-2020-10977 - https://github.com/KooroshRZ/CVE-2020-10977 CVE-2020-10977 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-10977 - https://github.com/Power7089/PenetrationTest-Tips CVE-2020-10977 - https://github.com/SexyBeast233/SecBooks CVE-2020-10977 - https://github.com/cocomelonc/vulnexipy CVE-2020-10977 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-10977 - https://github.com/dotPY-hax/gitlab_RCE CVE-2020-10977 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-10977 - https://github.com/huike007/penetration_poc CVE-2020-10977 - https://github.com/jeansgit/Pentest CVE-2020-10977 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-10977 - https://github.com/r0eXpeR/redteam_vul CVE-2020-10977 - https://github.com/taielab/awesome-hacking-lists +CVE-2020-10977 - https://github.com/thewhiteh4t/cve-2020-10977 +CVE-2020-10977 - https://github.com/tzwlhack/Vulnerability CVE-2020-10977 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-1098 - https://github.com/404notf0und/CVE-Flow CVE-2020-10987 - https://github.com/ker2x/DearDiary @@ -29690,6 +32177,7 @@ CVE-2020-11022 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-11022 - https://github.com/corey-schneider/bagel-shop CVE-2020-11022 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-11022 - https://github.com/tnwebdev/jquery-2.2.4-patched +CVE-2020-11022 - https://github.com/tzwlhack/Vulnerability CVE-2020-11023 - https://github.com/AssassinUKG/XSSPlayground CVE-2020-11023 - https://github.com/DanielRuf/snyk-js-jquery-565129 CVE-2020-11023 - https://github.com/EdgeSecurityTeam/Vulnerability @@ -29697,16 +32185,23 @@ CVE-2020-11023 - https://github.com/SexyBeast233/SecBooks CVE-2020-11023 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-11023 - https://github.com/arijitdirghanji/100DaysofLearning CVE-2020-11023 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-11023 - https://github.com/tzwlhack/Vulnerability +CVE-2020-11025 - https://github.com/El-Palomo/DerpNStink CVE-2020-11025 - https://github.com/El-Palomo/SYMFONOS CVE-2020-11025 - https://github.com/zer0uid/docker-CVEanalysis +CVE-2020-11026 - https://github.com/El-Palomo/DerpNStink CVE-2020-11026 - https://github.com/El-Palomo/SYMFONOS +CVE-2020-11027 - https://github.com/El-Palomo/DerpNStink CVE-2020-11027 - https://github.com/El-Palomo/SYMFONOS +CVE-2020-11028 - https://github.com/El-Palomo/DerpNStink CVE-2020-11028 - https://github.com/El-Palomo/SYMFONOS +CVE-2020-11029 - https://github.com/El-Palomo/DerpNStink CVE-2020-11029 - https://github.com/El-Palomo/SYMFONOS CVE-2020-11030 - https://github.com/El-Palomo/SYMFONOS CVE-2020-11034 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-11034 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-11034 - https://github.com/sobinge/nuclei-templates +CVE-2020-11050 - https://github.com/PalindromeLabs/awesome-websocket-security CVE-2020-11059 - https://github.com/ossf-cve-benchmark/CVE-2020-11059 CVE-2020-11060 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-11060 - https://github.com/alphaSeclab/sec-daily-2020 @@ -29744,13 +32239,16 @@ CVE-2020-11110 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-11110 - https://github.com/NarbehJackson/Java-Xss-minitwit16 CVE-2020-11110 - https://github.com/NarbehJackson/XSS-Python-Lab CVE-2020-11111 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2020-11111 - https://github.com/yahoo/cubed CVE-2020-11112 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2020-11112 - https://github.com/yahoo/cubed CVE-2020-11113 - https://github.com/0xT11/CVE-POC CVE-2020-11113 - https://github.com/Al1ex/CVE-2020-11113 CVE-2020-11113 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2020-11113 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-11113 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-11113 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-11113 - https://github.com/yahoo/cubed CVE-2020-11115 - https://github.com/404notf0und/CVE-Flow CVE-2020-11116 - https://github.com/404notf0und/CVE-Flow CVE-2020-11117 - https://github.com/404notf0und/CVE-Flow @@ -29890,6 +32388,7 @@ CVE-2020-11444 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-11444 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-11444 - https://github.com/jas502n/CVE-2020-10199 CVE-2020-11444 - https://github.com/koala2099/GitHub-Chinese-Top-Charts +CVE-2020-11444 - https://github.com/neilzhang1/Chinese-Charts CVE-2020-11444 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-11444 - https://github.com/pinkieli/GitHub-Chinese-Top-Charts CVE-2020-11444 - https://github.com/qingyuanfeiniao/Chinese-Top-Charts @@ -29904,7 +32403,9 @@ CVE-2020-11455 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-1146 - https://github.com/404notf0und/CVE-Flow CVE-2020-1147 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-1147 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2020-1147 - https://github.com/H0j3n/EzpzSharepoint CVE-2020-1147 - https://github.com/amcai/myscan +CVE-2020-1147 - https://github.com/michael101096/cs2020_msels CVE-2020-1147 - https://github.com/pwntester/ysoserial.net CVE-2020-1147 - https://github.com/sobinge/nuclei-templates CVE-2020-11492 - https://github.com/0xT11/CVE-POC @@ -29924,6 +32425,7 @@ CVE-2020-11501 - https://github.com/garethr/snykout CVE-2020-11518 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2020-11518 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-11518 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +CVE-2020-11518 - https://github.com/r0eXpeR/supplier CVE-2020-11519 - https://github.com/0xT11/CVE-POC CVE-2020-11519 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-11519 - https://github.com/hectorgie/PoC-in-GitHub @@ -29963,9 +32465,11 @@ CVE-2020-1159 - https://github.com/404notf0und/CVE-Flow CVE-2020-1160 - https://github.com/googleprojectzero/winafl CVE-2020-1160 - https://github.com/hardik05/winafl-powermopt CVE-2020-11605 - https://github.com/he1m4n6a/cve-db +CVE-2020-11619 - https://github.com/yahoo/cubed CVE-2020-11620 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2020-11620 - https://github.com/paolodenti/telegram-types CVE-2020-11620 - https://github.com/r00t4dm/r00t4dm +CVE-2020-11620 - https://github.com/yahoo/cubed CVE-2020-11650 - https://github.com/0xT11/CVE-POC CVE-2020-11650 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-11650 - https://github.com/hectorgie/PoC-in-GitHub @@ -29973,7 +32477,9 @@ CVE-2020-11650 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-11650 - https://github.com/weinull/CVE-2020-11650 CVE-2020-11651 - https://github.com/0xT11/CVE-POC CVE-2020-11651 - https://github.com/0xc0d/CVE-2020-11651 +CVE-2020-11651 - https://github.com/Al1ex/CVE-2020-11652 CVE-2020-11651 - https://github.com/CnHack3r/Penetration_PoC +CVE-2020-11651 - https://github.com/FDlucifer/firece-fish CVE-2020-11651 - https://github.com/Imanfeng/SaltStack-Exp CVE-2020-11651 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-11651 - https://github.com/RakhithJK/CVE-2020-11651 @@ -29986,6 +32492,7 @@ CVE-2020-11651 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-11651 - https://github.com/dozernz/cve-2020-11651 CVE-2020-11651 - https://github.com/dwoz/salt-rekey CVE-2020-11651 - https://github.com/fanjq99/CVE-2020-11652 +CVE-2020-11651 - https://github.com/fofapro/vulfocus CVE-2020-11651 - https://github.com/gobysec/Goby CVE-2020-11651 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2020-11651 - https://github.com/hectorgie/PoC-in-GitHub @@ -29995,6 +32502,7 @@ CVE-2020-11651 - https://github.com/huike007/poc CVE-2020-11651 - https://github.com/jasperla/CVE-2020-11651-poc CVE-2020-11651 - https://github.com/kasini3000/kasini3000 CVE-2020-11651 - https://github.com/kevthehermit/CVE-2020-11651 +CVE-2020-11651 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-11651 - https://github.com/lovelyjuice/cve-2020-11651-exp-plus CVE-2020-11651 - https://github.com/merlinxcy/ToolBox CVE-2020-11651 - https://github.com/nomi-sec/PoC-in-GitHub @@ -30007,6 +32515,7 @@ CVE-2020-11651 - https://github.com/yedada-wei/- CVE-2020-11651 - https://github.com/yedada-wei/gongkaishouji CVE-2020-11652 - https://github.com/0xT11/CVE-POC CVE-2020-11652 - https://github.com/0xc0d/CVE-2020-11651 +CVE-2020-11652 - https://github.com/Al1ex/CVE-2020-11652 CVE-2020-11652 - https://github.com/CnHack3r/Penetration_PoC CVE-2020-11652 - https://github.com/Imanfeng/SaltStack-Exp CVE-2020-11652 - https://github.com/Mr-xn/Penetration_Testing_POC @@ -30016,6 +32525,7 @@ CVE-2020-11652 - https://github.com/chef-cft/salt-vulnerabilities CVE-2020-11652 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-11652 - https://github.com/dwoz/salt-rekey CVE-2020-11652 - https://github.com/fanjq99/CVE-2020-11652 +CVE-2020-11652 - https://github.com/fofapro/vulfocus CVE-2020-11652 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2020-11652 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-11652 - https://github.com/heikanet/CVE-2020-11651-CVE-2020-11652-EXP @@ -30023,6 +32533,7 @@ CVE-2020-11652 - https://github.com/huike007/penetration_poc CVE-2020-11652 - https://github.com/huike007/poc CVE-2020-11652 - https://github.com/jasperla/CVE-2020-11651-poc CVE-2020-11652 - https://github.com/kasini3000/kasini3000 +CVE-2020-11652 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-11652 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-11652 - https://github.com/rapyuta-robotics/clean-script CVE-2020-11652 - https://github.com/rossengeorgiev/salt-security-backports @@ -30031,7 +32542,9 @@ CVE-2020-11652 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC CVE-2020-11652 - https://github.com/yedada-wei/- CVE-2020-11652 - https://github.com/yedada-wei/gongkaishouji CVE-2020-11655 - https://github.com/garethr/snykout +CVE-2020-11655 - https://github.com/vinamra28/tekton-image-scan-trivy CVE-2020-11656 - https://github.com/garethr/snykout +CVE-2020-11656 - https://github.com/ycamper/censys-scripts CVE-2020-11679 - https://github.com/irbishop/CVEs CVE-2020-11680 - https://github.com/irbishop/CVEs CVE-2020-11681 - https://github.com/irbishop/CVEs @@ -30052,6 +32565,7 @@ CVE-2020-11710 - https://github.com/Metarget/awesome-cloud-native-security CVE-2020-11710 - https://github.com/RandomRobbieBF/kong-pwn CVE-2020-11710 - https://github.com/amcai/myscan CVE-2020-11710 - https://github.com/gobysec/Goby +CVE-2020-11710 - https://github.com/reni2study/Cloud-Native-Security2 CVE-2020-11710 - https://github.com/sobinge/nuclei-templates CVE-2020-11712 - https://github.com/Orange-Cyberdefense/CVE-repository CVE-2020-1172 - https://github.com/404notf0und/CVE-Flow @@ -30074,8 +32588,10 @@ CVE-2020-11804 - https://github.com/sensepost/ClashofSpamTitan CVE-2020-1181 - https://github.com/SexyBeast233/SecBooks CVE-2020-1181 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-1181 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2020-1181 - https://github.com/r0eXpeR/supplier CVE-2020-11819 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-11851 - https://github.com/NetW0rK1le3r/awesome-hacking-lists +CVE-2020-11851 - https://github.com/ch1nghz/CVE-2020-11851 CVE-2020-11851 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-11851 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-11853 - https://github.com/ARPSyndicate/kenzer-templates @@ -30149,7 +32665,10 @@ CVE-2020-1194 - https://github.com/itm4n/CVEs CVE-2020-11972 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2020-11973 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2020-11974 - https://github.com/SexyBeast233/SecBooks +CVE-2020-11974 - https://github.com/langligelang/langligelang +CVE-2020-11975 - https://github.com/1135/unomi_exploit CVE-2020-11975 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-11975 - https://github.com/eugenebmx/CVE-2020-13942 CVE-2020-11975 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-11975 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-11976 - https://github.com/afinepl/research @@ -30174,6 +32693,7 @@ CVE-2020-11989 - https://github.com/bfengj/CTF CVE-2020-11989 - https://github.com/chibd2000/Burp-Extender-Study-Develop CVE-2020-11989 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-11989 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-11989 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-11989 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-11989 - https://github.com/threedr3am/learnjavabug CVE-2020-11989 - https://github.com/woods-sega/woodswiki @@ -30186,6 +32706,7 @@ CVE-2020-11991 - https://github.com/H4ckTh3W0r1d/Goby_POC CVE-2020-11991 - https://github.com/SexyBeast233/SecBooks CVE-2020-11993 - https://github.com/Dheia/sc-main CVE-2020-11993 - https://github.com/Solhack/Team_CSI_platform +CVE-2020-11993 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2020-11993 - https://github.com/vshaliii/Funbox2-rookie CVE-2020-11993 - https://github.com/vshaliii/Vegeta1-Vulhub-Walkthrough CVE-2020-11996 - https://github.com/0xT11/CVE-POC @@ -30225,11 +32746,13 @@ CVE-2020-1206 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-1206 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-1206 - https://github.com/taielab/awesome-hacking-lists CVE-2020-1206 - https://github.com/zathizh/cve-796-mit +CVE-2020-12062 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2020-12078 - https://github.com/0xT11/CVE-POC CVE-2020-12078 - https://github.com/84KaliPleXon3/CVE-2020-12078 CVE-2020-12078 - https://github.com/SexyBeast233/SecBooks CVE-2020-12078 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-12078 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-12078 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-12078 - https://github.com/mhaskar/CVE-2020-12078 CVE-2020-12078 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-12078 - https://github.com/tdtc7/qps @@ -30285,12 +32808,14 @@ CVE-2020-12351 - https://github.com/WinMin/Protocol-Vul CVE-2020-12351 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-12351 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-12351 - https://github.com/engn33r/awesome-bluetooth-security +CVE-2020-12351 - https://github.com/hac425xxx/heap-exploitation-in-real-world CVE-2020-12351 - https://github.com/joydo/CVE-Writeups CVE-2020-12351 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-12351 - https://github.com/xairy/linux-kernel-exploitation CVE-2020-12352 - https://github.com/Charmve/BLE-Security-Attack-Defence CVE-2020-12352 - https://github.com/WinMin/Protocol-Vul CVE-2020-12352 - https://github.com/engn33r/awesome-bluetooth-security +CVE-2020-12352 - https://github.com/hac425xxx/heap-exploitation-in-real-world CVE-2020-12352 - https://github.com/joydo/CVE-Writeups CVE-2020-12352 - https://github.com/xairy/linux-kernel-exploitation CVE-2020-12388 - https://github.com/alphaSeclab/sec-daily-2020 @@ -30356,6 +32881,7 @@ CVE-2020-12696 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-12702 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-12702 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-12702 - https://github.com/salgio/ESPTouchCatcher +CVE-2020-12702 - https://github.com/salgio/eWeLink-QR-Code CVE-2020-12712 - https://github.com/0xT11/CVE-POC CVE-2020-12712 - https://github.com/SanderUbink/CVE-2020-12712 CVE-2020-12712 - https://github.com/developer3000S/PoC-in-GitHub @@ -30426,6 +32952,8 @@ CVE-2020-1281 - https://github.com/huike007/poc CVE-2020-1281 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-1281 - https://github.com/yedada-wei/- CVE-2020-1281 - https://github.com/yedada-wei/gongkaishouji +CVE-2020-12812 - https://github.com/irinarenteria/attackerkb-clj +CVE-2020-12812 - https://github.com/r0eXpeR/supplier CVE-2020-12828 - https://github.com/0xT11/CVE-POC CVE-2020-12828 - https://github.com/0xsha/ZombieVPN CVE-2020-12828 - https://github.com/alphaSeclab/sec-daily-2020 @@ -30449,12 +32977,15 @@ CVE-2020-12856 - https://github.com/0xT11/CVE-POC CVE-2020-12856 - https://github.com/TinyNiko/android_bulletin_notes CVE-2020-12856 - https://github.com/alwentiu/COVIDSafe-CVE-2020-12856 CVE-2020-12856 - https://github.com/alwentiu/CVE-2020-14292 +CVE-2020-12856 - https://github.com/alwentiu/contact-tracing-research CVE-2020-12856 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-12856 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-12856 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-12856 - https://github.com/parthdmaniar/coronavirus-covid-19-SARS-CoV-2-IoCs +CVE-2020-12912 - https://github.com/evdenis/cvehound CVE-2020-12928 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-12928 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-12928 - https://github.com/ekknod/EC_PRO-LAN CVE-2020-12928 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-12928 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-1299 - https://github.com/alphaSeclab/sec-daily-2020 @@ -30550,6 +33081,7 @@ CVE-2020-13260 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-13260 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-13277 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-13277 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-13277 - https://github.com/lyy289065406/CVE-2020-13277 CVE-2020-13277 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-1332 - https://github.com/404notf0und/CVE-Flow CVE-2020-13333 - https://github.com/engn33r/awesome-redos-security @@ -30593,6 +33125,7 @@ CVE-2020-1338 - https://github.com/404notf0und/CVE-Flow CVE-2020-13384 - https://github.com/SexyBeast233/SecBooks CVE-2020-13401 - https://github.com/Metarget/awesome-cloud-native-security CVE-2020-13401 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-13401 - https://github.com/reni2study/Cloud-Native-Security2 CVE-2020-13405 - https://github.com/RhinoSecurityLabs/CVEs CVE-2020-13405 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-13405 - https://github.com/sunzu94/AWS-CVEs @@ -30611,7 +33144,11 @@ CVE-2020-1344 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-1344 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-1344 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2020-13443 - https://github.com/afinepl/research +CVE-2020-13449 - https://github.com/br0xpl/gotenberg_hack CVE-2020-1345 - https://github.com/404notf0und/CVE-Flow +CVE-2020-13450 - https://github.com/br0xpl/gotenberg_hack +CVE-2020-13451 - https://github.com/br0xpl/gotenberg_hack +CVE-2020-13452 - https://github.com/br0xpl/gotenberg_hack CVE-2020-13457 - https://github.com/0xT11/CVE-POC CVE-2020-13457 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-13457 - https://github.com/hectorgie/PoC-in-GitHub @@ -30621,6 +33158,10 @@ CVE-2020-13483 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-13483 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-13483 - https://github.com/afinepl/research CVE-2020-13484 - https://github.com/afinepl/research +CVE-2020-13487 - https://github.com/Saidul-M-Khan/Awesome-Bugbounty-Writeups +CVE-2020-13487 - https://github.com/ajino2k/Awesome-Bugbounty-Writeups +CVE-2020-13487 - https://github.com/blitz-cmd/Bugbounty-writeups +CVE-2020-13487 - https://github.com/bot8080/awesomeBugbounty CVE-2020-13487 - https://github.com/devanshbatham/Awesome-Bugbounty-Writeups CVE-2020-1349 - https://github.com/0neb1n/CVE-2020-1349 CVE-2020-1349 - https://github.com/0xT11/CVE-POC @@ -30632,6 +33173,7 @@ CVE-2020-1350 - https://github.com/Ascotbe/Kernelhub CVE-2020-1350 - https://github.com/CVEmaster/CVE-2020-1350 CVE-2020-1350 - https://github.com/CnHack3r/Penetration_PoC CVE-2020-1350 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-1350 - https://github.com/EvilAnne/2020-Read-article CVE-2020-1350 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-1350 - https://github.com/Plazmaz/CVE-2020-1350-poc CVE-2020-1350 - https://github.com/Secuora-Org/CVE-2020-1350-checker.ps1 @@ -30667,12 +33209,14 @@ CVE-2020-1350 - https://github.com/simeononsecurity/CVE-2020-1350-Fix CVE-2020-1350 - https://github.com/tinkersec/cve-2020-1350 CVE-2020-1350 - https://github.com/tobor88/PowerShell-Blue-Team CVE-2020-1350 - https://github.com/tolgadevsec/Awesome-Deception +CVE-2020-1350 - https://github.com/tzwlhack/Vulnerability CVE-2020-1350 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-1350 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2020-1350 - https://github.com/yedada-wei/- CVE-2020-1350 - https://github.com/yedada-wei/gongkaishouji CVE-2020-1350 - https://github.com/zoomerxsec/Fake_CVE-2020-1350 CVE-2020-1351 - https://github.com/xinali/articles +CVE-2020-13529 - https://github.com/epequeno/devops-demo CVE-2020-13529 - https://github.com/onzack/trivy-multiscanner CVE-2020-13593 - https://github.com/Matheus-Garbelini/sweyntooth_bluetooth_low_energy_attacks CVE-2020-13593 - https://github.com/engn33r/awesome-bluetooth-security @@ -30747,6 +33291,7 @@ CVE-2020-13777 - https://github.com/garethr/snykout CVE-2020-13777 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-13777 - https://github.com/michaelbiven/security CVE-2020-13777 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-13777 - https://github.com/not1337/tlsserver CVE-2020-13777 - https://github.com/prprhyt/PoC_TLS1_3_CVE-2020-13777 CVE-2020-13777 - https://github.com/shigeki/challenge_CVE-2020-13777 CVE-2020-1378 - https://github.com/punishell/WindowsLegacyCVE @@ -30764,11 +33309,13 @@ CVE-2020-13884 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-13884 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-13884 - https://github.com/hessandrew/CVE-2020-13884 CVE-2020-13884 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-13884 - https://github.com/stratosphereips/nist-cve-search-tool CVE-2020-13885 - https://github.com/0xT11/CVE-POC CVE-2020-13885 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-13885 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-13885 - https://github.com/hessandrew/CVE-2020-13885 CVE-2020-13885 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-13885 - https://github.com/stratosphereips/nist-cve-search-tool CVE-2020-13886 - https://github.com/0xT11/CVE-POC CVE-2020-13886 - https://github.com/Ls4ss/CVE-2020-13886 CVE-2020-13886 - https://github.com/developer3000S/PoC-in-GitHub @@ -30784,6 +33331,7 @@ CVE-2020-13905 - https://github.com/nhiephon/Research CVE-2020-13906 - https://github.com/nhiephon/Research CVE-2020-13920 - https://github.com/404notf0und/CVE-Flow CVE-2020-13921 - https://github.com/pen4uin/vulnerability-lab +CVE-2020-13921 - https://github.com/shanika04/apache_skywalking CVE-2020-13922 - https://github.com/DSExtension/DSCVE-2020-13922 CVE-2020-13922 - https://github.com/SexyBeast233/SecBooks CVE-2020-13925 - https://github.com/0xT11/CVE-POC @@ -30792,6 +33340,7 @@ CVE-2020-13925 - https://github.com/SexyBeast233/SecBooks CVE-2020-13925 - https://github.com/bit4woo/CVE-2020-13925 CVE-2020-13925 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-13925 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-13925 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-13925 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-13925 - https://github.com/tdtc7/qps CVE-2020-13927 - https://github.com/ARPSyndicate/kenzer-templates @@ -30807,6 +33356,7 @@ CVE-2020-13933 - https://github.com/bfengj/CTF CVE-2020-13933 - https://github.com/chibd2000/Burp-Extender-Study-Develop CVE-2020-13933 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-13933 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-13933 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-13933 - https://github.com/lyy289065406/CVE-2020-13933 CVE-2020-13933 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-13933 - https://github.com/p1ay8y3ar/cve_monitor @@ -30816,19 +33366,24 @@ CVE-2020-13935 - https://github.com/404notf0und/CVE-Flow CVE-2020-13935 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-13935 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-13935 - https://github.com/NetW0rK1le3r/awesome-hacking-lists +CVE-2020-13935 - https://github.com/RedTeamPentesting/CVE-2020-13935 CVE-2020-13935 - https://github.com/SexyBeast233/SecBooks CVE-2020-13935 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-13935 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-13935 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-13935 - https://github.com/huike007/penetration_poc CVE-2020-13935 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-13935 - https://github.com/nu11secur1ty/CVE-mitre +CVE-2020-13935 - https://github.com/qeeqbox/falcon CVE-2020-13935 - https://github.com/superfish9/pt CVE-2020-13935 - https://github.com/taielab/awesome-hacking-lists +CVE-2020-13935 - https://github.com/tzwlhack/Vulnerability CVE-2020-13935 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2020-13935 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-13936 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-13936 - https://github.com/SexyBeast233/SecBooks CVE-2020-13936 - https://github.com/jimbethancourt/RefactorFirst +CVE-2020-13936 - https://github.com/tzwlhack/Vulnerability CVE-2020-13937 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-13937 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-13937 - https://github.com/Elsfa7-110/kenzer-templates @@ -30839,28 +33394,42 @@ CVE-2020-13937 - https://github.com/bigblackhat/oFx CVE-2020-13937 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-13937 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-13937 - https://github.com/sobinge/nuclei-templates +CVE-2020-13937 - https://github.com/tzwlhack/Vulnerability +CVE-2020-13937 - https://github.com/yaunsky/CVE-2020-13937 +CVE-2020-13942 - https://github.com/1135/unomi_exploit CVE-2020-13942 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-13942 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-13942 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-13942 - https://github.com/SexyBeast233/SecBooks CVE-2020-13942 - https://github.com/SouthWind0/southwind0.github.io CVE-2020-13942 - https://github.com/alphaSeclab/sec-daily-2020 +CVE-2020-13942 - https://github.com/blackmarketer/CVE-2020-13942 CVE-2020-13942 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-13942 - https://github.com/eugenebmx/CVE-2020-13942 CVE-2020-13942 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-13942 - https://github.com/litt1eb0yy/One-Liner-Scripts +CVE-2020-13942 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection +CVE-2020-13942 - https://github.com/lp008/CVE-2020-13942 CVE-2020-13942 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-13942 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2020-13942 - https://github.com/qeeqbox/falcon +CVE-2020-13942 - https://github.com/shifa123/CVE-2020-13942-POC- CVE-2020-13942 - https://github.com/sobinge/nuclei-templates +CVE-2020-13942 - https://github.com/tzwlhack/Vulnerability +CVE-2020-13942 - https://github.com/yaunsky/Unomi-CVE-2020-13942 CVE-2020-13942 - https://github.com/zhzyker/vulmap CVE-2020-13943 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2020-13945 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-13946 - https://github.com/404notf0und/CVE-Flow +CVE-2020-13949 - https://github.com/k1LoW/oshka CVE-2020-13955 - https://github.com/intrigus-lgtm/CVE-2020-14955 CVE-2020-13956 - https://github.com/CyberSource/cybersource-sdk-java CVE-2020-13956 - https://github.com/mosaic-hgw/jMeter CVE-2020-13957 - https://github.com/Imanfeng/Apache-Solr-RCE CVE-2020-13957 - https://github.com/SexyBeast233/SecBooks +CVE-2020-13957 - https://github.com/errorecho/CVEs-Collection CVE-2020-13957 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-13957 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-13957 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-13957 - https://github.com/s-index/poc-list CVE-2020-13958 - https://github.com/irsl/apache-openoffice-rce-via-uno-links @@ -30872,18 +33441,24 @@ CVE-2020-13996 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-13996 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-13996 - https://github.com/mkelepce/CVE-2020-13996 CVE-2020-13996 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-13998 - https://github.com/stratosphereips/nist-cve-search-tool CVE-2020-14008 - https://github.com/404notf0und/CVE-Flow CVE-2020-14060 - https://github.com/SexyBeast233/SecBooks +CVE-2020-14060 - https://github.com/yahoo/cubed +CVE-2020-14061 - https://github.com/yahoo/cubed CVE-2020-14062 - https://github.com/SexyBeast233/SecBooks +CVE-2020-14062 - https://github.com/yahoo/cubed CVE-2020-14064 - https://github.com/0xT11/CVE-POC CVE-2020-14064 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-14064 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-14064 - https://github.com/masoud-zivari/CVE-2020-14064 CVE-2020-14064 - https://github.com/networksecure/CVE-2020-14064 CVE-2020-14064 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-14064 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-14065 - https://github.com/0xT11/CVE-POC CVE-2020-14065 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-14065 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-14065 - https://github.com/masoud-zivari/CVE-2020-14065 CVE-2020-14065 - https://github.com/networksecure/CVE-2020-14065 CVE-2020-14065 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-14065 - https://github.com/p1ay8y3ar/cve_monitor @@ -30900,6 +33475,7 @@ CVE-2020-14096 - https://github.com/404notf0und/CVE-Flow CVE-2020-14100 - https://github.com/404notf0und/CVE-Flow CVE-2020-14119 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-14124 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2020-14145 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2020-14145 - https://github.com/phx/cvescan CVE-2020-14145 - https://github.com/siddicky/git-and-crumpets CVE-2020-14145 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough @@ -30909,6 +33485,8 @@ CVE-2020-14145 - https://github.com/vshaliii/DC-4-Vulnhub-Walkthrough CVE-2020-14145 - https://github.com/vshaliii/Funbox2-rookie CVE-2020-14146 - https://github.com/Orange-Cyberdefense/CVE-repository CVE-2020-14155 - https://github.com/dispera/giant-squid +CVE-2020-14155 - https://github.com/domyrtille/interview_project +CVE-2020-14155 - https://github.com/epequeno/devops-demo CVE-2020-14155 - https://github.com/garethr/snykout CVE-2020-14155 - https://github.com/nedenwalker/spring-boot-app-using-gradle CVE-2020-14155 - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln @@ -30917,10 +33495,12 @@ CVE-2020-14163 - https://github.com/googleprojectzero/fuzzilli CVE-2020-14178 - https://github.com/404notf0und/CVE-Flow CVE-2020-14179 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-14179 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2020-14179 - https://github.com/c0brabaghdad1/CVE-2020-14179 CVE-2020-14179 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-14179 - https://github.com/hackerhackrat/R-poc CVE-2020-14179 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-14179 - https://github.com/sobinge/nuclei-templates +CVE-2020-14179 - https://github.com/sushantdhopat/JIRA_testing CVE-2020-14181 - https://github.com/0ps/pocassistdb CVE-2020-14181 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-14181 - https://github.com/Elsfa7-110/kenzer-templates @@ -30933,7 +33513,9 @@ CVE-2020-14181 - https://github.com/hackerhackrat/R-poc CVE-2020-14181 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-14181 - https://github.com/jweny/pocassistdb CVE-2020-14181 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-14181 - https://github.com/r0eXpeR/supplier CVE-2020-14181 - https://github.com/sobinge/nuclei-templates +CVE-2020-14181 - https://github.com/sushantdhopat/JIRA_testing CVE-2020-14181 - https://github.com/und3sc0n0c1d0/UserEnumJira CVE-2020-14195 - https://github.com/0xT11/CVE-POC CVE-2020-14195 - https://github.com/Al1ex/Al1ex @@ -30942,6 +33524,7 @@ CVE-2020-14195 - https://github.com/SexyBeast233/SecBooks CVE-2020-14195 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-14195 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-14195 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-14195 - https://github.com/yahoo/cubed CVE-2020-14198 - https://github.com/404notf0und/CVE-Flow CVE-2020-14199 - https://github.com/0xT11/CVE-POC CVE-2020-14199 - https://github.com/developer3000S/PoC-in-GitHub @@ -30954,6 +33537,7 @@ CVE-2020-14210 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-14292 - https://github.com/0xT11/CVE-POC CVE-2020-14292 - https://github.com/404notf0und/CVE-Flow CVE-2020-14292 - https://github.com/alwentiu/CVE-2020-14292 +CVE-2020-14292 - https://github.com/alwentiu/contact-tracing-research CVE-2020-14292 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-14292 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-14292 - https://github.com/nomi-sec/PoC-in-GitHub @@ -30968,35 +33552,46 @@ CVE-2020-14294 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-14294 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-14294 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-14294 - https://github.com/patrickhener/CVE-2020-14294 +CVE-2020-14295 - https://github.com/0xaniketB/HackTheBox-Monitors CVE-2020-14295 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-14295 - https://github.com/Mayfly277/vulns CVE-2020-14295 - https://github.com/Orange-Cyberdefense/CVE-repository CVE-2020-14295 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-14295 - https://github.com/tzwlhack/Vulnerability CVE-2020-14308 - https://github.com/DNTYO/F5_Vulnerability +CVE-2020-14308 - https://github.com/amzdev0401/shim-review-backup CVE-2020-14308 - https://github.com/bitraser/shim-review-15.4 CVE-2020-14308 - https://github.com/jason-chang-atrust/shim-review +CVE-2020-14308 - https://github.com/luojc123/shim-nsdl CVE-2020-14308 - https://github.com/neverware/shim-review CVE-2020-14308 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-14308 - https://github.com/puzzleos/uefi-shim_review CVE-2020-14308 - https://github.com/rhboot/shim-review CVE-2020-14308 - https://github.com/vathpela/shim-review CVE-2020-14309 - https://github.com/DNTYO/F5_Vulnerability +CVE-2020-14309 - https://github.com/amzdev0401/shim-review-backup CVE-2020-14309 - https://github.com/bitraser/shim-review-15.4 CVE-2020-14309 - https://github.com/jason-chang-atrust/shim-review +CVE-2020-14309 - https://github.com/luojc123/shim-nsdl CVE-2020-14309 - https://github.com/neverware/shim-review CVE-2020-14309 - https://github.com/puzzleos/uefi-shim_review CVE-2020-14309 - https://github.com/rhboot/shim-review CVE-2020-14309 - https://github.com/vathpela/shim-review CVE-2020-14310 - https://github.com/DNTYO/F5_Vulnerability +CVE-2020-14310 - https://github.com/amzdev0401/shim-review-backup CVE-2020-14310 - https://github.com/bitraser/shim-review-15.4 CVE-2020-14310 - https://github.com/jason-chang-atrust/shim-review +CVE-2020-14310 - https://github.com/luojc123/shim-nsdl CVE-2020-14310 - https://github.com/neverware/shim-review CVE-2020-14310 - https://github.com/puzzleos/uefi-shim_review CVE-2020-14310 - https://github.com/renorobert/grub-bhyve-bugs CVE-2020-14310 - https://github.com/rhboot/shim-review CVE-2020-14310 - https://github.com/vathpela/shim-review CVE-2020-14311 - https://github.com/DNTYO/F5_Vulnerability +CVE-2020-14311 - https://github.com/amzdev0401/shim-review-backup CVE-2020-14311 - https://github.com/bitraser/shim-review-15.4 CVE-2020-14311 - https://github.com/jason-chang-atrust/shim-review +CVE-2020-14311 - https://github.com/luojc123/shim-nsdl CVE-2020-14311 - https://github.com/neverware/shim-review CVE-2020-14311 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-14311 - https://github.com/puzzleos/uefi-shim_review @@ -31021,6 +33616,7 @@ CVE-2020-14356 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-14356 - https://github.com/xairy/linux-kernel-exploitation CVE-2020-14363 - https://github.com/404notf0und/CVE-Flow CVE-2020-14363 - https://github.com/avafinger/libx11_1.6.4 +CVE-2020-14364 - https://github.com/Resery/Learning_Record CVE-2020-14364 - https://github.com/SexyBeast233/SecBooks CVE-2020-14364 - https://github.com/V1NKe/learning-qemu CVE-2020-14364 - https://github.com/WinMin/awesome-vm-exploit @@ -31028,9 +33624,11 @@ CVE-2020-14364 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-14368 - https://github.com/codingchili/CVE-2020-14368 CVE-2020-14368 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-14368 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-14372 - https://github.com/amzdev0401/shim-review-backup CVE-2020-14372 - https://github.com/bitraser/shim-review-15.4 CVE-2020-14372 - https://github.com/jason-chang-atrust/shim-review CVE-2020-14372 - https://github.com/kaosagnt/ansible-everyday +CVE-2020-14372 - https://github.com/luojc123/shim-nsdl CVE-2020-14372 - https://github.com/neverware/shim-review CVE-2020-14372 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-14372 - https://github.com/puzzleos/uefi-shim_review @@ -31047,6 +33645,7 @@ CVE-2020-14386 - https://github.com/cgwalters/cve-2020-14386 CVE-2020-14386 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-14386 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-14386 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-14386 - https://github.com/reni2study/Cloud-Native-Security2 CVE-2020-14386 - https://github.com/sderosiaux/every-single-day-i-tldr CVE-2020-14386 - https://github.com/taielab/awesome-hacking-lists CVE-2020-14386 - https://github.com/xairy/linux-kernel-exploitation @@ -31056,6 +33655,7 @@ CVE-2020-14413 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-14413 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-14421 - https://github.com/Orange-Cyberdefense/CVE-repository CVE-2020-14421 - https://github.com/jenaye/aapanel +CVE-2020-14422 - https://github.com/vinamra28/tekton-image-scan-trivy CVE-2020-14462 - https://github.com/Orange-Cyberdefense/CVE-repository CVE-2020-14511 - https://github.com/neutrinoguy/awesome-ics-writeups CVE-2020-14514 - https://github.com/404notf0und/CVE-Flow @@ -31101,6 +33701,7 @@ CVE-2020-14645 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2020-14645 - https://github.com/HYWZ36/CVE-2020-14645-code CVE-2020-14645 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-14645 - https://github.com/NetW0rK1le3r/awesome-hacking-lists +CVE-2020-14645 - https://github.com/Schira4396/CVE-2020-14645 CVE-2020-14645 - https://github.com/SexyBeast233/SecBooks CVE-2020-14645 - https://github.com/Y4er/CVE-2020-14645 CVE-2020-14645 - https://github.com/YIXINSHUWU/Penetration_Testing_POC @@ -31117,8 +33718,10 @@ CVE-2020-14645 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC CVE-2020-14645 - https://github.com/yedada-wei/- CVE-2020-14645 - https://github.com/yedada-wei/gongkaishouji CVE-2020-14652 - https://github.com/r00t4dm/r00t4dm +CVE-2020-1467 - https://github.com/ijatrom/searchcve CVE-2020-1471 - https://github.com/404notf0und/CVE-Flow CVE-2020-1471 - https://github.com/punishell/WindowsLegacyCVE +CVE-2020-1472 - https://github.com/0x727/usefull-elevation-of-privilege CVE-2020-1472 - https://github.com/0xT11/CVE-POC CVE-2020-1472 - https://github.com/0xcccc666/cve-2020-1472_Tool-collection CVE-2020-1472 - https://github.com/0xkami/CVE-2020-1472 @@ -31133,6 +33736,7 @@ CVE-2020-1472 - https://github.com/CanciuCostin/CVE-2020-1472 CVE-2020-1472 - https://github.com/CasperGN/ActiveDirectoryEnumeration CVE-2020-1472 - https://github.com/DNTYO/F5_Vulnerability CVE-2020-1472 - https://github.com/ErdemOzgen/ActiveDirectoryAttacks +CVE-2020-1472 - https://github.com/EvilAnne/2020-Read-article CVE-2020-1472 - https://github.com/Fa1c0n35/CVE-2020-1472 CVE-2020-1472 - https://github.com/Fa1c0n35/CVE-2020-1472-02- CVE-2020-1472 - https://github.com/Fa1c0n35/SecuraBV-CVE-2020-1472 @@ -31142,6 +33746,7 @@ CVE-2020-1472 - https://github.com/Jean-Francois-C/Windows-Penetration-Testing CVE-2020-1472 - https://github.com/Kecatoca/Zerologon_Poc CVE-2020-1472 - https://github.com/Kecatoca/Zerologon_test CVE-2020-1472 - https://github.com/Ken-Abruzzi/cve-2020-1472 +CVE-2020-1472 - https://github.com/LuemmelSec/Pentest-Tools-Collection CVE-2020-1472 - https://github.com/Mathankumar2701/ALL-PENTESTING-BIBLE CVE-2020-1472 - https://github.com/MedoX71T/PENTESTING-BIBLE CVE-2020-1472 - https://github.com/Micle5858/PENTESTING-BIBLE @@ -31155,6 +33760,7 @@ CVE-2020-1472 - https://github.com/Ondrik8/extra CVE-2020-1472 - https://github.com/Privia-Security/ADZero CVE-2020-1472 - https://github.com/Qazeer/OffensivePythonPipeline CVE-2020-1472 - https://github.com/R0B1NL1N/CVE-2020-1472 +CVE-2020-1472 - https://github.com/RyanNgCT/EH-Assignment CVE-2020-1472 - https://github.com/S3cur3Th1sSh1t/WinPwn CVE-2020-1472 - https://github.com/Saidul-M-Khan/PENTESTING-BIBLE CVE-2020-1472 - https://github.com/SecuraBV/CVE-2020-1472 @@ -31167,8 +33773,11 @@ CVE-2020-1472 - https://github.com/Tobey123/CVE-2020-1472-visualizer CVE-2020-1472 - https://github.com/VoidSec/CVE-2020-1472 CVE-2020-1472 - https://github.com/Whippet0/CVE-2020-1472 CVE-2020-1472 - https://github.com/WiIs0n/Zerologon_CVE-2020-1472 +CVE-2020-1472 - https://github.com/WillOram/ADReset CVE-2020-1472 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2020-1472 - https://github.com/YangSirrr/YangsirStudyPlan +CVE-2020-1472 - https://github.com/YossiSassi/ZeroLogon-Exploitation-Check +CVE-2020-1472 - https://github.com/YossiSassi/hAcKtive-Directory-Forensics CVE-2020-1472 - https://github.com/aRustyDev/C844 CVE-2020-1472 - https://github.com/alexverboon/MDATP CVE-2020-1472 - https://github.com/alphaSeclab/sec-daily-2020 @@ -31193,6 +33802,7 @@ CVE-2020-1472 - https://github.com/huike007/penetration_poc CVE-2020-1472 - https://github.com/hunter32me/2020-1472 CVE-2020-1472 - https://github.com/iamrajivd/pentest CVE-2020-1472 - https://github.com/ihebski/A-Red-Teamer-diaries +CVE-2020-1472 - https://github.com/ijatrom/searchcve CVE-2020-1472 - https://github.com/infosecn1nja/AD-Attack-Defense CVE-2020-1472 - https://github.com/izj007/wechat CVE-2020-1472 - https://github.com/johnpathe/zerologon-cve-2020-1472-notes @@ -31200,6 +33810,7 @@ CVE-2020-1472 - https://github.com/k8gege/CVE-2020-1472-EXP CVE-2020-1472 - https://github.com/lawrenceamer/0xsp-Mongoose CVE-2020-1472 - https://github.com/maikelnight/zerologon CVE-2020-1472 - https://github.com/midpipps/CVE-2020-1472-Easy +CVE-2020-1472 - https://github.com/mishmashclone/Flangvik-SharpCollection CVE-2020-1472 - https://github.com/mishmashclone/infosecn1nja-AD-Attack-Defense CVE-2020-1472 - https://github.com/mos165/CVE-20200-1472 CVE-2020-1472 - https://github.com/mstxq17/cve-2020-1472 @@ -31207,18 +33818,22 @@ CVE-2020-1472 - https://github.com/murataydemir/CVE-2020-1472 CVE-2020-1472 - https://github.com/nitishbadole/PENTESTING-BIBLE CVE-2020-1472 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-1472 - https://github.com/npocmak/CVE-2020-1472 +CVE-2020-1472 - https://github.com/ommadawn46/CFB8-Zero-IV-Attack CVE-2020-1472 - https://github.com/penetrarnya-tm/WeaponizeKali.sh CVE-2020-1472 - https://github.com/phant0n/PENTESTING-BIBLE CVE-2020-1472 - https://github.com/preempt/ntlm-scanner CVE-2020-1472 - https://github.com/puckiestyle/CVE-2020-1472 CVE-2020-1472 - https://github.com/pwninx/WinPwn +CVE-2020-1472 - https://github.com/r0eXpeR/supplier CVE-2020-1472 - https://github.com/rhymeswithmogul/Set-ZerologonMitigation CVE-2020-1472 - https://github.com/risksense/zerologon CVE-2020-1472 - https://github.com/rth0pper/zerologon CVE-2020-1472 - https://github.com/scv-m/zabbix-template-CVE-2020-1472 CVE-2020-1472 - https://github.com/shanfenglan/cve-2020-1472 CVE-2020-1472 - https://github.com/sho-luv/zerologon +CVE-2020-1472 - https://github.com/sinfulz/JustGetDA CVE-2020-1472 - https://github.com/spiegel-im-spiegel/go-cvss +CVE-2020-1472 - https://github.com/stanfrbd/searchcve CVE-2020-1472 - https://github.com/striveben/CVE-2020-1472 CVE-2020-1472 - https://github.com/sunzu94/AD-Attack-Defense CVE-2020-1472 - https://github.com/sv3nbeast/CVE-2020-1472 @@ -31231,20 +33846,25 @@ CVE-2020-1472 - https://github.com/zer010bs/zeroscan CVE-2020-1472 - https://github.com/zeronetworks/zerologon CVE-2020-14750 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-14750 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2020-14750 - https://github.com/corelight/CVE-2020-14882-weblogicRCE CVE-2020-14750 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-14750 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-14750 - https://github.com/jas502n/CVE-2020-14882 CVE-2020-14750 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-14750 - https://github.com/pprietosanchez/CVE-2020-14750 CVE-2020-14750 - https://github.com/r00t4dm/r00t4dm CVE-2020-14750 - https://github.com/rabbitsafe/CVE-2021-2109 CVE-2020-14756 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-14756 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2020-14756 - https://github.com/SexyBeast233/SecBooks CVE-2020-14756 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-14756 - https://github.com/freeide/CVE-2021-2394 +CVE-2020-14756 - https://github.com/lz2y/CVE-2021-2394 CVE-2020-14756 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2020-14756 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-14756 - https://github.com/r0eXpeR/redteam_vul CVE-2020-14756 - https://github.com/somatrasss/weblogic2021 +CVE-2020-14756 - https://github.com/tzwlhack/Vulnerability CVE-2020-14760 - https://github.com/scmanjarrez/CVEScannerV2 CVE-2020-1481 - https://github.com/Rival420/CVE-2020-14181 CVE-2020-1481 - https://github.com/bk-rao/CVE-2020-14181 @@ -31252,6 +33872,7 @@ CVE-2020-14815 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-14815 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-14815 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-14815 - https://github.com/sobinge/nuclei-templates +CVE-2020-14815 - https://github.com/tzwlhack/Vulnerability CVE-2020-1482 - https://github.com/404notf0und/CVE-Flow CVE-2020-14825 - https://github.com/Ares-X/VulWiki CVE-2020-14825 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet @@ -31271,19 +33892,27 @@ CVE-2020-14871 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-14871 - https://github.com/hackerhouse-opensource/exploits CVE-2020-14871 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-14878 - https://github.com/scmanjarrez/CVEScannerV2 +CVE-2020-1488 - https://github.com/gitaramos/links CVE-2020-14882 - https://github.com/0day666/Vulnerability-verification +CVE-2020-14882 - https://github.com/0thm4n3/cve-2020-14882 CVE-2020-14882 - https://github.com/0xn0ne/weblogicScanner CVE-2020-14882 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-14882 - https://github.com/Ares-X/VulWiki CVE-2020-14882 - https://github.com/Astrogeorgeonethree/Starred +CVE-2020-14882 - https://github.com/CYJoe-Cyclone/Awesome-CobaltStrike CVE-2020-14882 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-14882 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2020-14882 - https://github.com/FDlucifer/firece-fish CVE-2020-14882 - https://github.com/GGyao/CVE-2020-14882_ALL +CVE-2020-14882 - https://github.com/GGyao/CVE-2020-14882_POC CVE-2020-14882 - https://github.com/Jean-Francois-C/Windows-Penetration-Testing CVE-2020-14882 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2020-14882 - https://github.com/NS-Sp4ce/CVE-2020-14882 CVE-2020-14882 - https://github.com/NetW0rK1le3r/awesome-hacking-lists +CVE-2020-14882 - https://github.com/QmF0c3UK/CVE-2020-14882 CVE-2020-14882 - https://github.com/SexyBeast233/SecBooks CVE-2020-14882 - https://github.com/SouthWind0/southwind0.github.io +CVE-2020-14882 - https://github.com/XTeam-Wing/CVE-2020-14882 CVE-2020-14882 - https://github.com/Yang0615777/PocList CVE-2020-14882 - https://github.com/alexfrancow/CVE-2020-14882 CVE-2020-14882 - https://github.com/alphaSeclab/sec-daily-2020 @@ -31292,6 +33921,9 @@ CVE-2020-14882 - https://github.com/bhassani/Recent-CVE CVE-2020-14882 - https://github.com/bhdresh/SnortRules CVE-2020-14882 - https://github.com/bigblackhat/oFx CVE-2020-14882 - https://github.com/bonjourmalware/melody +CVE-2020-14882 - https://github.com/corelight/CVE-2020-14882-weblogicRCE +CVE-2020-14882 - https://github.com/cvebase/cvebase-wiki +CVE-2020-14882 - https://github.com/daehee/nvd CVE-2020-14882 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-14882 - https://github.com/hanc00l/some_pocsuite CVE-2020-14882 - https://github.com/hectorgie/PoC-in-GitHub @@ -31301,17 +33933,30 @@ CVE-2020-14882 - https://github.com/jas502n/CVE-2020-14882 CVE-2020-14882 - https://github.com/jeansgit/Pentest CVE-2020-14882 - https://github.com/koala2099/GitHub-Chinese-Top-Charts CVE-2020-14882 - https://github.com/koutto/jok3r-pocs +CVE-2020-14882 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection +CVE-2020-14882 - https://github.com/ludy-dev/Weblogic_Unauthorized-bypass-RCE CVE-2020-14882 - https://github.com/milo2012/CVE-2020-14882 +CVE-2020-14882 - https://github.com/mmioimm/cve-2020-14882 +CVE-2020-14882 - https://github.com/murataydemir/CVE-2020-14882 CVE-2020-14882 - https://github.com/murataydemir/CVE-2020-14883 +CVE-2020-14882 - https://github.com/neilzhang1/Chinese-Charts CVE-2020-14882 - https://github.com/niudaii/go-crack CVE-2020-14882 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-14882 - https://github.com/ovProphet/CVE-2020-14882-checker +CVE-2020-14882 - https://github.com/pprietosanchez/CVE-2020-14750 +CVE-2020-14882 - https://github.com/qeeqbox/falcon CVE-2020-14882 - https://github.com/qingyuanfeiniao/Chinese-Top-Charts CVE-2020-14882 - https://github.com/r0eXpeR/redteam_vul +CVE-2020-14882 - https://github.com/s1kr10s/CVE-2020-14882 CVE-2020-14882 - https://github.com/sobinge/nuclei-templates CVE-2020-14882 - https://github.com/superfish9/pt +CVE-2020-14882 - https://github.com/tzwlhack/Vulnerability CVE-2020-14882 - https://github.com/veo/vscan CVE-2020-14882 - https://github.com/whoadmin/pocs CVE-2020-14882 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +CVE-2020-14882 - https://github.com/wsfengfan/cve-2020-14882 +CVE-2020-14882 - https://github.com/wuzuowei/nice-scripts +CVE-2020-14882 - https://github.com/xfiftyone/CVE-2020-14882 CVE-2020-14882 - https://github.com/xiaoyaovo/2021SecWinterTask CVE-2020-14882 - https://github.com/zer0yu/Awesome-CobaltStrike CVE-2020-14882 - https://github.com/zhzyker/exphub @@ -31321,6 +33966,7 @@ CVE-2020-14883 - https://github.com/0day666/Vulnerability-verification CVE-2020-14883 - https://github.com/0xn0ne/weblogicScanner CVE-2020-14883 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-14883 - https://github.com/Astrogeorgeonethree/Starred +CVE-2020-14883 - https://github.com/B1anda0/CVE-2020-14883 CVE-2020-14883 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-14883 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2020-14883 - https://github.com/SexyBeast233/SecBooks @@ -31330,6 +33976,7 @@ CVE-2020-14883 - https://github.com/bigblackhat/oFx CVE-2020-14883 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-14883 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-14883 - https://github.com/jas502n/CVE-2020-14882 +CVE-2020-14883 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-14883 - https://github.com/murataydemir/CVE-2020-14883 CVE-2020-14883 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-14883 - https://github.com/veo/vscan @@ -31367,8 +34014,11 @@ CVE-2020-14965 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-14965 - https://github.com/g-rubert/CVE-2020-14965 CVE-2020-14965 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-14965 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-14966 - https://github.com/Olaf0257/certificate-decode CVE-2020-14966 - https://github.com/kjur/jsrsasign +CVE-2020-14967 - https://github.com/Olaf0257/certificate-decode CVE-2020-14967 - https://github.com/kjur/jsrsasign +CVE-2020-14968 - https://github.com/Olaf0257/certificate-decode CVE-2020-14968 - https://github.com/kjur/jsrsasign CVE-2020-14979 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-14979 - https://github.com/nomi-sec/PoC-in-GitHub @@ -31418,10 +34068,13 @@ CVE-2020-15123 - https://github.com/ossf-cve-benchmark/CVE-2020-15123 CVE-2020-15129 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-15129 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-15129 - https://github.com/sobinge/nuclei-templates +CVE-2020-15133 - https://github.com/PalindromeLabs/awesome-websocket-security +CVE-2020-15134 - https://github.com/PalindromeLabs/awesome-websocket-security CVE-2020-15135 - https://github.com/ossf-cve-benchmark/CVE-2020-15135 CVE-2020-15138 - https://github.com/ossf-cve-benchmark/CVE-2020-15138 CVE-2020-1514 - https://github.com/404notf0und/CVE-Flow CVE-2020-15148 - https://github.com/0xT11/CVE-POC +CVE-2020-15148 - https://github.com/0xkami/cve-2020-15148 CVE-2020-15148 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-15148 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-15148 - https://github.com/Maskhe/CVE-2020-15148-bypasses @@ -31443,6 +34096,7 @@ CVE-2020-15163 - https://github.com/404notf0und/CVE-Flow CVE-2020-15166 - https://github.com/404notf0und/CVE-Flow CVE-2020-15167 - https://github.com/404notf0und/CVE-Flow CVE-2020-15168 - https://github.com/404notf0und/CVE-Flow +CVE-2020-15168 - https://github.com/k1LoW/oshka CVE-2020-15169 - https://github.com/404notf0und/CVE-Flow CVE-2020-15169 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-15169 - https://github.com/glasses618/CVE-2020-15169 @@ -31457,13 +34111,16 @@ CVE-2020-15227 - https://github.com/Langriklol/CVE-2020-15227 CVE-2020-15227 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-15227 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2020-15227 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-15227 - https://github.com/filipsedivy/CVE-2020-15227 CVE-2020-15227 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-15227 - https://github.com/hu4wufu/CVE-2020-15227 CVE-2020-15227 - https://github.com/huike007/penetration_poc CVE-2020-15227 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-15227 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-15228 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-15228 - https://github.com/guettli/fix-CVE-2020-15228 CVE-2020-15228 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-15228 - https://github.com/k1LoW/oshka CVE-2020-15228 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-1523 - https://github.com/404notf0und/CVE-Flow CVE-2020-15250 - https://github.com/GlenKPeterson/TestUtils @@ -31478,17 +34135,24 @@ CVE-2020-15257 - https://github.com/SouthWind0/southwind0.github.io CVE-2020-15257 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-15257 - https://github.com/cdk-team/CDK CVE-2020-15257 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-15257 - https://github.com/joemcmanus/threatstackReport +CVE-2020-15257 - https://github.com/nccgroup/abstractshimmer CVE-2020-15257 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-15257 - https://github.com/reni2study/Cloud-Native-Security2 +CVE-2020-15257 - https://github.com/summershrimp/exploits-open +CVE-2020-15257 - https://github.com/tzwlhack/Vulnerability CVE-2020-15261 - https://github.com/M507/Miner CVE-2020-15261 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-15275 - https://github.com/dricottone/docker-moin CVE-2020-1530 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-1532 - https://github.com/404notf0und/CVE-Flow +CVE-2020-15349 - https://github.com/Traxes/Forklift_LPE CVE-2020-15349 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-15349 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-15349 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-15349 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-15358 - https://github.com/garethr/snykout +CVE-2020-15366 - https://github.com/jra89/thethirdparty CVE-2020-15367 - https://github.com/0xT11/CVE-POC CVE-2020-15367 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-15367 - https://github.com/hectorgie/PoC-in-GitHub @@ -31502,6 +34166,7 @@ CVE-2020-15392 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-15392 - https://github.com/inflixim4be/CVE-2020-15367 CVE-2020-15392 - https://github.com/inflixim4be/CVE-2020-15392 CVE-2020-15392 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-15394 - https://github.com/trungtin1998/cve CVE-2020-15399 - https://github.com/0xT11/CVE-POC CVE-2020-15399 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-15399 - https://github.com/hectorgie/PoC-in-GitHub @@ -31524,6 +34189,7 @@ CVE-2020-15505 - https://github.com/SexyBeast233/SecBooks CVE-2020-15505 - https://github.com/cvebase/cvebase.com CVE-2020-15505 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2020-15505 - https://github.com/sobinge/nuclei-templates +CVE-2020-15506 - https://github.com/BitTheByte/BitTraversal CVE-2020-15524 - https://github.com/immunityinc/Advisories CVE-2020-15562 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-15568 - https://github.com/ARPSyndicate/kenzer-templates @@ -31556,8 +34222,10 @@ CVE-2020-15702 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-15704 - https://github.com/404notf0und/CVE-Flow CVE-2020-15704 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-15705 - https://github.com/DNTYO/F5_Vulnerability +CVE-2020-15705 - https://github.com/amzdev0401/shim-review-backup CVE-2020-15705 - https://github.com/bitraser/shim-review-15.4 CVE-2020-15705 - https://github.com/jason-chang-atrust/shim-review +CVE-2020-15705 - https://github.com/luojc123/shim-nsdl CVE-2020-15705 - https://github.com/neverware/shim-review CVE-2020-15705 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-15705 - https://github.com/puzzleos/uefi-shim_review @@ -31575,9 +34243,11 @@ CVE-2020-1576 - https://github.com/Cheroxx/Patch-Tuesday-Updates CVE-2020-15778 - https://github.com/0xT11/CVE-POC CVE-2020-15778 - https://github.com/CnHack3r/Penetration_PoC CVE-2020-15778 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2020-15778 - https://github.com/Neko-chanQwQ/CVE-2020-15778-Exploit CVE-2020-15778 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2020-15778 - https://github.com/SexyBeast233/SecBooks CVE-2020-15778 - https://github.com/YIXINSHUWU/Penetration_Testing_POC +CVE-2020-15778 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2020-15778 - https://github.com/cpandya2909/CVE-2020-15778 CVE-2020-15778 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-15778 - https://github.com/hasee2018/Penetration_Testing_POC @@ -31590,6 +34260,7 @@ CVE-2020-15778 - https://github.com/siddicky/git-and-crumpets CVE-2020-15778 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-15778 - https://github.com/yedada-wei/- CVE-2020-15778 - https://github.com/yedada-wei/gongkaishouji +CVE-2020-15779 - https://github.com/PalindromeLabs/awesome-websocket-security CVE-2020-15782 - https://github.com/ic3sw0rd/S7_plus_Crash CVE-2020-15784 - https://github.com/404notf0und/CVE-Flow CVE-2020-15785 - https://github.com/404notf0und/CVE-Flow @@ -31612,12 +34283,14 @@ CVE-2020-15822 - https://github.com/yuriisanin/whoami CVE-2020-15823 - https://github.com/yuriisanin/whoami CVE-2020-15842 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2020-15867 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-15867 - https://github.com/tzwlhack/Vulnerability CVE-2020-15873 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-15873 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-15873 - https://github.com/limerencee/cs4239-cve-2020-15873 CVE-2020-15873 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-1589 - https://github.com/404notf0und/CVE-Flow CVE-2020-15898 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2020-15899 - https://github.com/DogecoinBoss/Dogecoin2 CVE-2020-15899 - https://github.com/mimblewimble/grin-pm CVE-2020-1590 - https://github.com/404notf0und/CVE-Flow CVE-2020-15900 - https://github.com/alphaSeclab/sec-daily-2020 @@ -31627,6 +34300,7 @@ CVE-2020-15906 - https://github.com/S1lkys/CVE-2020-15906 CVE-2020-15906 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-15906 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-15906 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-15907 - https://github.com/adeshkolte/My-CVEs CVE-2020-15912 - https://github.com/ReAbout/Reference-of-Vehicle-Security CVE-2020-1592 - https://github.com/404notf0und/CVE-Flow CVE-2020-15920 - https://github.com/ARPSyndicate/kenzer-templates @@ -31644,6 +34318,7 @@ CVE-2020-15931 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-15931 - https://github.com/optiv/CVE-2020-15931 CVE-2020-15931 - https://github.com/taielab/awesome-hacking-lists CVE-2020-1594 - https://github.com/404notf0und/CVE-Flow +CVE-2020-15944 - https://github.com/r0eXpeR/supplier CVE-2020-1595 - https://github.com/404notf0und/CVE-Flow CVE-2020-1595 - https://github.com/Cheroxx/Patch-Tuesday-Updates CVE-2020-15956 - https://github.com/0xT11/CVE-POC @@ -31653,21 +34328,27 @@ CVE-2020-15956 - https://github.com/megamagnus/cve-2020-15956 CVE-2020-15956 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-1596 - https://github.com/404notf0und/CVE-Flow CVE-2020-1598 - https://github.com/404notf0und/CVE-Flow +CVE-2020-15999 - https://github.com/Marmeus/CVE-2020-15999 CVE-2020-15999 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2020-15999 - https://github.com/TinyNiko/android_bulletin_notes CVE-2020-15999 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-15999 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-15999 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-15999 - https://github.com/maarlo/CVE-2020-15999 +CVE-2020-15999 - https://github.com/marcinguy/CVE-2020-15999 CVE-2020-15999 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-15999 - https://github.com/star-sg/CVE CVE-2020-15999 - https://github.com/taielab/awesome-hacking-lists +CVE-2020-16005 - https://github.com/StarCrossPortal/bug-hunting-101 CVE-2020-16006 - https://github.com/googleprojectzero/fuzzilli CVE-2020-16009 - https://github.com/De4dCr0w/Browser-pwn +CVE-2020-16012 - https://github.com/aleksejspopovs/cve-2020-16012 CVE-2020-16012 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-16012 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-16013 - https://github.com/De4dCr0w/Browser-pwn CVE-2020-16040 - https://github.com/SexyBeast233/SecBooks CVE-2020-16040 - https://github.com/Wi1L-Y/News +CVE-2020-16040 - https://github.com/dongAxis/to_be_a_v8_master CVE-2020-16040 - https://github.com/joydo/CVE-Writeups CVE-2020-16040 - https://github.com/oneoy/exploits1 CVE-2020-16040 - https://github.com/r4j0x00/exploits @@ -31678,12 +34359,15 @@ CVE-2020-1611 - https://github.com/0xT11/CVE-POC CVE-2020-1611 - https://github.com/Ibonok/CVE-2020-1611 CVE-2020-1611 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-1611 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-1611 - https://github.com/r0eXpeR/supplier CVE-2020-16116 - https://github.com/zeropwn/zeropwn CVE-2020-16119 - https://github.com/HadarManor/Public-Vulnerabilities CVE-2020-16119 - https://github.com/xairy/linux-kernel-exploitation CVE-2020-16126 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-16126 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-16126 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-16126 - https://github.com/zev3n/Ubuntu-Gnome-privilege-escalation +CVE-2020-16127 - https://github.com/zev3n/Ubuntu-Gnome-privilege-escalation CVE-2020-16135 - https://github.com/raminfp/raminfp CVE-2020-16137 - https://github.com/Fans0n-Fan/Cisco-7937G-All-In-One-Exploiter CVE-2020-16137 - https://github.com/blacklanternsecurity/Cisco-7937G-PoCs @@ -31694,6 +34378,7 @@ CVE-2020-16139 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-16139 - https://github.com/Fans0n-Fan/Cisco-7937G-All-In-One-Exploiter CVE-2020-16139 - https://github.com/blacklanternsecurity/Cisco-7937G-PoCs CVE-2020-16149 - https://github.com/404notf0und/CVE-Flow +CVE-2020-1615 - https://github.com/r0eXpeR/supplier CVE-2020-16150 - https://github.com/404notf0und/CVE-Flow CVE-2020-16152 - https://github.com/0xT11/CVE-POC CVE-2020-16152 - https://github.com/developer3000S/PoC-in-GitHub @@ -31719,6 +34404,7 @@ CVE-2020-16228 - https://github.com/404notf0und/CVE-Flow CVE-2020-16269 - https://github.com/tmpout/Resources CVE-2020-16270 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-16270 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2020-16270 - https://github.com/Security-AVS/CVE-2020-16270 CVE-2020-16270 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-16270 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-16270 - https://github.com/nomi-sec/PoC-in-GitHub @@ -31726,6 +34412,7 @@ CVE-2020-16602 - https://github.com/404notf0und/CVE-Flow CVE-2020-16608 - https://github.com/doyensec/awesome-electronjs-hacking CVE-2020-16629 - https://github.com/0ps/pocassistdb CVE-2020-16629 - https://github.com/jweny/pocassistdb +CVE-2020-1664 - https://github.com/r0eXpeR/supplier CVE-2020-16846 - https://github.com/0ps/pocassistdb CVE-2020-16846 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-16846 - https://github.com/EdgeSecurityTeam/Vulnerability @@ -31734,6 +34421,7 @@ CVE-2020-16846 - https://github.com/SexyBeast233/SecBooks CVE-2020-16846 - https://github.com/jweny/pocassistdb CVE-2020-16846 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-16846 - https://github.com/sobinge/nuclei-templates +CVE-2020-16846 - https://github.com/tzwlhack/Vulnerability CVE-2020-16851 - https://github.com/404notf0und/CVE-Flow CVE-2020-16852 - https://github.com/404notf0und/CVE-Flow CVE-2020-16853 - https://github.com/404notf0und/CVE-Flow @@ -31757,10 +34445,12 @@ CVE-2020-16874 - https://github.com/Cheroxx/Patch-Tuesday-Updates CVE-2020-16875 - https://github.com/404notf0und/CVE-Flow CVE-2020-16875 - https://github.com/Cheroxx/Patch-Tuesday-Updates CVE-2020-16875 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-16875 - https://github.com/EvilAnne/2020-Read-article CVE-2020-16875 - https://github.com/SexyBeast233/SecBooks CVE-2020-16875 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-16875 - https://github.com/mdisec/mdisec-twitch-yayinlari CVE-2020-16875 - https://github.com/r0eXpeR/redteam_vul +CVE-2020-16875 - https://github.com/tzwlhack/Vulnerability CVE-2020-16877 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-16878 - https://github.com/404notf0und/CVE-Flow CVE-2020-16879 - https://github.com/404notf0und/CVE-Flow @@ -31797,6 +34487,7 @@ CVE-2020-16898 - https://github.com/huike007/penetration_poc CVE-2020-16898 - https://github.com/initconf/CVE-2020-16898-Bad-Neighbor CVE-2020-16898 - https://github.com/jeansgit/Pentest CVE-2020-16898 - https://github.com/jiansiting/cve-2020-16898 +CVE-2020-16898 - https://github.com/komomon/CVE-2020-16898--EXP-POC CVE-2020-16898 - https://github.com/komomon/CVE-2020-16898-EXP-POC CVE-2020-16898 - https://github.com/ltfafei/my_POC CVE-2020-16898 - https://github.com/momika233/CVE-2020-16898-exp @@ -31804,6 +34495,7 @@ CVE-2020-16898 - https://github.com/nitishbadole/PENTESTING-BIBLE CVE-2020-16898 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-16898 - https://github.com/phant0n/PENTESTING-BIBLE CVE-2020-16898 - https://github.com/secdev/awesome-scapy +CVE-2020-16898 - https://github.com/tzwlhack/Vulnerability CVE-2020-16898 - https://github.com/uhub/awesome-lua CVE-2020-16898 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-16898 - https://github.com/ycdxsb/WindowsPrivilegeEscalation @@ -31855,6 +34547,7 @@ CVE-2020-17022 - https://github.com/linhlhq/TinyAFL CVE-2020-17022 - https://github.com/sickcodes/no-sandbox CVE-2020-17023 - https://github.com/sickcodes/no-sandbox CVE-2020-17035 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-17035 - https://github.com/flamelu/CVE-2020-17035-patch-analysis CVE-2020-17035 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-17035 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-17049 - https://github.com/CompassSecurity/security_resources @@ -31870,14 +34563,18 @@ CVE-2020-17057 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-17057 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-17057 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-17057 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2020-17057 - https://github.com/ze0r/cve-2020-17057 CVE-2020-17083 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-17083 - https://github.com/r0eXpeR/redteam_vul +CVE-2020-17083 - https://github.com/tzwlhack/Vulnerability CVE-2020-17087 - https://github.com/Ascotbe/Kernelhub +CVE-2020-17087 - https://github.com/TinToSer/CVE2020-17087 CVE-2020-17087 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-17087 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-17087 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-17087 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-17087 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2020-17087 - https://github.com/revengsh/CVE-2020-17087 CVE-2020-17087 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2020-17103 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-17105 - https://github.com/linhlhq/TinyAFL @@ -31887,6 +34584,7 @@ CVE-2020-17117 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-17117 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-1712 - https://github.com/SamanthaYu/CacheChecker CVE-2020-1712 - https://github.com/garethr/snykout +CVE-2020-17123 - https://github.com/r0eXpeR/supplier CVE-2020-17132 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-17132 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-17132 - https://github.com/nomi-sec/PoC-in-GitHub @@ -31901,16 +34599,22 @@ CVE-2020-17142 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-17142 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-17142 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-17143 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-17143 - https://github.com/tzwlhack/Vulnerability +CVE-2020-17144 - https://github.com/Airboi/CVE-2020-17144-EXP CVE-2020-17144 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-17144 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2020-17144 - https://github.com/S3cur3Th1sSh1t/Pentest-Tools CVE-2020-17144 - https://github.com/SexyBeast233/SecBooks +CVE-2020-17144 - https://github.com/alexfrancow/CVE-Search CVE-2020-17144 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-17144 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-17144 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-17144 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-17144 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-17144 - https://github.com/superfish9/pt CVE-2020-17144 - https://github.com/taielab/awesome-hacking-lists +CVE-2020-17144 - https://github.com/tzwlhack/Vulnerability +CVE-2020-17144 - https://github.com/zcgonvh/CVE-2020-17144 CVE-2020-17362 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-17382 - https://github.com/0xT11/CVE-POC CVE-2020-17382 - https://github.com/NetW0rK1le3r/awesome-hacking-lists @@ -31963,59 +34667,88 @@ CVE-2020-17510 - https://github.com/pen4uin/vulnerability-lab CVE-2020-17518 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-17518 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-17518 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2020-17518 - https://github.com/QmF0c3UK/CVE-2020-17518 CVE-2020-17518 - https://github.com/SexyBeast233/SecBooks CVE-2020-17518 - https://github.com/bigblackhat/oFx CVE-2020-17518 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-17518 - https://github.com/hanc00l/some_pocsuite +CVE-2020-17518 - https://github.com/murataydemir/CVE-2020-17518 CVE-2020-17518 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-17518 - https://github.com/rakjong/Flink-CVE-2020-17518-getshell CVE-2020-17518 - https://github.com/sobinge/nuclei-templates +CVE-2020-17518 - https://github.com/tzwlhack/Vulnerability CVE-2020-17518 - https://github.com/zhzyker/vulmap CVE-2020-17519 - https://github.com/0ps/pocassistdb CVE-2020-17519 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2020-17519 - https://github.com/B1anda0/CVE-2020-17519 CVE-2020-17519 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-17519 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-17519 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2020-17519 - https://github.com/MrCl0wnLab/SimplesApachePathTraversal +CVE-2020-17519 - https://github.com/QmF0c3UK/CVE-2020-17519 CVE-2020-17519 - https://github.com/SexyBeast233/SecBooks CVE-2020-17519 - https://github.com/bigblackhat/oFx CVE-2020-17519 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-17519 - https://github.com/dolevf/apache-flink-directory-traversal.nse CVE-2020-17519 - https://github.com/hanc00l/some_pocsuite CVE-2020-17519 - https://github.com/huike007/penetration_poc CVE-2020-17519 - https://github.com/jweny/pocassistdb +CVE-2020-17519 - https://github.com/murataydemir/CVE-2020-17519 CVE-2020-17519 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-17519 - https://github.com/radbsie/CVE-2020-17519-Exp CVE-2020-17519 - https://github.com/sobinge/nuclei-templates +CVE-2020-17519 - https://github.com/thebatmanfuture/apacheflink----POC +CVE-2020-17519 - https://github.com/tzwlhack/Vulnerability CVE-2020-17519 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-1752 - https://github.com/garethr/snykout +CVE-2020-17523 - https://github.com/CYJoe-Cyclone/PenetrationTesttips CVE-2020-17523 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-17523 - https://github.com/HackJava/Shiro CVE-2020-17523 - https://github.com/Power7089/PenetrationTest-Tips CVE-2020-17523 - https://github.com/SexyBeast233/SecBooks CVE-2020-17523 - https://github.com/chibd2000/Burp-Extender-Study-Develop CVE-2020-17523 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-17523 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-17523 - https://github.com/mstxq17/SecurityArticleLogger CVE-2020-17523 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-17523 - https://github.com/tzwlhack/Vulnerability CVE-2020-17527 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-17527 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-17527 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2020-17530 - https://github.com/0day666/Vulnerability-verification +CVE-2020-17530 - https://github.com/154802388/CVE-2020-17531 CVE-2020-17530 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2020-17530 - https://github.com/Al1ex/CVE-2020-17530 +CVE-2020-17530 - https://github.com/CyborgSecurity/CVE-2020-17530 CVE-2020-17530 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-17530 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2020-17530 - https://github.com/EvilPulsar/S2-061 CVE-2020-17530 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-17530 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2020-17530 - https://github.com/SexyBeast233/SecBooks +CVE-2020-17530 - https://github.com/alexfrancow/CVE-Search CVE-2020-17530 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-17530 - https://github.com/fengziHK/CVE-2020-17530-strust2-061 CVE-2020-17530 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-17530 - https://github.com/huike007/penetration_poc CVE-2020-17530 - https://github.com/jeansgit/Pentest +CVE-2020-17530 - https://github.com/ka1n4t/CVE-2020-17530 +CVE-2020-17530 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-17530 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-17530 - https://github.com/pangyu360es/CVE-2020-17530 +CVE-2020-17530 - https://github.com/phil-fly/CVE-2020-17530 CVE-2020-17530 - https://github.com/sobinge/nuclei-templates +CVE-2020-17530 - https://github.com/tzwlhack/Vulnerability +CVE-2020-17530 - https://github.com/uzzzval/CVE-2020-17530 CVE-2020-17530 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-17530 - https://github.com/woods-sega/woodswiki +CVE-2020-17530 - https://github.com/wuzuowei/CVE-2020-17530 +CVE-2020-17531 - https://github.com/154802388/CVE-2020-17531 CVE-2020-17531 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-17531 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-17531 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-17532 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-17532 - https://github.com/tzwlhack/Vulnerability CVE-2020-17533 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-1764 - https://github.com/0xT11/CVE-POC CVE-2020-1764 - https://github.com/The-Cracker-Technology/jwt_tool @@ -32024,6 +34757,7 @@ CVE-2020-1764 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-1764 - https://github.com/jpts/cve-2020-1764-poc CVE-2020-1764 - https://github.com/mishmashclone/ticarpi-jwt_tool CVE-2020-1764 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-1764 - https://github.com/puckiestyle/jwt_tool CVE-2020-1764 - https://github.com/ticarpi/jwt_tool CVE-2020-18268 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-1838 - https://github.com/GageShan/gcrawler @@ -32033,7 +34767,9 @@ CVE-2020-18528 - https://github.com/Al1ex/Al1ex CVE-2020-18545 - https://github.com/l0kihardt/l0kihardt CVE-2020-18555 - https://github.com/l0kihardt/l0kihardt CVE-2020-18568 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-18568 - https://github.com/tzwlhack/Vulnerability CVE-2020-18737 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-18737 - https://github.com/tzwlhack/Vulnerability CVE-2020-1886 - https://github.com/404notf0und/CVE-Flow CVE-2020-1889 - https://github.com/404notf0und/CVE-Flow CVE-2020-1890 - https://github.com/404notf0und/CVE-Flow @@ -32049,6 +34785,7 @@ CVE-2020-19143 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-19144 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-1920 - https://github.com/engn33r/awesome-redos-security CVE-2020-1927 - https://github.com/Solhack/Team_CSI_platform +CVE-2020-1927 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2020-1927 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2020-1927 - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough CVE-2020-1927 - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough @@ -32063,6 +34800,7 @@ CVE-2020-19303 - https://github.com/MRdoulestar/MRdoulestar CVE-2020-19304 - https://github.com/MRdoulestar/MRdoulestar CVE-2020-19305 - https://github.com/MRdoulestar/MRdoulestar CVE-2020-1934 - https://github.com/Solhack/Team_CSI_platform +CVE-2020-1934 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2020-1934 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough CVE-2020-1934 - https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough CVE-2020-1934 - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough @@ -32115,6 +34853,7 @@ CVE-2020-1938 - https://github.com/doggycheng/CNVD-2020-10487 CVE-2020-1938 - https://github.com/fairyming/CVE-2020-1938 CVE-2020-1938 - https://github.com/fatal0/tomcat-cve-2020-1938-check CVE-2020-1938 - https://github.com/fengjixuchui/RedTeamer +CVE-2020-1938 - https://github.com/fofapro/vulfocus CVE-2020-1938 - https://github.com/gobysec/Goby CVE-2020-1938 - https://github.com/hanc00l/some_pocsuite CVE-2020-1938 - https://github.com/hasee2018/Penetration_Testing_POC @@ -32126,9 +34865,11 @@ CVE-2020-1938 - https://github.com/ilmila/J2EEScan CVE-2020-1938 - https://github.com/jeansgit/Pentest CVE-2020-1938 - https://github.com/koala2099/GitHub-Chinese-Top-Charts CVE-2020-1938 - https://github.com/laolisafe/CVE-2020-1938 +CVE-2020-1938 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-1938 - https://github.com/ltfafei/my_POC CVE-2020-1938 - https://github.com/microservices-devsecops-organization/movie-catalog-service-dev CVE-2020-1938 - https://github.com/naozibuhao/CNVD-2020-10487-Tomcat-ajp-POC-A +CVE-2020-1938 - https://github.com/neilzhang1/Chinese-Charts CVE-2020-1938 - https://github.com/nibiwodong/CNVD-2020-10487-Tomcat-ajp-POC CVE-2020-1938 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-1938 - https://github.com/p1ay8y3ar/cve_monitor @@ -32136,6 +34877,7 @@ CVE-2020-1938 - https://github.com/pinkieli/GitHub-Chinese-Top-Charts CVE-2020-1938 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-1938 - https://github.com/qingyuanfeiniao/Chinese-Top-Charts CVE-2020-1938 - https://github.com/safe6Sec/PentestNote +CVE-2020-1938 - https://github.com/severnake/Pentest-Tools CVE-2020-1938 - https://github.com/sgdream/CVE-2020-1938 CVE-2020-1938 - https://github.com/shaunmclernon/ghostcat-verification CVE-2020-1938 - https://github.com/sv3nbeast/CVE-2020-1938-Tomact-file_include-file_read @@ -32176,6 +34918,7 @@ CVE-2020-1947 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-1947 - https://github.com/huike007/penetration_poc CVE-2020-1947 - https://github.com/huike007/poc CVE-2020-1947 - https://github.com/jas502n/CVE-2020-1947 +CVE-2020-1947 - https://github.com/langligelang/langligelang CVE-2020-1947 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2020-1947 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-1947 - https://github.com/shadowsock5/ShardingSphere_CVE-2020-1947 @@ -32199,6 +34942,7 @@ CVE-2020-1948 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2020-1948 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-1948 - https://github.com/huike007/penetration_poc CVE-2020-1948 - https://github.com/huike007/poc +CVE-2020-1948 - https://github.com/lz2y/DubboPOC CVE-2020-1948 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2020-1948 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-1948 - https://github.com/tanjiti/sec_profile @@ -32208,6 +34952,7 @@ CVE-2020-1948 - https://github.com/yedada-wei/- CVE-2020-1948 - https://github.com/yedada-wei/gongkaishouji CVE-2020-1948 - https://github.com/zhengjim/loophole CVE-2020-1949 - https://github.com/Orange-Cyberdefense/CVE-repository +CVE-2020-1952 - https://github.com/langligelang/langligelang CVE-2020-19551 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-1956 - https://github.com/0xT11/CVE-POC CVE-2020-1956 - https://github.com/SexyBeast233/SecBooks @@ -32219,6 +34964,7 @@ CVE-2020-1957 - https://github.com/SexyBeast233/SecBooks CVE-2020-1957 - https://github.com/atdpa4sw0rd/Experience-library CVE-2020-1957 - https://github.com/bfengj/CTF CVE-2020-1957 - https://github.com/chibd2000/Burp-Extender-Study-Develop +CVE-2020-1957 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-1957 - https://github.com/threedr3am/learnjavabug CVE-2020-1957 - https://github.com/woods-sega/woodswiki CVE-2020-1958 - https://github.com/0xT11/CVE-POC @@ -32241,19 +34987,26 @@ CVE-2020-1967 - https://github.com/garethr/snykout CVE-2020-1967 - https://github.com/goharbor/pluggable-scanner-spec CVE-2020-1967 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-1967 - https://github.com/irsl/CVE-2020-1967 +CVE-2020-1967 - https://github.com/jntass/TASSL-1.1.1k CVE-2020-1967 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-1967 - https://github.com/rossmacarthur/sheldon-cross CVE-2020-1967 - https://github.com/siddharthraopotukuchi/trivy CVE-2020-1967 - https://github.com/t31m0/Vulnerability-Scanner-for-Containers +CVE-2020-1967 - https://github.com/thecyberbaby/Trivy-by-aquaSecurity CVE-2020-1967 - https://github.com/umahari/security +CVE-2020-1967 - https://github.com/vinamra28/tekton-image-scan-trivy CVE-2020-1968 - https://github.com/404notf0und/CVE-Flow +CVE-2020-1971 - https://github.com/MBHudson/CVE-2020-1971 CVE-2020-1971 - https://github.com/Metztli/debian-openssl-1.1.1i CVE-2020-1971 - https://github.com/bollwarm/SecToolSet CVE-2020-1971 - https://github.com/developer-guy/image-scanning-using-trivy-as-go-library CVE-2020-1971 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-1971 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-1971 - https://github.com/jntass/TASSL-1.1.1k CVE-2020-1971 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-1971 - https://github.com/stevechanieee/-5-OpenSSL_Versioning +CVE-2020-1971 - https://github.com/thecyberbaby/Trivy-by-aquaSecurity +CVE-2020-1971 - https://github.com/vinamra28/tekton-image-scan-trivy CVE-2020-1983 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-19877 - https://github.com/fragrant10/cve CVE-2020-19878 - https://github.com/fragrant10/cve @@ -32273,9 +35026,14 @@ CVE-2020-19891 - https://github.com/fragrant10/cve CVE-2020-20128 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-20129 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-20131 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2020-2020 - https://github.com/python-libmsf/python-libmsf +CVE-2020-2020 - https://github.com/python-libmsf/python-libmsf.github.io CVE-2020-2020 - https://github.com/xfiftyone/CVE-2020-14882 CVE-2020-2021 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-2021 - https://github.com/mr-r3b00t/CVE-2020-2021 +CVE-2020-2021 - https://github.com/python-libmsf/python-libmsf +CVE-2020-2021 - https://github.com/python-libmsf/python-libmsf.github.io +CVE-2020-2021 - https://github.com/r0eXpeR/supplier CVE-2020-2023 - https://github.com/Metarget/metarget CVE-2020-2025 - https://github.com/Metarget/metarget CVE-2020-2026 - https://github.com/Metarget/metarget @@ -32286,6 +35044,7 @@ CVE-2020-2034 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-2034 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-2034 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-2034 - https://github.com/noperator/panos-scanner +CVE-2020-2034 - https://github.com/r0eXpeR/supplier CVE-2020-2036 - https://github.com/404notf0und/CVE-Flow CVE-2020-2036 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-2036 - https://github.com/Elsfa7-110/kenzer-templates @@ -32351,17 +35110,21 @@ CVE-2020-21224 - https://github.com/NS-Sp4ce/Inspur CVE-2020-21224 - https://github.com/SexyBeast233/SecBooks CVE-2020-21224 - https://github.com/SouthWind0/southwind0.github.io CVE-2020-21224 - https://github.com/jweny/pocassistdb +CVE-2020-21224 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-21224 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-21224 - https://github.com/tzwlhack/Vulnerability CVE-2020-21321 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-21322 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-21378 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-21378 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-21378 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2020-21378 - https://github.com/tzwlhack/Vulnerability CVE-2020-2140 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-2140 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-2140 - https://github.com/sobinge/nuclei-templates CVE-2020-21468 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-21585 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-21585 - https://github.com/tzwlhack/Vulnerability CVE-2020-21594 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-21595 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-21596 - https://github.com/p1ay8y3ar/cve_monitor @@ -32380,6 +35143,7 @@ CVE-2020-21884 - https://github.com/s3curityb3ast/s3curityb3ast.github.io CVE-2020-2199 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-2199 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-2229 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-2229 - https://github.com/tzwlhack/Vulnerability CVE-2020-2238 - https://github.com/404notf0und/CVE-Flow CVE-2020-2239 - https://github.com/404notf0und/CVE-Flow CVE-2020-2240 - https://github.com/404notf0und/CVE-Flow @@ -32410,6 +35174,7 @@ CVE-2020-2333 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-2333 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-23342 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-23342 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-23342 - https://github.com/tzwlhack/Vulnerability CVE-2020-23450 - https://github.com/404notf0und/CVE-Flow CVE-2020-23489 - https://github.com/ahussam/AVideo3xploit CVE-2020-23489 - https://github.com/developer3000S/PoC-in-GitHub @@ -32472,6 +35237,7 @@ CVE-2020-23934 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-23968 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-23968 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-23968 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-23968 - https://github.com/ricardojba/CVE-2020-23968-ILEX-SignGo-EoP CVE-2020-23971 - https://github.com/404notf0und/CVE-Flow CVE-2020-23972 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-23972 - https://github.com/sobinge/nuclei-templates @@ -32550,7 +35316,9 @@ CVE-2020-24223 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-24223 - https://github.com/sobinge/nuclei-templates CVE-2020-24227 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-24227 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-24227 - https://github.com/nathunandwani/CVE-2020-24227 CVE-2020-24227 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-24259 - https://github.com/V0lk3n/OSMR-CheatSheet CVE-2020-24312 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-24312 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-24312 - https://github.com/sobinge/nuclei-templates @@ -32609,10 +35377,12 @@ CVE-2020-24579 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-24579 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-24579 - https://github.com/SexyBeast233/SecBooks CVE-2020-24579 - https://github.com/sobinge/nuclei-templates +CVE-2020-24579 - https://github.com/tzwlhack/Vulnerability CVE-2020-24581 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-24581 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-24581 - https://github.com/SexyBeast233/SecBooks CVE-2020-24581 - https://github.com/huike007/penetration_poc +CVE-2020-24581 - https://github.com/tzwlhack/Vulnerability CVE-2020-24581 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-24582 - https://github.com/404notf0und/CVE-Flow CVE-2020-24583 - https://github.com/404notf0und/CVE-Flow @@ -32632,6 +35402,7 @@ CVE-2020-24602 - https://github.com/404notf0und/CVE-Flow CVE-2020-24604 - https://github.com/404notf0und/CVE-Flow CVE-2020-24609 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-24609 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2020-24609 - https://github.com/hemantsolo/CVE-Reference CVE-2020-24613 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-24616 - https://github.com/0xT11/CVE-POC CVE-2020-24616 - https://github.com/0xkami/cve-2020-24616-poc @@ -32639,6 +35410,7 @@ CVE-2020-24616 - https://github.com/SexyBeast233/SecBooks CVE-2020-24616 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-24616 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-24616 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-24616 - https://github.com/yahoo/cubed CVE-2020-24618 - https://github.com/s-index/dora CVE-2020-24618 - https://github.com/yuriisanin/whoami CVE-2020-24654 - https://github.com/404notf0und/CVE-Flow @@ -32649,12 +35421,14 @@ CVE-2020-24656 - https://github.com/zeropwn/zeropwn CVE-2020-24659 - https://github.com/404notf0und/CVE-Flow CVE-2020-24706 - https://github.com/s-index/dora CVE-2020-24723 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-24723 - https://github.com/tzwlhack/Vulnerability CVE-2020-24739 - https://github.com/404notf0und/CVE-Flow CVE-2020-24750 - https://github.com/Al1ex/Al1ex CVE-2020-24750 - https://github.com/Al1ex/CVE-2020-24750 CVE-2020-24750 - https://github.com/SexyBeast233/SecBooks CVE-2020-24750 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-24750 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-24750 - https://github.com/yahoo/cubed CVE-2020-24753 - https://github.com/google/honggfuzz CVE-2020-24765 - https://github.com/0xT11/CVE-POC CVE-2020-24765 - https://github.com/ARPSyndicate/kenzer-templates @@ -32664,6 +35438,7 @@ CVE-2020-24765 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-24765 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-24765 - https://github.com/trump88/CVE-2020-24765 CVE-2020-24794 - https://github.com/404notf0und/CVE-Flow +CVE-2020-24807 - https://github.com/PalindromeLabs/awesome-websocket-security CVE-2020-24863 - https://github.com/404notf0und/CVE-Flow CVE-2020-24876 - https://github.com/404notf0und/CVE-Flow CVE-2020-24912 - https://github.com/ARPSyndicate/kenzer-templates @@ -32730,14 +35505,17 @@ CVE-2020-25078 - https://github.com/H4ckTh3W0r1d/Goby_POC CVE-2020-25078 - https://github.com/SexyBeast233/SecBooks CVE-2020-25078 - https://github.com/SouthWind0/southwind0.github.io CVE-2020-25078 - https://github.com/Yang0615777/PocList +CVE-2020-25078 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-25078 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-25078 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2020-25078 - https://github.com/tzwlhack/Vulnerability CVE-2020-25078 - https://github.com/yamori/pm2_logs CVE-2020-25079 - https://github.com/404notf0und/CVE-Flow CVE-2020-25086 - https://github.com/404notf0und/CVE-Flow CVE-2020-25087 - https://github.com/404notf0und/CVE-Flow CVE-2020-25088 - https://github.com/404notf0und/CVE-Flow CVE-2020-25089 - https://github.com/404notf0und/CVE-Flow +CVE-2020-2509 - https://github.com/r0eXpeR/supplier CVE-2020-25090 - https://github.com/404notf0und/CVE-Flow CVE-2020-25091 - https://github.com/404notf0und/CVE-Flow CVE-2020-25092 - https://github.com/404notf0und/CVE-Flow @@ -32786,11 +35564,13 @@ CVE-2020-25200 - https://github.com/lukaszstu/pritunl-CVE-2020-25200 CVE-2020-25200 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-25209 - https://github.com/yuriisanin/whoami CVE-2020-25211 - https://github.com/404notf0und/CVE-Flow +CVE-2020-25211 - https://github.com/EGI-Federation/SVG-advisories CVE-2020-25212 - https://github.com/404notf0und/CVE-Flow CVE-2020-25213 - https://github.com/3xPr1nc3/wp-file-manager-exploit CVE-2020-25213 - https://github.com/404notf0und/CVE-Flow CVE-2020-25213 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-25213 - https://github.com/Astrogeorgeonethree/Starred +CVE-2020-25213 - https://github.com/BraveLittleRoaster/wp-pwn CVE-2020-25213 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-25213 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-25213 - https://github.com/developer3000S/PoC-in-GitHub @@ -32798,6 +35578,7 @@ CVE-2020-25213 - https://github.com/electronforce/py2to3 CVE-2020-25213 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-25213 - https://github.com/mansoorr123/wp-file-manager-CVE-2020-25213 CVE-2020-25213 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-25213 - https://github.com/tzwlhack/Vulnerability CVE-2020-25213 - https://github.com/w4fz5uck5/wp-file-manager-0day CVE-2020-25214 - https://github.com/immunityinc/Advisories CVE-2020-25215 - https://github.com/dawid-czarnecki/public-vulnerabilities @@ -32810,7 +35591,9 @@ CVE-2020-25221 - https://github.com/404notf0und/CVE-Flow CVE-2020-25221 - https://github.com/DNTYO/F5_Vulnerability CVE-2020-25221 - https://github.com/star-sg/CVE CVE-2020-25223 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2020-25223 - https://github.com/darrenmartyn/sophucked CVE-2020-25223 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-25223 - https://github.com/twentybel0w/CVE-2020-25223 CVE-2020-25233 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-25247 - https://github.com/404notf0und/CVE-Flow CVE-2020-25248 - https://github.com/404notf0und/CVE-Flow @@ -32848,6 +35631,7 @@ CVE-2020-25272 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-25272 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-25272 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-25273 - https://github.com/0xT11/CVE-POC +CVE-2020-25273 - https://github.com/Ko-kn3t/CVE-2020-25273 CVE-2020-25273 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-25273 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-25273 - https://github.com/nomi-sec/PoC-in-GitHub @@ -32896,6 +35680,7 @@ CVE-2020-2546 - https://github.com/yedada-wei/gongkaishouji CVE-2020-2546 - https://github.com/zema1/oracle-vuln-crawler CVE-2020-25483 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-25483 - https://github.com/SexyBeast233/SecBooks +CVE-2020-25483 - https://github.com/tzwlhack/Vulnerability CVE-2020-25487 - https://github.com/0xT11/CVE-POC CVE-2020-25487 - https://github.com/Ko-kn3t/CVE-2020-25487 CVE-2020-25487 - https://github.com/developer3000S/PoC-in-GitHub @@ -32910,8 +35695,10 @@ CVE-2020-25493 - https://github.com/c3r34lk1ll3r/decrypt-oclean-traffic CVE-2020-25495 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-25498 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-25498 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-25498 - https://github.com/the-girl-who-lived/CVE-2020-25498 CVE-2020-25506 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-25506 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-25506 - https://github.com/tzwlhack/Vulnerability CVE-2020-2551 - https://github.com/0xT11/CVE-POC CVE-2020-2551 - https://github.com/0xlane/CVE-2020-2551 CVE-2020-2551 - https://github.com/0xn0ne/weblogicScanner @@ -32949,12 +35736,16 @@ CVE-2020-2551 - https://github.com/huike007/poc CVE-2020-2551 - https://github.com/jas502n/CVE-2020-2551 CVE-2020-2551 - https://github.com/jiangsir404/POC-S CVE-2020-2551 - https://github.com/koala2099/GitHub-Chinese-Top-Charts +CVE-2020-2551 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection +CVE-2020-2551 - https://github.com/lz2y/CVE-2021-2394 CVE-2020-2551 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +CVE-2020-2551 - https://github.com/neilzhang1/Chinese-Charts CVE-2020-2551 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-2551 - https://github.com/pinkieli/GitHub-Chinese-Top-Charts CVE-2020-2551 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-2551 - https://github.com/qingyuanfeiniao/Chinese-Top-Charts CVE-2020-2551 - https://github.com/raystyle/paper +CVE-2020-2551 - https://github.com/severnake/Pentest-Tools CVE-2020-2551 - https://github.com/sobinge/nuclei-templates CVE-2020-2551 - https://github.com/taielab/awesome-hacking-lists CVE-2020-2551 - https://github.com/tdtc7/qps @@ -33031,12 +35822,15 @@ CVE-2020-2555 - https://github.com/huike007/penetration_poc CVE-2020-2555 - https://github.com/huike007/poc CVE-2020-2555 - https://github.com/koala2099/GitHub-Chinese-Top-Charts CVE-2020-2555 - https://github.com/koutto/jok3r-pocs +CVE-2020-2555 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-2555 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +CVE-2020-2555 - https://github.com/neilzhang1/Chinese-Charts CVE-2020-2555 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-2555 - https://github.com/pinkieli/GitHub-Chinese-Top-Charts CVE-2020-2555 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-2555 - https://github.com/qingyuanfeiniao/Chinese-Top-Charts CVE-2020-2555 - https://github.com/raystyle/paper +CVE-2020-2555 - https://github.com/safe6Sec/wlsEnv CVE-2020-2555 - https://github.com/taielab/awesome-hacking-lists CVE-2020-2555 - https://github.com/tdtc7/qps CVE-2020-2555 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- @@ -33058,8 +35852,10 @@ CVE-2020-25577 - https://github.com/secdev/awesome-scapy CVE-2020-25592 - https://github.com/SexyBeast233/SecBooks CVE-2020-25627 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-25628 - https://github.com/luukverhoeven/luukverhoeven +CVE-2020-25632 - https://github.com/amzdev0401/shim-review-backup CVE-2020-25632 - https://github.com/bitraser/shim-review-15.4 CVE-2020-25632 - https://github.com/jason-chang-atrust/shim-review +CVE-2020-25632 - https://github.com/luojc123/shim-nsdl CVE-2020-25632 - https://github.com/neverware/shim-review CVE-2020-25632 - https://github.com/puzzleos/uefi-shim_review CVE-2020-25632 - https://github.com/rhboot/shim-review @@ -33068,8 +35864,10 @@ CVE-2020-25637 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-25637 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-25637 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-25643 - https://github.com/DNTYO/F5_Vulnerability +CVE-2020-25647 - https://github.com/amzdev0401/shim-review-backup CVE-2020-25647 - https://github.com/bitraser/shim-review-15.4 CVE-2020-25647 - https://github.com/jason-chang-atrust/shim-review +CVE-2020-25647 - https://github.com/luojc123/shim-nsdl CVE-2020-25647 - https://github.com/neverware/shim-review CVE-2020-25647 - https://github.com/puzzleos/uefi-shim_review CVE-2020-25647 - https://github.com/rhboot/shim-review @@ -33098,6 +35896,7 @@ CVE-2020-25684 - https://github.com/kaosagnt/ansible-everyday CVE-2020-25684 - https://github.com/klcheung99/CSCM28CW2 CVE-2020-25684 - https://github.com/knqyf263/dnspooq CVE-2020-25684 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-25684 - https://github.com/tzwlhack/Vulnerability CVE-2020-25685 - https://github.com/AZ-X/pique CVE-2020-25685 - https://github.com/DNTYO/F5_Vulnerability CVE-2020-25685 - https://github.com/EdgeSecurityTeam/Vulnerability @@ -33105,6 +35904,7 @@ CVE-2020-25685 - https://github.com/SexyBeast233/SecBooks CVE-2020-25685 - https://github.com/kaosagnt/ansible-everyday CVE-2020-25685 - https://github.com/klcheung99/CSCM28CW2 CVE-2020-25685 - https://github.com/knqyf263/dnspooq +CVE-2020-25685 - https://github.com/tzwlhack/Vulnerability CVE-2020-25686 - https://github.com/AZ-X/pique CVE-2020-25686 - https://github.com/DNTYO/F5_Vulnerability CVE-2020-25686 - https://github.com/EdgeSecurityTeam/Vulnerability @@ -33114,6 +35914,7 @@ CVE-2020-25686 - https://github.com/kaosagnt/ansible-everyday CVE-2020-25686 - https://github.com/klcheung99/CSCM28CW2 CVE-2020-25686 - https://github.com/knqyf263/dnspooq CVE-2020-25686 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-25686 - https://github.com/tzwlhack/Vulnerability CVE-2020-25687 - https://github.com/AZ-X/pique CVE-2020-25687 - https://github.com/DNTYO/F5_Vulnerability CVE-2020-25687 - https://github.com/kaosagnt/ansible-everyday @@ -33123,6 +35924,7 @@ CVE-2020-25704 - https://github.com/JaskaranNarula/Host_Errata_Info CVE-2020-25705 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-25705 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-25705 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-25705 - https://github.com/tdwyer/CVE-2020-25705 CVE-2020-25717 - https://github.com/jirib/notes CVE-2020-25747 - https://github.com/0xT11/CVE-POC CVE-2020-25747 - https://github.com/ARPSyndicate/cvemon @@ -33147,6 +35949,7 @@ CVE-2020-25769 - https://github.com/ARPSyndicate/cvemon CVE-2020-25769 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-25769 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-25769 - https://github.com/immunityinc/Advisories +CVE-2020-25769 - https://github.com/lagartojuancho/CVE-2020-25769 CVE-2020-25769 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-25780 - https://github.com/ARPSyndicate/cvemon CVE-2020-25780 - https://github.com/ARPSyndicate/kenzer-templates @@ -33198,8 +36001,11 @@ CVE-2020-26061 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-26073 - https://github.com/ARPSyndicate/cvemon CVE-2020-26073 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-26073 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2020-26088 - https://github.com/evdenis/cvehound CVE-2020-26116 - https://github.com/twu/skjold CVE-2020-26124 - https://github.com/ARPSyndicate/cvemon +CVE-2020-26137 - https://github.com/asa1997/topgear_test +CVE-2020-26137 - https://github.com/noseka1/deep-dive-into-clair CVE-2020-26137 - https://github.com/twu/skjold CVE-2020-26139 - https://github.com/vanhoefm/fragattacks CVE-2020-26140 - https://github.com/vanhoefm/fragattacks @@ -33214,6 +36020,9 @@ CVE-2020-26153 - https://github.com/ARPSyndicate/cvemon CVE-2020-26153 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-26159 - https://github.com/kkos/oniguruma CVE-2020-26159 - https://github.com/winlibs/oniguruma +CVE-2020-26160 - https://github.com/k1LoW/oshka +CVE-2020-26160 - https://github.com/naveensrinivasan/stunning-tribble +CVE-2020-26160 - https://github.com/novalagung/mypullrequests CVE-2020-26211 - https://github.com/PercussiveElbow/PercussiveElbow CVE-2020-26214 - https://github.com/ARPSyndicate/cvemon CVE-2020-26214 - https://github.com/ARPSyndicate/kenzer-templates @@ -33224,21 +36033,26 @@ CVE-2020-26217 - https://github.com/Ares-X/VulWiki CVE-2020-26217 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2020-26217 - https://github.com/SexyBeast233/SecBooks CVE-2020-26217 - https://github.com/SouthWind0/southwind0.github.io +CVE-2020-26217 - https://github.com/Veraxy00/XStream-vul-poc CVE-2020-26217 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-26217 - https://github.com/fynch3r/Gadgets CVE-2020-26217 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-26217 - https://github.com/hex0wn/learn-java-bug +CVE-2020-26217 - https://github.com/jas502n/CVE-2020-26259 CVE-2020-26217 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2020-26217 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-26217 - https://github.com/novysodope/CVE-2020-26217-XStream-RCE-POC CVE-2020-26217 - https://github.com/superfish9/pt CVE-2020-26217 - https://github.com/x-poc/xstream-poc CVE-2020-26222 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2020-26226 - https://github.com/ossf-cve-benchmark/CVE-2020-26226 CVE-2020-26233 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-26233 - https://github.com/tzwlhack/Vulnerability CVE-2020-26235 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2020-26235 - https://github.com/Simhyeon/r4d CVE-2020-26238 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-26238 - https://github.com/SexyBeast233/SecBooks +CVE-2020-26238 - https://github.com/tzwlhack/Vulnerability CVE-2020-26241 - https://github.com/snuspl/fluffy CVE-2020-26256 - https://github.com/engn33r/awesome-redos-security CVE-2020-26256 - https://github.com/ossf-cve-benchmark/CVE-2020-26256 @@ -33247,31 +36061,39 @@ CVE-2020-26258 - https://github.com/Al1ex/CVE-2020-26258 CVE-2020-26258 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-26258 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2020-26258 - https://github.com/SexyBeast233/SecBooks +CVE-2020-26258 - https://github.com/Veraxy00/XStream-vul-poc CVE-2020-26258 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-26258 - https://github.com/jas502n/CVE-2020-26259 CVE-2020-26258 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2020-26258 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-26258 - https://github.com/tzwlhack/Vulnerability CVE-2020-26258 - https://github.com/x-poc/xstream-poc CVE-2020-26259 - https://github.com/ARPSyndicate/cvemon CVE-2020-26259 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-26259 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2020-26259 - https://github.com/SexyBeast233/SecBooks +CVE-2020-26259 - https://github.com/Veraxy00/XStream-vul-poc CVE-2020-26259 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-26259 - https://github.com/fynch3r/Gadgets CVE-2020-26259 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-26259 - https://github.com/jas502n/CVE-2020-26259 CVE-2020-26259 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-26259 - https://github.com/taielab/awesome-hacking-lists +CVE-2020-26259 - https://github.com/tzwlhack/Vulnerability CVE-2020-26259 - https://github.com/x-poc/xstream-poc CVE-2020-26260 - https://github.com/PercussiveElbow/PercussiveElbow CVE-2020-26263 - https://github.com/sailfishos-mirror/tlslite-ng CVE-2020-26263 - https://github.com/tlsfuzzer/tlslite-ng CVE-2020-26281 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2020-26297 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs +CVE-2020-26297 - https://github.com/OtsuKotsu/daily_log CVE-2020-26297 - https://github.com/xxg1413/rust-security CVE-2020-26413 - https://github.com/ARPSyndicate/cvemon CVE-2020-26413 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-26413 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-26413 - https://github.com/H4ckTh3W0r1d/Goby_POC CVE-2020-26413 - https://github.com/SexyBeast233/SecBooks +CVE-2020-26413 - https://github.com/tzwlhack/Vulnerability CVE-2020-26524 - https://github.com/0xT11/CVE-POC CVE-2020-26525 - https://github.com/0xT11/CVE-POC CVE-2020-26525 - https://github.com/ARPSyndicate/cvemon @@ -33325,12 +36147,15 @@ CVE-2020-26834 - https://github.com/martingalloar/martingalloar CVE-2020-26836 - https://github.com/Onapsis/vulnerability_advisories CVE-2020-26837 - https://github.com/Onapsis/vulnerability_advisories CVE-2020-26837 - https://github.com/lmkalg/my_cves +CVE-2020-26870 - https://github.com/deepakdba/cve_checklist CVE-2020-26878 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-26879 - https://github.com/alphaSeclab/sec-daily-2020 +CVE-2020-26893 - https://github.com/V0lk3n/OSMR-CheatSheet CVE-2020-26919 - https://github.com/ARPSyndicate/cvemon CVE-2020-26919 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-26935 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-26935 - https://github.com/SexyBeast233/SecBooks +CVE-2020-26935 - https://github.com/tzwlhack/Vulnerability CVE-2020-26945 - https://github.com/Firebasky/Java CVE-2020-26945 - https://github.com/Firebasky/ctf-Challenge CVE-2020-26945 - https://github.com/SexyBeast233/SecBooks @@ -33356,7 +36181,9 @@ CVE-2020-27131 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-27131 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2020-27131 - https://github.com/SexyBeast233/SecBooks CVE-2020-27131 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +CVE-2020-27131 - https://github.com/tzwlhack/Vulnerability CVE-2020-27151 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-27152 - https://github.com/evdenis/cvehound CVE-2020-27161 - https://github.com/doyensec/awesome-electronjs-hacking CVE-2020-27162 - https://github.com/doyensec/awesome-electronjs-hacking CVE-2020-27173 - https://github.com/rust-vmm/vm-superio @@ -33364,17 +36191,21 @@ CVE-2020-27190 - https://github.com/ARPSyndicate/cvemon CVE-2020-27190 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-27190 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-27190 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-27192 - https://github.com/Traxes/Forklift_LPE CVE-2020-27192 - https://github.com/alphaSeclab/sec-daily-2020 +CVE-2020-27193 - https://github.com/deepakdba/cve_checklist CVE-2020-27194 - https://github.com/ARPSyndicate/cvemon CVE-2020-27194 - https://github.com/Al1ex/LinuxEelvation CVE-2020-27194 - https://github.com/OrangeGzY/security-research-learning CVE-2020-27194 - https://github.com/bsauce/kernel-exploit-factory CVE-2020-27194 - https://github.com/bsauce/kernel-security-learning CVE-2020-27194 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-27194 - https://github.com/evdenis/cvehound CVE-2020-27194 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-27194 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-27194 - https://github.com/scannells/exploits CVE-2020-27194 - https://github.com/xairy/linux-kernel-exploitation +CVE-2020-27194 - https://github.com/xmzyshypnc/CVE-2020-27194 CVE-2020-27199 - https://github.com/9lyph/CVE-2020-27199 CVE-2020-27199 - https://github.com/ARPSyndicate/cvemon CVE-2020-27199 - https://github.com/developer3000S/PoC-in-GitHub @@ -33384,38 +36215,48 @@ CVE-2020-27223 - https://github.com/ARPSyndicate/cvemon CVE-2020-27223 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-27223 - https://github.com/SexyBeast233/SecBooks CVE-2020-27223 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-27223 - https://github.com/tzwlhack/Vulnerability CVE-2020-27348 - https://github.com/psifertex/ctf-vs-the-real-world CVE-2020-27352 - https://github.com/Metarget/awesome-cloud-native-security +CVE-2020-27352 - https://github.com/reni2study/Cloud-Native-Security2 CVE-2020-27358 - https://github.com/ARPSyndicate/cvemon CVE-2020-27358 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-27358 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-27358 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-27358 - https://github.com/sebastian-mora/cve-2020-27358-27359 CVE-2020-27359 - https://github.com/sebastian-mora/cve-2020-27358-27359 CVE-2020-27361 - https://github.com/ARPSyndicate/cvemon CVE-2020-27361 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-27368 - https://github.com/ARPSyndicate/cvemon CVE-2020-27368 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-27368 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-27372 - https://github.com/H4niz/CVE CVE-2020-27386 - https://github.com/ARPSyndicate/cvemon CVE-2020-27387 - https://github.com/ARPSyndicate/cvemon CVE-2020-27503 - https://github.com/M507/Miner CVE-2020-27504 - https://github.com/M507/Miner CVE-2020-27505 - https://github.com/M507/Miner CVE-2020-27533 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-27533 - https://github.com/tzwlhack/Vulnerability CVE-2020-2756 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2020-2757 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2020-27575 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-27575 - https://github.com/tzwlhack/Vulnerability CVE-2020-27577 - https://github.com/Orange-Cyberdefense/CVE-repository CVE-2020-27578 - https://github.com/Orange-Cyberdefense/CVE-repository CVE-2020-27589 - https://github.com/blackducksoftware/hub-rest-api-python CVE-2020-27600 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-27600 - https://github.com/SexyBeast233/SecBooks +CVE-2020-27600 - https://github.com/tzwlhack/Vulnerability CVE-2020-27603 - https://github.com/ARPSyndicate/cvemon CVE-2020-27603 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-27603 - https://github.com/hannob/CVE-2020-27603-bbb-libreoffice-poc CVE-2020-27603 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-27603 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-27615 - https://github.com/ARPSyndicate/cvemon CVE-2020-27618 - https://github.com/dispera/giant-squid +CVE-2020-27618 - https://github.com/domyrtille/interview_project +CVE-2020-27618 - https://github.com/epequeno/devops-demo CVE-2020-27618 - https://github.com/nedenwalker/spring-boot-app-using-gradle CVE-2020-27618 - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln CVE-2020-27618 - https://github.com/onzack/trivy-multiscanner @@ -33442,24 +36283,30 @@ CVE-2020-27747 - https://github.com/ARPSyndicate/cvemon CVE-2020-27747 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-27747 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-27747 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-27749 - https://github.com/amzdev0401/shim-review-backup CVE-2020-27749 - https://github.com/bitraser/shim-review-15.4 CVE-2020-27749 - https://github.com/jason-chang-atrust/shim-review +CVE-2020-27749 - https://github.com/luojc123/shim-nsdl CVE-2020-27749 - https://github.com/neverware/shim-review CVE-2020-27749 - https://github.com/puzzleos/uefi-shim_review CVE-2020-27749 - https://github.com/rhboot/shim-review CVE-2020-27749 - https://github.com/vathpela/shim-review +CVE-2020-27779 - https://github.com/amzdev0401/shim-review-backup CVE-2020-27779 - https://github.com/bitraser/shim-review-15.4 CVE-2020-27779 - https://github.com/jason-chang-atrust/shim-review +CVE-2020-27779 - https://github.com/luojc123/shim-nsdl CVE-2020-27779 - https://github.com/neverware/shim-review CVE-2020-27779 - https://github.com/puzzleos/uefi-shim_review CVE-2020-27779 - https://github.com/rhboot/shim-review CVE-2020-27779 - https://github.com/vathpela/shim-review CVE-2020-27783 - https://github.com/sonatype-nexus-community/jake CVE-2020-2781 - https://github.com/DNTYO/F5_Vulnerability +CVE-2020-27813 - https://github.com/PalindromeLabs/awesome-websocket-security CVE-2020-27814 - https://github.com/zodf0055980/Yuan-fuzz CVE-2020-27823 - https://github.com/zodf0055980/Yuan-fuzz CVE-2020-27824 - https://github.com/zodf0055980/Yuan-fuzz CVE-2020-27828 - https://github.com/zodf0055980/Yuan-fuzz +CVE-2020-27830 - https://github.com/evdenis/cvehound CVE-2020-27841 - https://github.com/zodf0055980/Yuan-fuzz CVE-2020-27842 - https://github.com/zodf0055980/Yuan-fuzz CVE-2020-27843 - https://github.com/zodf0055980/Yuan-fuzz @@ -33472,6 +36319,7 @@ CVE-2020-27897 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2020-27904 - https://github.com/ARPSyndicate/cvemon CVE-2020-27904 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-27904 - https://github.com/pattern-f/xattr-oob-swap +CVE-2020-27905 - https://github.com/0x36/oob_events CVE-2020-27914 - https://github.com/didi/kemon CVE-2020-27915 - https://github.com/didi/kemon CVE-2020-27930 - https://github.com/ARPSyndicate/cvemon @@ -33479,6 +36327,7 @@ CVE-2020-27930 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-27930 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-27932 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2020-27935 - https://github.com/ARPSyndicate/cvemon +CVE-2020-27935 - https://github.com/LIJI32/SnatchBox CVE-2020-27935 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-27935 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-27935 - https://github.com/houjingyi233/macOS-iOS-system-security @@ -33490,6 +36339,7 @@ CVE-2020-27949 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-27949 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-27949 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2020-27949 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-27949 - https://github.com/seemoo-lab/dtrace-memaccess_cve-2020-27949 CVE-2020-27950 - https://github.com/ARPSyndicate/cvemon CVE-2020-27950 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-27950 - https://github.com/developer3000S/PoC-in-GitHub @@ -33497,20 +36347,30 @@ CVE-2020-27950 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-27950 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2020-27950 - https://github.com/joydo/CVE-Writeups CVE-2020-27950 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-27950 - https://github.com/synacktiv/CVE-2020-27950 CVE-2020-27955 - https://github.com/ARPSyndicate/cvemon CVE-2020-27955 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-27955 - https://github.com/ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955 +CVE-2020-27955 - https://github.com/ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955-Go CVE-2020-27955 - https://github.com/NetW0rK1le3r/awesome-hacking-lists +CVE-2020-27955 - https://github.com/SSRemex/CVE-2020-27955-TEST CVE-2020-27955 - https://github.com/SexyBeast233/SecBooks CVE-2020-27955 - https://github.com/SouthWind0/southwind0.github.io +CVE-2020-27955 - https://github.com/TheTh1nk3r/cve-2020-27955 CVE-2020-27955 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-27955 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-27955 - https://github.com/githubfollow/ssh-reverse-git-RCE CVE-2020-27955 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-27955 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-27955 - https://github.com/r00t4dm/CVE-2020-27955 CVE-2020-27955 - https://github.com/taielab/awesome-hacking-lists +CVE-2020-27955 - https://github.com/tzwlhack/Vulnerability +CVE-2020-27955 - https://github.com/williamgoulois/git-lfs-RCE-exploit-CVE-2020-27955-revshell CVE-2020-27955 - https://github.com/ycdxsb/PocOrExp_in_Github CVE-2020-27976 - https://github.com/ARPSyndicate/cvemon CVE-2020-27976 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-27976 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-27976 - https://github.com/k0rnh0li0/CVE-2020-27976 CVE-2020-27976 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-2798 - https://github.com/CnHack3r/Penetration_PoC CVE-2020-2798 - https://github.com/Mr-xn/Penetration_Testing_POC @@ -33536,6 +36396,7 @@ CVE-2020-27986 - https://github.com/SouthWind0/southwind0.github.io CVE-2020-27986 - https://github.com/bigblackhat/oFx CVE-2020-27986 - https://github.com/d-rn/vulBox CVE-2020-27986 - https://github.com/sobinge/nuclei-templates +CVE-2020-27986 - https://github.com/tzwlhack/Vulnerability CVE-2020-2800 - https://github.com/DNTYO/F5_Vulnerability CVE-2020-28008 - https://github.com/dorkerdevil/CVE-2020-28018 CVE-2020-2801 - https://github.com/CnHack3r/Penetration_PoC @@ -33550,10 +36411,12 @@ CVE-2020-2801 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-2801 - https://github.com/yedada-wei/- CVE-2020-2801 - https://github.com/yedada-wei/gongkaishouji CVE-2020-28018 - https://github.com/ARPSyndicate/cvemon +CVE-2020-28018 - https://github.com/Timirepo/CVE_Exploits CVE-2020-28018 - https://github.com/dorkerdevil/CVE-2020-28018 CVE-2020-28018 - https://github.com/lockedbyte/CVE-Exploits CVE-2020-28018 - https://github.com/lockedbyte/slides CVE-2020-28018 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-28018 - https://github.com/zr0tt/CVE-2020-28018 CVE-2020-2803 - https://github.com/DNTYO/F5_Vulnerability CVE-2020-2803 - https://github.com/HackOvert/awesome-bugs CVE-2020-2803 - https://github.com/alphaSeclab/sec-daily-2020 @@ -33562,6 +36425,7 @@ CVE-2020-28032 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-28032 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-28042 - https://github.com/The-Cracker-Technology/jwt_tool CVE-2020-28042 - https://github.com/mishmashclone/ticarpi-jwt_tool +CVE-2020-28042 - https://github.com/puckiestyle/jwt_tool CVE-2020-28042 - https://github.com/ticarpi/jwt_tool CVE-2020-28043 - https://github.com/Spacial/awesome-csirt CVE-2020-2805 - https://github.com/DNTYO/F5_Vulnerability @@ -33573,6 +36437,7 @@ CVE-2020-28052 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-28052 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-28052 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-28054 - https://github.com/ARPSyndicate/cvemon +CVE-2020-28054 - https://github.com/VoidSec/Tivoli-Madness CVE-2020-28054 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-28054 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-28054 - https://github.com/hectorgie/PoC-in-GitHub @@ -33581,6 +36446,7 @@ CVE-2020-28093 - https://github.com/cecada/Tenda-AC6-Root-Acces CVE-2020-28094 - https://github.com/cecada/Tenda-AC6-Root-Acces CVE-2020-28095 - https://github.com/cecada/Tenda-AC6-Root-Acces CVE-2020-28096 - https://github.com/cecada/Foscam-Model-X1-Root-Access +CVE-2020-28124 - https://github.com/ajmalabubakkr/CVE CVE-2020-28141 - https://github.com/ARPSyndicate/cvemon CVE-2020-28148 - https://github.com/ARPSyndicate/cvemon CVE-2020-28148 - https://github.com/nomi-sec/PoC-in-GitHub @@ -33597,9 +36463,11 @@ CVE-2020-28186 - https://github.com/SexyBeast233/SecBooks CVE-2020-28187 - https://github.com/SexyBeast233/SecBooks CVE-2020-28188 - https://github.com/ARPSyndicate/cvemon CVE-2020-28188 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2020-28188 - https://github.com/Dark-Clown-Security/RCE_TOS CVE-2020-28188 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-28188 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-28188 - https://github.com/SexyBeast233/SecBooks +CVE-2020-28188 - https://github.com/tzwlhack/Vulnerability CVE-2020-28208 - https://github.com/ARPSyndicate/cvemon CVE-2020-28208 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-28208 - https://github.com/Elsfa7-110/kenzer-templates @@ -33607,6 +36475,7 @@ CVE-2020-28214 - https://github.com/neutrinoguy/awesome-ics-writeups CVE-2020-28243 - https://github.com/ARPSyndicate/cvemon CVE-2020-28243 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-28243 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-28243 - https://github.com/stealthcopter/CVE-2020-28243 CVE-2020-28247 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2020-28247 - https://github.com/vin01/CVEs CVE-2020-28250 - https://github.com/summtime/CVE @@ -33616,12 +36485,14 @@ CVE-2020-2830 - https://github.com/DNTYO/F5_Vulnerability CVE-2020-28328 - https://github.com/ARPSyndicate/cvemon CVE-2020-28328 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-28328 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-28328 - https://github.com/mcorybillington/SuiteCRM-RCE CVE-2020-28328 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-28343 - https://github.com/xairy/linux-kernel-exploitation CVE-2020-28347 - https://github.com/ARPSyndicate/cvemon CVE-2020-28351 - https://github.com/ARPSyndicate/cvemon CVE-2020-28351 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-28351 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-28351 - https://github.com/dievus/CVE-2020-28351 CVE-2020-28351 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-28351 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-28360 - https://github.com/alphaSeclab/sec-daily-2020 @@ -33653,6 +36524,7 @@ CVE-2020-28496 - https://github.com/Leeft/three-sprite-texture-atlas-manager CVE-2020-28496 - https://github.com/engn33r/awesome-redos-security CVE-2020-28496 - https://github.com/yetingli/PoCs CVE-2020-28500 - https://github.com/engn33r/awesome-redos-security +CVE-2020-28500 - https://github.com/samoylenko/sample-vulnerable-app-nodejs-express CVE-2020-28500 - https://github.com/yetingli/PoCs CVE-2020-28501 - https://github.com/engn33r/awesome-redos-security CVE-2020-28502 - https://github.com/ARPSyndicate/cvemon @@ -33660,18 +36532,22 @@ CVE-2020-28502 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-28502 - https://github.com/s-index/poc-list CVE-2020-2851 - https://github.com/0xdea/advisories CVE-2020-2851 - https://github.com/0xdea/raptor_infiltrate20 +CVE-2020-2853 - https://github.com/intrigueio/cve-2020-28653-poc CVE-2020-2853 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-28588 - https://github.com/xairy/linux-kernel-exploitation CVE-2020-28637 - https://github.com/The-Cracker-Technology/jwt_tool CVE-2020-28637 - https://github.com/mishmashclone/ticarpi-jwt_tool +CVE-2020-28637 - https://github.com/puckiestyle/jwt_tool CVE-2020-28637 - https://github.com/ticarpi/jwt_tool CVE-2020-28642 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-28642 - https://github.com/SexyBeast233/SecBooks +CVE-2020-28642 - https://github.com/tzwlhack/Vulnerability CVE-2020-28647 - https://github.com/ARPSyndicate/cvemon CVE-2020-28647 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-28647 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-28647 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-28653 - https://github.com/ARPSyndicate/cvemon +CVE-2020-28653 - https://github.com/intrigueio/cve-2020-28653-poc CVE-2020-28653 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-28723 - https://github.com/raminfp/fuzz-libpparam CVE-2020-28723 - https://github.com/raminfp/raminfp @@ -33679,6 +36555,7 @@ CVE-2020-28724 - https://github.com/raminfp/raminfp CVE-2020-2883 - https://github.com/0xT11/CVE-POC CVE-2020-2883 - https://github.com/0xn0ne/weblogicScanner CVE-2020-2883 - https://github.com/ARPSyndicate/cvemon +CVE-2020-2883 - https://github.com/Al1ex/CVE-2020-2883 CVE-2020-2883 - https://github.com/CnHack3r/Penetration_PoC CVE-2020-2883 - https://github.com/DaBoQuan/CVE-2020-14645 CVE-2020-2883 - https://github.com/FancyDoesSecurity/CVE-2020-2883 @@ -33704,9 +36581,11 @@ CVE-2020-2883 - https://github.com/huike007/poc CVE-2020-2883 - https://github.com/koala2099/GitHub-Chinese-Top-Charts CVE-2020-2883 - https://github.com/koutto/jok3r-pocs CVE-2020-2883 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +CVE-2020-2883 - https://github.com/neilzhang1/Chinese-Charts CVE-2020-2883 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-2883 - https://github.com/pinkieli/GitHub-Chinese-Top-Charts CVE-2020-2883 - https://github.com/qingyuanfeiniao/Chinese-Top-Charts +CVE-2020-2883 - https://github.com/safe6Sec/wlsEnv CVE-2020-2883 - https://github.com/taielab/awesome-hacking-lists CVE-2020-2883 - https://github.com/veo/vscan CVE-2020-2883 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- @@ -33736,18 +36615,24 @@ CVE-2020-28874 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-28877 - https://github.com/peanuts62/IOT_CVE CVE-2020-28913 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-28913 - https://github.com/koronkowy/koronkowy +CVE-2020-28913 - https://github.com/tzwlhack/Vulnerability CVE-2020-28926 - https://github.com/ARPSyndicate/cvemon CVE-2020-28926 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-28926 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-28928 - https://github.com/chaimleib/maclfs CVE-2020-28928 - https://github.com/developer-guy/image-scanning-using-trivy-as-go-library CVE-2020-28928 - https://github.com/meldron/psonoci +CVE-2020-28928 - https://github.com/thecyberbaby/Trivy-by-aquaSecurity +CVE-2020-28928 - https://github.com/vinamra28/tekton-image-scan-trivy +CVE-2020-28936 - https://github.com/jda/pixiedust +CVE-2020-28948 - https://github.com/0x240x23elu/CVE-2020-28948-and-CVE-2020-28949 CVE-2020-28948 - https://github.com/ARPSyndicate/cvemon CVE-2020-28948 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-28948 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-28948 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-28948 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-28948 - https://github.com/superfish9/pt +CVE-2020-28949 - https://github.com/0x240x23elu/CVE-2020-28948-and-CVE-2020-28949 CVE-2020-28949 - https://github.com/ARPSyndicate/cvemon CVE-2020-28949 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-28949 - https://github.com/hectorgie/PoC-in-GitHub @@ -33761,13 +36646,17 @@ CVE-2020-29007 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-29007 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-29007 - https://github.com/mmiszczyk/lilypond-scheme-hacking CVE-2020-29007 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-29008 - https://github.com/seqred-s-a/gameloop-cve +CVE-2020-29009 - https://github.com/seqred-s-a/gameloop-cve CVE-2020-29070 - https://github.com/ARPSyndicate/cvemon +CVE-2020-29070 - https://github.com/aslanemre/cve-2020-29070 CVE-2020-29070 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-29070 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-29070 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-29071 - https://github.com/lean0x2F/lean0x2f.github.io CVE-2020-29072 - https://github.com/lean0x2F/lean0x2f.github.io CVE-2020-29133 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-29133 - https://github.com/tzwlhack/Vulnerability CVE-2020-29134 - https://github.com/ARPSyndicate/cvemon CVE-2020-29134 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-29134 - https://github.com/nomi-sec/PoC-in-GitHub @@ -33782,6 +36671,7 @@ CVE-2020-2915 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-2915 - https://github.com/yedada-wei/- CVE-2020-2915 - https://github.com/yedada-wei/gongkaishouji CVE-2020-29156 - https://github.com/ARPSyndicate/cvemon +CVE-2020-29156 - https://github.com/Ko-kn3t/CVE-2020-29156 CVE-2020-29156 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-29156 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-29156 - https://github.com/nomi-sec/PoC-in-GitHub @@ -33792,8 +36682,13 @@ CVE-2020-29214 - https://github.com/ARPSyndicate/cvemon CVE-2020-29215 - https://github.com/ARPSyndicate/cvemon CVE-2020-29227 - https://github.com/ARPSyndicate/cvemon CVE-2020-29227 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2020-29228 - https://github.com/hemantsolo/CVE-Reference +CVE-2020-29230 - https://github.com/hemantsolo/CVE-Reference +CVE-2020-29231 - https://github.com/hemantsolo/CVE-Reference +CVE-2020-29233 - https://github.com/hemantsolo/CVE-Reference CVE-2020-29238 - https://github.com/IDEA-Research-Group/AMADEUS CVE-2020-29254 - https://github.com/ARPSyndicate/cvemon +CVE-2020-29254 - https://github.com/S1lkys/CVE-2020-29254 CVE-2020-29254 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-29254 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-29254 - https://github.com/nomi-sec/PoC-in-GitHub @@ -33801,16 +36696,24 @@ CVE-2020-29364 - https://github.com/ARPSyndicate/cvemon CVE-2020-29364 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-29364 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-29364 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-29371 - https://github.com/evdenis/cvehound CVE-2020-29395 - https://github.com/ARPSyndicate/cvemon CVE-2020-29395 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-29436 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-29436 - https://github.com/SexyBeast233/SecBooks CVE-2020-29436 - https://github.com/SouthWind0/southwind0.github.io +CVE-2020-29436 - https://github.com/tzwlhack/Vulnerability CVE-2020-2944 - https://github.com/0xdea/advisories CVE-2020-2944 - https://github.com/0xdea/exploits CVE-2020-2944 - https://github.com/0xdea/raptor_infiltrate20 CVE-2020-29453 - https://github.com/ARPSyndicate/cvemon CVE-2020-29453 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2020-29453 - https://github.com/sushantdhopat/JIRA_testing +CVE-2020-29469 - https://github.com/hemantsolo/CVE-Reference +CVE-2020-29470 - https://github.com/hemantsolo/CVE-Reference +CVE-2020-29471 - https://github.com/hemantsolo/CVE-Reference +CVE-2020-29475 - https://github.com/hemantsolo/CVE-Reference +CVE-2020-29477 - https://github.com/hemantsolo/CVE-Reference CVE-2020-2950 - https://github.com/ARPSyndicate/cvemon CVE-2020-2950 - https://github.com/CnHack3r/Penetration_PoC CVE-2020-2950 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet @@ -33827,24 +36730,34 @@ CVE-2020-2950 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-2950 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-2950 - https://github.com/yedada-wei/- CVE-2020-2950 - https://github.com/yedada-wei/gongkaishouji +CVE-2020-29562 - https://github.com/brandoncamenisch/release-the-code-litecoin CVE-2020-29562 - https://github.com/dispera/giant-squid +CVE-2020-29562 - https://github.com/domyrtille/interview_project +CVE-2020-29562 - https://github.com/epequeno/devops-demo CVE-2020-29562 - https://github.com/onzack/trivy-multiscanner CVE-2020-29564 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-29564 - https://github.com/tzwlhack/Vulnerability CVE-2020-29583 - https://github.com/ARPSyndicate/cvemon CVE-2020-29583 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-29583 - https://github.com/SexyBeast233/SecBooks CVE-2020-29583 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-29583 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-29583 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-29583 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-29583 - https://github.com/ruppde/scan_CVE-2020-29583 +CVE-2020-29583 - https://github.com/tzwlhack/Vulnerability CVE-2020-29599 - https://github.com/ARPSyndicate/cvemon CVE-2020-29599 - https://github.com/barrracud4/image-upload-exploits CVE-2020-29607 - https://github.com/Hacker5preme/Exploits +CVE-2020-29621 - https://github.com/V0lk3n/OSMR-CheatSheet +CVE-2020-29622 - https://github.com/zanezhub/PIA-PC CVE-2020-2963 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2020-2963 - https://github.com/SexyBeast233/SecBooks CVE-2020-2963 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2020-2963 - https://github.com/r00t4dm/r00t4dm CVE-2020-29651 - https://github.com/engn33r/awesome-redos-security CVE-2020-29651 - https://github.com/yetingli/PoCs +CVE-2020-29652 - https://github.com/k1LoW/oshka CVE-2020-29666 - https://github.com/ARPSyndicate/cvemon CVE-2020-29666 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-29666 - https://github.com/hectorgie/PoC-in-GitHub @@ -33854,16 +36767,22 @@ CVE-2020-29667 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-29667 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-29667 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-29669 - https://github.com/ARPSyndicate/cvemon +CVE-2020-29669 - https://github.com/code-byter/CVE-2020-29669 CVE-2020-29669 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-29669 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-2978 - https://github.com/ARPSyndicate/cvemon CVE-2020-2978 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-2978 - https://github.com/emad-almousa/CVE-2020-2978 CVE-2020-2978 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-2978 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-3019 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-3019 - https://github.com/tzwlhack/Vulnerability CVE-2020-3111 - https://github.com/epi052/CiscoNotes CVE-2020-3118 - https://github.com/epi052/CiscoNotes CVE-2020-3119 - https://github.com/epi052/CiscoNotes +CVE-2020-3119 - https://github.com/routetonull/opencheck +CVE-2020-3120 - https://github.com/routetonull/opencheck +CVE-2020-3125 - https://github.com/r0eXpeR/supplier CVE-2020-3153 - https://github.com/0xT11/CVE-POC CVE-2020-3153 - https://github.com/ARPSyndicate/cvemon CVE-2020-3153 - https://github.com/NetW0rK1le3r/awesome-hacking-lists @@ -33873,6 +36792,7 @@ CVE-2020-3153 - https://github.com/goichot/CVE-2020-3153 CVE-2020-3153 - https://github.com/goichot/CVE-2020-3433 CVE-2020-3153 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-3153 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-3153 - https://github.com/r0eXpeR/supplier CVE-2020-3153 - https://github.com/raspberry-pie/CVE-2020-3153 CVE-2020-3153 - https://github.com/shubham0d/CVE-2020-3153 CVE-2020-3153 - https://github.com/taielab/awesome-hacking-lists @@ -33880,6 +36800,7 @@ CVE-2020-3161 - https://github.com/ARPSyndicate/cvemon CVE-2020-3161 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-3161 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-3161 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-3172 - https://github.com/routetonull/opencheck CVE-2020-3187 - https://github.com/0xT11/CVE-POC CVE-2020-3187 - https://github.com/1337in/CVE-2020-3187 CVE-2020-3187 - https://github.com/ARPSyndicate/cvemon @@ -33891,6 +36812,7 @@ CVE-2020-3187 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-3187 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-3187 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-3187 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2020-3187 - https://github.com/r0eXpeR/supplier CVE-2020-3187 - https://github.com/sobinge/nuclei-templates CVE-2020-3204 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-3206 - https://github.com/p1ay8y3ar/cve_monitor @@ -33925,10 +36847,12 @@ CVE-2020-3433 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-3433 - https://github.com/goichot/CVE-2020-3433 CVE-2020-3433 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-3433 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-3433 - https://github.com/r0eXpeR/supplier CVE-2020-3434 - https://github.com/goichot/CVE-2020-3433 CVE-2020-34343 - https://github.com/goichot/CVE-2020-3433 CVE-2020-3435 - https://github.com/goichot/CVE-2020-3433 CVE-2020-3451 - https://github.com/404notf0und/CVE-Flow +CVE-2020-3451 - https://github.com/avboy1337/cisco-RV34x-RCE CVE-2020-3452 - https://github.com/0ps/pocassistdb CVE-2020-3452 - https://github.com/0x5ECF4ULT/CVE-2020-3452 CVE-2020-3452 - https://github.com/0xT11/CVE-POC @@ -33936,8 +36860,10 @@ CVE-2020-3452 - https://github.com/3ndG4me/CVE-2020-3452-Exploit CVE-2020-3452 - https://github.com/ARPSyndicate/cvemon CVE-2020-3452 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-3452 - https://github.com/Ares-X/VulWiki +CVE-2020-3452 - https://github.com/Aviksaikat/CVE-2020-3452 CVE-2020-3452 - https://github.com/CnHack3r/Penetration_PoC CVE-2020-3452 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-3452 - https://github.com/Elsfa7-110/Elsfa7110-Oneliner-bughunting CVE-2020-3452 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-3452 - https://github.com/Gh0st0ne/http-vuln-cve2020-3452.nse CVE-2020-3452 - https://github.com/Loneyers/cve-2020-3452 @@ -33953,10 +36879,13 @@ CVE-2020-3452 - https://github.com/XDev05/CVE-2020-3452-PoC CVE-2020-3452 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2020-3452 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-3452 - https://github.com/amcai/myscan +CVE-2020-3452 - https://github.com/cygenta/CVE-2020-3452 +CVE-2020-3452 - https://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter CVE-2020-3452 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-3452 - https://github.com/dinhbaouit/CISCO-Remove-File CVE-2020-3452 - https://github.com/dwisiswant0/awesome-oneliner-bugbounty CVE-2020-3452 - https://github.com/foulenzer/CVE-2020-3452 +CVE-2020-3452 - https://github.com/grim3/CVE-2020-3452 CVE-2020-3452 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2020-3452 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-3452 - https://github.com/huike007/penetration_poc @@ -33969,8 +36898,11 @@ CVE-2020-3452 - https://github.com/murataydemir/CVE-2020-3452 CVE-2020-3452 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-3452 - https://github.com/paran0id34/CVE-2020-3452 CVE-2020-3452 - https://github.com/qazbnm456/awesome-cve-poc +CVE-2020-3452 - https://github.com/qeeqbox/falcon +CVE-2020-3452 - https://github.com/r0eXpeR/supplier CVE-2020-3452 - https://github.com/sobinge/nuclei-templates CVE-2020-3452 - https://github.com/toy0756428/CVE_2020_3452_Detect +CVE-2020-3452 - https://github.com/tzwlhack/Vulnerability CVE-2020-3452 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-3452 - https://github.com/yedada-wei/- CVE-2020-3452 - https://github.com/yedada-wei/gongkaishouji @@ -33983,17 +36915,23 @@ CVE-2020-3505 - https://github.com/s-index/dora CVE-2020-35191 - https://github.com/ARPSyndicate/cvemon CVE-2020-35191 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-35234 - https://github.com/ARPSyndicate/cvemon +CVE-2020-35240 - https://github.com/hemantsolo/CVE-Reference +CVE-2020-35241 - https://github.com/hemantsolo/CVE-Reference CVE-2020-35262 - https://github.com/ARPSyndicate/cvemon CVE-2020-35262 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-35262 - https://github.com/the-girl-who-lived/CVE-2020-35262 CVE-2020-3530 - https://github.com/404notf0und/CVE-Flow CVE-2020-35314 - https://github.com/ARPSyndicate/cvemon CVE-2020-35338 - https://github.com/ARPSyndicate/cvemon CVE-2020-35338 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-35338 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-3537 - https://github.com/404notf0und/CVE-Flow +CVE-2020-35381 - https://github.com/k1LoW/oshka +CVE-2020-35381 - https://github.com/naveensrinivasan/stunning-tribble CVE-2020-3541 - https://github.com/404notf0und/CVE-Flow CVE-2020-3542 - https://github.com/404notf0und/CVE-Flow CVE-2020-3545 - https://github.com/404notf0und/CVE-Flow +CVE-2020-35452 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2020-35454 - https://github.com/galapogos/Taidii-Diibear-Vulnerabilities CVE-2020-35455 - https://github.com/galapogos/Taidii-Diibear-Vulnerabilities CVE-2020-35456 - https://github.com/galapogos/Taidii-Diibear-Vulnerabilities @@ -34009,6 +36947,7 @@ CVE-2020-35476 - https://github.com/assetnote/blind-ssrf-chains CVE-2020-35476 - https://github.com/jweny/pocassistdb CVE-2020-35476 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-35476 - https://github.com/sobinge/nuclei-templates +CVE-2020-35476 - https://github.com/tzwlhack/Vulnerability CVE-2020-35488 - https://github.com/ARPSyndicate/cvemon CVE-2020-35488 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-35488 - https://github.com/hectorgie/PoC-in-GitHub @@ -34019,6 +36958,7 @@ CVE-2020-35489 - https://github.com/El-Palomo/MR-ROBOT-1 CVE-2020-35489 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-35489 - https://github.com/SexyBeast233/SecBooks CVE-2020-35489 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-35489 - https://github.com/dn9uy3n/Check-WP-CVE-2020-35489 CVE-2020-35489 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-35490 - https://github.com/Al1ex/Al1ex CVE-2020-35491 - https://github.com/Al1ex/Al1ex @@ -34030,10 +36970,16 @@ CVE-2020-35545 - https://github.com/bousalman/CVE-2020-35545 CVE-2020-3556 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-35576 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-35576 - https://github.com/TesterCC/exp_poc_library +CVE-2020-35576 - https://github.com/tzwlhack/Vulnerability CVE-2020-35578 - https://github.com/ARPSyndicate/cvemon CVE-2020-35580 - https://github.com/ARPSyndicate/cvemon CVE-2020-35580 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2020-35584 - https://github.com/aress31/solstice-pod-cves +CVE-2020-35585 - https://github.com/aress31/solstice-pod-cves +CVE-2020-35586 - https://github.com/aress31/solstice-pod-cves +CVE-2020-35587 - https://github.com/aress31/solstice-pod-cves CVE-2020-35590 - https://github.com/ARPSyndicate/cvemon +CVE-2020-35590 - https://github.com/N4nj0/CVE-2020-35590 CVE-2020-35590 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-35590 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-35598 - https://github.com/ARPSyndicate/cvemon @@ -34042,17 +36988,25 @@ CVE-2020-35606 - https://github.com/ARPSyndicate/cvemon CVE-2020-35606 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-35606 - https://github.com/SexyBeast233/SecBooks CVE-2020-35606 - https://github.com/alphaSeclab/sec-daily-2020 +CVE-2020-35606 - https://github.com/anasbousselham/webminscan CVE-2020-35606 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-35606 - https://github.com/fofapro/vulfocus-java +CVE-2020-35606 - https://github.com/fofapro/vulfocus-py +CVE-2020-35606 - https://github.com/fofapro/vulfocus-spring-boot-starter CVE-2020-35606 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-35606 - https://github.com/tzwlhack/Vulnerability CVE-2020-35613 - https://github.com/HoangKien1020/Joomla-SQLinjection CVE-2020-35616 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-35616 - https://github.com/SexyBeast233/SecBooks CVE-2020-35616 - https://github.com/alphaSeclab/sec-daily-2020 +CVE-2020-35616 - https://github.com/tzwlhack/Vulnerability CVE-2020-3566 - https://github.com/alphaSeclab/sec-daily-2020 +CVE-2020-35660 - https://github.com/ajmalabubakkr/CVE CVE-2020-35665 - https://github.com/ARPSyndicate/cvemon CVE-2020-35682 - https://github.com/ARPSyndicate/cvemon CVE-2020-35682 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-3569 - https://github.com/alphaSeclab/sec-daily-2020 +CVE-2020-35693 - https://github.com/alwentiu/contact-tracing-research CVE-2020-35711 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2020-35713 - https://github.com/ARPSyndicate/cvemon CVE-2020-35713 - https://github.com/ARPSyndicate/kenzer-templates @@ -34062,11 +37016,13 @@ CVE-2020-35717 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-35717 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-35717 - https://github.com/hmartos/cve-2020-35717 CVE-2020-35728 - https://github.com/ARPSyndicate/cvemon +CVE-2020-35728 - https://github.com/Al1ex/CVE-2020-35728 CVE-2020-35728 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-35728 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2020-35728 - https://github.com/SexyBeast233/SecBooks CVE-2020-35728 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-35728 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-35728 - https://github.com/tzwlhack/Vulnerability CVE-2020-35729 - https://github.com/ARPSyndicate/cvemon CVE-2020-35729 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-35729 - https://github.com/Al1ex/CVE-2020-35729 @@ -34081,13 +37037,18 @@ CVE-2020-3580 - https://github.com/ARPSyndicate/cvemon CVE-2020-3580 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-3580 - https://github.com/n1sh1th/CVE-POC CVE-2020-3580 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-3580 - https://github.com/r0eXpeR/supplier CVE-2020-3583 - https://github.com/emotest1/emo_emo CVE-2020-35846 - https://github.com/ARPSyndicate/cvemon CVE-2020-35846 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-35846 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2020-35846 - https://github.com/JohnHammond/CVE-2020-35846 +CVE-2020-35846 - https://github.com/Konstantinos-Papanagnou/CMSpit CVE-2020-35847 - https://github.com/ARPSyndicate/cvemon CVE-2020-35847 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-35847 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2020-35847 - https://github.com/Konstantinos-Papanagnou/CMSpit +CVE-2020-35847 - https://github.com/zmylml/yangzifun CVE-2020-35848 - https://github.com/ARPSyndicate/cvemon CVE-2020-35848 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-35848 - https://github.com/Elsfa7-110/kenzer-templates @@ -34167,6 +37128,7 @@ CVE-2020-35951 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-35951 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-36066 - https://github.com/engn33r/awesome-redos-security CVE-2020-36079 - https://github.com/ARPSyndicate/cvemon +CVE-2020-36079 - https://github.com/F-Masood/ZenPhotoCMSv1.5.7-RCE CVE-2020-36079 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-36109 - https://github.com/ARPSyndicate/cvemon CVE-2020-36109 - https://github.com/developer3000S/PoC-in-GitHub @@ -34190,6 +37152,7 @@ CVE-2020-36179 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-36179 - https://github.com/SexyBeast233/SecBooks CVE-2020-36179 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-36179 - https://github.com/huike007/penetration_poc +CVE-2020-36179 - https://github.com/tzwlhack/Vulnerability CVE-2020-36179 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-3618 - https://github.com/ycdxsb/PocOrExp_in_Github CVE-2020-36180 - https://github.com/Al1ex/Al1ex @@ -34200,6 +37163,7 @@ CVE-2020-36182 - https://github.com/Al1ex/Al1ex CVE-2020-36182 - https://github.com/Al1ex/CVE-2020-36179 CVE-2020-36184 - https://github.com/ARPSyndicate/cvemon CVE-2020-36184 - https://github.com/Al1ex/Al1ex +CVE-2020-36184 - https://github.com/Al1ex/CVE-2020-36184 CVE-2020-36184 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-36184 - https://github.com/ycdxsb/PocOrExp_in_Github CVE-2020-36185 - https://github.com/Al1ex/Al1ex @@ -34207,10 +37171,12 @@ CVE-2020-36186 - https://github.com/Al1ex/Al1ex CVE-2020-36187 - https://github.com/Al1ex/Al1ex CVE-2020-36188 - https://github.com/ARPSyndicate/cvemon CVE-2020-36188 - https://github.com/Al1ex/Al1ex +CVE-2020-36188 - https://github.com/Al1ex/CVE-2020-36188 CVE-2020-36188 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-36189 - https://github.com/Al1ex/Al1ex CVE-2020-3619 - https://github.com/404notf0und/CVE-Flow CVE-2020-36197 - https://github.com/ShielderSec/poc +CVE-2020-36197 - https://github.com/r0eXpeR/supplier CVE-2020-36198 - https://github.com/ShielderSec/poc CVE-2020-3620 - https://github.com/404notf0und/CVE-Flow CVE-2020-36202 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs @@ -34242,9 +37208,16 @@ CVE-2020-36287 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-36287 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-36289 - https://github.com/ARPSyndicate/cvemon CVE-2020-36289 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2020-36289 - https://github.com/r0eXpeR/supplier +CVE-2020-36289 - https://github.com/sushantdhopat/JIRA_testing CVE-2020-3629 - https://github.com/404notf0und/CVE-Flow +CVE-2020-36317 - https://github.com/Qwaz/rust-cve +CVE-2020-36317 - https://github.com/sslab-gatech/Rudra-Artifacts +CVE-2020-36318 - https://github.com/Qwaz/rust-cve CVE-2020-3632 - https://github.com/TinyNiko/android_bulletin_notes CVE-2020-36322 - https://github.com/JaskaranNarula/Host_Errata_Info +CVE-2020-36323 - https://github.com/Qwaz/rust-cve +CVE-2020-36323 - https://github.com/sslab-gatech/Rudra-Artifacts CVE-2020-3634 - https://github.com/404notf0und/CVE-Flow CVE-2020-36355 - https://github.com/Orange-Cyberdefense/CVE-repository CVE-2020-3636 - https://github.com/404notf0und/CVE-Flow @@ -34263,6 +37236,7 @@ CVE-2020-36375 - https://github.com/wcventure/MemLock-Fuzz CVE-2020-3638 - https://github.com/TinyNiko/android_bulletin_notes CVE-2020-3639 - https://github.com/TinyNiko/android_bulletin_notes CVE-2020-3640 - https://github.com/404notf0und/CVE-Flow +CVE-2020-36406 - https://github.com/PalindromeLabs/awesome-websocket-security CVE-2020-3643 - https://github.com/404notf0und/CVE-Flow CVE-2020-3644 - https://github.com/404notf0und/CVE-Flow CVE-2020-3646 - https://github.com/404notf0und/CVE-Flow @@ -34292,6 +37266,7 @@ CVE-2020-3702 - https://github.com/404notf0und/CVE-Flow CVE-2020-3703 - https://github.com/TinyNiko/android_bulletin_notes CVE-2020-3704 - https://github.com/TinyNiko/android_bulletin_notes CVE-2020-3757 - https://github.com/cttynul/ana +CVE-2020-3762 - https://github.com/V0lk3n/OSMR-CheatSheet CVE-2020-3766 - https://github.com/0xT11/CVE-POC CVE-2020-3766 - https://github.com/ARPSyndicate/cvemon CVE-2020-3766 - https://github.com/developer3000S/PoC-in-GitHub @@ -34306,13 +37281,16 @@ CVE-2020-3833 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-3833 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-3837 - https://github.com/TrungNguyen1909/ExtremeVulnerableDriver_XNU CVE-2020-3837 - https://github.com/jakeajames/time_waste +CVE-2020-3847 - https://github.com/hac425xxx/heap-exploitation-in-real-world CVE-2020-3847 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2020-3848 - https://github.com/Charmve/BLE-Security-Attack-Defence +CVE-2020-3848 - https://github.com/hac425xxx/heap-exploitation-in-real-world CVE-2020-3848 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2020-3849 - https://github.com/Charmve/BLE-Security-Attack-Defence CVE-2020-3850 - https://github.com/Charmve/BLE-Security-Attack-Defence CVE-2020-3852 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2020-3854 - https://github.com/houjingyi233/macOS-iOS-system-security +CVE-2020-3855 - https://github.com/V0lk3n/OSMR-CheatSheet CVE-2020-3864 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2020-3865 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2020-3882 - https://github.com/alphaSeclab/sec-daily-2020 @@ -34349,10 +37327,14 @@ CVE-2020-3952 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-3952 - https://github.com/gelim/CVE-2020-3952 CVE-2020-3952 - https://github.com/guardicore/vmware_vcenter_cve_2020_3952 CVE-2020-3952 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-3952 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-3952 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-3952 - https://github.com/r0eXpeR/supplier +CVE-2020-3952 - https://github.com/severnake/Pentest-Tools CVE-2020-3952 - https://github.com/tdtc7/qps CVE-2020-3952 - https://github.com/theyoge/AD-Pentesting-Tools CVE-2020-3952 - https://github.com/tijldeneut/Security +CVE-2020-3952 - https://github.com/viksafe/Get-vSphereVersion CVE-2020-3956 - https://github.com/0xT11/CVE-POC CVE-2020-3956 - https://github.com/ARPSyndicate/cvemon CVE-2020-3956 - https://github.com/aaronsvk/CVE-2020-3956 @@ -34364,6 +37346,7 @@ CVE-2020-3956 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-3956 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-3960 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-3992 - https://github.com/ARPSyndicate/cvemon +CVE-2020-3992 - https://github.com/HynekPetrak/CVE-2019-5544_CVE-2020-3992 CVE-2020-3992 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-3992 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-3992 - https://github.com/hectorgie/PoC-in-GitHub @@ -34372,6 +37355,7 @@ CVE-2020-3992 - https://github.com/tom0li/collection-document CVE-2020-3993 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-4006 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-4006 - https://github.com/pen4uin/vulnerability-lab +CVE-2020-4006 - https://github.com/tzwlhack/Vulnerability CVE-2020-4027 - https://github.com/pen4uin/vulnerability-lab CVE-2020-4038 - https://github.com/ARPSyndicate/cvemon CVE-2020-4038 - https://github.com/ARPSyndicate/kenzer-templates @@ -34393,6 +37377,7 @@ CVE-2020-4054 - https://github.com/SexyBeast233/SecBooks CVE-2020-4059 - https://github.com/ossf-cve-benchmark/CVE-2020-4059 CVE-2020-4060 - https://github.com/WinMin/Protocol-Vul CVE-2020-4066 - https://github.com/ossf-cve-benchmark/CVE-2020-4066 +CVE-2020-4066 - https://github.com/ossf-cve-benchmark/ossf-cve-benchmark CVE-2020-4276 - https://github.com/0xT11/CVE-POC CVE-2020-4276 - https://github.com/ARPSyndicate/cvemon CVE-2020-4276 - https://github.com/Rapid7cn/Nexpose_vck @@ -34405,6 +37390,7 @@ CVE-2020-4280 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-4280 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2020-4280 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-4280 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet +CVE-2020-4280 - https://github.com/tzwlhack/Vulnerability CVE-2020-4305 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2020-4337 - https://github.com/404notf0und/CVE-Flow CVE-2020-4362 - https://github.com/Rapid7cn/Nexpose_vck @@ -34436,6 +37422,7 @@ CVE-2020-4463 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-4463 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-4463 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-4463 - https://github.com/sobinge/nuclei-templates +CVE-2020-4463 - https://github.com/tzwlhack/Vulnerability CVE-2020-4464 - https://github.com/ARPSyndicate/cvemon CVE-2020-4464 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2020-4464 - https://github.com/alphaSeclab/sec-daily-2020 @@ -34472,6 +37459,8 @@ CVE-2020-5014 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-5024 - https://github.com/emotest1/emo_emo CVE-2020-5029 - https://github.com/GovindPalakkal/EvilRip CVE-2020-5135 - https://github.com/alphaSeclab/sec-daily-2020 +CVE-2020-5135 - https://github.com/r0eXpeR/supplier +CVE-2020-5144 - https://github.com/r0eXpeR/supplier CVE-2020-5183 - https://github.com/ARPSyndicate/cvemon CVE-2020-5229 - https://github.com/shadawck/scabi CVE-2020-5232 - https://github.com/sirhashalot/SCV-List @@ -34539,7 +37528,9 @@ CVE-2020-5284 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-5284 - https://github.com/sobinge/nuclei-templates CVE-2020-5307 - https://github.com/ARPSyndicate/cvemon CVE-2020-5307 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2020-5310 - https://github.com/asa1997/topgear_test CVE-2020-5313 - https://github.com/Pad0y/Django2_dailyfresh +CVE-2020-5313 - https://github.com/asa1997/topgear_test CVE-2020-5327 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2020-5369 - https://github.com/404notf0und/CVE-Flow CVE-2020-5376 - https://github.com/404notf0und/CVE-Flow @@ -34577,6 +37568,7 @@ CVE-2020-5405 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-5405 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-5405 - https://github.com/SexyBeast233/SecBooks CVE-2020-5405 - https://github.com/amcai/myscan +CVE-2020-5405 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-5405 - https://github.com/shadowsock5/spring-cloud-config-starter CVE-2020-5405 - https://github.com/sobinge/nuclei-templates CVE-2020-5405 - https://github.com/tdtc7/qps @@ -34601,6 +37593,7 @@ CVE-2020-5410 - https://github.com/huike007/penetration_poc CVE-2020-5410 - https://github.com/huike007/poc CVE-2020-5410 - https://github.com/ilmila/J2EEScan CVE-2020-5410 - https://github.com/jweny/pocassistdb +CVE-2020-5410 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-5410 - https://github.com/missme3f/resource CVE-2020-5410 - https://github.com/mugisyahid/ki-vuln-cve-2020-5410 CVE-2020-5410 - https://github.com/nomi-sec/PoC-in-GitHub @@ -34624,6 +37617,7 @@ CVE-2020-5416 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-5418 - https://github.com/404notf0und/CVE-Flow CVE-2020-5420 - https://github.com/404notf0und/CVE-Flow CVE-2020-5421 - https://github.com/ARPSyndicate/cvemon +CVE-2020-5421 - https://github.com/delaval-htps/ProjetDevJava CVE-2020-5421 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-5421 - https://github.com/fulln/TIL CVE-2020-5421 - https://github.com/nomi-sec/PoC-in-GitHub @@ -34643,6 +37637,7 @@ CVE-2020-5504 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-5504 - https://github.com/yedada-wei/- CVE-2020-5504 - https://github.com/yedada-wei/gongkaishouji CVE-2020-5509 - https://github.com/0xT11/CVE-POC +CVE-2020-5509 - https://github.com/5l1v3r1/CVE-2020-5509 CVE-2020-5509 - https://github.com/ARPSyndicate/cvemon CVE-2020-5509 - https://github.com/CnHack3r/Penetration_PoC CVE-2020-5509 - https://github.com/FULLSHADE/CVE-2020-5509 @@ -34666,6 +37661,7 @@ CVE-2020-5617 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-5622 - https://github.com/404notf0und/CVE-Flow CVE-2020-5622 - https://github.com/s-index/dora CVE-2020-5627 - https://github.com/404notf0und/CVE-Flow +CVE-2020-5639 - https://github.com/r0eXpeR/supplier CVE-2020-5722 - https://github.com/ARPSyndicate/cvemon CVE-2020-5723 - https://github.com/ARPSyndicate/cvemon CVE-2020-5724 - https://github.com/ARPSyndicate/cvemon @@ -34723,8 +37719,11 @@ CVE-2020-5902 - https://github.com/Al1ex/CVE-2020-5902 CVE-2020-5902 - https://github.com/AnonVulc/Pentest-Tools CVE-2020-5902 - https://github.com/Any3ite/CVE-2020-5902-F5BIG CVE-2020-5902 - https://github.com/Astrogeorgeonethree/Starred +CVE-2020-5902 - https://github.com/BitTheByte/BitTraversal CVE-2020-5902 - https://github.com/CnHack3r/Penetration_PoC +CVE-2020-5902 - https://github.com/Elsfa7-110/Elsfa7110-Oneliner-bughunting CVE-2020-5902 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2020-5902 - https://github.com/EvilAnne/2020-Read-article CVE-2020-5902 - https://github.com/GovindPalakkal/EvilRip CVE-2020-5902 - https://github.com/JSec1337/RCE-CVE-2020-5902 CVE-2020-5902 - https://github.com/LearnGolang/LearnGolang @@ -34751,6 +37750,7 @@ CVE-2020-5902 - https://github.com/bhassani/Recent-CVE CVE-2020-5902 - https://github.com/bhdresh/SnortRules CVE-2020-5902 - https://github.com/bigblackhat/oFx CVE-2020-5902 - https://github.com/byt3bl33d3r/WitnessMe +CVE-2020-5902 - https://github.com/chenjj/Awesome-HTTPRequestSmuggling CVE-2020-5902 - https://github.com/corelight/CVE-2020-5902-F5BigIP CVE-2020-5902 - https://github.com/cristiano-corrado/f5_scanner CVE-2020-5902 - https://github.com/cybersecurityworks553/scanner-CVE-2020-5902 @@ -34771,6 +37771,7 @@ CVE-2020-5902 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2020-5902 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-5902 - https://github.com/huike007/penetration_poc CVE-2020-5902 - https://github.com/huike007/poc +CVE-2020-5902 - https://github.com/ibnufachrizal/bugbounty CVE-2020-5902 - https://github.com/ihebski/A-Red-Teamer-diaries CVE-2020-5902 - https://github.com/inho28/CVE-2020-5902-F5-BIGIP CVE-2020-5902 - https://github.com/itsjeffersonli/CVE-2020-5902 @@ -34780,6 +37781,7 @@ CVE-2020-5902 - https://github.com/jinnywc/CVE-2020-5902 CVE-2020-5902 - https://github.com/k3nundrum/CVE-2020-5902 CVE-2020-5902 - https://github.com/lijiaxing1997/CVE-2020-5902-POC-EXP CVE-2020-5902 - https://github.com/litt1eb0yy/One-Liner-Scripts +CVE-2020-5902 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-5902 - https://github.com/ltvthang/CVE-2020-5903 CVE-2020-5902 - https://github.com/ludy-dev/BIG-IP-F5-TMUI-RCE-Vulnerability CVE-2020-5902 - https://github.com/momika233/cve-2020-5902 @@ -34792,14 +37794,17 @@ CVE-2020-5902 - https://github.com/pwnhacker0x18/CVE-2020-5902-Mass CVE-2020-5902 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-5902 - https://github.com/qiong-qi/CVE-2020-5902-POC CVE-2020-5902 - https://github.com/qlkwej/poc-CVE-2020-5902 +CVE-2020-5902 - https://github.com/r0eXpeR/supplier CVE-2020-5902 - https://github.com/r0ttenbeef/cve-2020-5902 CVE-2020-5902 - https://github.com/renanhsilva/checkvulnCVE20205902 CVE-2020-5902 - https://github.com/rockmelodies/CVE-2020-5902-rce-gui CVE-2020-5902 - https://github.com/rwincey/CVE-2020-5902-NSE +CVE-2020-5902 - https://github.com/severnake/Pentest-Tools CVE-2020-5902 - https://github.com/sobinge/nuclei-templates CVE-2020-5902 - https://github.com/superfish9/pt CVE-2020-5902 - https://github.com/superzerosec/cve-2020-5902 CVE-2020-5902 - https://github.com/sv3nbeast/CVE-2020-5902_RCE +CVE-2020-5902 - https://github.com/t31m0/awesome-oneliner-bugbounty CVE-2020-5902 - https://github.com/taielab/awesome-hacking-lists CVE-2020-5902 - https://github.com/tdtc7/qps CVE-2020-5902 - https://github.com/theLSA/f5-bigip-rce-cve-2020-5902 @@ -34823,10 +37828,13 @@ CVE-2020-5907 - https://github.com/afinepl/research CVE-2020-5920 - https://github.com/afinepl/research CVE-2020-6010 - https://github.com/ARPSyndicate/cvemon CVE-2020-6019 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-6019 - https://github.com/tzwlhack/Vulnerability CVE-2020-6096 - https://github.com/KashaMalaga/cve2020-6096 CVE-2020-6096 - https://github.com/anchore/grype CVE-2020-6096 - https://github.com/aymankhder/scanner-for-container CVE-2020-6096 - https://github.com/dispera/giant-squid +CVE-2020-6096 - https://github.com/domyrtille/interview_project +CVE-2020-6096 - https://github.com/epequeno/devops-demo CVE-2020-6096 - https://github.com/garethr/snykout CVE-2020-6096 - https://github.com/nedenwalker/spring-boot-app-using-gradle CVE-2020-6096 - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln @@ -34865,15 +37873,18 @@ CVE-2020-6151 - https://github.com/404notf0und/CVE-Flow CVE-2020-6152 - https://github.com/404notf0und/CVE-Flow CVE-2020-6171 - https://github.com/ARPSyndicate/cvemon CVE-2020-6171 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2020-6175 - https://github.com/stratosphereips/nist-cve-search-tool CVE-2020-6191 - https://github.com/lmkalg/my_cves CVE-2020-6192 - https://github.com/lmkalg/my_cves CVE-2020-6207 - https://github.com/ARPSyndicate/cvemon CVE-2020-6207 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-6207 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-6207 - https://github.com/Onapsis/vulnerability_advisories +CVE-2020-6207 - https://github.com/chipik/SAP_EEM_CVE-2020-6207 CVE-2020-6207 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-6207 - https://github.com/lmkalg/my_cves CVE-2020-6207 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-6207 - https://github.com/tzwlhack/Vulnerability CVE-2020-6234 - https://github.com/Onapsis/vulnerability_advisories CVE-2020-6234 - https://github.com/lmkalg/my_cves CVE-2020-6235 - https://github.com/lmkalg/my_cves @@ -34917,6 +37928,7 @@ CVE-2020-6287 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2020-6287 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-6287 - https://github.com/huike007/penetration_poc CVE-2020-6287 - https://github.com/lmkalg/my_cves +CVE-2020-6287 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-6287 - https://github.com/murataydemir/CVE-2020-6287 CVE-2020-6287 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-6287 - https://github.com/sobinge/nuclei-templates @@ -34930,10 +37942,13 @@ CVE-2020-6302 - https://github.com/404notf0und/CVE-Flow CVE-2020-6308 - https://github.com/ARPSyndicate/cvemon CVE-2020-6308 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-6308 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2020-6308 - https://github.com/InitRoot/CVE-2020-6308-PoC CVE-2020-6308 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-6308 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-6308 - https://github.com/freeFV/CVE-2020-6308-mass-exploiter CVE-2020-6308 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-6308 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-6308 - https://github.com/tzwlhack/Vulnerability CVE-2020-6309 - https://github.com/lmkalg/my_cves CVE-2020-6311 - https://github.com/404notf0und/CVE-Flow CVE-2020-6312 - https://github.com/404notf0und/CVE-Flow @@ -35001,6 +38016,7 @@ CVE-2020-6418 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-6418 - https://github.com/star-sg/CVE CVE-2020-6418 - https://github.com/ulexec/Exploits CVE-2020-6418 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2020-6422 - https://github.com/StarCrossPortal/bug-hunting-101 CVE-2020-6424 - https://github.com/allpaca/chrome-sbx-db CVE-2020-6425 - https://github.com/allpaca/chrome-sbx-db CVE-2020-6435 - https://github.com/allpaca/chrome-sbx-db @@ -35015,6 +38031,7 @@ CVE-2020-6459 - https://github.com/allpaca/chrome-sbx-db CVE-2020-6460 - https://github.com/allpaca/chrome-sbx-db CVE-2020-6461 - https://github.com/allpaca/chrome-sbx-db CVE-2020-6462 - https://github.com/allpaca/chrome-sbx-db +CVE-2020-6463 - https://github.com/StarCrossPortal/bug-hunting-101 CVE-2020-6465 - https://github.com/allpaca/chrome-sbx-db CVE-2020-6466 - https://github.com/allpaca/chrome-sbx-db CVE-2020-6468 - https://github.com/0xT11/CVE-POC @@ -35024,7 +38041,9 @@ CVE-2020-6468 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-6468 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-6468 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-6485 - https://github.com/allpaca/chrome-sbx-db +CVE-2020-6506 - https://github.com/Aucode-n/AndroidSec CVE-2020-6506 - https://github.com/RG-Belasco/Android-BugBounty +CVE-2020-6506 - https://github.com/iamsarvagyaa/AndroidSecNotes CVE-2020-6507 - https://github.com/joydo/CVE-Writeups CVE-2020-6507 - https://github.com/oneoy/exploits1 CVE-2020-6507 - https://github.com/r4j0x00/exploits @@ -35048,6 +38067,7 @@ CVE-2020-6519 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-6519 - https://github.com/taielab/awesome-hacking-lists CVE-2020-6519 - https://github.com/weizman/weizman CVE-2020-6541 - https://github.com/Kiprey/Skr_Learning +CVE-2020-6542 - https://github.com/StarCrossPortal/bug-hunting-101 CVE-2020-6547 - https://github.com/DavAlbert/hacking-writeups CVE-2020-6549 - https://github.com/Kiprey/Skr_Learning CVE-2020-6616 - https://github.com/seemoo-lab/internalblue @@ -35096,6 +38116,7 @@ CVE-2020-6948 - https://github.com/SexyBeast233/SecBooks CVE-2020-6949 - https://github.com/SexyBeast233/SecBooks CVE-2020-7048 - https://github.com/ARPSyndicate/cvemon CVE-2020-7048 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2020-7048 - https://github.com/ElmouradiAmine/CVE-2020-7048 CVE-2020-7048 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-7048 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-7048 - https://github.com/nomi-sec/PoC-in-GitHub @@ -35112,9 +38133,11 @@ CVE-2020-7136 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-7200 - https://github.com/ARPSyndicate/cvemon CVE-2020-7200 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2020-7200 - https://github.com/SexyBeast233/SecBooks +CVE-2020-7200 - https://github.com/alexfrancow/CVE-2020-7200 CVE-2020-7200 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-7200 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2020-7200 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-7200 - https://github.com/testanull/ProjectSIM CVE-2020-7209 - https://github.com/0xT11/CVE-POC CVE-2020-7209 - https://github.com/ARPSyndicate/cvemon CVE-2020-7209 - https://github.com/ARPSyndicate/kenzer-templates @@ -35161,6 +38184,7 @@ CVE-2020-7247 - https://github.com/FiroSolutions/cve-2020-7247-exploit CVE-2020-7247 - https://github.com/anoaghost/Localroot_Compile CVE-2020-7247 - https://github.com/bcoles/local-exploits CVE-2020-7247 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2020-7247 - https://github.com/doanhnn/HTB-Tentacle CVE-2020-7247 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-7247 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-7247 - https://github.com/r0lh/CVE-2020-7247 @@ -35222,6 +38246,7 @@ CVE-2020-7468 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-7471 - https://github.com/0xT11/CVE-POC CVE-2020-7471 - https://github.com/ARPSyndicate/cvemon CVE-2020-7471 - https://github.com/CnHack3r/Penetration_PoC +CVE-2020-7471 - https://github.com/HxDDD/CVE-PoC CVE-2020-7471 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-7471 - https://github.com/Pad0y/Django2_dailyfresh CVE-2020-7471 - https://github.com/SNCKER/CVE-2020-7471 @@ -35253,6 +38278,7 @@ CVE-2020-7473 - https://github.com/SexyBeast233/SecBooks CVE-2020-7473 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-7473 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-7473 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-7473 - https://github.com/stratosphereips/nist-cve-search-tool CVE-2020-7523 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-7523 - https://github.com/neutrinoguy/awesome-ics-writeups CVE-2020-7595 - https://github.com/Exein-io/kepler @@ -35273,12 +38299,15 @@ CVE-2020-7661 - https://github.com/engn33r/awesome-redos-security CVE-2020-7661 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-7661 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-7661 - https://github.com/spamscanner/url-regex-safe +CVE-2020-7662 - https://github.com/PalindromeLabs/awesome-websocket-security CVE-2020-7662 - https://github.com/engn33r/awesome-redos-security +CVE-2020-7663 - https://github.com/PalindromeLabs/awesome-websocket-security CVE-2020-7664 - https://github.com/snyk/zip-slip-vulnerability CVE-2020-7665 - https://github.com/404notf0und/CVE-Flow CVE-2020-7665 - https://github.com/s-index/dora CVE-2020-7666 - https://github.com/404notf0und/CVE-Flow CVE-2020-7666 - https://github.com/s-index/dora +CVE-2020-7667 - https://github.com/k1LoW/oshka CVE-2020-7668 - https://github.com/snyk/zip-slip-vulnerability CVE-2020-7669 - https://github.com/404notf0und/CVE-Flow CVE-2020-7676 - https://github.com/ossf-cve-benchmark/CVE-2020-7676 @@ -35321,6 +38350,7 @@ CVE-2020-7754 - https://github.com/engn33r/awesome-redos-security CVE-2020-7754 - https://github.com/yetingli/PoCs CVE-2020-7755 - https://github.com/engn33r/awesome-redos-security CVE-2020-7755 - https://github.com/yetingli/PoCs +CVE-2020-7760 - https://github.com/deepakdba/cve_checklist CVE-2020-7760 - https://github.com/engn33r/awesome-redos-security CVE-2020-7760 - https://github.com/yetingli/PoCs CVE-2020-7761 - https://github.com/engn33r/awesome-redos-security @@ -35339,6 +38369,7 @@ CVE-2020-7799 - https://github.com/Pikaqi/cve-2020-7799 CVE-2020-7799 - https://github.com/SexyBeast233/SecBooks CVE-2020-7799 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-7799 - https://github.com/ianxtianxt/CVE-2020-7799 +CVE-2020-7799 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-7799 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-7799 - https://github.com/tdtc7/qps CVE-2020-7830 - https://github.com/404notf0und/CVE-Flow @@ -35374,17 +38405,22 @@ CVE-2020-7961 - https://github.com/OCEANOFANYTHING/PENTESTING-BIBLE CVE-2020-7961 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2020-7961 - https://github.com/Saidul-M-Khan/PENTESTING-BIBLE CVE-2020-7961 - https://github.com/SexyBeast233/SecBooks +CVE-2020-7961 - https://github.com/ShutdownRepo/CVE-2020-7961 CVE-2020-7961 - https://github.com/Spacial/awesome-csirt +CVE-2020-7961 - https://github.com/ThePirateWhoSmellsOfSunflowers/TheHackerLinks +CVE-2020-7961 - https://github.com/Udyz/CVE-2020-7961-Mass CVE-2020-7961 - https://github.com/bjknbrrr/PENTESTING-BIBLE CVE-2020-7961 - https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE CVE-2020-7961 - https://github.com/codereveryday/Programming-Hacking-Resources CVE-2020-7961 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-7961 - https://github.com/erSubhashThapa/pentest-bible +CVE-2020-7961 - https://github.com/fofapro/vulfocus CVE-2020-7961 - https://github.com/gacontuyenchien1/Security CVE-2020-7961 - https://github.com/gobysec/Goby CVE-2020-7961 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-7961 - https://github.com/iamrajivd/pentest CVE-2020-7961 - https://github.com/imNani4/PENTESTING-BIBLE +CVE-2020-7961 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-7961 - https://github.com/mathiznogoud/Liferay-Deserialize-POC CVE-2020-7961 - https://github.com/mishmashclone/qazbnm456-awesome-web-security CVE-2020-7961 - https://github.com/mzer0one/CVE-2020-7961-POC @@ -35398,6 +38434,7 @@ CVE-2020-7961 - https://github.com/random-robbie/liferay-pwn CVE-2020-7961 - https://github.com/raystyle/paper CVE-2020-7961 - https://github.com/shacojx/GLiferay-CVE-2020-7961-golang CVE-2020-7961 - https://github.com/shacojx/LifeRCEJsonWSTool-POC-CVE-2020-7961-Gui +CVE-2020-7961 - https://github.com/shacojx/POC-CVE-2020-7961-Token-iterate CVE-2020-7961 - https://github.com/sobinge/nuclei-templates CVE-2020-7961 - https://github.com/t31m0/PENTESTING-BIBLE CVE-2020-7961 - https://github.com/tdtc7/qps @@ -35408,9 +38445,12 @@ CVE-2020-7980 - https://github.com/0xT11/CVE-POC CVE-2020-7980 - https://github.com/ARPSyndicate/cvemon CVE-2020-7980 - https://github.com/Xh4H/Satellian-CVE-2020-7980 CVE-2020-7980 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-7980 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-7980 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-7980 - https://github.com/tdtc7/qps CVE-2020-7984 - https://github.com/justinflipflops/nCentralDumpsterDiver +CVE-2020-7997 - https://github.com/adeshkolte/My-CVEs +CVE-2020-7998 - https://github.com/adeshkolte/My-CVEs CVE-2020-8004 - https://github.com/0xT11/CVE-POC CVE-2020-8004 - https://github.com/ARPSyndicate/cvemon CVE-2020-8004 - https://github.com/developer3000S/PoC-in-GitHub @@ -35454,6 +38494,7 @@ CVE-2020-8149 - https://github.com/wjs67/be-the-hero CVE-2020-8150 - https://github.com/0xT11/CVE-POC CVE-2020-8150 - https://github.com/geffner/CVE-2020-8289 CVE-2020-8152 - https://github.com/0xT11/CVE-POC +CVE-2020-8152 - https://github.com/geffner/CVE-2020-8290 CVE-2020-8163 - https://github.com/0xT11/CVE-POC CVE-2020-8163 - https://github.com/ARPSyndicate/cvemon CVE-2020-8163 - https://github.com/ARPSyndicate/kenzer-templates @@ -35476,8 +38517,10 @@ CVE-2020-8163 - https://github.com/yedada-wei/gongkaishouji CVE-2020-8165 - https://github.com/0xT11/CVE-POC CVE-2020-8165 - https://github.com/0xsyr0/OSCP CVE-2020-8165 - https://github.com/ARPSyndicate/cvemon +CVE-2020-8165 - https://github.com/AssassinUKG/CVE-2020-8165 CVE-2020-8165 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-8165 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-8165 - https://github.com/hybryx/CVE-2020-8165 CVE-2020-8165 - https://github.com/macosta-42/Exploit-Development CVE-2020-8165 - https://github.com/masahiro331/CVE-2020-8165 CVE-2020-8165 - https://github.com/nomi-sec/PoC-in-GitHub @@ -35485,6 +38528,8 @@ CVE-2020-8169 - https://github.com/docker-library/faq CVE-2020-8175 - https://github.com/ARPSyndicate/cvemon CVE-2020-8175 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-8175 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-8187 - https://github.com/stratosphereips/nist-cve-search-tool +CVE-2020-8190 - https://github.com/stratosphereips/nist-cve-search-tool CVE-2020-8191 - https://github.com/0ps/pocassistdb CVE-2020-8191 - https://github.com/ARPSyndicate/cvemon CVE-2020-8191 - https://github.com/ARPSyndicate/kenzer-templates @@ -35492,6 +38537,7 @@ CVE-2020-8191 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-8191 - https://github.com/amcai/myscan CVE-2020-8191 - https://github.com/jweny/pocassistdb CVE-2020-8191 - https://github.com/sobinge/nuclei-templates +CVE-2020-8191 - https://github.com/stratosphereips/nist-cve-search-tool CVE-2020-8192 - https://github.com/ossf-cve-benchmark/CVE-2020-8192 CVE-2020-8193 - https://github.com/0ps/pocassistdb CVE-2020-8193 - https://github.com/0xT11/CVE-POC @@ -35500,6 +38546,7 @@ CVE-2020-8193 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-8193 - https://github.com/Airboi/Citrix-ADC-RCE-CVE-2020-8193 CVE-2020-8193 - https://github.com/CnHack3r/Penetration_PoC CVE-2020-8193 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2020-8193 - https://github.com/EvilAnne/2020-Read-article CVE-2020-8193 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-8193 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2020-8193 - https://github.com/PR3R00T/CVE-2020-8193-Citrix-Scanner @@ -35516,6 +38563,7 @@ CVE-2020-8193 - https://github.com/jas502n/CVE-2020-8193 CVE-2020-8193 - https://github.com/jweny/pocassistdb CVE-2020-8193 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-8193 - https://github.com/sobinge/nuclei-templates +CVE-2020-8193 - https://github.com/stratosphereips/nist-cve-search-tool CVE-2020-8193 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-8193 - https://github.com/yedada-wei/- CVE-2020-8193 - https://github.com/yedada-wei/gongkaishouji @@ -35524,14 +38572,25 @@ CVE-2020-8194 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-8194 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-8194 - https://github.com/SexyBeast233/SecBooks CVE-2020-8194 - https://github.com/sobinge/nuclei-templates +CVE-2020-8194 - https://github.com/stratosphereips/nist-cve-search-tool +CVE-2020-8195 - https://github.com/EvilAnne/2020-Read-article CVE-2020-8195 - https://github.com/PR3R00T/CVE-2020-8193-Citrix-Scanner CVE-2020-8195 - https://github.com/SexyBeast233/SecBooks CVE-2020-8195 - https://github.com/Zeop-CyberSec/citrix_adc_netscaler_lfi CVE-2020-8195 - https://github.com/dnif/content +CVE-2020-8195 - https://github.com/r0eXpeR/supplier +CVE-2020-8195 - https://github.com/stratosphereips/nist-cve-search-tool +CVE-2020-8196 - https://github.com/EvilAnne/2020-Read-article CVE-2020-8196 - https://github.com/PR3R00T/CVE-2020-8193-Citrix-Scanner CVE-2020-8196 - https://github.com/SexyBeast233/SecBooks CVE-2020-8196 - https://github.com/Zeop-CyberSec/citrix_adc_netscaler_lfi +CVE-2020-8196 - https://github.com/r0eXpeR/supplier +CVE-2020-8196 - https://github.com/stratosphereips/nist-cve-search-tool +CVE-2020-8197 - https://github.com/stratosphereips/nist-cve-search-tool CVE-2020-8198 - https://github.com/SexyBeast233/SecBooks +CVE-2020-8198 - https://github.com/stratosphereips/nist-cve-search-tool +CVE-2020-8199 - https://github.com/stratosphereips/nist-cve-search-tool +CVE-2020-8200 - https://github.com/stratosphereips/nist-cve-search-tool CVE-2020-8201 - https://github.com/dnorio/oracle-node-alpine CVE-2020-8203 - https://github.com/chkp-dhouari/CloudGuard-ShiftLeft-CICD CVE-2020-8203 - https://github.com/duckstroms/Web-CTF-Cheatsheet @@ -35542,9 +38601,12 @@ CVE-2020-8203 - https://github.com/rtfeldman/node-elm-compiler CVE-2020-8203 - https://github.com/w181496/Web-CTF-Cheatsheet CVE-2020-8205 - https://github.com/ossf-cve-benchmark/CVE-2020-8205 CVE-2020-8207 - https://github.com/alphaSeclab/sec-daily-2020 +CVE-2020-8207 - https://github.com/stratosphereips/nist-cve-search-tool +CVE-2020-8208 - https://github.com/stratosphereips/nist-cve-search-tool CVE-2020-8209 - https://github.com/ARPSyndicate/cvemon CVE-2020-8209 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-8209 - https://github.com/Ares-X/VulWiki +CVE-2020-8209 - https://github.com/B1anda0/CVE-2020-8209 CVE-2020-8209 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-8209 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-8209 - https://github.com/SexyBeast233/SecBooks @@ -35552,8 +38614,15 @@ CVE-2020-8209 - https://github.com/SouthWind0/southwind0.github.io CVE-2020-8209 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-8209 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-8209 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-8209 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-8209 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-8209 - https://github.com/sobinge/nuclei-templates +CVE-2020-8209 - https://github.com/stratosphereips/nist-cve-search-tool +CVE-2020-8209 - https://github.com/tzwlhack/Vulnerability +CVE-2020-8210 - https://github.com/stratosphereips/nist-cve-search-tool +CVE-2020-8211 - https://github.com/stratosphereips/nist-cve-search-tool +CVE-2020-8212 - https://github.com/stratosphereips/nist-cve-search-tool +CVE-2020-8217 - https://github.com/stratosphereips/nist-cve-search-tool CVE-2020-8218 - https://github.com/0xT11/CVE-POC CVE-2020-8218 - https://github.com/ARPSyndicate/cvemon CVE-2020-8218 - https://github.com/Mr-xn/Penetration_Testing_POC @@ -35573,17 +38642,29 @@ CVE-2020-8241 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-8241 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-8241 - https://github.com/withdk/pulse-secure-vpn-mitm-research CVE-2020-8243 - https://github.com/alphaSeclab/sec-daily-2020 +CVE-2020-8243 - https://github.com/r0eXpeR/supplier CVE-2020-8243 - https://github.com/tom0li/collection-document CVE-2020-8244 - https://github.com/ossf-cve-benchmark/CVE-2020-8244 +CVE-2020-8245 - https://github.com/stratosphereips/nist-cve-search-tool +CVE-2020-8246 - https://github.com/stratosphereips/nist-cve-search-tool +CVE-2020-8247 - https://github.com/stratosphereips/nist-cve-search-tool +CVE-2020-8253 - https://github.com/stratosphereips/nist-cve-search-tool CVE-2020-8255 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-8255 - https://github.com/alphaSeclab/sec-daily-2020 +CVE-2020-8255 - https://github.com/tzwlhack/Vulnerability CVE-2020-8260 - https://github.com/ARPSyndicate/cvemon +CVE-2020-8260 - https://github.com/r0eXpeR/supplier +CVE-2020-8271 - https://github.com/stratosphereips/nist-cve-search-tool +CVE-2020-8272 - https://github.com/stratosphereips/nist-cve-search-tool +CVE-2020-8273 - https://github.com/stratosphereips/nist-cve-search-tool CVE-2020-8276 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-8277 - https://github.com/ARPSyndicate/cvemon CVE-2020-8277 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-8277 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-8277 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-8277 - https://github.com/masahiro331/CVE-2020-8277 CVE-2020-8277 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-8277 - https://github.com/tzwlhack/Vulnerability CVE-2020-8284 - https://github.com/indece-official/clair-client CVE-2020-8286 - https://github.com/YaleSpinup/ecr-api CVE-2020-8286 - https://github.com/salrashid123/envoy_mtls @@ -35608,6 +38689,7 @@ CVE-2020-8335 - https://github.com/404notf0und/CVE-Flow CVE-2020-8341 - https://github.com/404notf0und/CVE-Flow CVE-2020-8394 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2020-8394 - https://github.com/SexyBeast233/SecBooks +CVE-2020-8394 - https://github.com/tzwlhack/Vulnerability CVE-2020-8417 - https://github.com/0xT11/CVE-POC CVE-2020-8417 - https://github.com/ARPSyndicate/cvemon CVE-2020-8417 - https://github.com/Mathankumar2701/ALL-PENTESTING-BIBLE @@ -35684,10 +38766,16 @@ CVE-2020-8554 - https://github.com/cruise-automation/k-rail CVE-2020-8554 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-8554 - https://github.com/g3rzi/HackingKubernetes CVE-2020-8554 - https://github.com/hectorgie/PoC-in-GitHub +CVE-2020-8554 - https://github.com/k1LoW/oshka +CVE-2020-8554 - https://github.com/kubemod/kubemod CVE-2020-8554 - https://github.com/kubernetes-sigs/externalip-webhook CVE-2020-8554 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-8554 - https://github.com/rancher/externalip-webhook +CVE-2020-8554 - https://github.com/reni2study/Cloud-Native-Security2 +CVE-2020-8554 - https://github.com/twistlock/k8s-cve-2020-8554-mitigations CVE-2020-8555 - https://github.com/Metarget/awesome-cloud-native-security CVE-2020-8555 - https://github.com/Metarget/metarget +CVE-2020-8555 - https://github.com/reni2study/Cloud-Native-Security2 CVE-2020-8555 - https://github.com/walidshaari/cks CVE-2020-8557 - https://github.com/Kiranp295/CKS CVE-2020-8557 - https://github.com/Metarget/metarget @@ -35703,6 +38791,7 @@ CVE-2020-8558 - https://github.com/g3rzi/HackingKubernetes CVE-2020-8558 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-8558 - https://github.com/jassics/awesome-aws-security CVE-2020-8558 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-8558 - https://github.com/reni2study/Cloud-Native-Security2 CVE-2020-8558 - https://github.com/rhysemmas/martian-packets CVE-2020-8558 - https://github.com/tabbysable/POC-2020-8558 CVE-2020-8559 - https://github.com/0xT11/CVE-POC @@ -35716,8 +38805,12 @@ CVE-2020-8559 - https://github.com/tabbysable/POC-2020-8559 CVE-2020-8559 - https://github.com/tdwyer/CVE-2020-8559 CVE-2020-8561 - https://github.com/p1ay8y3ar/cve_monitor CVE-2020-8562 - https://github.com/Metarget/awesome-cloud-native-security +CVE-2020-8564 - https://github.com/k1LoW/oshka +CVE-2020-8565 - https://github.com/k1LoW/oshka CVE-2020-8576 - https://github.com/404notf0und/CVE-Flow CVE-2020-8595 - https://github.com/Metarget/awesome-cloud-native-security +CVE-2020-8595 - https://github.com/Metarget/cloud-native-security-book +CVE-2020-8595 - https://github.com/reni2study/Cloud-Native-Security2 CVE-2020-8595 - https://github.com/tom0li/collection-document CVE-2020-8597 - https://github.com/0xT11/CVE-POC CVE-2020-8597 - https://github.com/ARPSyndicate/cvemon @@ -35764,6 +38857,7 @@ CVE-2020-8634 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-8634 - https://github.com/yedada-wei/- CVE-2020-8634 - https://github.com/yedada-wei/gongkaishouji CVE-2020-8635 - https://github.com/ARPSyndicate/cvemon +CVE-2020-8635 - https://github.com/Al1ex/CVE-2020-8635 CVE-2020-8635 - https://github.com/CnHack3r/Penetration_PoC CVE-2020-8635 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-8635 - https://github.com/YIXINSHUWU/Penetration_Testing_POC @@ -35786,12 +38880,15 @@ CVE-2020-8641 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-8644 - https://github.com/ARPSyndicate/cvemon CVE-2020-8644 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-8654 - https://github.com/ARPSyndicate/cvemon +CVE-2020-8654 - https://github.com/ArianeBlow/EyesOfNetwork-vuln-checker CVE-2020-8654 - https://github.com/h4knet/eonrce CVE-2020-8655 - https://github.com/ARPSyndicate/cvemon CVE-2020-8655 - https://github.com/h4knet/eonrce CVE-2020-8656 - https://github.com/ARPSyndicate/cvemon +CVE-2020-8656 - https://github.com/ArianeBlow/EyesOfNetwork-vuln-checker CVE-2020-8656 - https://github.com/h4knet/eonrce CVE-2020-8657 - https://github.com/ARPSyndicate/cvemon +CVE-2020-8657 - https://github.com/ArianeBlow/EyesOfNetwork-vuln-checker CVE-2020-8658 - https://github.com/V1n1v131r4/Exploiting-WP-Htaccess-by-BestWebSoft-Plugin CVE-2020-8658 - https://github.com/V1n1v131r4/My-CVEs CVE-2020-8674 - https://github.com/CERTCC/PoC-Exploits/tree/master/vu-257161/scripts @@ -35845,6 +38942,7 @@ CVE-2020-8813 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-8813 - https://github.com/huike007/penetration_poc CVE-2020-8813 - https://github.com/huike007/poc CVE-2020-8813 - https://github.com/jandersoncampelo/InfosecBookmarks +CVE-2020-8813 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-8813 - https://github.com/mhaskar/CVE-2020-8813 CVE-2020-8813 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-8813 - https://github.com/tdtc7/qps @@ -35859,6 +38957,7 @@ CVE-2020-8816 - https://github.com/cybervaca/CVE-2020-8816 CVE-2020-8816 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-8816 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-8816 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-8816 - https://github.com/pengusec/awesome-netsec-articles CVE-2020-8816 - https://github.com/stefanman125/CyberSci-pizzashop CVE-2020-8816 - https://github.com/team0se7en/CVE-2020-8816 CVE-2020-8818 - https://github.com/ARPSyndicate/cvemon @@ -35889,6 +38988,8 @@ CVE-2020-8835 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-8835 - https://github.com/rakjong/LinuxElevation CVE-2020-8835 - https://github.com/snappyJack/Rick_write_exp_CVE-2020-8835 CVE-2020-8835 - https://github.com/xairy/linux-kernel-exploitation +CVE-2020-8835 - https://github.com/xmzyshypnc/CVE-2020-27194 +CVE-2020-8835 - https://github.com/yoniko/gctf21_ebpf CVE-2020-8835 - https://github.com/zilong3033/CVE-2020-8835 CVE-2020-8840 - https://github.com/0xT11/CVE-POC CVE-2020-8840 - https://github.com/5l1v3r1/CVE-2020-8841 @@ -35900,6 +39001,7 @@ CVE-2020-8840 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-8840 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2020-8840 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2020-8840 - https://github.com/SexyBeast233/SecBooks +CVE-2020-8840 - https://github.com/Veraxy00/CVE-2020-8840 CVE-2020-8840 - https://github.com/Wfzsec/FastJson1.2.62-RCE CVE-2020-8840 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2020-8840 - https://github.com/developer3000S/PoC-in-GitHub @@ -35915,6 +39017,7 @@ CVE-2020-8840 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-8840 - https://github.com/taielab/awesome-hacking-lists CVE-2020-8840 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-8840 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2020-8840 - https://github.com/yahoo/cubed CVE-2020-8840 - https://github.com/yedada-wei/- CVE-2020-8840 - https://github.com/yedada-wei/gongkaishouji CVE-2020-8841 - https://github.com/5l1v3r1/CVE-2020-8841 @@ -35928,6 +39031,7 @@ CVE-2020-8860 - https://github.com/he1m4n6a/cve-db CVE-2020-8863 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-8864 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-8871 - https://github.com/alphaSeclab/sec-daily-2020 +CVE-2020-8871 - https://github.com/dlehgus1023/VirtualBox_IO-Fuzz CVE-2020-8888 - https://github.com/0xT11/CVE-POC CVE-2020-8888 - https://github.com/ARPSyndicate/cvemon CVE-2020-8888 - https://github.com/SnipJoe/CVE-2020-8888 @@ -35937,6 +39041,7 @@ CVE-2020-8888 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-8890 - https://github.com/dawid-czarnecki/public-vulnerabilities CVE-2020-8893 - https://github.com/dawid-czarnecki/public-vulnerabilities CVE-2020-8894 - https://github.com/dawid-czarnecki/public-vulnerabilities +CVE-2020-8908 - https://github.com/asa1997/topgear_test CVE-2020-8911 - https://github.com/SummitRoute/csp_security_mistakes CVE-2020-8911 - https://github.com/jassics/awesome-aws-security CVE-2020-8912 - https://github.com/SummitRoute/csp_security_mistakes @@ -35971,11 +39076,13 @@ CVE-2020-8982 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-8982 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-8982 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-8982 - https://github.com/sobinge/nuclei-templates +CVE-2020-8982 - https://github.com/stratosphereips/nist-cve-search-tool CVE-2020-8983 - https://github.com/0xT11/CVE-POC CVE-2020-8983 - https://github.com/DimitriNL/CTX-CVE-2020-7473 CVE-2020-8983 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-8983 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-8983 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-8983 - https://github.com/stratosphereips/nist-cve-search-tool CVE-2020-8994 - https://github.com/Jian-Xian/CVE-POC CVE-2020-9006 - https://github.com/0xT11/CVE-POC CVE-2020-9006 - https://github.com/ARPSyndicate/cvemon @@ -36035,6 +39142,7 @@ CVE-2020-9269 - https://github.com/J3rryBl4nks/SOPlanning CVE-2020-9270 - https://github.com/J3rryBl4nks/IceHRM CVE-2020-9271 - https://github.com/J3rryBl4nks/IceHRM CVE-2020-9273 - https://github.com/ARPSyndicate/cvemon +CVE-2020-9273 - https://github.com/Timirepo/CVE_Exploits CVE-2020-9273 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-9273 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-9273 - https://github.com/lockedbyte/CVE-Exploits @@ -36042,11 +39150,14 @@ CVE-2020-9273 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-9273 - https://github.com/ptef/CVE-2020-9273 CVE-2020-9283 - https://github.com/0xT11/CVE-POC CVE-2020-9283 - https://github.com/ARPSyndicate/cvemon +CVE-2020-9283 - https://github.com/asa1997/topgear_test CVE-2020-9283 - https://github.com/brompwnie/CVE-2020-9283 +CVE-2020-9283 - https://github.com/brompwnie/brompwnie CVE-2020-9283 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-9283 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-9283 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-9294 - https://github.com/ARPSyndicate/cvemon +CVE-2020-9296 - https://github.com/blirp/postnr CVE-2020-9297 - https://github.com/SummerSec/learning-codeql CVE-2020-9315 - https://github.com/ARPSyndicate/cvemon CVE-2020-9315 - https://github.com/ARPSyndicate/kenzer-templates @@ -36155,8 +39266,10 @@ CVE-2020-9461 - https://github.com/g-rubert/CVE-2020-9461 CVE-2020-9461 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-9461 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-9465 - https://github.com/ARPSyndicate/cvemon +CVE-2020-9465 - https://github.com/ArianeBlow/EyesOfNetwork-vuln-checker CVE-2020-9465 - https://github.com/h4knet/eonrce CVE-2020-9470 - https://github.com/ARPSyndicate/cvemon +CVE-2020-9470 - https://github.com/Al1ex/CVE-2020-9470 CVE-2020-9470 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-9470 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-9470 - https://github.com/nomi-sec/PoC-in-GitHub @@ -36168,6 +39281,7 @@ CVE-2020-9472 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-9472 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-9472 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 CVE-2020-9480 - https://github.com/ayoul3/sparky +CVE-2020-9480 - https://github.com/yahoo/cubed CVE-2020-9483 - https://github.com/0ps/pocassistdb CVE-2020-9483 - https://github.com/ARPSyndicate/cvemon CVE-2020-9483 - https://github.com/ARPSyndicate/kenzer-templates @@ -36176,6 +39290,7 @@ CVE-2020-9483 - https://github.com/MeterianHQ/api-samples-python CVE-2020-9483 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-9483 - https://github.com/jweny/pocassistdb CVE-2020-9483 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-9483 - https://github.com/shanika04/apache_skywalking CVE-2020-9484 - https://github.com/0day666/Vulnerability-verification CVE-2020-9484 - https://github.com/0xT11/CVE-POC CVE-2020-9484 - https://github.com/404notf0und/CVE-Flow @@ -36184,14 +39299,17 @@ CVE-2020-9484 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-9484 - https://github.com/CnHack3r/Penetration_PoC CVE-2020-9484 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-9484 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet +CVE-2020-9484 - https://github.com/HxDDD/CVE-PoC CVE-2020-9484 - https://github.com/IdealDreamLast/CVE-2020-9484 CVE-2020-9484 - https://github.com/Kaizhe/attacker CVE-2020-9484 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2020-9484 - https://github.com/NetW0rK1le3r/awesome-hacking-lists CVE-2020-9484 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +CVE-2020-9484 - https://github.com/PenTestical/CVE-2020-9484 CVE-2020-9484 - https://github.com/SexyBeast233/SecBooks CVE-2020-9484 - https://github.com/Spacial/awesome-csirt CVE-2020-9484 - https://github.com/Xslover/CVE-2020-9484-Scanner +CVE-2020-9484 - https://github.com/Y4tacker/JavaSec CVE-2020-9484 - https://github.com/YIXINSHUWU/Penetration_Testing_POC CVE-2020-9484 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-9484 - https://github.com/anjai94/CVE-2020-9484-exploit @@ -36200,6 +39318,7 @@ CVE-2020-9484 - https://github.com/hasee2018/Penetration_Testing_POC CVE-2020-9484 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-9484 - https://github.com/huike007/penetration_poc CVE-2020-9484 - https://github.com/huike007/poc +CVE-2020-9484 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2020-9484 - https://github.com/masahiro331/CVE-2020-9484 CVE-2020-9484 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2020-9484 - https://github.com/mklmfane/betvictor @@ -36231,6 +39350,7 @@ CVE-2020-9490 - https://github.com/ARPSyndicate/kenzer-templates CVE-2020-9490 - https://github.com/Dheia/sc-main CVE-2020-9490 - https://github.com/Elsfa7-110/kenzer-templates CVE-2020-9490 - https://github.com/Solhack/Team_CSI_platform +CVE-2020-9490 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2020-9490 - https://github.com/vshaliii/Funbox2-rookie CVE-2020-9490 - https://github.com/vshaliii/Vegeta1-Vulhub-Walkthrough CVE-2020-9493 - https://github.com/apache/logging-log4j1 @@ -36243,6 +39363,7 @@ CVE-2020-9495 - https://github.com/ggolawski/CVE-2020-9495 CVE-2020-9495 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-9495 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-9496 - https://github.com/0xT11/CVE-POC +CVE-2020-9496 - https://github.com/0xaniketB/HackTheBox-Monitors CVE-2020-9496 - https://github.com/360quake/papers CVE-2020-9496 - https://github.com/ARPSyndicate/cvemon CVE-2020-9496 - https://github.com/ARPSyndicate/kenzer-templates @@ -36252,8 +39373,10 @@ CVE-2020-9496 - https://github.com/MrMeizhi/DriedMango CVE-2020-9496 - https://github.com/SexyBeast233/SecBooks CVE-2020-9496 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-9496 - https://github.com/amcai/myscan +CVE-2020-9496 - https://github.com/cyber-niz/CVE-2020-9496 CVE-2020-9496 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-9496 - https://github.com/dwisiswant0/CVE-2020-9496 +CVE-2020-9496 - https://github.com/g33xter/CVE-2020-9496 CVE-2020-9496 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-9496 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2020-9496 - https://github.com/nomi-sec/PoC-in-GitHub @@ -36265,6 +39388,7 @@ CVE-2020-9540 - https://github.com/DownWithUp/CVE-Stockpile CVE-2020-9546 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs CVE-2020-9546 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-9546 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2020-9546 - https://github.com/yahoo/cubed CVE-2020-9547 - https://github.com/0xT11/CVE-POC CVE-2020-9547 - https://github.com/ARPSyndicate/cvemon CVE-2020-9547 - https://github.com/CnHack3r/Penetration_PoC @@ -36283,6 +39407,7 @@ CVE-2020-9547 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-9547 - https://github.com/taielab/awesome-hacking-lists CVE-2020-9547 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-9547 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2020-9547 - https://github.com/yahoo/cubed CVE-2020-9547 - https://github.com/yedada-wei/- CVE-2020-9547 - https://github.com/yedada-wei/gongkaishouji CVE-2020-9548 - https://github.com/0xT11/CVE-POC @@ -36301,9 +39426,11 @@ CVE-2020-9548 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-9548 - https://github.com/qazbnm456/awesome-cve-poc CVE-2020-9548 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2020-9548 - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +CVE-2020-9548 - https://github.com/yahoo/cubed CVE-2020-9548 - https://github.com/yedada-wei/- CVE-2020-9548 - https://github.com/yedada-wei/gongkaishouji CVE-2020-9549 - https://github.com/carter-yagemann/ARCUS +CVE-2020-9714 - https://github.com/V0lk3n/OSMR-CheatSheet CVE-2020-9715 - https://github.com/ARPSyndicate/cvemon CVE-2020-9715 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-9715 - https://github.com/nomi-sec/PoC-in-GitHub @@ -36362,6 +39489,7 @@ CVE-2020-9768 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-9770 - https://github.com/Charmve/BLE-Security-Attack-Defence CVE-2020-9770 - https://github.com/WinMin/Protocol-Vul CVE-2020-9770 - https://github.com/engn33r/awesome-bluetooth-security +CVE-2020-9771 - https://github.com/amanszpapaya/MacPer CVE-2020-9771 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2020-9779 - https://github.com/didi/kemon CVE-2020-9781 - https://github.com/0xT11/CVE-POC @@ -36372,6 +39500,7 @@ CVE-2020-9781 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-9781 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-9784 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2020-9787 - https://github.com/houjingyi233/macOS-iOS-system-security +CVE-2020-9794 - https://github.com/dgardella/KCC CVE-2020-9794 - https://github.com/dispera/giant-squid CVE-2020-9794 - https://github.com/garethr/snykout CVE-2020-9801 - https://github.com/ARPSyndicate/cvemon @@ -36404,12 +39533,15 @@ CVE-2020-9929 - https://github.com/didi/kemon CVE-2020-9934 - https://github.com/0xT11/CVE-POC CVE-2020-9934 - https://github.com/ARPSyndicate/cvemon CVE-2020-9934 - https://github.com/Spacial/awesome-csirt +CVE-2020-9934 - https://github.com/V0lk3n/OSMR-CheatSheet CVE-2020-9934 - https://github.com/alphaSeclab/sec-daily-2020 CVE-2020-9934 - https://github.com/developer3000S/PoC-in-GitHub CVE-2020-9934 - https://github.com/hectorgie/PoC-in-GitHub CVE-2020-9934 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2020-9934 - https://github.com/mattshockl/CVE-2020-9934 CVE-2020-9934 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2020-9939 - https://github.com/V0lk3n/OSMR-CheatSheet +CVE-2020-9964 - https://github.com/0x36/oob_events CVE-2020-9964 - https://github.com/SexyBeast233/SecBooks CVE-2020-9964 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2020-9967 - https://github.com/SexyBeast233/SecBooks @@ -36421,6 +39553,7 @@ CVE-2020-9968 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2020-9971 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2020-9979 - https://github.com/ChiChou/sploits CVE-2020-9979 - https://github.com/houjingyi233/macOS-iOS-system-security +CVE-2020-9986 - https://github.com/T-jatesada/OpenHayStack CVE-2020-9986 - https://github.com/seemoo-lab/openhaystack CVE-2020-9991 - https://github.com/dispera/giant-squid CVE-2020-9992 - https://github.com/0xT11/CVE-POC @@ -36444,7 +39577,9 @@ CVE-2020-9992 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2020-9992 - https://github.com/phant0n/PENTESTING-BIBLE CVE-2020-9999 - https://github.com/tdcoming/CVE-2020-9999 CVE-2021-0000 - https://github.com/m-mizutani/octovy +CVE-2021-00001 - https://github.com/hamayanhamayan/all-suspicious-requests CVE-2021-0086 - https://github.com/vusec/fpvi-scsb +CVE-2021-0089 - https://github.com/JUSDJTIN/Speculative-Code-Store-Bypass-POC CVE-2021-0089 - https://github.com/vusec/fpvi-scsb CVE-2021-0144 - https://github.com/sh7alward/Nightmare- CVE-2021-0144 - https://github.com/song856854132/scrapy_CVE2021 @@ -36452,7 +39587,10 @@ CVE-2021-0157 - https://github.com/sh7alward/Nightmare- CVE-2021-0157 - https://github.com/song856854132/scrapy_CVE2021 CVE-2021-0158 - https://github.com/sh7alward/Nightmare- CVE-2021-0158 - https://github.com/song856854132/scrapy_CVE2021 +CVE-2021-0186 - https://github.com/cimcs/poc-exploits-of-smashex CVE-2021-0222 - https://github.com/elon996/gluttony +CVE-2021-0223 - https://github.com/r0eXpeR/supplier +CVE-2021-0256 - https://github.com/r0eXpeR/supplier CVE-2021-0301 - https://github.com/TinyNiko/android_bulletin_notes CVE-2021-0302 - https://github.com/TinyNiko/android_bulletin_notes CVE-2021-0303 - https://github.com/TinyNiko/android_bulletin_notes @@ -36466,6 +39604,7 @@ CVE-2021-0310 - https://github.com/TinyNiko/android_bulletin_notes CVE-2021-0311 - https://github.com/TinyNiko/android_bulletin_notes CVE-2021-0312 - https://github.com/TinyNiko/android_bulletin_notes CVE-2021-0313 - https://github.com/TinyNiko/android_bulletin_notes +CVE-2021-0313 - https://github.com/konstantin890/konstantin890 CVE-2021-0314 - https://github.com/TinyNiko/android_bulletin_notes CVE-2021-0315 - https://github.com/TinyNiko/android_bulletin_notes CVE-2021-0316 - https://github.com/TinyNiko/android_bulletin_notes @@ -36495,6 +39634,7 @@ CVE-2021-0338 - https://github.com/TinyNiko/android_bulletin_notes CVE-2021-0339 - https://github.com/TinyNiko/android_bulletin_notes CVE-2021-0340 - https://github.com/TinyNiko/android_bulletin_notes CVE-2021-0341 - https://github.com/TinyNiko/android_bulletin_notes +CVE-2021-036934 - https://github.com/mwarnerblu/GoHN CVE-2021-0390 - https://github.com/TinyNiko/android_bulletin_notes CVE-2021-0391 - https://github.com/TinyNiko/android_bulletin_notes CVE-2021-0392 - https://github.com/TinyNiko/android_bulletin_notes @@ -36507,22 +39647,29 @@ CVE-2021-0398 - https://github.com/TinyNiko/android_bulletin_notes CVE-2021-0399 - https://github.com/TinyNiko/android_bulletin_notes CVE-2021-0399 - https://github.com/xairy/linux-kernel-exploitation CVE-2021-0434 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-0485 - https://github.com/Ch0pin/CVE20210485 CVE-2021-0485 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups CVE-2021-0591 - https://github.com/wrlu/Vulnerabilities CVE-2021-0920 - https://github.com/enterprisemodules/vulnerability_demo CVE-2021-0928 - https://github.com/ARPSyndicate/cvemon CVE-2021-0928 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-0928 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-10086 - https://github.com/xiaoyun-1/CVE-2021-10086 CVE-2021-1048 - https://github.com/xairy/linux-kernel-exploitation CVE-2021-1056 - https://github.com/ARPSyndicate/cvemon CVE-2021-1056 - https://github.com/SexyBeast233/SecBooks CVE-2021-1056 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-1056 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-1056 - https://github.com/pokerfaceSad/CVE-2021-1056 +CVE-2021-1090 - https://github.com/0xf4b1/bsod-kernel-fuzzing +CVE-2021-1095 - https://github.com/0xf4b1/bsod-kernel-fuzzing +CVE-2021-1096 - https://github.com/0xf4b1/bsod-kernel-fuzzing CVE-2021-11123 - https://github.com/chenanu123/cve-2021-11123 CVE-2021-1347 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-1366 - https://github.com/r0eXpeR/supplier CVE-2021-1472 - https://github.com/ARPSyndicate/cvemon CVE-2021-1472 - https://github.com/Sohrabian/special-cyber-security-topic +CVE-2021-1472 - https://github.com/zmylml/yangzifun CVE-2021-1473 - https://github.com/ARPSyndicate/cvemon CVE-2021-1473 - https://github.com/Sohrabian/special-cyber-security-topic CVE-2021-1480 - https://github.com/xmco/sdwan-cve-2021-1480 @@ -36531,13 +39678,17 @@ CVE-2021-1497 - https://github.com/ARPSyndicate/cvemon CVE-2021-1497 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-1497 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-1497 - https://github.com/SexyBeast233/SecBooks +CVE-2021-1497 - https://github.com/tzwlhack/Vulnerability CVE-2021-1498 - https://github.com/ARPSyndicate/cvemon CVE-2021-1498 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-1498 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-1498 - https://github.com/tzwlhack/Vulnerability CVE-2021-1499 - https://github.com/ARPSyndicate/cvemon CVE-2021-1499 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-1499 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-1499 - https://github.com/SexyBeast233/SecBooks +CVE-2021-1499 - https://github.com/tzwlhack/Vulnerability +CVE-2021-1568 - https://github.com/r0eXpeR/supplier CVE-2021-1585 - https://github.com/ARPSyndicate/cvemon CVE-2021-1585 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-1585 - https://github.com/p1ay8y3ar/cve_monitor @@ -36558,55 +39709,120 @@ CVE-2021-1656 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-1656 - https://github.com/waleedassar/CVE-2021-1656 CVE-2021-1665 - https://github.com/googleprojectzero/winafl CVE-2021-1665 - https://github.com/hardik05/winafl-powermopt +CVE-2021-1675 - https://github.com/0x727/usefull-elevation-of-privilege +CVE-2021-1675 - https://github.com/0xffee/Layer2HackerDao CVE-2021-1675 - https://github.com/0xsyr0/OSCP +CVE-2021-1675 - https://github.com/3gstudent/Invoke-BuildAnonymousSMBServer +CVE-2021-1675 - https://github.com/4RG0S/2021-Summer-Some-Day-Exploit CVE-2021-1675 - https://github.com/ARPSyndicate/cvemon CVE-2021-1675 - https://github.com/AndrewTrube/CVE-2021-1675 CVE-2021-1675 - https://github.com/BOFs/CobaltStrike +CVE-2021-1675 - https://github.com/BeetleChunks/SpoolSploit +CVE-2021-1675 - https://github.com/CharlesTheGreat77/FreddyKrueger +CVE-2021-1675 - https://github.com/CnOxx1/CVE-2021-34527-1675 +CVE-2021-1675 - https://github.com/D3Ext/PentestDictionary +CVE-2021-1675 - https://github.com/DenizSe/CVE-2021-34527 +CVE-2021-1675 - https://github.com/Falcon712/Windows_Hardening_Project CVE-2021-1675 - https://github.com/H0j3n/EzpzCheatSheet CVE-2021-1675 - https://github.com/Iveco/xknow_infosec CVE-2021-1675 - https://github.com/Jean-Francois-C/Windows-Penetration-Testing +CVE-2021-1675 - https://github.com/JohnHammond/CVE-2021-34527 +CVE-2021-1675 - https://github.com/JumpsecLabs/PrintNightmare CVE-2021-1675 - https://github.com/LaresLLC/CVE-2021-1675 +CVE-2021-1675 - https://github.com/Leonidus0x10/CVE-2021-1675-SCANNER CVE-2021-1675 - https://github.com/Mikasazero/Cobalt-Strike CVE-2021-1675 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2021-1675 - https://github.com/NickSanzotta/zeroscan +CVE-2021-1675 - https://github.com/OppressionBreedsResistance/CVE-2021-1675-PrintNightmare CVE-2021-1675 - https://github.com/Qazeer/OffensivePythonPipeline +CVE-2021-1675 - https://github.com/RarW0lf/PrintNightmare-BB-Payload CVE-2021-1675 - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet CVE-2021-1675 - https://github.com/S3cur3Th1sSh1t/PowerSharpPack CVE-2021-1675 - https://github.com/S3cur3Th1sSh1t/WinPwn CVE-2021-1675 - https://github.com/SexyBeast233/SecBooks +CVE-2021-1675 - https://github.com/Steels03/PrintNightmare-Driver-Checker +CVE-2021-1675 - https://github.com/Tomparte/PrintNightmare +CVE-2021-1675 - https://github.com/VK9D/PrintNightmare +CVE-2021-1675 - https://github.com/WidespreadPandemic/CVE-2021-34527_ACL_mitigation +CVE-2021-1675 - https://github.com/Winter3un/CVE-2021-1675 +CVE-2021-1675 - https://github.com/Wra7h/SharpPN CVE-2021-1675 - https://github.com/YangSirrr/YangsirStudyPlan +CVE-2021-1675 - https://github.com/aatharvauti/AD CVE-2021-1675 - https://github.com/afinepl/research +CVE-2021-1675 - https://github.com/alvesnet-suporte/microsoft-vulnerabilidades CVE-2021-1675 - https://github.com/b4rtik/SharpKatz +CVE-2021-1675 - https://github.com/bartimus-primed/CVE-2021-1675-Yara CVE-2021-1675 - https://github.com/bhassani/Recent-CVE CVE-2021-1675 - https://github.com/binganao/vulns-2022 CVE-2021-1675 - https://github.com/boh/RedCsharp +CVE-2021-1675 - https://github.com/byt3bl33d3r/ItWasAllADream +CVE-2021-1675 - https://github.com/calebstewart/CVE-2021-1675 +CVE-2021-1675 - https://github.com/cfalta/MicrosoftWontFixList +CVE-2021-1675 - https://github.com/ciwen3/PNPT +CVE-2021-1675 - https://github.com/corelight/CVE-2021-1675 +CVE-2021-1675 - https://github.com/crtaylor315/PrintNightmare-Before-Halloween +CVE-2021-1675 - https://github.com/cube0x0/CVE-2021-1675 CVE-2021-1675 - https://github.com/cyberfreaq/configs +CVE-2021-1675 - https://github.com/cybersecurityworks553/CVE-2021-1675_PrintNightMare +CVE-2021-1675 - https://github.com/demilson/spoolsv CVE-2021-1675 - https://github.com/dxnboy/redteam +CVE-2021-1675 - https://github.com/edsonjt81/CVE-2021-1675 +CVE-2021-1675 - https://github.com/edsonjt81/SpoolSploit +CVE-2021-1675 - https://github.com/eng-amarante/CyberSecurity CVE-2021-1675 - https://github.com/evilashz/CVE-2021-1675-LPE-EXP +CVE-2021-1675 - https://github.com/exploitblizzard/PrintNightmare-CVE-2021-1675 +CVE-2021-1675 - https://github.com/galoget/PrintNightmare-CVE-2021-1675-CVE-2021-34527 +CVE-2021-1675 - https://github.com/gohrenberg/CVE-2021-1675-Mitigation-For-Systems-That-Need-Spooler CVE-2021-1675 - https://github.com/goldenscale/GS_GithubMirror +CVE-2021-1675 - https://github.com/gyaansastra/Print-Nightmare-LPE CVE-2021-1675 - https://github.com/hahaleyile/my-CVE-2021-1675 +CVE-2021-1675 - https://github.com/hlldz/CVE-2021-1675-LPE CVE-2021-1675 - https://github.com/huike007/penetration_poc +CVE-2021-1675 - https://github.com/initconf/cve-2021-1675-printnightmare CVE-2021-1675 - https://github.com/izj007/wechat CVE-2021-1675 - https://github.com/k8gege/CVE-2021-40444 CVE-2021-1675 - https://github.com/k8gege/cve-2021-1675 +CVE-2021-1675 - https://github.com/killtr0/CVE-2021-1675-PrintNightmare +CVE-2021-1675 - https://github.com/kondah/patch-cve-2021-1675 +CVE-2021-1675 - https://github.com/kougyokugentou/CVE-2021-1675 CVE-2021-1675 - https://github.com/lawrenceamer/0xsp-Mongoose CVE-2021-1675 - https://github.com/ly4k/PrintNightmare +CVE-2021-1675 - https://github.com/mayormaier/printnightmare-fixes CVE-2021-1675 - https://github.com/mdecrevoisier/EVTX-to-MITRE-Attack CVE-2021-1675 - https://github.com/mdecrevoisier/SIGMA-detection-rules CVE-2021-1675 - https://github.com/morkin1792/security-tests +CVE-2021-1675 - https://github.com/mrezqi/CVE-2021-1675_CarbonBlack_HuntingQuery CVE-2021-1675 - https://github.com/mstxq17/CVE-2021-1675_RDL_LPE CVE-2021-1675 - https://github.com/n1sh1th/CVE-POC +CVE-2021-1675 - https://github.com/naujpr/printnightmare +CVE-2021-1675 - https://github.com/nemo-wq/PrintNightmare-CVE-2021-34527 CVE-2021-1675 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-1675 - https://github.com/numanturle/PrintNightmare CVE-2021-1675 - https://github.com/outflanknl/PrintNightmare +CVE-2021-1675 - https://github.com/ozergoker/PrintNightmare CVE-2021-1675 - https://github.com/penetrarnya-tm/WeaponizeKali.sh +CVE-2021-1675 - https://github.com/ptter23/CVE-2021-1675 +CVE-2021-1675 - https://github.com/puckiestyle/CVE-2021-1675 CVE-2021-1675 - https://github.com/pwninx/WinPwn +CVE-2021-1675 - https://github.com/raithedavion/PrintNightmare +CVE-2021-1675 - https://github.com/real-acmkan/docker-printernightmare +CVE-2021-1675 - https://github.com/rnbochsr/atlas +CVE-2021-1675 - https://github.com/sailay1996/PrintNightmare-LPE +CVE-2021-1675 - https://github.com/saurav2shukla/vulnerabilitiesPoC +CVE-2021-1675 - https://github.com/sinfulz/JustGetDA CVE-2021-1675 - https://github.com/taielab/awesome-hacking-lists CVE-2021-1675 - https://github.com/tanarchytan/CVE-2021-1675 +CVE-2021-1675 - https://github.com/thalpius/Microsoft-CVE-2021-1675 +CVE-2021-1675 - https://github.com/thomasgeens/CVE-2021-1675 CVE-2021-1675 - https://github.com/uhub/awesome-c-sharp CVE-2021-1675 - https://github.com/vanhohen/ADNinja CVE-2021-1675 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-1675 - https://github.com/wsummerhill/CobaltStrike_RedTeam_CheatSheet +CVE-2021-1675 - https://github.com/xbufu/PrintNightmareCheck CVE-2021-1675 - https://github.com/yigitturak/Forensics +CVE-2021-1675 - https://github.com/yu2u/CVE-2021-1675 +CVE-2021-1675 - https://github.com/zeze-zeze/2021iThome +CVE-2021-1675 - https://github.com/zha0/Microsoft-CVE-2021-1675 CVE-2021-167534527 - https://github.com/izj007/wechat CVE-2021-1678 - https://github.com/bodik/awesome-potatoes CVE-2021-1698 - https://github.com/developer3000S/PoC-in-GitHub @@ -36625,6 +39841,7 @@ CVE-2021-1730 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-1732 - https://github.com/ARPSyndicate/cvemon CVE-2021-1732 - https://github.com/Al1ex/WindowsElevation CVE-2021-1732 - https://github.com/Ascotbe/Kernelhub +CVE-2021-1732 - https://github.com/BeneficialCode/CVE-2021-1732 CVE-2021-1732 - https://github.com/ClassBluer/Exploit_Tools CVE-2021-1732 - https://github.com/CyberMonitor/somethingweneed CVE-2021-1732 - https://github.com/David-Honisch/CVE-2022-21882 @@ -36657,16 +39874,21 @@ CVE-2021-1732 - https://github.com/paramint/windows-kernel-exploits CVE-2021-1732 - https://github.com/r1l4-i3pur1l4/CVE-2021-1732 CVE-2021-1732 - https://github.com/r1l4-i3pur1l4/CVE-2022-21882 CVE-2021-1732 - https://github.com/taielab/awesome-hacking-lists +CVE-2021-1732 - https://github.com/tzwlhack/Vulnerability CVE-2021-1732 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-1732 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2021-1732 - https://github.com/yisan1/hh CVE-2021-1740 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2021-1747 - https://github.com/houjingyi233/macOS-iOS-system-security +CVE-2021-1748 - https://github.com/ChiChou/mistune-patch-backport +CVE-2021-1748 - https://github.com/Ivanhoe76zzzz/itmsBlock CVE-2021-1748 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-1757 - https://github.com/b1n4r1b01/n-days CVE-2021-1757 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2021-1758 - https://github.com/houjingyi233/macOS-iOS-system-security +CVE-2021-1779 - https://github.com/V0lk3n/OSMR-CheatSheet CVE-2021-1782 - https://github.com/ARPSyndicate/cvemon +CVE-2021-1782 - https://github.com/H0aHuynh/LiRa CVE-2021-1782 - https://github.com/H0aHuynh/LiRa14 CVE-2021-1782 - https://github.com/ModernPwner/cicuta_virosa CVE-2021-1782 - https://github.com/Siguza/ios-resources @@ -36681,6 +39903,7 @@ CVE-2021-1786 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2021-1790 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2021-1791 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-1791 - https://github.com/pwn0rz/fairplay_research +CVE-2021-1791 - https://github.com/tzwlhack/Vulnerability CVE-2021-1801 - https://github.com/saeidshirazi/awesome-android-security CVE-2021-1810 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups CVE-2021-1815 - https://github.com/houjingyi233/macOS-iOS-system-security @@ -36714,6 +39937,7 @@ CVE-2021-1994 - https://github.com/ARPSyndicate/cvemon CVE-2021-1994 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-1994 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-1994 - https://github.com/somatrasss/weblogic2021 +CVE-2021-20016 - https://github.com/r0eXpeR/supplier CVE-2021-20031 - https://github.com/ARPSyndicate/cvemon CVE-2021-20031 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-20038 - https://github.com/ARPSyndicate/cvemon @@ -36755,10 +39979,12 @@ CVE-2021-2021 - https://github.com/ARPSyndicate/cvemon CVE-2021-2021 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-2021 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-2021 - https://github.com/r0ckysec/CVE-2021-21985 +CVE-2021-2021 - https://github.com/r0eXpeR/supplier CVE-2021-20217 - https://github.com/MegaManSec/privoxy CVE-2021-20225 - https://github.com/amzdev0401/shim-review-backup CVE-2021-20225 - https://github.com/bitraser/shim-review-15.4 CVE-2021-20225 - https://github.com/jason-chang-atrust/shim-review +CVE-2021-20225 - https://github.com/luojc123/shim-nsdl CVE-2021-20225 - https://github.com/neverware/shim-review CVE-2021-20225 - https://github.com/puzzleos/uefi-shim_review CVE-2021-20225 - https://github.com/rhboot/shim-review @@ -36767,15 +39993,21 @@ CVE-2021-20226 - https://github.com/joydo/CVE-Writeups CVE-2021-20226 - https://github.com/xairy/linux-kernel-exploitation CVE-2021-20231 - https://github.com/Azure/publish-security-assessments CVE-2021-20231 - https://github.com/GitHubForSnap/ssmtp-gael +CVE-2021-20231 - https://github.com/epequeno/devops-demo CVE-2021-20231 - https://github.com/onzack/trivy-multiscanner CVE-2021-20232 - https://github.com/GitHubForSnap/ssmtp-gael +CVE-2021-20232 - https://github.com/epequeno/devops-demo CVE-2021-20232 - https://github.com/onzack/trivy-multiscanner +CVE-2021-20233 - https://github.com/amzdev0401/shim-review-backup CVE-2021-20233 - https://github.com/bitraser/shim-review-15.4 CVE-2021-20233 - https://github.com/jason-chang-atrust/shim-review +CVE-2021-20233 - https://github.com/luojc123/shim-nsdl CVE-2021-20233 - https://github.com/neverware/shim-review CVE-2021-20233 - https://github.com/puzzleos/uefi-shim_review CVE-2021-20233 - https://github.com/rhboot/shim-review CVE-2021-20233 - https://github.com/vathpela/shim-review +CVE-2021-20268 - https://github.com/dylandreimerink/gobpfld +CVE-2021-20270 - https://github.com/asa1997/topgear_test CVE-2021-20272 - https://github.com/MegaManSec/privoxy CVE-2021-20273 - https://github.com/MegaManSec/privoxy CVE-2021-20274 - https://github.com/MegaManSec/privoxy @@ -36785,17 +40017,25 @@ CVE-2021-20277 - https://github.com/google/honggfuzz CVE-2021-20284 - https://github.com/fluidattacks/makes CVE-2021-20288 - https://github.com/vovashkil/cheatsheet-linux-misc CVE-2021-20291 - https://github.com/Metarget/awesome-cloud-native-security +CVE-2021-20291 - https://github.com/reni2study/Cloud-Native-Security2 +CVE-2021-20294 - https://github.com/fluidattacks/makes CVE-2021-20305 - https://github.com/GitHubForSnap/podcast-dl-gael CVE-2021-20332 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2021-20353 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2021-20353 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2021-20353 - https://github.com/r00t4dm/r00t4dm +CVE-2021-2037 - https://github.com/r0eXpeR/supplier CVE-2021-20453 - https://github.com/r00t4dm/r00t4dm CVE-2021-20454 - https://github.com/r00t4dm/r00t4dm CVE-2021-2047 - https://github.com/somatrasss/weblogic2021 +CVE-2021-20572 - https://github.com/STMCyber/CVEs +CVE-2021-20573 - https://github.com/STMCyber/CVEs +CVE-2021-20574 - https://github.com/STMCyber/CVEs CVE-2021-2064 - https://github.com/somatrasss/weblogic2021 +CVE-2021-20655 - https://github.com/r0eXpeR/supplier CVE-2021-20717 - https://github.com/ARPSyndicate/cvemon CVE-2021-20717 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-20717 - https://github.com/s-index/CVE-2021-20717 CVE-2021-20717 - https://github.com/s-index/poc-list CVE-2021-2075 - https://github.com/somatrasss/weblogic2021 CVE-2021-20792 - https://github.com/ARPSyndicate/cvemon @@ -36808,9 +40048,15 @@ CVE-2021-20814 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-20815 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-20837 - https://github.com/ARPSyndicate/cvemon CVE-2021-20837 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-20837 - https://github.com/Cosemz/CVE-2021-20837 +CVE-2021-20837 - https://github.com/byteofjoshua/CVE-2021-20837 +CVE-2021-20837 - https://github.com/ghost-nemesis/cve-2021-20837-poc CVE-2021-20837 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-20837 - https://github.com/ohnonoyesyes/CVE-2021-20837 CVE-2021-2086 - https://github.com/dlehgus1023/CVE +CVE-2021-2086 - https://github.com/dlehgus1023/VirtualBox_IO-Fuzz CVE-2021-2086 - https://github.com/dlehgus1023/dlehgus1023 +CVE-2021-2086 - https://github.com/erepspinos/CVE CVE-2021-21014 - https://github.com/ARPSyndicate/cvemon CVE-2021-21014 - https://github.com/HoangKien1020/CVE-2021-21014 CVE-2021-21014 - https://github.com/developer3000S/PoC-in-GitHub @@ -36818,17 +40064,20 @@ CVE-2021-21014 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-21017 - https://github.com/ARPSyndicate/cvemon CVE-2021-21017 - https://github.com/ZeusBox/CVE-2021-21017 CVE-2021-21017 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2021-21017 - https://github.com/dudacgf/ovr_convert CVE-2021-21017 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-21042 - https://github.com/ARPSyndicate/cvemon CVE-2021-21042 - https://github.com/NattiSamson/CVE-2021-21042 CVE-2021-21042 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-21042 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-21042 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-21042 - https://github.com/r1l4-i3pur1l4/CVE-2021-21042 CVE-2021-2108 - https://github.com/somatrasss/weblogic2021 CVE-2021-21086 - https://github.com/ARPSyndicate/cvemon CVE-2021-21086 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-21086 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-21087 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-21087 - https://github.com/tzwlhack/Vulnerability CVE-2021-2109 - https://github.com/ARPSyndicate/cvemon CVE-2021-2109 - https://github.com/Al1ex/CVE-2021-2109 CVE-2021-2109 - https://github.com/Astrogeorgeonethree/Starred @@ -36839,6 +40088,7 @@ CVE-2021-2109 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2021-2109 - https://github.com/SexyBeast233/SecBooks CVE-2021-2109 - https://github.com/Yang0615777/PocList CVE-2021-2109 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2021-2109 - https://github.com/dinosn/CVE-2021-2109 CVE-2021-2109 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups CVE-2021-2109 - https://github.com/huike007/penetration_poc CVE-2021-2109 - https://github.com/luck-ying/Library-POC @@ -36850,6 +40100,7 @@ CVE-2021-2109 - https://github.com/rabbitsafe/CVE-2021-2109 CVE-2021-2109 - https://github.com/somatrasss/weblogic2021 CVE-2021-2109 - https://github.com/superfish9/pt CVE-2021-2109 - https://github.com/tijldeneut/Security +CVE-2021-2109 - https://github.com/tzwlhack/Vulnerability CVE-2021-2109 - https://github.com/veo/vscan CVE-2021-2109 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-2109 - https://github.com/xiaoyaovo/2021SecWinterTask @@ -36858,10 +40109,13 @@ CVE-2021-21110 - https://github.com/ARPSyndicate/cvemon CVE-2021-21110 - https://github.com/Gh0st0ne/CVE-2021-21110 CVE-2021-21110 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-21110 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-21112 - https://github.com/StarCrossPortal/bug-hunting-101 +CVE-2021-21122 - https://github.com/StarCrossPortal/bug-hunting-101 CVE-2021-21123 - https://github.com/ARPSyndicate/cvemon CVE-2021-21123 - https://github.com/Puliczek/CVE-2021-21123-PoC-Google-Chrome CVE-2021-21123 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-21123 - https://github.com/taielab/awesome-hacking-lists +CVE-2021-21128 - https://github.com/StarCrossPortal/bug-hunting-101 CVE-2021-21129 - https://github.com/Puliczek/CVE-2021-21123-PoC-Google-Chrome CVE-2021-21130 - https://github.com/Puliczek/CVE-2021-21123-PoC-Google-Chrome CVE-2021-21131 - https://github.com/Puliczek/CVE-2021-21123-PoC-Google-Chrome @@ -36870,19 +40124,35 @@ CVE-2021-21148 - https://github.com/ARPSyndicate/cvemon CVE-2021-21148 - https://github.com/Grayhaxor/CVE-2021-21148 CVE-2021-21148 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-21148 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-21155 - https://github.com/StarCrossPortal/bug-hunting-101 +CVE-2021-21159 - https://github.com/StarCrossPortal/bug-hunting-101 CVE-2021-21172 - https://github.com/Puliczek/CVE-2021-21123-PoC-Google-Chrome +CVE-2021-21188 - https://github.com/StarCrossPortal/bug-hunting-101 CVE-2021-2119 - https://github.com/ARPSyndicate/cvemon CVE-2021-2119 - https://github.com/Sauercloud/RWCTF21-VirtualBox-61-escape CVE-2021-2119 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-21190 - https://github.com/StarCrossPortal/bug-hunting-101 +CVE-2021-21198 - https://github.com/StarCrossPortal/bug-hunting-101 +CVE-2021-21202 - https://github.com/StarCrossPortal/bug-hunting-101 +CVE-2021-21203 - https://github.com/StarCrossPortal/bug-hunting-101 +CVE-2021-21204 - https://github.com/StarCrossPortal/bug-hunting-101 +CVE-2021-21207 - https://github.com/StarCrossPortal/bug-hunting-101 CVE-2021-21210 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups CVE-2021-21220 - https://github.com/ARPSyndicate/cvemon CVE-2021-21220 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-21220 - https://github.com/security-dbg/CVE-2021-21220 +CVE-2021-21220 - https://github.com/tzwlhack/Vulnerability +CVE-2021-21223 - https://github.com/StarCrossPortal/bug-hunting-101 CVE-2021-21224 - https://github.com/0x2l/0x2l_v8_exp CVE-2021-21224 - https://github.com/ARPSyndicate/cvemon +CVE-2021-21224 - https://github.com/StarCrossPortal/bug-hunting-101 CVE-2021-21224 - https://github.com/avboy1337/1195777-chrome0day +CVE-2021-21224 - https://github.com/c3l3si4n/malicious_nuclei_templates CVE-2021-21224 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-21224 - https://github.com/ohnonoyesyes/CVE-2021-21224 CVE-2021-21224 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-21225 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups +CVE-2021-21226 - https://github.com/StarCrossPortal/bug-hunting-101 CVE-2021-21234 - https://github.com/ARPSyndicate/cvemon CVE-2021-21234 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-21234 - https://github.com/LoveCppp/LoveCppp @@ -36892,12 +40162,19 @@ CVE-2021-21234 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-21234 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-21234 - https://github.com/pyn3rd/Spring-Boot-Vulnerability CVE-2021-21234 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +CVE-2021-21234 - https://github.com/xiaojiangxl/CVE-2021-21234 CVE-2021-21235 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2021-21236 - https://github.com/doyensec/regexploit CVE-2021-2124 - https://github.com/jidoc01/jidoc-writeups CVE-2021-21240 - https://github.com/aquasecurity/trivy CVE-2021-21240 - https://github.com/doyensec/regexploit +CVE-2021-21240 - https://github.com/fhirfactory/pegacorn-scanner-trivy +CVE-2021-21240 - https://github.com/georgearce24/aquasecurity-trivy +CVE-2021-21240 - https://github.com/immydestiny/trivy-file +CVE-2021-21240 - https://github.com/justPray/1122 +CVE-2021-21240 - https://github.com/kaisenlinux/trivy CVE-2021-21242 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-21242 - https://github.com/tzwlhack/Vulnerability CVE-2021-21254 - https://github.com/engn33r/awesome-redos-security CVE-2021-21263 - https://github.com/iBotPeaches/ctf-2021 CVE-2021-21267 - https://github.com/engn33r/awesome-redos-security @@ -36909,6 +40186,8 @@ CVE-2021-21287 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-21287 - https://github.com/Firebasky/Go CVE-2021-21287 - https://github.com/Metarget/awesome-cloud-native-security CVE-2021-21287 - https://github.com/SexyBeast233/SecBooks +CVE-2021-21287 - https://github.com/reni2study/Cloud-Native-Security2 +CVE-2021-21287 - https://github.com/tzwlhack/Vulnerability CVE-2021-21292 - https://github.com/M507/Miner CVE-2021-21295 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-21297 - https://github.com/Lora-net/node-red-contrib-loracloud-utils @@ -36925,6 +40204,7 @@ CVE-2021-21300 - https://github.com/bollwarm/SecToolSet CVE-2021-21300 - https://github.com/danshuizhangyu/CVE-2021-21300 CVE-2021-21300 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-21300 - https://github.com/erranfenech/CVE-2021-21300 +CVE-2021-21300 - https://github.com/fengzhouc/CVE-2021-21300 CVE-2021-21300 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-21306 - https://github.com/engn33r/awesome-redos-security CVE-2021-21307 - https://github.com/ARPSyndicate/cvemon @@ -36935,28 +40215,39 @@ CVE-2021-21311 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-21311 - https://github.com/bpsizemore/RedKing CVE-2021-21311 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-21311 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-21311 - https://github.com/tzwlhack/Vulnerability CVE-2021-21315 - https://github.com/ARPSyndicate/cvemon CVE-2021-21315 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-21315 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-21315 - https://github.com/Elsfa7-110/kenzer-templates CVE-2021-21315 - https://github.com/FB-Sec/exploits CVE-2021-21315 - https://github.com/ForbiddenProgrammer/CVE-2021-21315-PoC +CVE-2021-21315 - https://github.com/Ki11i0n4ir3/CVE-2021-21315 +CVE-2021-21315 - https://github.com/MazX0p/CVE-2021-21315-exploit CVE-2021-21315 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2021-21315 - https://github.com/SexyBeast233/SecBooks +CVE-2021-21315 - https://github.com/alikarimi999/CVE-2021-21315 CVE-2021-21315 - https://github.com/bigblackhat/oFx CVE-2021-21315 - https://github.com/cherrera0001/CVE-2021-21315v2 CVE-2021-21315 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2021-21315 - https://github.com/errorecho/CVEs-Collection CVE-2021-21315 - https://github.com/huike007/penetration_poc +CVE-2021-21315 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2021-21315 - https://github.com/n1sh1th/CVE-POC CVE-2021-21315 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-21315 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-21315 - https://github.com/taielab/awesome-hacking-lists +CVE-2021-21315 - https://github.com/thelostvoice/global-takeover +CVE-2021-21315 - https://github.com/thelostvoice/inept-us-military +CVE-2021-21315 - https://github.com/tzwlhack/Vulnerability CVE-2021-21315 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +CVE-2021-21315 - https://github.com/xMohamed0/CVE-2021-21315-POC CVE-2021-21317 - https://github.com/engn33r/awesome-redos-security CVE-2021-21317 - https://github.com/yetingli/PoCs CVE-2021-21330 - https://github.com/Bratah123/PolyBot CVE-2021-21330 - https://github.com/KOOKIIEStudios/Max_Feeder CVE-2021-21330 - https://github.com/TEAM-SPIRIT-Productions/Lapis +CVE-2021-21334 - https://github.com/joemcmanus/threatstackReport CVE-2021-21341 - https://github.com/ARPSyndicate/cvemon CVE-2021-21341 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-21341 - https://github.com/s-index/CVE-2021-21341 @@ -36966,6 +40257,7 @@ CVE-2021-21342 - https://github.com/x-poc/xstream-poc CVE-2021-21343 - https://github.com/x-poc/xstream-poc CVE-2021-21344 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-21344 - https://github.com/fynch3r/Gadgets +CVE-2021-21344 - https://github.com/tzwlhack/Vulnerability CVE-2021-21344 - https://github.com/x-poc/xstream-poc CVE-2021-21345 - https://github.com/fynch3r/Gadgets CVE-2021-21345 - https://github.com/x-poc/xstream-poc @@ -36980,11 +40272,13 @@ CVE-2021-21349 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-21349 - https://github.com/s-index/CVE-2021-21349 CVE-2021-21349 - https://github.com/s-index/poc-list CVE-2021-21349 - https://github.com/x-poc/xstream-poc +CVE-2021-2135 - https://github.com/R17a-17/JavaVulnSummary CVE-2021-2135 - https://github.com/SexyBeast233/SecBooks CVE-2021-21350 - https://github.com/0730Nophone/E-cology-WorkflowServiceXml- CVE-2021-21350 - https://github.com/fynch3r/Gadgets CVE-2021-21350 - https://github.com/x-poc/xstream-poc CVE-2021-21351 - https://github.com/ARPSyndicate/cvemon +CVE-2021-21351 - https://github.com/asa1997/topgear_test CVE-2021-21351 - https://github.com/fynch3r/Gadgets CVE-2021-21351 - https://github.com/wh1t3p1g/tabby CVE-2021-21351 - https://github.com/x-poc/xstream-poc @@ -37007,14 +40301,19 @@ CVE-2021-21402 - https://github.com/bigblackhat/oFx CVE-2021-21402 - https://github.com/givemefivw/CVE-2021-21402 CVE-2021-21402 - https://github.com/gkhan496/WDIR CVE-2021-21402 - https://github.com/jiaocoll/CVE-2021-21402-Jellyfin +CVE-2021-21402 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2021-21402 - https://github.com/ltfafei/my_POC CVE-2021-21402 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-21402 - https://github.com/somatrasss/CVE-2021-21402 +CVE-2021-21402 - https://github.com/tzwlhack/Vulnerability CVE-2021-21404 - https://github.com/sustsoft/syncthing-broad CVE-2021-21409 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-21425 - https://github.com/ARPSyndicate/cvemon +CVE-2021-21425 - https://github.com/CsEnox/CVE-2021-21425 CVE-2021-21425 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-21425 - https://github.com/gkhan496/WDIR CVE-2021-21425 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-21425 - https://github.com/tzwlhack/Vulnerability CVE-2021-21474 - https://github.com/martingalloar/martingalloar CVE-2021-21479 - https://github.com/ARPSyndicate/cvemon CVE-2021-21479 - https://github.com/ARPSyndicate/kenzer-templates @@ -37023,21 +40322,26 @@ CVE-2021-21514 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-21514 - https://github.com/RhinoSecurityLabs/CVEs CVE-2021-21514 - https://github.com/SexyBeast233/SecBooks CVE-2021-21514 - https://github.com/sunzu94/AWS-CVEs +CVE-2021-21514 - https://github.com/tzwlhack/Vulnerability CVE-2021-21551 - https://github.com/ARPSyndicate/cvemon CVE-2021-21551 - https://github.com/Ascotbe/Kernelhub CVE-2021-21551 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-21551 - https://github.com/Kinsiinoo/PoshDellDBUtil CVE-2021-21551 - https://github.com/Purp1eW0lf/Blue-Team-Notes CVE-2021-21551 - https://github.com/SyncroScripting/Artichoke_Consulting CVE-2021-21551 - https://github.com/arnaudluti/PS-CVE-2021-21551 +CVE-2021-21551 - https://github.com/ashburndev/aws-sdk-s3-myapp CVE-2021-21551 - https://github.com/ch3rn0byl/CVE-2021-21551 CVE-2021-21551 - https://github.com/fsctcommunity/Policies CVE-2021-21551 - https://github.com/hfiref0x/KDU +CVE-2021-21551 - https://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551 CVE-2021-21551 - https://github.com/jbaines-r7/dellicious CVE-2021-21551 - https://github.com/mathisvickie/CVE-2021-21551 CVE-2021-21551 - https://github.com/mathisvickie/KMAC CVE-2021-21551 - https://github.com/mzakocs/CVE-2021-21551-POC CVE-2021-21551 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-21551 - https://github.com/taielab/awesome-hacking-lists +CVE-2021-21551 - https://github.com/tzwlhack/Vulnerability CVE-2021-21551 - https://github.com/waldo-irc/CVE-2021-21551 CVE-2021-21551 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2021-21558 - https://github.com/afinepl/research @@ -37048,6 +40352,8 @@ CVE-2021-21571 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-21572 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-21573 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-21574 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-21677 - https://github.com/R17a-17/JavaVulnSummary +CVE-2021-21680 - https://github.com/R17a-17/JavaVulnSummary CVE-2021-21707 - https://github.com/lightswitch05/php-version-audit CVE-2021-21729 - https://github.com/Zeyad-Azima/Zeyad-Azima CVE-2021-2173 - https://github.com/ARPSyndicate/cvemon @@ -37093,11 +40399,13 @@ CVE-2021-21972 - https://github.com/Udyz/CVE-2021-21972 CVE-2021-21972 - https://github.com/Whitehorse-rainbow/-Infiltration-summary CVE-2021-21972 - https://github.com/bhassani/Recent-CVE CVE-2021-21972 - https://github.com/bhdresh/SnortRules +CVE-2021-21972 - https://github.com/byteofjoshua/CVE-2021-21972 CVE-2021-21972 - https://github.com/conjojo/VMware_vCenter_UNAuthorized_RCE_CVE-2021-21972 CVE-2021-21972 - https://github.com/d3sh1n/cve-2021-21972 CVE-2021-21972 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-21972 - https://github.com/githubfoam/ubuntu_sandbox CVE-2021-21972 - https://github.com/gobysec/Goby +CVE-2021-21972 - https://github.com/haiclover/CVE-2021-21972 CVE-2021-21972 - https://github.com/halencarjunior/vcenter-rce-2021-21972 CVE-2021-21972 - https://github.com/horizon3ai/CVE-2021-21972 CVE-2021-21972 - https://github.com/huike007/penetration_poc @@ -37105,6 +40413,7 @@ CVE-2021-21972 - https://github.com/itscio/LadonGo CVE-2021-21972 - https://github.com/joanbono/nuclei-templates CVE-2021-21972 - https://github.com/jweny/pocassistdb CVE-2021-21972 - https://github.com/k8gege/LadonGo +CVE-2021-21972 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2021-21972 - https://github.com/mdisec/mdisec-twitch-yayinlari CVE-2021-21972 - https://github.com/milo2012/CVE-2021-21972 CVE-2021-21972 - https://github.com/mstxq17/SecurityArticleLogger @@ -37115,12 +40424,15 @@ CVE-2021-21972 - https://github.com/password520/CVE-2021-21972 CVE-2021-21972 - https://github.com/password520/LadonGo CVE-2021-21972 - https://github.com/pettyhacks/vSphereyeeter CVE-2021-21972 - https://github.com/psc4re/NSE-scripts +CVE-2021-21972 - https://github.com/r0eXpeR/supplier CVE-2021-21972 - https://github.com/renini/CVE-2021-21972 CVE-2021-21972 - https://github.com/robwillisinfo/VMware_vCenter_CVE-2021-21972 CVE-2021-21972 - https://github.com/saucer-man/exploit CVE-2021-21972 - https://github.com/stevenp322/cve-2021-21972 CVE-2021-21972 - https://github.com/tijldeneut/Security CVE-2021-21972 - https://github.com/tom0li/collection-document +CVE-2021-21972 - https://github.com/tzwlhack/Vulnerability +CVE-2021-21972 - https://github.com/viksafe/Get-vSphereVersion CVE-2021-21972 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-21972 - https://github.com/yaunsky/CVE-2021-21972 CVE-2021-21972 - https://github.com/zhzyker/vulmap @@ -37129,10 +40441,12 @@ CVE-2021-21973 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-21973 - https://github.com/DaveCrown/vmware-kb82374 CVE-2021-21973 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-21973 - https://github.com/SexyBeast233/SecBooks +CVE-2021-21973 - https://github.com/byteofjoshua/CVE-2021-21972 CVE-2021-21973 - https://github.com/freakanonymous/CVE-2021-21973-Automateme CVE-2021-21973 - https://github.com/murataydemir/CVE-2021-21972 CVE-2021-21973 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-21973 - https://github.com/psc4re/NSE-scripts +CVE-2021-21973 - https://github.com/tzwlhack/Vulnerability CVE-2021-21974 - https://github.com/ARPSyndicate/cvemon CVE-2021-21974 - https://github.com/Shadow0ps/CVE-2021-21974 CVE-2021-21974 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups @@ -37152,6 +40466,7 @@ CVE-2021-21975 - https://github.com/King-Sign/King-Sign CVE-2021-21975 - https://github.com/SexyBeast233/SecBooks CVE-2021-21975 - https://github.com/SouthWind0/southwind0.github.io CVE-2021-21975 - https://github.com/TheTh1nk3r/exp_hub +CVE-2021-21975 - https://github.com/Timirepo/CVE_Exploits CVE-2021-21975 - https://github.com/Vulnmachines/VMWare-CVE-2021-21975 CVE-2021-21975 - https://github.com/bigblackhat/oFx CVE-2021-21975 - https://github.com/dorkerdevil/CVE-2021-21975 @@ -37161,7 +40476,9 @@ CVE-2021-21975 - https://github.com/luck-ying/Library-POC CVE-2021-21975 - https://github.com/murataydemir/CVE-2021-21975 CVE-2021-21975 - https://github.com/n1sh1th/CVE-POC CVE-2021-21975 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-21975 - https://github.com/r0eXpeR/supplier CVE-2021-21975 - https://github.com/rabidwh0re/REALITY_SMASHER +CVE-2021-21975 - https://github.com/tzwlhack/Vulnerability CVE-2021-21975 - https://github.com/zhzyker/vulmap CVE-2021-21978 - https://github.com/ARPSyndicate/cvemon CVE-2021-21978 - https://github.com/ARPSyndicate/kenzer-templates @@ -37180,8 +40497,10 @@ CVE-2021-21978 - https://github.com/me1ons/CVE-2021-21978 CVE-2021-21978 - https://github.com/n1sh1th/CVE-POC CVE-2021-21978 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-21978 - https://github.com/skytina/CVE-2021-21978 +CVE-2021-21978 - https://github.com/tzwlhack/Vulnerability CVE-2021-21978 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-21979 - https://github.com/ssst0n3/my_vulnerabilities +CVE-2021-21979 - https://github.com/ssst0n3/ssst0n3 CVE-2021-21980 - https://github.com/ARPSyndicate/cvemon CVE-2021-21980 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-21980 - https://github.com/p1ay8y3ar/cve_monitor @@ -37197,27 +40516,49 @@ CVE-2021-21985 - https://github.com/HynekPetrak/HynekPetrak CVE-2021-21985 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2021-21985 - https://github.com/SexyBeast233/SecBooks CVE-2021-21985 - https://github.com/Spacial/awesome-csirt +CVE-2021-21985 - https://github.com/aristosMiliaressis/CVE-2021-21985 +CVE-2021-21985 - https://github.com/bigbroke/CVE-2021-21985 CVE-2021-21985 - https://github.com/brandonshiyay/My-Security-Learning-Resources CVE-2021-21985 - https://github.com/daedalus/CVE-2021-21985 CVE-2021-21985 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups +CVE-2021-21985 - https://github.com/haiclover/CVE-2021-21985 CVE-2021-21985 - https://github.com/joydo/CVE-Writeups +CVE-2021-21985 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2021-21985 - https://github.com/mauricelambert/CVE-2021-21985 CVE-2021-21985 - https://github.com/n1sh1th/CVE-POC CVE-2021-21985 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-21985 - https://github.com/onSec-fr/CVE-2021-21985-Checker CVE-2021-21985 - https://github.com/r0ckysec/CVE-2021-21985 +CVE-2021-21985 - https://github.com/r0eXpeR/supplier +CVE-2021-21985 - https://github.com/sknux/CVE-2021-21985_PoC CVE-2021-21985 - https://github.com/testanull/Project_CVE-2021-21985_PoC CVE-2021-21985 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-21985 - https://github.com/xnianq/cve-2021-21985_exp CVE-2021-21986 - https://github.com/DaveCrown/vmware-kb82374 CVE-2021-21991 - https://github.com/HynekPetrak/HynekPetrak CVE-2021-21993 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-22005 - https://github.com/1ZRR4H/CVE-2021-22005 +CVE-2021-22005 - https://github.com/5gstudent/CVE-2021-22005- CVE-2021-22005 - https://github.com/ARPSyndicate/cvemon CVE-2021-22005 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-22005 - https://github.com/CHYbeta/Vuln100Topics20 +CVE-2021-22005 - https://github.com/FDlucifer/firece-fish +CVE-2021-22005 - https://github.com/Jun-5heng/CVE-2021-22005 CVE-2021-22005 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-22005 - https://github.com/RedTeamExp/CVE-2021-22005_PoC +CVE-2021-22005 - https://github.com/TaroballzChen/CVE-2021-22005-metasploit CVE-2021-22005 - https://github.com/TheTh1nk3r/exp_hub +CVE-2021-22005 - https://github.com/TiagoSergio/CVE-2021-22005 +CVE-2021-22005 - https://github.com/Timirepo/CVE_Exploits +CVE-2021-22005 - https://github.com/X1pe0/VMWare-CVE-Check CVE-2021-22005 - https://github.com/hanc00l/some_pocsuite +CVE-2021-22005 - https://github.com/nday-ldgz/ZoomEye-dork CVE-2021-22005 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-22005 - https://github.com/pisut4152/Sigma-Rule-for-CVE-2021-22005-scanning-activity +CVE-2021-22005 - https://github.com/r0ckysec/CVE-2021-22005 +CVE-2021-22005 - https://github.com/r0eXpeR/supplier +CVE-2021-22005 - https://github.com/rwincey/CVE-2021-22005 +CVE-2021-22005 - https://github.com/viksafe/Get-vSphereVersion CVE-2021-22005 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-22015 - https://github.com/PenteraIO/vScalation-CVE-2021-22015 CVE-2021-22015 - https://github.com/cloudbyteelias/CVE-2021-41773 @@ -37227,6 +40568,8 @@ CVE-2021-2205 - https://github.com/Al1ex/CVE-2021-22205 CVE-2021-2205 - https://github.com/devdanqtuan/CVE-2021-22205 CVE-2021-22053 - https://github.com/ARPSyndicate/cvemon CVE-2021-22053 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-22053 - https://github.com/SecCoder-Security-Lab/spring-cloud-netflix-hystrix-dashboard-cve-2021-22053 +CVE-2021-22053 - https://github.com/Vulnmachines/CVE-2021-22053 CVE-2021-22053 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-22053 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-22056 - https://github.com/pen4uin/vulnerability-lab @@ -37236,6 +40579,7 @@ CVE-2021-22097 - https://github.com/r00t4dm/r00t4dm CVE-2021-2211 - https://github.com/r00t4dm/r00t4dm CVE-2021-22112 - https://github.com/auth0/auth0-spring-security-api CVE-2021-22119 - https://github.com/ARPSyndicate/cvemon +CVE-2021-22119 - https://github.com/mari6274/oauth-client-exploit CVE-2021-22119 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-22119 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-22122 - https://github.com/ARPSyndicate/cvemon @@ -37243,70 +40587,129 @@ CVE-2021-22122 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-22122 - https://github.com/Elsfa7-110/kenzer-templates CVE-2021-22122 - https://github.com/sobinge/nuclei-templates CVE-2021-22123 - https://github.com/murataydemir/CVE-2021-22123 +CVE-2021-22123 - https://github.com/r0eXpeR/supplier CVE-2021-22145 - https://github.com/ARPSyndicate/cvemon CVE-2021-22145 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-22146 - https://github.com/errorecho/CVEs-Collection +CVE-2021-22146 - https://github.com/magichk/cve-2021-22146 CVE-2021-22175 - https://github.com/vin01/CVEs CVE-2021-22176 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-22176 - https://github.com/SexyBeast233/SecBooks +CVE-2021-22176 - https://github.com/tzwlhack/Vulnerability CVE-2021-22178 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-22178 - https://github.com/SexyBeast233/SecBooks +CVE-2021-22178 - https://github.com/tzwlhack/Vulnerability +CVE-2021-22181 - https://github.com/righel/gitlab-version-nse CVE-2021-22188 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-22188 - https://github.com/SexyBeast233/SecBooks +CVE-2021-22188 - https://github.com/tzwlhack/Vulnerability CVE-2021-22192 - https://github.com/ARPSyndicate/cvemon CVE-2021-22192 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-22192 - https://github.com/PetrusViet/Gitlab-RCE CVE-2021-22192 - https://github.com/lyy289065406/CVE-2021-22192 CVE-2021-22192 - https://github.com/lyy289065406/lyy289065406 CVE-2021-22192 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-22192 - https://github.com/tzwlhack/Vulnerability CVE-2021-22201 - https://github.com/ARPSyndicate/cvemon CVE-2021-22201 - https://github.com/exp1orer/CVE-2021-22201 CVE-2021-22201 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-22204 - https://github.com/0xsyr0/OSCP CVE-2021-22204 - https://github.com/ARPSyndicate/cvemon +CVE-2021-22204 - https://github.com/Al1ex/CVE-2021-22205 +CVE-2021-22204 - https://github.com/AssassinUKG/CVE-2021-22204 CVE-2021-22204 - https://github.com/CsEnox/Gitlab-Exiftool-RCE CVE-2021-22204 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-22204 - https://github.com/Konstantinos-Papanagnou/CMSpit +CVE-2021-22204 - https://github.com/PenTestical/CVE-2021-22204 CVE-2021-22204 - https://github.com/SexyBeast233/SecBooks CVE-2021-22204 - https://github.com/bilkoh/POC-CVE-2021-22204 CVE-2021-22204 - https://github.com/binganao/vulns-2022 CVE-2021-22204 - https://github.com/convisolabs/CVE-2021-22204-exiftool +CVE-2021-22204 - https://github.com/devdanqtuan/CVE-2021-22205 CVE-2021-22204 - https://github.com/gkhan496/WDIR CVE-2021-22204 - https://github.com/harsh-bothra/learn365 CVE-2021-22204 - https://github.com/hongson97/ctf-challenges +CVE-2021-22204 - https://github.com/htrgouvea/research CVE-2021-22204 - https://github.com/mr-r3bot/Gitlab-CVE-2021-22205 CVE-2021-22204 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-22204 - https://github.com/oneoy/Gitlab-Exiftool-RCE +CVE-2021-22204 - https://github.com/ph-arm/CVE-2021-22204-Gitlab +CVE-2021-22204 - https://github.com/pizza-power/Golang-CVE-2021-22205-POC +CVE-2021-22204 - https://github.com/runsel/GitLab-CVE-2021-22205- CVE-2021-22204 - https://github.com/se162xg/CVE-2021-22204 CVE-2021-22204 - https://github.com/star-sg/CVE CVE-2021-22204 - https://github.com/szTheory/exifcleaner CVE-2021-22204 - https://github.com/trganda/CVE-2021-22204 +CVE-2021-22204 - https://github.com/tzwlhack/Vulnerability +CVE-2021-22205 - https://github.com/0x0021h/expbox CVE-2021-22205 - https://github.com/ARPSyndicate/cvemon CVE-2021-22205 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-22205 - https://github.com/AkBanner/CVE-2021-22205 +CVE-2021-22205 - https://github.com/Al1ex/CVE-2021-22205 +CVE-2021-22205 - https://github.com/DIVD-NL/GitLab-cve-2021-22205-nse +CVE-2021-22205 - https://github.com/FDlucifer/firece-fish CVE-2021-22205 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-22205 - https://github.com/Qclover/Gitlab_RCE_CVE_2021_22205 +CVE-2021-22205 - https://github.com/Seals6/CVE-2021-22205 CVE-2021-22205 - https://github.com/SexyBeast233/SecBooks +CVE-2021-22205 - https://github.com/X1pe0/Automated-Gitlab-RCE +CVE-2021-22205 - https://github.com/XTeam-Wing/CVE-2021-22205 +CVE-2021-22205 - https://github.com/ahmad4fifz/CVE-2021-22205 +CVE-2021-22205 - https://github.com/antx-code/CVE-2021-22205 +CVE-2021-22205 - https://github.com/c0okB/CVE-2021-22205 +CVE-2021-22205 - https://github.com/devdanqtuan/CVE-2021-22205 +CVE-2021-22205 - https://github.com/faisalfs10x/GitLab-CVE-2021-22205-scanner +CVE-2021-22205 - https://github.com/findneo/GitLab-preauth-RCE_CVE-2021-22205 CVE-2021-22205 - https://github.com/hanc00l/some_pocsuite +CVE-2021-22205 - https://github.com/hh-hunter/cve-2021-22205 +CVE-2021-22205 - https://github.com/inspiringz/CVE-2021-22205 +CVE-2021-22205 - https://github.com/jas502n/GitlabVer +CVE-2021-22205 - https://github.com/jusk9527/GobyPoc CVE-2021-22205 - https://github.com/mr-r3bot/Gitlab-CVE-2021-22205 CVE-2021-22205 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-22205 - https://github.com/pizza-power/Golang-CVE-2021-22205-POC +CVE-2021-22205 - https://github.com/r0eXpeR/CVE-2021-22205 +CVE-2021-22205 - https://github.com/runsel/GitLab-CVE-2021-22205- +CVE-2021-22205 - https://github.com/sanqiushu-ns/POC-scan +CVE-2021-22205 - https://github.com/shang159/CVE-2021-22205-getshell CVE-2021-22205 - https://github.com/superfish9/pt +CVE-2021-22205 - https://github.com/whwlsfb/CVE-2021-22205 CVE-2021-22205 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-22205 - https://github.com/woods-sega/woodswiki +CVE-2021-22213 - https://github.com/righel/gitlab-version-nse CVE-2021-22214 - https://github.com/ARPSyndicate/cvemon CVE-2021-22214 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-22214 - https://github.com/SexyBeast233/SecBooks +CVE-2021-22214 - https://github.com/Vulnmachines/gitlab-cve-2021-22214 CVE-2021-22214 - https://github.com/YuraveON/YuraveON +CVE-2021-22214 - https://github.com/antx-code/CVE-2021-22214 CVE-2021-22214 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-22214 - https://github.com/r0ckysec/CVE-2021-22214 +CVE-2021-22214 - https://github.com/righel/gitlab-version-nse CVE-2021-22214 - https://github.com/vin01/CVEs +CVE-2021-2226 - https://github.com/ycamper/censys-scripts CVE-2021-22502 - https://github.com/ARPSyndicate/cvemon CVE-2021-22555 - https://github.com/ARPSyndicate/cvemon CVE-2021-22555 - https://github.com/Al1ex/LinuxEelvation +CVE-2021-22555 - https://github.com/ChoKyuWon/exploit_articles +CVE-2021-22555 - https://github.com/EGI-Federation/SVG-advisories +CVE-2021-22555 - https://github.com/JoneyJunior/cve-2021-22555 CVE-2021-22555 - https://github.com/Metarget/awesome-cloud-native-security CVE-2021-22555 - https://github.com/Metarget/metarget CVE-2021-22555 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-22555 - https://github.com/YunDingLab/struct_sanitizer CVE-2021-22555 - https://github.com/bcoles/kasld CVE-2021-22555 - https://github.com/bcoles/kernel-exploits CVE-2021-22555 - https://github.com/bsauce/kernel-exploit-factory CVE-2021-22555 - https://github.com/bsauce/kernel-security-learning +CVE-2021-22555 - https://github.com/cgwalters/container-cve-2021-22555 +CVE-2021-22555 - https://github.com/cpuu/LinuxKernelCVE +CVE-2021-22555 - https://github.com/ctrsploit/ctrsploit +CVE-2021-22555 - https://github.com/daletoniris/CVE-2021-22555-esc-priv CVE-2021-22555 - https://github.com/huike007/penetration_poc CVE-2021-22555 - https://github.com/joydo/CVE-Writeups +CVE-2021-22555 - https://github.com/reni2study/Cloud-Native-Security2 +CVE-2021-22555 - https://github.com/ssst0n3/ctrsploit_archived CVE-2021-22555 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-22555 - https://github.com/xairy/linux-kernel-exploitation CVE-2021-22569 - https://github.com/ARPSyndicate/cvemon @@ -37329,18 +40732,25 @@ CVE-2021-22893 - https://github.com/ARPSyndicate/cvemon CVE-2021-22893 - https://github.com/Mad-robot/CVE-2021-22893 CVE-2021-22893 - https://github.com/ZephrFish/CVE-2021-22893_HoneyPoC2 CVE-2021-22893 - https://github.com/bhassani/Recent-CVE +CVE-2021-22893 - https://github.com/byteofjoshua/CVE-2021-22893 CVE-2021-22893 - https://github.com/jipegit/IncidentsMindMaps +CVE-2021-22893 - https://github.com/mnatkin-splunk/pulse_connect_secure-splunk-csvs CVE-2021-22893 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-22893 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-22893 - https://github.com/r0eXpeR/supplier CVE-2021-22897 - https://github.com/falk-werner/cve-check CVE-2021-22898 - https://github.com/GitHubForSnap/podcast-dl-gael +CVE-2021-22898 - https://github.com/devopstales/trivy-operator CVE-2021-22898 - https://github.com/falk-werner/cve-check CVE-2021-22901 - https://github.com/falk-werner/cve-check CVE-2021-22909 - https://github.com/redeltaglio/ubiquiti-configurator CVE-2021-22911 - https://github.com/ARPSyndicate/cvemon CVE-2021-22911 - https://github.com/CsEnox/CVE-2021-22911 +CVE-2021-22911 - https://github.com/jayngng/CVE-2021-22911 CVE-2021-22911 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-22911 - https://github.com/optionalCTF/Rocket.Chat-Automated-Account-Takeover-RCE-CVE-2021-22911 CVE-2021-22918 - https://github.com/GitHubForSnap/knot-resolver-gael +CVE-2021-22922 - https://github.com/Sudrien/metalink4-ruby CVE-2021-22922 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-22924 - https://github.com/GitHubForSnap/podcast-dl-gael CVE-2021-22924 - https://github.com/p1ay8y3ar/cve_monitor @@ -37348,11 +40758,19 @@ CVE-2021-22925 - https://github.com/GitHubForSnap/podcast-dl-gael CVE-2021-22926 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-2294 - https://github.com/r00t4dm/r00t4dm CVE-2021-22941 - https://github.com/ARPSyndicate/cvemon +CVE-2021-22941 - https://github.com/hoavt184/CVE-2021-22941 CVE-2021-22941 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-22941 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-22941 - https://github.com/r0eXpeR/supplier CVE-2021-22945 - https://github.com/GitHubForSnap/podcast-dl-gael +CVE-2021-22945 - https://github.com/devopstales/trivy-operator CVE-2021-22946 - https://github.com/GitHubForSnap/podcast-dl-gael +CVE-2021-22946 - https://github.com/devopstales/trivy-operator +CVE-2021-22946 - https://github.com/hetmehtaa/bug-bounty-noob CVE-2021-22947 - https://github.com/GitHubForSnap/podcast-dl-gael +CVE-2021-22947 - https://github.com/devopstales/trivy-operator +CVE-2021-22947 - https://github.com/hetmehtaa/bug-bounty-noob +CVE-2021-22968 - https://github.com/fortbridge/concrete-cms CVE-2021-22986 - https://github.com/ARPSyndicate/cvemon CVE-2021-22986 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-22986 - https://github.com/Al1ex/CVE-2021-22986 @@ -37373,17 +40791,23 @@ CVE-2021-22986 - https://github.com/bhassani/Recent-CVE CVE-2021-22986 - https://github.com/bigblackhat/oFx CVE-2021-22986 - https://github.com/dorkerdevil/CVE-2021-22986-Poc CVE-2021-22986 - https://github.com/dotslashed/CVE-2021-22986 +CVE-2021-22986 - https://github.com/gmatuz/inthewilddb CVE-2021-22986 - https://github.com/huike007/penetration_poc +CVE-2021-22986 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2021-22986 - https://github.com/luck-ying/Library-POC CVE-2021-22986 - https://github.com/n1sh1th/CVE-POC CVE-2021-22986 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-22986 - https://github.com/papa-anniekey/CustomSignatures +CVE-2021-22986 - https://github.com/r0eXpeR/supplier CVE-2021-22986 - https://github.com/safesword/F5_RCE CVE-2021-22986 - https://github.com/saucer-man/exploit CVE-2021-22986 - https://github.com/superfish9/pt +CVE-2021-22986 - https://github.com/takeboy/https-github.com-taomujian-linbing CVE-2021-22986 - https://github.com/taomujian/linbing +CVE-2021-22986 - https://github.com/tzwlhack/Vulnerability CVE-2021-22986 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-22986 - https://github.com/yaunsky/CVE-202122986-EXP +CVE-2021-22986 - https://github.com/zmylml/yangzifun CVE-2021-229861 - https://github.com/adminwaf/CVE-2021-229861 CVE-2021-22987 - https://github.com/DNTYO/F5_Vulnerability CVE-2021-22988 - https://github.com/DNTYO/F5_Vulnerability @@ -37392,7 +40816,10 @@ CVE-2021-22990 - https://github.com/DNTYO/F5_Vulnerability CVE-2021-22991 - https://github.com/DNTYO/F5_Vulnerability CVE-2021-22991 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-22991 - https://github.com/SexyBeast233/SecBooks +CVE-2021-22991 - https://github.com/r0eXpeR/supplier +CVE-2021-22991 - https://github.com/tzwlhack/Vulnerability CVE-2021-22992 - https://github.com/DNTYO/F5_Vulnerability +CVE-2021-22992 - https://github.com/r0eXpeR/supplier CVE-2021-22993 - https://github.com/DNTYO/F5_Vulnerability CVE-2021-22994 - https://github.com/DNTYO/F5_Vulnerability CVE-2021-22995 - https://github.com/DNTYO/F5_Vulnerability @@ -37408,6 +40835,7 @@ CVE-2021-23004 - https://github.com/DNTYO/F5_Vulnerability CVE-2021-23005 - https://github.com/DNTYO/F5_Vulnerability CVE-2021-23006 - https://github.com/DNTYO/F5_Vulnerability CVE-2021-23007 - https://github.com/DNTYO/F5_Vulnerability +CVE-2021-23008 - https://github.com/r0eXpeR/supplier CVE-2021-23017 - https://github.com/ARPSyndicate/cvemon CVE-2021-23017 - https://github.com/bollwarm/SecToolSet CVE-2021-23017 - https://github.com/kubernetes/ingress-nginx @@ -37416,6 +40844,8 @@ CVE-2021-23017 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-23017 - https://github.com/vshaliii/DC-4-Vulnhub-Walkthrough CVE-2021-23017 - https://github.com/wallarm/ingress CVE-2021-2302 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-2302 - https://github.com/quynhle7821/CVE-2021-2302 +CVE-2021-2305 - https://github.com/ycamper/censys-scripts CVE-2021-23054 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-23123 - https://github.com/CyberCommands/CVE2021-23132 CVE-2021-23132 - https://github.com/ARPSyndicate/cvemon @@ -37426,14 +40856,23 @@ CVE-2021-23132 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2021-23132 - https://github.com/SexyBeast233/SecBooks CVE-2021-23132 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-23132 - https://github.com/huike007/penetration_poc +CVE-2021-23132 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2021-23132 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-23132 - https://github.com/tzwlhack/Vulnerability CVE-2021-23132 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-23241 - https://github.com/ARPSyndicate/cvemon CVE-2021-23241 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-2328 - https://github.com/deepakdba/cve_checklist +CVE-2021-2329 - https://github.com/deepakdba/cve_checklist +CVE-2021-2330 - https://github.com/deepakdba/cve_checklist +CVE-2021-2333 - https://github.com/deepakdba/cve_checklist CVE-2021-23337 - https://github.com/Refinitiv-API-Samples/Example.EWA.TypeScript.WebApplication CVE-2021-23337 - https://github.com/andisfar/LaunchQtCreator CVE-2021-23337 - https://github.com/anthonykirby/lora-packet CVE-2021-23337 - https://github.com/marcosrg9/YouTubeTV +CVE-2021-23337 - https://github.com/p-rog/cve-analyser +CVE-2021-23337 - https://github.com/samoylenko/sample-vulnerable-app-nodejs-express +CVE-2021-23338 - https://github.com/ajmalabubakkr/CVE CVE-2021-23341 - https://github.com/engn33r/awesome-redos-security CVE-2021-23341 - https://github.com/yetingli/PoCs CVE-2021-23343 - https://github.com/broxus/ever-wallet-browser-extension @@ -37446,6 +40885,7 @@ CVE-2021-23354 - https://github.com/engn33r/awesome-redos-security CVE-2021-23354 - https://github.com/yetingli/PoCs CVE-2021-23358 - https://github.com/Ghifari160/splash CVE-2021-23358 - https://github.com/andisfar/LaunchQtCreator +CVE-2021-23358 - https://github.com/k1LoW/oshka CVE-2021-2336 - https://github.com/BlackburnHax/inntinn CVE-2021-23362 - https://github.com/engn33r/awesome-redos-security CVE-2021-23362 - https://github.com/marcosrg9/YouTubeTV @@ -37453,13 +40893,16 @@ CVE-2021-23362 - https://github.com/sonatype-nexus-community/auditjs CVE-2021-23364 - https://github.com/engn33r/awesome-redos-security CVE-2021-23364 - https://github.com/ken505/link-app CVE-2021-23368 - https://github.com/engn33r/awesome-redos-security +CVE-2021-2337 - https://github.com/deepakdba/cve_checklist CVE-2021-23370 - https://github.com/KernelErr/BuzzChat-Client CVE-2021-23371 - https://github.com/engn33r/awesome-redos-security CVE-2021-23382 - https://github.com/engn33r/awesome-redos-security CVE-2021-23383 - https://github.com/ARPSyndicate/cvemon +CVE-2021-23383 - https://github.com/dn9uy3n/Check-CVE-2021-23383 CVE-2021-23383 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-23388 - https://github.com/engn33r/awesome-redos-security CVE-2021-23410 - https://github.com/azu/msgpack-CVE-2021-23410-test +CVE-2021-23424 - https://github.com/jra89/thethirdparty CVE-2021-23425 - https://github.com/engn33r/awesome-redos-security CVE-2021-23436 - https://github.com/broxus/ever-wallet-browser-extension CVE-2021-23437 - https://github.com/engn33r/awesome-redos-security @@ -37467,6 +40910,7 @@ CVE-2021-23437 - https://github.com/nnrogers515/discord-coderbot CVE-2021-23446 - https://github.com/engn33r/awesome-redos-security CVE-2021-23463 - https://github.com/SecCoder-Security-Lab/jdbc-sqlxml-xxe CVE-2021-23463 - https://github.com/bambooqj/CVE-2021-40444_EXP_JS +CVE-2021-2351 - https://github.com/deepakdba/cve_checklist CVE-2021-23566 - https://github.com/git-kick/ioBroker.e3dc-rscp CVE-2021-23758 - https://github.com/ARPSyndicate/cvemon CVE-2021-23758 - https://github.com/nomi-sec/PoC-in-GitHub @@ -37474,13 +40918,25 @@ CVE-2021-23758 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-2376 - https://github.com/r00t4dm/r00t4dm CVE-2021-23827 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups CVE-2021-23839 - https://github.com/falk-werner/cve-check +CVE-2021-23839 - https://github.com/jntass/TASSL-1.1.1k +CVE-2021-23839 - https://github.com/thecyberbaby/Trivy-by-aquaSecurity +CVE-2021-23839 - https://github.com/vinamra28/tekton-image-scan-trivy CVE-2021-23840 - https://github.com/falk-werner/cve-check +CVE-2021-23840 - https://github.com/jntass/TASSL-1.1.1k +CVE-2021-23840 - https://github.com/thecyberbaby/Trivy-by-aquaSecurity +CVE-2021-23840 - https://github.com/vinamra28/tekton-image-scan-trivy CVE-2021-23841 - https://github.com/falk-werner/cve-check +CVE-2021-23841 - https://github.com/jntass/TASSL-1.1.1k +CVE-2021-23841 - https://github.com/thecyberbaby/Trivy-by-aquaSecurity +CVE-2021-23841 - https://github.com/vinamra28/tekton-image-scan-trivy CVE-2021-23899 - https://github.com/CodeIntelligenceTesting/jazzer CVE-2021-2390 - https://github.com/BlackburnHax/inntinn CVE-2021-23900 - https://github.com/CodeIntelligenceTesting/jazzer CVE-2021-2394 - https://github.com/ARPSyndicate/cvemon +CVE-2021-2394 - https://github.com/BabyTeam1024/CVE-2021-2394 CVE-2021-2394 - https://github.com/SexyBeast233/SecBooks +CVE-2021-2394 - https://github.com/freeide/CVE-2021-2394 +CVE-2021-2394 - https://github.com/lz2y/CVE-2021-2394 CVE-2021-2394 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-2394 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-24027 - https://github.com/ARPSyndicate/cvemon @@ -37490,9 +40946,12 @@ CVE-2021-24027 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-2403 - https://github.com/r00t4dm/r00t4dm CVE-2021-24074 - https://github.com/0vercl0k/CVE-2021-24086 CVE-2021-24074 - https://github.com/Spacial/awesome-csirt +CVE-2021-24074 - https://github.com/lisinan988/CVE-2021-24086-exp CVE-2021-24080 - https://github.com/linhlhq/TinyAFL CVE-2021-24084 - https://github.com/ARPSyndicate/cvemon +CVE-2021-24084 - https://github.com/exploitblizzard/WindowsMDM-LPE-0Day CVE-2021-24084 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-24084 - https://github.com/ohnonoyesyes/CVE-2021-24084 CVE-2021-24084 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-24085 - https://github.com/ARPSyndicate/cvemon CVE-2021-24085 - https://github.com/developer3000S/PoC-in-GitHub @@ -37505,12 +40964,15 @@ CVE-2021-24086 - https://github.com/ARPSyndicate/cvemon CVE-2021-24086 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-24086 - https://github.com/SexyBeast233/SecBooks CVE-2021-24086 - https://github.com/Spacial/awesome-csirt +CVE-2021-24086 - https://github.com/lisinan988/CVE-2021-24086-exp CVE-2021-24086 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-24086 - https://github.com/secdev/awesome-scapy +CVE-2021-24086 - https://github.com/tzwlhack/Vulnerability CVE-2021-24092 - https://github.com/CyberMonitor/somethingweneed CVE-2021-24092 - https://github.com/pipiscrew/timeline CVE-2021-24093 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-24093 - https://github.com/SexyBeast233/SecBooks +CVE-2021-24093 - https://github.com/tzwlhack/Vulnerability CVE-2021-24093 - https://github.com/xm88628/AfternoonTea CVE-2021-24094 - https://github.com/0vercl0k/CVE-2021-24086 CVE-2021-24094 - https://github.com/lisinan988/CVE-2021-24086-exp @@ -37529,24 +40991,30 @@ CVE-2021-24122 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthro CVE-2021-24139 - https://github.com/El-Palomo/EVM1 CVE-2021-24145 - https://github.com/ARPSyndicate/cvemon CVE-2021-24145 - https://github.com/Hacker5preme/Exploits +CVE-2021-24145 - https://github.com/dnr6419/CVE-2021-24145 CVE-2021-24145 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-24146 - https://github.com/ARPSyndicate/cvemon CVE-2021-24146 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-24146 - https://github.com/Elsfa7-110/kenzer-templates CVE-2021-24146 - https://github.com/Hacker5preme/Exploits CVE-2021-24147 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs +CVE-2021-24155 - https://github.com/0dayNinja/CVE-2021-24155.rb CVE-2021-24155 - https://github.com/ARPSyndicate/cvemon CVE-2021-24155 - https://github.com/Hacker5preme/Exploits CVE-2021-24160 - https://github.com/Hacker5preme/Exploits CVE-2021-24175 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-24175 - https://github.com/tzwlhack/Vulnerability CVE-2021-24176 - https://github.com/ARPSyndicate/cvemon CVE-2021-24176 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-24176 - https://github.com/Elsfa7-110/kenzer-templates CVE-2021-24186 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-24186 - https://github.com/tzwlhack/Vulnerability CVE-2021-24209 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-24209 - https://github.com/tzwlhack/Vulnerability CVE-2021-24210 - https://github.com/ARPSyndicate/cvemon CVE-2021-24210 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-24213 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-24213 - https://github.com/tzwlhack/Vulnerability CVE-2021-24222 - https://github.com/jinhuang1102/CVE-ID-Reports CVE-2021-24223 - https://github.com/jinhuang1102/CVE-ID-Reports CVE-2021-24224 - https://github.com/jinhuang1102/CVE-ID-Reports @@ -37596,11 +41064,14 @@ CVE-2021-24342 - https://github.com/ARPSyndicate/cvemon CVE-2021-24342 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-24347 - https://github.com/ARPSyndicate/cvemon CVE-2021-24347 - https://github.com/Hacker5preme/Exploits +CVE-2021-24347 - https://github.com/huydoppa/CVE-2021-24347- CVE-2021-24364 - https://github.com/ARPSyndicate/cvemon CVE-2021-24364 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-24376 - https://github.com/afinepl/research CVE-2021-24377 - https://github.com/afinepl/research CVE-2021-24378 - https://github.com/afinepl/research +CVE-2021-24379 - https://github.com/phutr4n/CVE-Collection +CVE-2021-2438 - https://github.com/deepakdba/cve_checklist CVE-2021-24387 - https://github.com/ARPSyndicate/cvemon CVE-2021-24387 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-24389 - https://github.com/ARPSyndicate/cvemon @@ -37609,9 +41080,12 @@ CVE-2021-24406 - https://github.com/ARPSyndicate/cvemon CVE-2021-24406 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-24407 - https://github.com/ARPSyndicate/cvemon CVE-2021-24407 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-24429 - https://github.com/phutr4n/CVE-Collection +CVE-2021-24443 - https://github.com/phutr4n/CVE-Collection CVE-2021-24444 - https://github.com/akashrpatil/akashrpatil CVE-2021-24445 - https://github.com/akashrpatil/akashrpatil CVE-2021-24448 - https://github.com/akashrpatil/akashrpatil +CVE-2021-24455 - https://github.com/phutr4n/CVE-Collection CVE-2021-24472 - https://github.com/ARPSyndicate/cvemon CVE-2021-24472 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-24485 - https://github.com/akashrpatil/akashrpatil @@ -37627,23 +41101,31 @@ CVE-2021-24498 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-24499 - https://github.com/ARPSyndicate/cvemon CVE-2021-24499 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-24499 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-24499 - https://github.com/RyouYoo/CVE-2021-24499 +CVE-2021-24499 - https://github.com/hh-hunter/cve-2021-24499 CVE-2021-24499 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-24510 - https://github.com/ARPSyndicate/cvemon CVE-2021-24510 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-24545 - https://github.com/ARPSyndicate/cvemon +CVE-2021-24545 - https://github.com/V35HR4J/CVE-2021-24545 +CVE-2021-24545 - https://github.com/dnr6419/CVE-2021-24545 CVE-2021-24545 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-24545 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-2456 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-2456 - https://github.com/peterjson31337/CVE-2021-2456 CVE-2021-2456 - https://github.com/r00t4dm/r00t4dm +CVE-2021-24563 - https://github.com/V35HR4J/CVE-2021-24563 CVE-2021-24569 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-24583 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-24584 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-24585 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-24596 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-2460 - https://github.com/deepakdba/cve_checklist CVE-2021-24600 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-24604 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-24606 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-24609 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-24610 - https://github.com/apapedulimu/Learn-Source-Code-Review CVE-2021-24613 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-24618 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-24620 - https://github.com/p1ay8y3ar/cve_monitor @@ -37660,9 +41142,14 @@ CVE-2021-24657 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-24663 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-24667 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-2471 - https://github.com/ARPSyndicate/cvemon +CVE-2021-2471 - https://github.com/DrunkenShells/CVE-2021-2471 +CVE-2021-2471 - https://github.com/SecCoder-Security-Lab/jdbc-sqlxml-xxe CVE-2021-2471 - https://github.com/SummerSec/learning-codeql +CVE-2021-2471 - https://github.com/Y4tacker/JavaSec +CVE-2021-2471 - https://github.com/cckuailong/CVE-2021-2471 CVE-2021-2471 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-2471 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-24741 - https://github.com/itsjeffersonli/CVE-2021-24741 CVE-2021-24750 - https://github.com/ARPSyndicate/cvemon CVE-2021-24750 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-24750 - https://github.com/Hacker5preme/Exploits @@ -37697,6 +41184,7 @@ CVE-2021-25052 - https://github.com/ARPSyndicate/cvemon CVE-2021-25052 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-25122 - https://github.com/DNTYO/F5_Vulnerability CVE-2021-25122 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough +CVE-2021-25162 - https://github.com/twentybel0w/CVE-2021-25162 CVE-2021-25216 - https://github.com/qwerty1q2w/cvescan_handler CVE-2021-25217 - https://github.com/fbreton/lacework CVE-2021-25251 - https://github.com/Parasect-Team/for-trendmciro @@ -37713,11 +41201,14 @@ CVE-2021-25281 - https://github.com/Elsfa7-110/kenzer-templates CVE-2021-25281 - https://github.com/Immersive-Labs-Sec/CVE-2021-25281 CVE-2021-25281 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-25281 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-25281 - https://github.com/tzwlhack/Vulnerability CVE-2021-25282 - https://github.com/0ps/pocassistdb CVE-2021-25282 - https://github.com/ARPSyndicate/cvemon CVE-2021-25282 - https://github.com/Immersive-Labs-Sec/CVE-2021-25281 CVE-2021-25282 - https://github.com/jweny/pocassistdb +CVE-2021-25289 - https://github.com/asa1997/topgear_test CVE-2021-25289 - https://github.com/nnrogers515/discord-coderbot +CVE-2021-25290 - https://github.com/asa1997/topgear_test CVE-2021-25290 - https://github.com/nnrogers515/discord-coderbot CVE-2021-25291 - https://github.com/nnrogers515/discord-coderbot CVE-2021-25292 - https://github.com/doyensec/regexploit @@ -37727,10 +41218,12 @@ CVE-2021-25293 - https://github.com/nnrogers515/discord-coderbot CVE-2021-25296 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-25296 - https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs CVE-2021-25296 - https://github.com/r0eXpeR/redteam_vul +CVE-2021-25296 - https://github.com/tzwlhack/Vulnerability CVE-2021-25297 - https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs CVE-2021-25298 - https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs CVE-2021-25299 - https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs CVE-2021-25310 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-25310 - https://github.com/tzwlhack/Vulnerability CVE-2021-25326 - https://github.com/s3curityb3ast/s3curityb3ast.github.io CVE-2021-25327 - https://github.com/s3curityb3ast/s3curityb3ast.github.io CVE-2021-25328 - https://github.com/s3curityb3ast/s3curityb3ast.github.io @@ -37743,6 +41236,7 @@ CVE-2021-25374 - https://github.com/FSecureLABS/CVE-2021-25374_Samsung-Account-A CVE-2021-25374 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-25641 - https://github.com/ARPSyndicate/cvemon CVE-2021-25641 - https://github.com/Dor-Tumarkin/CVE-2021-25641-Proof-of-Concept +CVE-2021-25641 - https://github.com/lz2y/DubboPOC CVE-2021-25641 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-25641 - https://github.com/taielab/awesome-hacking-lists CVE-2021-25646 - https://github.com/ARPSyndicate/cvemon @@ -37751,6 +41245,7 @@ CVE-2021-25646 - https://github.com/Ares-X/VulWiki CVE-2021-25646 - https://github.com/Astrogeorgeonethree/Starred CVE-2021-25646 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-25646 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2021-25646 - https://github.com/FDlucifer/firece-fish CVE-2021-25646 - https://github.com/Ormicron/CVE-2021-25646-GUI CVE-2021-25646 - https://github.com/SexyBeast233/SecBooks CVE-2021-25646 - https://github.com/SouthWind0/southwind0.github.io @@ -37758,6 +41253,8 @@ CVE-2021-25646 - https://github.com/Vulnmachines/Apache-Druid-CVE-2021-25646 CVE-2021-25646 - https://github.com/W4nde3/toolkits CVE-2021-25646 - https://github.com/Yang0615777/PocList CVE-2021-25646 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2021-25646 - https://github.com/dnr6419/Druid_docker +CVE-2021-25646 - https://github.com/errorecho/CVEs-Collection CVE-2021-25646 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups CVE-2021-25646 - https://github.com/givemefivw/CVE-2021-25646 CVE-2021-25646 - https://github.com/gobysec/Goby @@ -37765,6 +41262,7 @@ CVE-2021-25646 - https://github.com/lp008/CVE-2021-25646 CVE-2021-25646 - https://github.com/ltfafei/my_POC CVE-2021-25646 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-25646 - https://github.com/sobinge/nuclei-templates +CVE-2021-25646 - https://github.com/tzwlhack/Vulnerability CVE-2021-25646 - https://github.com/xm88628/AfternoonTea CVE-2021-25646 - https://github.com/yaunsky/cve-2021-25646 CVE-2021-25679 - https://github.com/3ndG4me/AdTran-Personal-Phone-Manager-Vulns @@ -37778,9 +41276,12 @@ CVE-2021-25735 - https://github.com/Metarget/awesome-cloud-native-security CVE-2021-25735 - https://github.com/darryk10/CVE-2021-25735 CVE-2021-25735 - https://github.com/developer-guy/awesome-falco CVE-2021-25735 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-25735 - https://github.com/reni2study/Cloud-Native-Security2 CVE-2021-25735 - https://github.com/taielab/awesome-hacking-lists +CVE-2021-25735 - https://github.com/tzwlhack/Vulnerability CVE-2021-25737 - https://github.com/Metarget/awesome-cloud-native-security CVE-2021-25737 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-25737 - https://github.com/reni2study/Cloud-Native-Security2 CVE-2021-25741 - https://github.com/ARPSyndicate/cvemon CVE-2021-25741 - https://github.com/Metarget/awesome-cloud-native-security CVE-2021-25741 - https://github.com/Metarget/metarget @@ -37790,44 +41291,91 @@ CVE-2021-25742 - https://github.com/cruise-automation/k-rail CVE-2021-25765 - https://github.com/yuriisanin/whoami CVE-2021-25790 - https://github.com/MrCraniums/CVE-2021-25790-Multiple-Stored-XSS CVE-2021-25791 - https://github.com/MrCraniums/CVE-2021-25791-Multiple-Stored-XSS +CVE-2021-25829 - https://github.com/merrychap/POC-onlyoffice +CVE-2021-25830 - https://github.com/merrychap/POC-onlyoffice +CVE-2021-25831 - https://github.com/merrychap/POC-onlyoffice +CVE-2021-25832 - https://github.com/merrychap/POC-onlyoffice +CVE-2021-25833 - https://github.com/merrychap/POC-onlyoffice CVE-2021-25837 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-25863 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-25863 - https://github.com/SexyBeast233/SecBooks +CVE-2021-25863 - https://github.com/tzwlhack/Vulnerability CVE-2021-25864 - https://github.com/ARPSyndicate/cvemon CVE-2021-25864 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-25900 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs CVE-2021-26084 - https://github.com/0x727/ShuiZe_0x727 +CVE-2021-26084 - https://github.com/0xf4n9x/CVE-2021-26084 CVE-2021-26084 - https://github.com/0xsyr0/OSCP +CVE-2021-26084 - https://github.com/1ZRR4H/CVE-2021-26084 CVE-2021-26084 - https://github.com/ARPSyndicate/cvemon CVE-2021-26084 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-26084 - https://github.com/BeRserKerSec/CVE-2021-26084-Nuclei-template +CVE-2021-26084 - https://github.com/FDlucifer/firece-fish +CVE-2021-26084 - https://github.com/GlennPegden2/cve-2021-26084-confluence +CVE-2021-26084 - https://github.com/JKme/CVE-2021-26084 +CVE-2021-26084 - https://github.com/Jun-5heng/CVE-2021-26084 +CVE-2021-26084 - https://github.com/Loneyers/CVE-2021-26084 CVE-2021-26084 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-26084 - https://github.com/Osyanina/westone-CVE-2021-26084-scanner CVE-2021-26084 - https://github.com/S3cur3Th1sSh1t/Pentest-Tools CVE-2021-26084 - https://github.com/Sma11New/PocList CVE-2021-26084 - https://github.com/TesterCC/exp_poc_library +CVE-2021-26084 - https://github.com/Udyz/CVE-2021-26084 +CVE-2021-26084 - https://github.com/Vulnmachines/Confluence_CVE-2021-26084 +CVE-2021-26084 - https://github.com/Xc1Ym/cve_2021_26084 +CVE-2021-26084 - https://github.com/ZZ-SOCMAP/pocs CVE-2021-26084 - https://github.com/antx-code/CVE-2021-26084 +CVE-2021-26084 - https://github.com/b1gw00d/CVE-2021-26084 +CVE-2021-26084 - https://github.com/bcdannyboy/CVE-2021-26084_GoPOC CVE-2021-26084 - https://github.com/bigblackhat/oFx CVE-2021-26084 - https://github.com/binganao/vulns-2022 +CVE-2021-26084 - https://github.com/byteofjoshua/CVE-2021-26084 +CVE-2021-26084 - https://github.com/carlosevieira/CVE-2021-26084 CVE-2021-26084 - https://github.com/curated-intel/Log4Shell-IOCs +CVE-2021-26084 - https://github.com/dinhbaouit/CVE-2021-26084 +CVE-2021-26084 - https://github.com/dock0d1/CVE-2021-26084_Confluence +CVE-2021-26084 - https://github.com/dorkerdevil/CVE-2021-26084 CVE-2021-26084 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups +CVE-2021-26084 - https://github.com/h3v0x/CVE-2021-26084_Confluence CVE-2021-26084 - https://github.com/harsh-bothra/learn365 CVE-2021-26084 - https://github.com/huike007/penetration_poc CVE-2021-26084 - https://github.com/joydo/CVE-Writeups +CVE-2021-26084 - https://github.com/lleavesl/CVE-2021-26084 CVE-2021-26084 - https://github.com/luck-ying/Library-POC +CVE-2021-26084 - https://github.com/ludy-dev/CVE-2021-26084_PoC +CVE-2021-26084 - https://github.com/march0s1as/CVE-2021-26084 +CVE-2021-26084 - https://github.com/maskerTUI/CVE-2021-26084 CVE-2021-26084 - https://github.com/mdisec/mdisec-twitch-yayinlari +CVE-2021-26084 - https://github.com/nizarbamida/CVE-2021-26084-patch- CVE-2021-26084 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-26084 - https://github.com/p0nymc1/CVE-2021-26084 CVE-2021-26084 - https://github.com/pen4uin/pentest-note CVE-2021-26084 - https://github.com/pipiscrew/timeline +CVE-2021-26084 - https://github.com/quesodipesto/conflucheck +CVE-2021-26084 - https://github.com/r0ckysec/CVE-2021-26084_Confluence +CVE-2021-26084 - https://github.com/r0eXpeR/supplier +CVE-2021-26084 - https://github.com/rootsmadi/CVE-2021-26084 CVE-2021-26084 - https://github.com/rudrapwn/source-code-review +CVE-2021-26084 - https://github.com/smallpiggy/cve-2021-26084-confluence +CVE-2021-26084 - https://github.com/taythebot/CVE-2021-26084 +CVE-2021-26084 - https://github.com/toowoxx/docker-confluence-patched +CVE-2021-26084 - https://github.com/wdjcy/CVE-2021-26084 CVE-2021-26084 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +CVE-2021-26084 - https://github.com/wolf1892/confluence-rce-poc CVE-2021-26084 - https://github.com/woods-sega/woodswiki +CVE-2021-26084 - https://github.com/z0edff0x3d/CVE-2021-26084-Confluence-OGNL CVE-2021-26085 - https://github.com/0xsyr0/OSCP CVE-2021-26085 - https://github.com/ARPSyndicate/cvemon CVE-2021-26085 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-26085 - https://github.com/ColdFusionX/CVE-2021-26085 CVE-2021-26085 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-26085 - https://github.com/zeroc00I/CVE-2021-26085 CVE-2021-26086 - https://github.com/ARPSyndicate/cvemon CVE-2021-26086 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-26086 - https://github.com/ColdFusionX/CVE-2021-26086 CVE-2021-26086 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2021-26086 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-26086 - https://github.com/sushantdhopat/JIRA_testing CVE-2021-26086 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-26102 - https://github.com/ARPSyndicate/cvemon CVE-2021-26102 - https://github.com/nomi-sec/PoC-in-GitHub @@ -37844,12 +41392,15 @@ CVE-2021-26247 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-26292 - https://github.com/E3SEC/AfterLogic CVE-2021-26293 - https://github.com/E3SEC/AfterLogic CVE-2021-26293 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-26293 - https://github.com/tzwlhack/Vulnerability CVE-2021-26294 - https://github.com/ARPSyndicate/cvemon CVE-2021-26294 - https://github.com/E3SEC/AfterLogic CVE-2021-26294 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-26294 - https://github.com/SexyBeast233/SecBooks +CVE-2021-26294 - https://github.com/dorkerdevil/CVE-2021-26294 CVE-2021-26294 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-26294 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-26294 - https://github.com/tzwlhack/Vulnerability CVE-2021-26295 - https://github.com/ARPSyndicate/cvemon CVE-2021-26295 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-26295 - https://github.com/EdgeSecurityTeam/Vulnerability @@ -37862,35 +41413,45 @@ CVE-2021-26295 - https://github.com/S0por/CVE-2021-26295-Apache-OFBiz-EXP CVE-2021-26295 - https://github.com/SexyBeast233/SecBooks CVE-2021-26295 - https://github.com/SouthWind0/southwind0.github.io CVE-2021-26295 - https://github.com/TheTh1nk3r/exp_hub +CVE-2021-26295 - https://github.com/Timirepo/CVE_Exploits CVE-2021-26295 - https://github.com/YinWC/2021hvv_vul CVE-2021-26295 - https://github.com/coolyin001/CVE-2021-26295-- CVE-2021-26295 - https://github.com/gobysec/Goby CVE-2021-26295 - https://github.com/huike007/penetration_poc +CVE-2021-26295 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2021-26295 - https://github.com/ltfafei/my_POC CVE-2021-26295 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2021-26295 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-26295 - https://github.com/r00t4dm/r00t4dm CVE-2021-26295 - https://github.com/r0ckysec/CVE-2021-26295 CVE-2021-26295 - https://github.com/rakjong/CVE-2021-26295-Apache-OFBiz +CVE-2021-26295 - https://github.com/tzwlhack/Vulnerability CVE-2021-26295 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-26295 - https://github.com/yuaneuro/ofbiz-poc CVE-2021-26295 - https://github.com/yumusb/CVE-2021-26295 +CVE-2021-26295 - https://github.com/zmylml/yangzifun CVE-2021-26296 - https://github.com/IBM/websphere-automation-lab CVE-2021-26296 - https://github.com/arkarkala/ThinkLab-2257 CVE-2021-26313 - https://github.com/vusec/fpvi-scsb CVE-2021-26314 - https://github.com/vusec/fpvi-scsb CVE-2021-26411 - https://github.com/ARPSyndicate/cvemon +CVE-2021-26411 - https://github.com/CrackerCat/CVE-2021-26411 CVE-2021-26411 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-26411 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-26411 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-26411 - https://github.com/tzwlhack/Vulnerability CVE-2021-26412 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-26412 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-26412 - https://github.com/vehemont/nvdlib CVE-2021-26415 - https://github.com/ARPSyndicate/cvemon CVE-2021-26415 - https://github.com/adenkiewicz/CVE-2021-26415 CVE-2021-26415 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-26419 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-26419 - https://github.com/tzwlhack/Vulnerability +CVE-2021-26420 - https://github.com/r0eXpeR/supplier CVE-2021-26425 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-26425 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2021-26431 - https://github.com/r0eXpeR/supplier CVE-2021-26444 - https://github.com/szymonh/szymonh CVE-2021-26471 - https://github.com/DIVD-NL/VembuBDR-DIVD-2020-00011 CVE-2021-26472 - https://github.com/DIVD-NL/VembuBDR-DIVD-2020-00011 @@ -37903,13 +41464,16 @@ CVE-2021-26476 - https://github.com/grymer/CVE CVE-2021-26593 - https://github.com/sgranel/directusv8 CVE-2021-26594 - https://github.com/sgranel/directusv8 CVE-2021-26595 - https://github.com/sgranel/directusv8 +CVE-2021-26690 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2021-26690 - https://github.com/fkm75P8YjLkb/CVE-2021-26690 +CVE-2021-26691 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2021-26691 - https://github.com/fkm75P8YjLkb/CVE-2021-26691 CVE-2021-26700 - https://github.com/ARPSyndicate/cvemon CVE-2021-26700 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-26700 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-26700 - https://github.com/jackadamson/CVE-2021-26700 CVE-2021-26700 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-26700 - https://github.com/tzwlhack/Vulnerability CVE-2021-26702 - https://github.com/grymer/CVE CVE-2021-26703 - https://github.com/grymer/CVE CVE-2021-26704 - https://github.com/grymer/CVE @@ -37939,6 +41503,7 @@ CVE-2021-26723 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-26723 - https://github.com/Elsfa7-110/kenzer-templates CVE-2021-26723 - https://github.com/sobinge/nuclei-templates CVE-2021-26758 - https://github.com/ARPSyndicate/cvemon +CVE-2021-26777 - https://github.com/Ell0/plc_concentrator_vulns CVE-2021-26812 - https://github.com/ARPSyndicate/cvemon CVE-2021-26812 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-26813 - https://github.com/doyensec/regexploit @@ -37949,8 +41514,11 @@ CVE-2021-26814 - https://github.com/WickdDavid/CVE-2021-26814 CVE-2021-26814 - https://github.com/cyllective/CVEs CVE-2021-26814 - https://github.com/joydo/CVE-Writeups CVE-2021-26814 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-26814 - https://github.com/paolorabbito/Internet-Security-Project---CVE-2021-26814 +CVE-2021-26814 - https://github.com/tzwlhack/Vulnerability CVE-2021-26824 - https://github.com/bosslabdcu/Vulnerability-Reporting CVE-2021-26827 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-26827 - https://github.com/tzwlhack/Vulnerability CVE-2021-26828 - https://github.com/ARPSyndicate/cvemon CVE-2021-26828 - https://github.com/h3v0x/CVE-2021-26828_ScadaBR_RCE CVE-2021-26828 - https://github.com/nomi-sec/PoC-in-GitHub @@ -37959,6 +41527,7 @@ CVE-2021-26832 - https://github.com/NagliNagli/CVE-2021-26832 CVE-2021-26832 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-26854 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-26854 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-26854 - https://github.com/vehemont/nvdlib CVE-2021-26855 - https://github.com/00011100/HAFHunt CVE-2021-26855 - https://github.com/0ps/pocassistdb CVE-2021-26855 - https://github.com/0xAbdullah/CVE-2021-26855 @@ -37971,9 +41540,12 @@ CVE-2021-26855 - https://github.com/DCScoder/Exchange_IOC_Hunter CVE-2021-26855 - https://github.com/Dutch-Technology-eXperts/CSIRT CVE-2021-26855 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-26855 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2021-26855 - https://github.com/FDlucifer/Proxy-Attackchain +CVE-2021-26855 - https://github.com/FDlucifer/firece-fish CVE-2021-26855 - https://github.com/Flangvik/SharpProxyLogon CVE-2021-26855 - https://github.com/H0j3n/EzpzCheatSheet CVE-2021-26855 - https://github.com/Immersive-Labs-Sec/ProxyLogon +CVE-2021-26855 - https://github.com/JERRY5410/HOMEWORK-FOR-ProxyLogon CVE-2021-26855 - https://github.com/KotSec/CVE-2021-26855-Scanner CVE-2021-26855 - https://github.com/LearnGolang/LearnGolang CVE-2021-26855 - https://github.com/Mr-xn/CVE-2021-26855-d @@ -37997,7 +41569,9 @@ CVE-2021-26855 - https://github.com/andyinmatrix/PowerShell CVE-2021-26855 - https://github.com/avi8892/CVE-2021-26856 CVE-2021-26855 - https://github.com/bhassani/Recent-CVE CVE-2021-26855 - https://github.com/binganao/vulns-2022 +CVE-2021-26855 - https://github.com/boson87225/111 CVE-2021-26855 - https://github.com/cert-lv/exchange_webshell_detection +CVE-2021-26855 - https://github.com/certat/exchange-scans CVE-2021-26855 - https://github.com/charlottelatest/CVE-2021-26855 CVE-2021-26855 - https://github.com/conjojo/Microsoft_Exchange_Server_SSRF_CVE-2021-26855 CVE-2021-26855 - https://github.com/cryptolakk/ProxyLogon-Mass-RCE @@ -38017,10 +41591,12 @@ CVE-2021-26855 - https://github.com/huike007/penetration_poc CVE-2021-26855 - https://github.com/itscio/LadonGo CVE-2021-26855 - https://github.com/jweny/pocassistdb CVE-2021-26855 - https://github.com/k8gege/LadonGo +CVE-2021-26855 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2021-26855 - https://github.com/mauricelambert/ExchangeWeaknessTest CVE-2021-26855 - https://github.com/mekhalleh/exchange_proxylogon CVE-2021-26855 - https://github.com/mil1200/ProxyLogon-CVE-2021-26855 CVE-2021-26855 - https://github.com/mysticwayfarer1/Exchange-HAFNIUM +CVE-2021-26855 - https://github.com/netlas-io/MsExchangeServerVersionCheck CVE-2021-26855 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-26855 - https://github.com/p0wershe11/ProxyLogon CVE-2021-26855 - https://github.com/password520/LadonGo @@ -38028,8 +41604,10 @@ CVE-2021-26855 - https://github.com/praetorian-inc/proxylogon-exploit CVE-2021-26855 - https://github.com/pussycat0x/CVE-2021-26855-SSRF CVE-2021-26855 - https://github.com/r0ckysec/CVE-2021-26855_Exchange CVE-2021-26855 - https://github.com/r0eXpeR/redteam_vul +CVE-2021-26855 - https://github.com/r0eXpeR/supplier CVE-2021-26855 - https://github.com/raheel0x01/CVE-2021-26855 CVE-2021-26855 - https://github.com/saucer-man/exploit +CVE-2021-26855 - https://github.com/seanjosee/NTUT_HOMEWORK CVE-2021-26855 - https://github.com/sgnls/exchange-0days-202103 CVE-2021-26855 - https://github.com/shacojx/CVE-2021-26855-exploit-Exchange CVE-2021-26855 - https://github.com/shacojx/CVE_2021_26855_SSRF @@ -38039,7 +41617,10 @@ CVE-2021-26855 - https://github.com/srvaccount/CVE-2021-26855-PoC CVE-2021-26855 - https://github.com/stressboi/hafnium-exchange-splunk-csvs CVE-2021-26855 - https://github.com/superfish9/pt CVE-2021-26855 - https://github.com/taielab/awesome-hacking-lists +CVE-2021-26855 - https://github.com/tzwlhack/Vulnerability +CVE-2021-26855 - https://github.com/vehemont/nvdlib CVE-2021-26855 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +CVE-2021-26855 - https://github.com/yaoxiaoangry3/Flangvik CVE-2021-26855 - https://github.com/zhzyker/vulmap CVE-2021-26856 - https://github.com/ARPSyndicate/cvemon CVE-2021-26856 - https://github.com/avi8892/CVE-2021-26856 @@ -38066,10 +41647,12 @@ CVE-2021-26857 - https://github.com/doris0213/Proxy-Logon CVE-2021-26857 - https://github.com/herwonowr/exprolog CVE-2021-26857 - https://github.com/huike007/penetration_poc CVE-2021-26857 - https://github.com/mysticwayfarer1/Exchange-HAFNIUM +CVE-2021-26857 - https://github.com/netlas-io/MsExchangeServerVersionCheck CVE-2021-26857 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-26857 - https://github.com/sgnls/exchange-0days-202103 CVE-2021-26857 - https://github.com/sirpedrotavares/Proxylogon-exploit CVE-2021-26857 - https://github.com/soteria-security/HAFNIUM-IOC +CVE-2021-26857 - https://github.com/vehemont/nvdlib CVE-2021-26857 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-26858 - https://github.com/00011100/HAFHunt CVE-2021-26858 - https://github.com/Ahsanzia/Exchange-Exploit @@ -38089,9 +41672,11 @@ CVE-2021-26858 - https://github.com/doris0213/Proxy-Logon CVE-2021-26858 - https://github.com/herwonowr/exprolog CVE-2021-26858 - https://github.com/huike007/penetration_poc CVE-2021-26858 - https://github.com/mysticwayfarer1/Exchange-HAFNIUM +CVE-2021-26858 - https://github.com/netlas-io/MsExchangeServerVersionCheck CVE-2021-26858 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-26858 - https://github.com/sgnls/exchange-0days-202103 CVE-2021-26858 - https://github.com/soteria-security/HAFNIUM-IOC +CVE-2021-26858 - https://github.com/vehemont/nvdlib CVE-2021-26858 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-26865 - https://github.com/Yt1g3r/CVE-2021-26855_SSRF CVE-2021-26865 - https://github.com/soteria-security/HAFNIUM-IOC @@ -38129,6 +41714,8 @@ CVE-2021-26914 - https://github.com/ARPSyndicate/cvemon CVE-2021-26914 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2021-26914 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2021-26919 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-26919 - https://github.com/tzwlhack/Vulnerability +CVE-2021-26920 - https://github.com/dorkerdevil/CVE-2021-36749 CVE-2021-26920 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-26943 - https://github.com/ARPSyndicate/cvemon CVE-2021-26943 - https://github.com/nomi-sec/PoC-in-GitHub @@ -38138,12 +41725,14 @@ CVE-2021-27027065 - https://github.com/SpearTip-Cyber-Counterintelligence/Zircon CVE-2021-27044 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-27045 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-27046 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-27047 - https://github.com/r0eXpeR/supplier CVE-2021-27058 - https://github.com/decalage2/oletools CVE-2021-27065 - https://github.com/00011100/HAFHunt CVE-2021-27065 - https://github.com/ARPSyndicate/cvemon CVE-2021-27065 - https://github.com/Ahsanzia/Exchange-Exploit CVE-2021-27065 - https://github.com/Astrogeorgeonethree/Starred CVE-2021-27065 - https://github.com/DCScoder/Exchange_IOC_Hunter +CVE-2021-27065 - https://github.com/FDlucifer/Proxy-Attackchain CVE-2021-27065 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2021-27065 - https://github.com/NTUTtopicBryan/NTUT_HomeWork CVE-2021-27065 - https://github.com/Nick-Yin12/106362522 @@ -38155,6 +41744,7 @@ CVE-2021-27065 - https://github.com/Udyz/Proxylogon CVE-2021-27065 - https://github.com/ZephrFish/Exch-CVE-2021-26855 CVE-2021-27065 - https://github.com/adamrpostjr/cve-2021-27065 CVE-2021-27065 - https://github.com/bhassani/Recent-CVE +CVE-2021-27065 - https://github.com/boson87225/111 CVE-2021-27065 - https://github.com/cert-lv/exchange_webshell_detection CVE-2021-27065 - https://github.com/charlottelatest/CVE-2021-26855 CVE-2021-27065 - https://github.com/cryptolakk/ProxyLogon-Mass-RCE @@ -38173,22 +41763,34 @@ CVE-2021-27065 - https://github.com/huike007/penetration_poc CVE-2021-27065 - https://github.com/l3shyyy/ProxyLogon-Useful-PowershellScripts CVE-2021-27065 - https://github.com/mekhalleh/exchange_proxylogon CVE-2021-27065 - https://github.com/mysticwayfarer1/Exchange-HAFNIUM +CVE-2021-27065 - https://github.com/netlas-io/MsExchangeServerVersionCheck CVE-2021-27065 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-27065 - https://github.com/p0wershe11/ProxyLogon CVE-2021-27065 - https://github.com/praetorian-inc/proxylogon-exploit CVE-2021-27065 - https://github.com/r0ckysec/CVE-2021-26855_Exchange CVE-2021-27065 - https://github.com/raheel0x01/CVE-2021-26855 +CVE-2021-27065 - https://github.com/seanjosee/NTUT_HOMEWORK CVE-2021-27065 - https://github.com/sgnls/exchange-0days-202103 CVE-2021-27065 - https://github.com/srvaccount/CVE-2021-26855-PoC CVE-2021-27065 - https://github.com/superfish9/pt +CVE-2021-27065 - https://github.com/vehemont/nvdlib CVE-2021-27065 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-27065 - https://github.com/zhzyker/vulmap CVE-2021-27072 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-27072 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2021-27076 - https://github.com/H0j3n/EzpzSharepoint CVE-2021-27078 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-27078 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-27078 - https://github.com/vehemont/nvdlib +CVE-2021-27080 - https://github.com/r0eXpeR/supplier CVE-2021-27081 - https://github.com/microsoft/vscode-eslint CVE-2021-27091 - https://github.com/itm4n/CVEs +CVE-2021-27101 - https://github.com/dudacgf/ovr_convert +CVE-2021-27102 - https://github.com/dudacgf/ovr_convert +CVE-2021-27103 - https://github.com/dudacgf/ovr_convert +CVE-2021-27104 - https://github.com/vulsio/go-kev +CVE-2021-27129 - https://github.com/AssassinUKG/AssassinUKG +CVE-2021-27130 - https://github.com/AssassinUKG/AssassinUKG CVE-2021-27132 - https://github.com/ARPSyndicate/cvemon CVE-2021-27132 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-27132 - https://github.com/Elsfa7-110/kenzer-templates @@ -38197,6 +41799,7 @@ CVE-2021-27135 - https://github.com/dileepdkumar/https-github.com-cisagov-log4j- CVE-2021-27137 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-27137 - https://github.com/SexyBeast233/SecBooks CVE-2021-27137 - https://github.com/SouthWind0/southwind0.github.io +CVE-2021-27137 - https://github.com/tzwlhack/Vulnerability CVE-2021-27180 - https://github.com/ARPSyndicate/cvemon CVE-2021-27180 - https://github.com/chudyPB/MDaemon-Advisories CVE-2021-27180 - https://github.com/nomi-sec/PoC-in-GitHub @@ -38221,6 +41824,7 @@ CVE-2021-27211 - https://github.com/ARPSyndicate/cvemon CVE-2021-27211 - https://github.com/RickdeJager/stegseek CVE-2021-27211 - https://github.com/b4shfire/stegcrack CVE-2021-27211 - https://github.com/developer3000S/PoC-in-GitHub +CVE-2021-27211 - https://github.com/gitonga-stealth/stegseek CVE-2021-27211 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-27245 - https://github.com/rdomanski/Exploits_and_Advisories CVE-2021-27246 - https://github.com/ARPSyndicate/cvemon @@ -38229,13 +41833,16 @@ CVE-2021-27246 - https://github.com/WinMin/Protocol-Vul CVE-2021-27246 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-27246 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-27246 - https://github.com/synacktiv/CVE-2021-27246_Pwn2Own2020 +CVE-2021-27246 - https://github.com/tzwlhack/Vulnerability CVE-2021-27249 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-27249 - https://github.com/SexyBeast233/SecBooks +CVE-2021-27249 - https://github.com/tzwlhack/Vulnerability CVE-2021-27251 - https://github.com/rdomanski/Exploits_and_Advisories CVE-2021-27257 - https://github.com/rdomanski/Exploits_and_Advisories CVE-2021-27290 - https://github.com/doyensec/regexploit CVE-2021-27290 - https://github.com/engn33r/awesome-redos-security CVE-2021-27290 - https://github.com/yetingli/PoCs +CVE-2021-27291 - https://github.com/asa1997/topgear_test CVE-2021-27291 - https://github.com/doyensec/regexploit CVE-2021-27291 - https://github.com/engn33r/awesome-redos-security CVE-2021-27292 - https://github.com/doyensec/regexploit @@ -38250,6 +41857,8 @@ CVE-2021-27328 - https://github.com/SexyBeast233/SecBooks CVE-2021-27328 - https://github.com/SouthWind0/southwind0.github.io CVE-2021-27328 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-27328 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-27328 - https://github.com/somatrasss/Yeastar-NeoGate +CVE-2021-27328 - https://github.com/tzwlhack/Vulnerability CVE-2021-27330 - https://github.com/ARPSyndicate/cvemon CVE-2021-27330 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-27338 - https://github.com/ARPSyndicate/cvemon @@ -38270,11 +41879,13 @@ CVE-2021-27364 - https://github.com/aaronxie55/Presentation2_Markdown CVE-2021-27364 - https://github.com/bollwarm/SecToolSet CVE-2021-27364 - https://github.com/c4pt000/kernel-5.11.6-expSEHDsec-HAXM-cgroup-virtio-nvidia-amd-kaliwifi CVE-2021-27364 - https://github.com/xairy/linux-kernel-exploitation +CVE-2021-27365 - https://github.com/EGI-Federation/SVG-advisories CVE-2021-27365 - https://github.com/aaronxie55/Presentation2_Markdown CVE-2021-27365 - https://github.com/bollwarm/SecToolSet CVE-2021-27365 - https://github.com/c4pt000/kernel-5.11.6-expSEHDsec-HAXM-cgroup-virtio-nvidia-amd-kaliwifi CVE-2021-27365 - https://github.com/gipi/cve-cemetery CVE-2021-27365 - https://github.com/xairy/linux-kernel-exploitation +CVE-2021-27370 - https://github.com/ajmalabubakkr/CVE CVE-2021-27403 - https://github.com/ARPSyndicate/cvemon CVE-2021-27403 - https://github.com/bokanrb/CVE-2021-27403 CVE-2021-27403 - https://github.com/developer3000S/PoC-in-GitHub @@ -38284,14 +41895,17 @@ CVE-2021-27404 - https://github.com/bokanrb/CVE-2021-27404 CVE-2021-27404 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-27404 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-27513 - https://github.com/ARPSyndicate/cvemon +CVE-2021-27513 - https://github.com/ArianeBlow/CVE-2021-27513 CVE-2021-27513 - https://github.com/ArianeBlow/CVE-2021-27513-CVE-2021-27514 CVE-2021-27513 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-27513 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-27514 - https://github.com/ARPSyndicate/cvemon CVE-2021-27514 - https://github.com/ArianeBlow/CVE-2021-27513-CVE-2021-27514 +CVE-2021-27514 - https://github.com/ArianeBlow/EyesOfNetwork-vuln-checker CVE-2021-27514 - https://github.com/Tjohn42/Markdown CVE-2021-27514 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-27550 - https://github.com/dlehgus1023/CVE +CVE-2021-27550 - https://github.com/erepspinos/CVE CVE-2021-27556 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-27561 - https://github.com/ARPSyndicate/cvemon CVE-2021-27561 - https://github.com/ARPSyndicate/kenzer-templates @@ -38312,6 +41926,7 @@ CVE-2021-27606 - https://github.com/Onapsis/vulnerability_advisories CVE-2021-27607 - https://github.com/Onapsis/vulnerability_advisories CVE-2021-27620 - https://github.com/Onapsis/vulnerability_advisories CVE-2021-27622 - https://github.com/Onapsis/vulnerability_advisories +CVE-2021-27624 - https://github.com/0xInfection/PewSWITCH CVE-2021-27624 - https://github.com/Onapsis/vulnerability_advisories CVE-2021-27625 - https://github.com/Onapsis/vulnerability_advisories CVE-2021-27626 - https://github.com/Onapsis/vulnerability_advisories @@ -38326,22 +41941,30 @@ CVE-2021-27634 - https://github.com/Onapsis/vulnerability_advisories CVE-2021-27635 - https://github.com/Onapsis/vulnerability_advisories CVE-2021-27635 - https://github.com/lmkalg/my_cves CVE-2021-27645 - https://github.com/dispera/giant-squid +CVE-2021-27645 - https://github.com/domyrtille/interview_project +CVE-2021-27645 - https://github.com/epequeno/devops-demo CVE-2021-27645 - https://github.com/onzack/trivy-multiscanner CVE-2021-27651 - https://github.com/ARPSyndicate/cvemon CVE-2021-27651 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-27651 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-27651 - https://github.com/Elsfa7-110/kenzer-templates CVE-2021-27651 - https://github.com/Vulnmachines/CVE-2021-27651 +CVE-2021-27651 - https://github.com/byteofjoshua/CVE-2021-27651 CVE-2021-27651 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-27651 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-27651 - https://github.com/samwcyo/CVE-2021-27651-PoC +CVE-2021-27651 - https://github.com/tzwlhack/Vulnerability CVE-2021-27670 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-27670 - https://github.com/SexyBeast233/SecBooks +CVE-2021-27670 - https://github.com/tzwlhack/Vulnerability CVE-2021-27736 - https://github.com/CompassSecurity/SAMLRaider CVE-2021-27736 - https://github.com/FusionAuth/fusionauth-samlv2 CVE-2021-27807 - https://github.com/CodeIntelligenceTesting/jazzer CVE-2021-27850 - https://github.com/ARPSyndicate/cvemon CVE-2021-27850 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-27850 - https://github.com/Ovi3/CVE_2021_27850_POC +CVE-2021-27850 - https://github.com/dorkerdevil/CVE-2021-27850_POC +CVE-2021-27850 - https://github.com/kahla-sec/CVE-2021-27850_POC CVE-2021-27850 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-27889 - https://github.com/SexyBeast233/SecBooks CVE-2021-27889 - https://github.com/SouthWind0/southwind0.github.io @@ -38353,6 +41976,7 @@ CVE-2021-27890 - https://github.com/SexyBeast233/SecBooks CVE-2021-27890 - https://github.com/SouthWind0/southwind0.github.io CVE-2021-27890 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-27890 - https://github.com/scannells/exploits +CVE-2021-27890 - https://github.com/tzwlhack/Vulnerability CVE-2021-27890 - https://github.com/xiaopan233/Mybb-XSS_SQL_RCE-POC CVE-2021-27905 - https://github.com/ARPSyndicate/cvemon CVE-2021-27905 - https://github.com/ARPSyndicate/kenzer-templates @@ -38362,14 +41986,17 @@ CVE-2021-27905 - https://github.com/Henry4E36/Solr-SSRF CVE-2021-27905 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2021-27905 - https://github.com/W2Ning/Solr-SSRF CVE-2021-27905 - https://github.com/YinWC/2021hvv_vul +CVE-2021-27905 - https://github.com/errorecho/CVEs-Collection CVE-2021-27905 - https://github.com/joydo/CVE-Writeups CVE-2021-27905 - https://github.com/murataydemir/CVE-2021-27905 CVE-2021-27905 - https://github.com/n1sh1th/CVE-POC CVE-2021-27905 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-27905 - https://github.com/tzwlhack/Vulnerability CVE-2021-27905 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-27906 - https://github.com/CodeIntelligenceTesting/jazzer CVE-2021-27912 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-27913 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-27921 - https://github.com/asa1997/topgear_test CVE-2021-27927 - https://github.com/r0eXpeR/redteam_vul CVE-2021-27928 - https://github.com/ARPSyndicate/cvemon CVE-2021-27928 - https://github.com/Al1ex/CVE-2021-27928 @@ -38380,20 +42007,26 @@ CVE-2021-27928 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-27928 - https://github.com/superfish9/pt CVE-2021-27931 - https://github.com/ARPSyndicate/cvemon CVE-2021-27931 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-27941 - https://github.com/salgio/eWeLink-QR-Code CVE-2021-27963 - https://github.com/ARPSyndicate/cvemon CVE-2021-27963 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-27963 - https://github.com/erberkan/SonLogger-vulns CVE-2021-27963 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-27964 - https://github.com/erberkan/SonLogger-vulns CVE-2021-27965 - https://github.com/ARPSyndicate/cvemon +CVE-2021-27965 - https://github.com/Crystalware/CVE-2021-27965 CVE-2021-27965 - https://github.com/mathisvickie/CVE-2021-27965 CVE-2021-27965 - https://github.com/mathisvickie/KMAC CVE-2021-27965 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-28041 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2021-28073 - https://github.com/ARPSyndicate/cvemon CVE-2021-28073 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-28073 - https://github.com/Elsfa7-110/kenzer-templates CVE-2021-28073 - https://github.com/SexyBeast233/SecBooks +CVE-2021-28073 - https://github.com/errorecho/CVEs-Collection +CVE-2021-28073 - https://github.com/zmylml/yangzifun CVE-2021-28079 - https://github.com/ARPSyndicate/cvemon +CVE-2021-28079 - https://github.com/g33xter/CVE-2021-28079 CVE-2021-28079 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-28079 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-28079 - https://github.com/theart42/cves @@ -38403,11 +42036,13 @@ CVE-2021-28135 - https://github.com/engn33r/awesome-bluetooth-security CVE-2021-28136 - https://github.com/engn33r/awesome-bluetooth-security CVE-2021-28139 - https://github.com/engn33r/awesome-bluetooth-security CVE-2021-28143 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-28143 - https://github.com/tzwlhack/Vulnerability CVE-2021-28145 - https://github.com/S1lkys/CVE-2021-40101 CVE-2021-28149 - https://github.com/ARPSyndicate/cvemon CVE-2021-28149 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-28149 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-28149 - https://github.com/SexyBeast233/SecBooks +CVE-2021-28149 - https://github.com/tzwlhack/Vulnerability CVE-2021-28150 - https://github.com/ARPSyndicate/cvemon CVE-2021-28150 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-28150 - https://github.com/SexyBeast233/SecBooks @@ -38419,13 +42054,16 @@ CVE-2021-28152 - https://github.com/bigblackhat/oFx CVE-2021-28155 - https://github.com/engn33r/awesome-bluetooth-security CVE-2021-28162 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-28162 - https://github.com/SexyBeast233/SecBooks +CVE-2021-28162 - https://github.com/tzwlhack/Vulnerability CVE-2021-28164 - https://github.com/ARPSyndicate/cvemon CVE-2021-28164 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-28164 - https://github.com/bigblackhat/oFx CVE-2021-28164 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-28166 - https://github.com/PBearson/FUME-Fuzzing-MQTT-Brokers CVE-2021-28169 - https://github.com/ARPSyndicate/cvemon CVE-2021-28169 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-28169 - https://github.com/bigblackhat/oFx +CVE-2021-28216 - https://github.com/CERTCC/UEFI-Analysis-Resources CVE-2021-28236 - https://github.com/zodf0055980/Yuan-fuzz CVE-2021-28237 - https://github.com/zodf0055980/Yuan-fuzz CVE-2021-28310 - https://github.com/ARPSyndicate/cvemon @@ -38436,19 +42074,27 @@ CVE-2021-28310 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2021-28312 - https://github.com/ARPSyndicate/cvemon CVE-2021-28312 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-28312 - https://github.com/shubham0d/CVE-2021-28312 +CVE-2021-28313 - https://github.com/irsl/microsoft-diaghub-case-sensitivity-eop-cve +CVE-2021-28321 - https://github.com/irsl/microsoft-diaghub-case-sensitivity-eop-cve +CVE-2021-28322 - https://github.com/irsl/microsoft-diaghub-case-sensitivity-eop-cve +CVE-2021-28323 - https://github.com/irsl/microsoft-diaghub-case-sensitivity-eop-cve CVE-2021-28348 - https://github.com/googleprojectzero/winafl CVE-2021-28349 - https://github.com/googleprojectzero/winafl CVE-2021-28350 - https://github.com/googleprojectzero/winafl +CVE-2021-28363 - https://github.com/noseka1/deep-dive-into-clair CVE-2021-28363 - https://github.com/tern-tools/tern CVE-2021-28378 - https://github.com/pandatix/CVE-2021-28378 CVE-2021-28440 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-28474 - https://github.com/r0eXpeR/supplier CVE-2021-28476 - https://github.com/0vercl0k/0vercl0k CVE-2021-28476 - https://github.com/0vercl0k/CVE-2021-28476 CVE-2021-28476 - https://github.com/ARPSyndicate/cvemon +CVE-2021-28476 - https://github.com/LaCeeKa/CVE-2021-28476-tools-env CVE-2021-28476 - https://github.com/bhassani/Recent-CVE CVE-2021-28476 - https://github.com/bluefrostsecurity/CVE-2021-28476 CVE-2021-28476 - https://github.com/joydo/CVE-Writeups CVE-2021-28476 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-28476 - https://github.com/r0eXpeR/supplier CVE-2021-28480 - https://github.com/ARPSyndicate/cvemon CVE-2021-28480 - https://github.com/ZephrFish/CVE-2021-28480_HoneyPoC3 CVE-2021-28480 - https://github.com/nomi-sec/PoC-in-GitHub @@ -38463,8 +42109,10 @@ CVE-2021-28482 - https://github.com/bhassani/Recent-CVE CVE-2021-28482 - https://github.com/n1sh1th/CVE-POC CVE-2021-28482 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-28482 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-28482 - https://github.com/tzwlhack/Vulnerability CVE-2021-28483 - https://github.com/ZephrFish/CVE-2021-28480_HoneyPoC3 CVE-2021-28483 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-28550 - https://github.com/dudacgf/ovr_convert CVE-2021-28550 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-28553 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-28559 - https://github.com/p1ay8y3ar/cve_monitor @@ -38474,6 +42122,7 @@ CVE-2021-28564 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-28565 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-28657 - https://github.com/mosaic-hgw/jMeter CVE-2021-28663 - https://github.com/ARPSyndicate/cvemon +CVE-2021-28663 - https://github.com/lntrx/CVE-2021-28663 CVE-2021-28663 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-28663 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-28663 - https://github.com/xairy/linux-kernel-exploitation @@ -38493,33 +42142,50 @@ CVE-2021-28700 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-28750 - https://github.com/ARPSyndicate/cvemon CVE-2021-28750 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-28797 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-28797 - https://github.com/r0eXpeR/supplier +CVE-2021-28797 - https://github.com/tzwlhack/Vulnerability +CVE-2021-28799 - https://github.com/r0eXpeR/supplier CVE-2021-28807 - https://github.com/ShielderSec/poc CVE-2021-28814 - https://github.com/thomasfady/QNAP_QSA-21-25 +CVE-2021-28831 - https://github.com/thecyberbaby/Trivy-by-aquaSecurity +CVE-2021-2885 - https://github.com/Tlc123456/CVE CVE-2021-28854 - https://github.com/ARPSyndicate/cvemon CVE-2021-28854 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-28854 - https://github.com/JHHAX/VICIdial +CVE-2021-28875 - https://github.com/Qwaz/rust-cve +CVE-2021-28875 - https://github.com/sslab-gatech/Rudra-Artifacts +CVE-2021-28876 - https://github.com/Qwaz/rust-cve +CVE-2021-28877 - https://github.com/Qwaz/rust-cve +CVE-2021-28878 - https://github.com/Qwaz/rust-cve +CVE-2021-28879 - https://github.com/Qwaz/rust-cve CVE-2021-28918 - https://github.com/ARPSyndicate/cvemon CVE-2021-28918 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-28918 - https://github.com/DNTYO/F5_Vulnerability CVE-2021-28925 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-28925 - https://github.com/YinWC/2021hvv_vul +CVE-2021-28925 - https://github.com/tzwlhack/Vulnerability CVE-2021-28937 - https://github.com/ARPSyndicate/cvemon CVE-2021-28937 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-28937 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2021-28958 - https://github.com/STMCyber/CVEs CVE-2021-28965 - https://github.com/Tabll/gemnasium-db CVE-2021-28965 - https://github.com/sonatype-nexus-community/chelsea CVE-2021-28966 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-28966 - https://github.com/tzwlhack/Vulnerability CVE-2021-28980 - https://github.com/Al1ex/Al1ex CVE-2021-28981 - https://github.com/Al1ex/Al1ex CVE-2021-28983 - https://github.com/Al1ex/Al1ex CVE-2021-28986 - https://github.com/Al1ex/Al1ex CVE-2021-28988 - https://github.com/Al1ex/Al1ex +CVE-2021-29003 - https://github.com/jaysharma786/CVE-2021-29003 +CVE-2021-29004 - https://github.com/mrojz/rconfig-exploit CVE-2021-29133 - https://github.com/ARPSyndicate/cvemon CVE-2021-29155 - https://github.com/ARPSyndicate/cvemon CVE-2021-29155 - https://github.com/Kakashiiiiy/CVE-2021-29155 CVE-2021-29155 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-29156 - https://github.com/ARPSyndicate/cvemon CVE-2021-29156 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-29156 - https://github.com/guidepointsecurity/CVE-2021-29156 CVE-2021-29156 - https://github.com/kubearmor/policy-templates CVE-2021-29156 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-29156 - https://github.com/p1ay8y3ar/cve_monitor @@ -38528,6 +42194,7 @@ CVE-2021-29200 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-29200 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-29200 - https://github.com/r00t4dm/r00t4dm CVE-2021-29200 - https://github.com/r0ckysec/CVE-2021-29200 +CVE-2021-29200 - https://github.com/tzwlhack/Vulnerability CVE-2021-29203 - https://github.com/ARPSyndicate/cvemon CVE-2021-29203 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-29262 - https://github.com/YinWC/2021hvv_vul @@ -38537,6 +42204,7 @@ CVE-2021-29267 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-29280 - https://github.com/deadlysnowman3308/upgraded-ARP-Poisoning CVE-2021-29302 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-29302 - https://github.com/liyansong2018/CVE +CVE-2021-29302 - https://github.com/tzwlhack/Vulnerability CVE-2021-29337 - https://github.com/ARPSyndicate/cvemon CVE-2021-29337 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-29337 - https://github.com/rjt-gupta/CVE-2021-29337 @@ -38544,6 +42212,7 @@ CVE-2021-29349 - https://github.com/ARPSyndicate/cvemon CVE-2021-29349 - https://github.com/Vulnmachines/CVE-2021-29349 CVE-2021-29349 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-29379 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-29379 - https://github.com/tzwlhack/Vulnerability CVE-2021-29386 - https://github.com/ARPSyndicate/cvemon CVE-2021-29386 - https://github.com/Umarovm/PowerSchool-Grade-Stealer CVE-2021-29386 - https://github.com/nomi-sec/PoC-in-GitHub @@ -38556,6 +42225,7 @@ CVE-2021-29440 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-29441 - https://github.com/ARPSyndicate/cvemon CVE-2021-29441 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-29441 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2021-29441 - https://github.com/hh-hunter/nacos-cve-2021-29441 CVE-2021-29441 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-29442 - https://github.com/ARPSyndicate/cvemon CVE-2021-29442 - https://github.com/ARPSyndicate/kenzer-templates @@ -38563,6 +42233,8 @@ CVE-2021-29442 - https://github.com/Elsfa7-110/kenzer-templates CVE-2021-29442 - https://github.com/kubearmor/policy-templates CVE-2021-29447 - https://github.com/0xjukai/Web-security CVE-2021-29447 - https://github.com/ARPSyndicate/cvemon +CVE-2021-29447 - https://github.com/AssassinUKG/CVE-2021-29447 +CVE-2021-29447 - https://github.com/AssassinUKG/Writeups CVE-2021-29447 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-29447 - https://github.com/H0j3n/EzpzCheatSheet CVE-2021-29447 - https://github.com/SexyBeast233/SecBooks @@ -38572,10 +42244,14 @@ CVE-2021-29447 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups CVE-2021-29447 - https://github.com/motikan2010/CVE-2021-29447 CVE-2021-29447 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-29447 - https://github.com/taielab/awesome-hacking-lists +CVE-2021-29447 - https://github.com/tzwlhack/Vulnerability CVE-2021-29449 - https://github.com/ARPSyndicate/cvemon CVE-2021-29469 - https://github.com/engn33r/awesome-redos-security CVE-2021-29472 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-29472 - https://github.com/mdisec/mdisec-twitch-yayinlari +CVE-2021-29472 - https://github.com/tzwlhack/Vulnerability +CVE-2021-29482 - https://github.com/k1LoW/oshka +CVE-2021-29482 - https://github.com/naveensrinivasan/stunning-tribble CVE-2021-29484 - https://github.com/ARPSyndicate/cvemon CVE-2021-29484 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-29487 - https://github.com/daftspunk/CVE-2021-32648 @@ -38587,6 +42263,7 @@ CVE-2021-29505 - https://github.com/ARPSyndicate/cvemon CVE-2021-29505 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet CVE-2021-29505 - https://github.com/MyBlackManba/CVE-2021-29505 CVE-2021-29505 - https://github.com/SexyBeast233/SecBooks +CVE-2021-29505 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2021-29505 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet CVE-2021-29505 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-29505 - https://github.com/superfish9/pt @@ -38598,6 +42275,7 @@ CVE-2021-29625 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-29627 - https://github.com/ARPSyndicate/cvemon CVE-2021-29627 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-29627 - https://github.com/raymontag/cve-2021-29627 +CVE-2021-29628 - https://github.com/r3dg0d/pspwn5 CVE-2021-29657 - https://github.com/xairy/linux-kernel-exploitation CVE-2021-29663 - https://github.com/cptsticky/A-0day-Per-Day-Keeps-The-Cope-Away CVE-2021-29752 - https://github.com/p1ay8y3ar/cve_monitor @@ -38607,17 +42285,21 @@ CVE-2021-29813 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-29814 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-29815 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-29816 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-2982 - https://github.com/JohnHammond/CVE-2012-2982 CVE-2021-29832 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-29833 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-29842 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-29904 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-29905 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-29921 - https://github.com/mstxq17/SecurityArticleLogger +CVE-2021-29923 - https://github.com/aojea/funny-ip-etcd-detector CVE-2021-29943 - https://github.com/YinWC/2021hvv_vul CVE-2021-29955 - https://github.com/vusec/fpvi-scsb CVE-2021-29996 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-29996 - https://github.com/tzwlhack/Vulnerability CVE-2021-30000 - https://github.com/cptsticky/A-0day-Per-Day-Keeps-The-Cope-Away CVE-2021-30003 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-30003 - https://github.com/tzwlhack/Vulnerability CVE-2021-30005 - https://github.com/ARPSyndicate/cvemon CVE-2021-30005 - https://github.com/atorralba/CVE-2021-30005-POC CVE-2021-30005 - https://github.com/nomi-sec/PoC-in-GitHub @@ -38629,8 +42311,10 @@ CVE-2021-3007 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-3007 - https://github.com/KOKAProduktion/KokaCrud CVE-2021-3007 - https://github.com/Vulnmachines/ZF3_CVE-2021-3007 CVE-2021-3007 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-3007 - https://github.com/tzwlhack/Vulnerability CVE-2021-3007 - https://github.com/vlp443/pickled-zend CVE-2021-30109 - https://github.com/ARPSyndicate/cvemon +CVE-2021-30109 - https://github.com/Hackdwerg/CVE-2021-30109 CVE-2021-30109 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-30123 - https://github.com/liyansong2018/CVE CVE-2021-30128 - https://github.com/ARPSyndicate/cvemon @@ -38639,8 +42323,11 @@ CVE-2021-30128 - https://github.com/LioTree/CVE-2021-30128-EXP CVE-2021-30128 - https://github.com/gobysec/Goby CVE-2021-30128 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-30128 - https://github.com/r0ckysec/CVE-2021-30128 +CVE-2021-30128 - https://github.com/tzwlhack/Vulnerability CVE-2021-30139 - https://github.com/indece-official/clair-client +CVE-2021-30139 - https://github.com/thecyberbaby/Trivy-by-aquaSecurity CVE-2021-30146 - https://github.com/ARPSyndicate/cvemon +CVE-2021-30146 - https://github.com/Security-AVS/CVE-2021-30146 CVE-2021-30146 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-30149 - https://github.com/ARPSyndicate/cvemon CVE-2021-30149 - https://github.com/nomi-sec/PoC-in-GitHub @@ -38653,6 +42340,7 @@ CVE-2021-30151 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-30151 - https://github.com/Elsfa7-110/kenzer-templates CVE-2021-30157 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-30157 - https://github.com/SexyBeast233/SecBooks +CVE-2021-30157 - https://github.com/tzwlhack/Vulnerability CVE-2021-3017 - https://github.com/ARPSyndicate/cvemon CVE-2021-3017 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-3017 - https://github.com/SexyBeast233/SecBooks @@ -38660,6 +42348,7 @@ CVE-2021-3017 - https://github.com/bigblackhat/oFx CVE-2021-30175 - https://github.com/awillix/research CVE-2021-30176 - https://github.com/awillix/research CVE-2021-30179 - https://github.com/SexyBeast233/SecBooks +CVE-2021-30179 - https://github.com/lz2y/DubboPOC CVE-2021-3019 - https://github.com/0xf4n9x/CVE-2021-3019 CVE-2021-3019 - https://github.com/ARPSyndicate/cvemon CVE-2021-3019 - https://github.com/ARPSyndicate/kenzer-templates @@ -38674,6 +42363,7 @@ CVE-2021-3019 - https://github.com/givemefivw/CVE-2021-3019 CVE-2021-3019 - https://github.com/murataydemir/CVE-2021-3019 CVE-2021-3019 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-3019 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-3019 - https://github.com/qiezi-maozi/CVE-2021-3019-Lanproxy CVE-2021-3019 - https://github.com/sobinge/nuclei-templates CVE-2021-30213 - https://github.com/ARPSyndicate/cvemon CVE-2021-30213 - https://github.com/ARPSyndicate/kenzer-templates @@ -38690,6 +42380,7 @@ CVE-2021-30330 - https://github.com/mirac7/codegraph CVE-2021-30353 - https://github.com/mirac7/codegraph CVE-2021-30359 - https://github.com/RonnieSalomonsen/My-CVEs CVE-2021-30360 - https://github.com/RonnieSalomonsen/My-CVEs +CVE-2021-3045 - https://github.com/r0eXpeR/supplier CVE-2021-30461 - https://github.com/ARPSyndicate/cvemon CVE-2021-30461 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-30461 - https://github.com/Al1ex/CVE-2021-30461 @@ -38700,28 +42391,41 @@ CVE-2021-30461 - https://github.com/Vulnmachines/CVE-2021-30461 CVE-2021-30461 - https://github.com/bigblackhat/oFx CVE-2021-30461 - https://github.com/daedalus/CVE-2021-30461 CVE-2021-30461 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-30461 - https://github.com/puckiestyle/CVE-2021-30461 +CVE-2021-30461 - https://github.com/tzwlhack/Vulnerability CVE-2021-30465 - https://github.com/Metarget/awesome-cloud-native-security CVE-2021-30465 - https://github.com/Metarget/metarget CVE-2021-30465 - https://github.com/UCloudDocs/uk8s +CVE-2021-30465 - https://github.com/asa1997/topgear_test CVE-2021-30465 - https://github.com/champtar/blog CVE-2021-30465 - https://github.com/kaosagnt/ansible-everyday +CVE-2021-30465 - https://github.com/reni2study/Cloud-Native-Security2 CVE-2021-30465 - https://github.com/superfish9/pt CVE-2021-30481 - https://github.com/ARPSyndicate/cvemon CVE-2021-30481 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-30481 - https://github.com/floesen/CVE-2021-30481 CVE-2021-30481 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-30481 - https://github.com/tzwlhack/Vulnerability CVE-2021-30496 - https://github.com/raminfp/raminfp CVE-2021-30497 - https://github.com/ARPSyndicate/cvemon CVE-2021-30497 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-30551 - https://github.com/xmzyshypnc/CVE-2021-30551 +CVE-2021-30565 - https://github.com/StarCrossPortal/bug-hunting-101 CVE-2021-30573 - https://github.com/ARPSyndicate/cvemon +CVE-2021-30573 - https://github.com/byteofjoshua/CVE-2021-30573 +CVE-2021-30573 - https://github.com/kh4sh3i/CVE-2021-30573 CVE-2021-30573 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-30573 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-30573 - https://github.com/s4e-lab/CVE-2021-30573-PoC-Google-Chrome CVE-2021-30577 - https://github.com/klinix5/GoogleUpdateSvcLPE CVE-2021-30623 - https://github.com/CrackerCat/CVE-2021-30632 +CVE-2021-30623 - https://github.com/dev-fff/cve-win CVE-2021-30623 - https://github.com/rfcxv/CVE-2021-40444-POC CVE-2021-30632 - https://github.com/ARPSyndicate/cvemon +CVE-2021-30632 - https://github.com/CrackerCat/CVE-2021-30632 CVE-2021-30632 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-30632 - https://github.com/Phuong39/PoC-CVE-2021-30632 +CVE-2021-30632 - https://github.com/dev-fff/cve-win CVE-2021-30632 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-30632 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-30632 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- @@ -38729,6 +42433,7 @@ CVE-2021-3064 - https://github.com/harsh-bothra/learn365 CVE-2021-30641 - https://github.com/fkm75P8YjLkb/CVE-2021-30641 CVE-2021-30653 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-30654 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-30655 - https://github.com/amanszpapaya/MacPer CVE-2021-30655 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2021-30656 - https://github.com/Siguza/ios-resources CVE-2021-30657 - https://github.com/ARPSyndicate/cvemon @@ -38737,14 +42442,17 @@ CVE-2021-30657 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2021-30657 - https://github.com/joydo/CVE-Writeups CVE-2021-30657 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-30657 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-30657 - https://github.com/shubham0d/CVE-2021-30657 CVE-2021-30660 - https://github.com/Siguza/ios-resources CVE-2021-30660 - https://github.com/houjingyi233/macOS-iOS-system-security +CVE-2021-30666 - https://github.com/gmatuz/inthewilddb CVE-2021-30671 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-30674 - https://github.com/b1n4r1b01/n-days CVE-2021-30678 - https://github.com/didi/kemon CVE-2021-30682 - https://github.com/ARPSyndicate/cvemon CVE-2021-30682 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-30682 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-30682 - https://github.com/threatnix/csp-playground CVE-2021-30684 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-30686 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-30689 - https://github.com/p1ay8y3ar/cve_monitor @@ -38760,15 +42468,35 @@ CVE-2021-30724 - https://github.com/Siguza/ios-resources CVE-2021-30724 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2021-30734 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups CVE-2021-30734 - https://github.com/ret2/Pwn2Own-2021-Safari +CVE-2021-30740 - https://github.com/LinusHenze/Fugu14 +CVE-2021-30740 - https://github.com/evilcorp1311/kkkk +CVE-2021-30740 - https://github.com/gfam2801/fugu14-online CVE-2021-30740 - https://github.com/houjingyi233/macOS-iOS-system-security +CVE-2021-30740 - https://github.com/nanerasingh/fugu14 CVE-2021-30747 - https://github.com/Spacial/awesome-csirt CVE-2021-30747 - https://github.com/codexlynx/hardware-attacks-state-of-the-art CVE-2021-30747 - https://github.com/joydo/CVE-Writeups +CVE-2021-30768 - https://github.com/LinusHenze/Fugu14 +CVE-2021-30768 - https://github.com/evilcorp1311/kkkk +CVE-2021-30768 - https://github.com/gfam2801/fugu14-online CVE-2021-30768 - https://github.com/houjingyi233/macOS-iOS-system-security +CVE-2021-30768 - https://github.com/nanerasingh/fugu14 CVE-2021-30768 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-30769 - https://github.com/LinusHenze/Fugu14 +CVE-2021-30769 - https://github.com/evilcorp1311/kkkk +CVE-2021-30769 - https://github.com/gfam2801/fugu14-online CVE-2021-30769 - https://github.com/houjingyi233/macOS-iOS-system-security +CVE-2021-30769 - https://github.com/nanerasingh/fugu14 +CVE-2021-30770 - https://github.com/LinusHenze/Fugu14 +CVE-2021-30770 - https://github.com/evilcorp1311/kkkk +CVE-2021-30770 - https://github.com/gfam2801/fugu14-online CVE-2021-30770 - https://github.com/houjingyi233/macOS-iOS-system-security +CVE-2021-30770 - https://github.com/nanerasingh/fugu14 +CVE-2021-30773 - https://github.com/LinusHenze/Fugu14 +CVE-2021-30773 - https://github.com/evilcorp1311/kkkk +CVE-2021-30773 - https://github.com/gfam2801/fugu14-online CVE-2021-30773 - https://github.com/houjingyi233/macOS-iOS-system-security +CVE-2021-30773 - https://github.com/nanerasingh/fugu14 CVE-2021-30773 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-30776 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-30777 - https://github.com/p1ay8y3ar/cve_monitor @@ -38776,14 +42504,21 @@ CVE-2021-30779 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-30780 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-30781 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-30798 - https://github.com/houjingyi233/macOS-iOS-system-security +CVE-2021-30800 - https://github.com/vmcall/vmcall +CVE-2021-30807 - https://github.com/30440r/gex CVE-2021-30807 - https://github.com/ARPSyndicate/cvemon CVE-2021-30807 - https://github.com/b1n4r1b01/n-days CVE-2021-30807 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2021-30807 - https://github.com/joydo/CVE-Writeups +CVE-2021-30807 - https://github.com/jsherman212/iomfb-exploit CVE-2021-30807 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-30807 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-30807 - https://github.com/saaramar/IOMobileFrameBuffer_LPE_POC CVE-2021-30818 - https://github.com/googleprojectzero/fuzzilli +CVE-2021-30827 - https://github.com/zanezhub/PIA-PC +CVE-2021-30828 - https://github.com/zanezhub/PIA-PC CVE-2021-30833 - https://github.com/houjingyi233/macOS-iOS-system-security +CVE-2021-30845 - https://github.com/zanezhub/PIA-PC CVE-2021-30851 - https://github.com/googleprojectzero/fuzzilli CVE-2021-30853 - https://github.com/ARPSyndicate/cvemon CVE-2021-30853 - https://github.com/houjingyi233/macOS-iOS-system-security @@ -38791,9 +42526,16 @@ CVE-2021-30853 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-30853 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-30855 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2021-30858 - https://github.com/ARPSyndicate/cvemon +CVE-2021-30858 - https://github.com/FitTerminator/PS4-CVE-202130858 +CVE-2021-30858 - https://github.com/FitTerminator/iOS-CVE-202130858 +CVE-2021-30858 - https://github.com/Jeromeyoung/ps4_8.00_vuln_poc +CVE-2021-30858 - https://github.com/Nazky/PS4CVE202130858 +CVE-2021-30858 - https://github.com/kmeps4/CVEREV3 CVE-2021-30858 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-30858 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-30860 - https://github.com/30440r/gex CVE-2021-30860 - https://github.com/ARPSyndicate/cvemon +CVE-2021-30860 - https://github.com/Levilutz/CVE-2021-30860 CVE-2021-30860 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2021-30860 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-30860 - https://github.com/p1ay8y3ar/cve_monitor @@ -38803,11 +42545,15 @@ CVE-2021-30868 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2021-30869 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2021-30871 - https://github.com/disclose/research-threats CVE-2021-30883 - https://github.com/houjingyi233/macOS-iOS-system-security +CVE-2021-30883 - https://github.com/nanerasingh/IOMFB_integer_overflow_poc +CVE-2021-30883 - https://github.com/nanerasingh/IOMFB_integer_overflow_poc1 +CVE-2021-30883 - https://github.com/saaramar/IOMFB_integer_overflow_poc CVE-2021-30892 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2021-30902 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2021-30907 - https://github.com/joydo/CVE-Writeups CVE-2021-30909 - https://github.com/joydo/CVE-Writeups CVE-2021-30916 - https://github.com/joydo/CVE-Writeups +CVE-2021-30924 - https://github.com/darling-x0r/0day_dos_apple CVE-2021-30970 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2021-30970 - https://github.com/joydo/CVE-Writeups CVE-2021-30975 - https://github.com/houjingyi233/macOS-iOS-system-security @@ -38816,7 +42562,9 @@ CVE-2021-30990 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2021-30995 - https://github.com/houjingyi233/macOS-iOS-system-security CVE-2021-31159 - https://github.com/ARPSyndicate/cvemon CVE-2021-31159 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-31159 - https://github.com/r0eXpeR/supplier CVE-2021-31159 - https://github.com/ricardojoserf/CVE-2021-31159 +CVE-2021-31162 - https://github.com/Qwaz/rust-cve CVE-2021-31166 - https://github.com/0vercl0k/0vercl0k CVE-2021-31166 - https://github.com/0vercl0k/CVE-2021-31166 CVE-2021-31166 - https://github.com/ARPSyndicate/cvemon @@ -38835,27 +42583,47 @@ CVE-2021-31166 - https://github.com/huike007/penetration_poc CVE-2021-31166 - https://github.com/n1sh1th/CVE-POC CVE-2021-31166 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-31166 - https://github.com/p0dalirius/CVE-2022-21907-http.sys +CVE-2021-31166 - https://github.com/pathcl/oldnews +CVE-2021-31166 - https://github.com/r0eXpeR/supplier +CVE-2021-31166 - https://github.com/tzwlhack/Vulnerability CVE-2021-31166 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-31166 - https://github.com/wrlu/Vulnerabilities CVE-2021-31166 - https://github.com/y0g3sh-99/CVE-2021-31166-Exploit CVE-2021-31166 - https://github.com/zecopro/CVE-2021-31166 CVE-2021-31166 - https://github.com/zha0gongz1/CVE-2021-31166 CVE-2021-31169 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-31169 - https://github.com/tzwlhack/Vulnerability +CVE-2021-31178 - https://github.com/r0eXpeR/supplier CVE-2021-31181 - https://github.com/ARPSyndicate/cvemon +CVE-2021-31181 - https://github.com/H0j3n/EzpzSharepoint CVE-2021-31184 - https://github.com/ARPSyndicate/cvemon CVE-2021-31184 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-31184 - https://github.com/waleedassar/CVE-2021-31184 CVE-2021-31195 - https://github.com/Astrogeorgeonethree/Starred +CVE-2021-31195 - https://github.com/DIVD-NL/ProxyOracleNSE +CVE-2021-31195 - https://github.com/FDlucifer/Proxy-Attackchain CVE-2021-31195 - https://github.com/hosch3n/ProxyVulns CVE-2021-31196 - https://github.com/Astrogeorgeonethree/Starred +CVE-2021-31196 - https://github.com/FDlucifer/Proxy-Attackchain CVE-2021-31196 - https://github.com/hosch3n/ProxyVulns CVE-2021-31196 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-3120 - https://github.com/guy-liu/yith-giftdrop +CVE-2021-31200 - https://github.com/ajmalabubakkr/CVE CVE-2021-31206 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-31207 - https://github.com/0x3n0/redeam CVE-2021-31207 - https://github.com/ARPSyndicate/cvemon CVE-2021-31207 - https://github.com/Astrogeorgeonethree/Starred +CVE-2021-31207 - https://github.com/FDlucifer/Proxy-Attackchain +CVE-2021-31207 - https://github.com/aravazhimdr/ProxyShell-POC-Mod +CVE-2021-31207 - https://github.com/cyberheartmi9/Proxyshell-Scanner +CVE-2021-31207 - https://github.com/horizon3ai/proxyshell CVE-2021-31207 - https://github.com/hosch3n/ProxyVulns +CVE-2021-31207 - https://github.com/mithridates1313/ProxyShell_POC +CVE-2021-31207 - https://github.com/r0eXpeR/supplier +CVE-2021-31207 - https://github.com/signorrayan/RedTeam_toolkit +CVE-2021-3121 - https://github.com/k1LoW/oshka CVE-2021-3121 - https://github.com/sonatype-nexus-community/nancy +CVE-2021-31215 - https://github.com/EGI-Federation/SVG-advisories CVE-2021-3122 - https://github.com/ARPSyndicate/cvemon CVE-2021-3122 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-3122 - https://github.com/nomi-sec/PoC-in-GitHub @@ -38866,13 +42634,16 @@ CVE-2021-31250 - https://github.com/ARPSyndicate/cvemon CVE-2021-31250 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-3129 - https://github.com/0day666/Vulnerability-verification CVE-2021-3129 - https://github.com/0xsyr0/OSCP +CVE-2021-3129 - https://github.com/1111one/laravel-CVE-2021-3129-EXP CVE-2021-3129 - https://github.com/ARPSyndicate/cvemon CVE-2021-3129 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-3129 - https://github.com/Dheia/sc-main CVE-2021-3129 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-3129 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2021-3129 - https://github.com/Erikten/CVE-2021-3129 CVE-2021-3129 - https://github.com/FunPhishing/Laravel-8.4.2-rce-CVE-2021-3129 CVE-2021-3129 - https://github.com/H0j3n/EzpzCheatSheet +CVE-2021-3129 - https://github.com/M00nBack/vulnerability CVE-2021-3129 - https://github.com/Maskhe/evil_ftp CVE-2021-3129 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2021-3129 - https://github.com/SNCKER/CVE-2021-3129 @@ -38884,10 +42655,14 @@ CVE-2021-3129 - https://github.com/carlosevieira/larasploit CVE-2021-3129 - https://github.com/crisprss/Laravel_CVE-2021-3129_EXP CVE-2021-3129 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-3129 - https://github.com/iBotPeaches/ctf-2021 +CVE-2021-3129 - https://github.com/karimmuya/laravel-exploit-tricks +CVE-2021-3129 - https://github.com/knqyf263/CVE-2021-3129 +CVE-2021-3129 - https://github.com/lanmarc77/CVE-2021-33831 CVE-2021-3129 - https://github.com/mstxq17/SecurityArticleLogger CVE-2021-3129 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-3129 - https://github.com/nth347/CVE-2021-3129_exploit CVE-2021-3129 - https://github.com/simonlee-hello/CVE-2021-3129 +CVE-2021-3129 - https://github.com/tzwlhack/Vulnerability CVE-2021-3129 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-3129 - https://github.com/zhzyker/CVE-2021-3129 CVE-2021-3129 - https://github.com/zhzyker/vulmap @@ -38905,29 +42680,39 @@ CVE-2021-3138 - https://github.com/Mesh3l911/CVE-2021-3138 CVE-2021-3138 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-31416 - https://github.com/TysonAndre/vscode-php-phan CVE-2021-31440 - https://github.com/Al1ex/LinuxEelvation +CVE-2021-31440 - https://github.com/ChoKyuWon/exploit_articles CVE-2021-31440 - https://github.com/bsauce/kernel-exploit-factory CVE-2021-31440 - https://github.com/bsauce/kernel-security-learning CVE-2021-31440 - https://github.com/digamma-ai/CVE-2020-8835-verification CVE-2021-31474 - https://github.com/SexyBeast233/SecBooks +CVE-2021-31474 - https://github.com/Y4er/CVE-2021-35215 CVE-2021-31474 - https://github.com/n1sh1th/CVE-POC CVE-2021-31505 - https://github.com/rdomanski/Exploits_and_Advisories +CVE-2021-31535 - https://github.com/ciwei100000/libx11-debian CVE-2021-31535 - https://github.com/freedesktop/xorg-libX11 +CVE-2021-31535 - https://github.com/janisozaur/libx11 CVE-2021-31535 - https://github.com/mirror/libX11 CVE-2021-31537 - https://github.com/ARPSyndicate/cvemon CVE-2021-31537 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-31537 - https://github.com/Elsfa7-110/kenzer-templates +CVE-2021-3156 - https://github.com/0x7183/CVE-2021-3156 CVE-2021-3156 - https://github.com/0xdevil/CVE-2021-3156 +CVE-2021-3156 - https://github.com/0xsakthi/my-pentest-notes CVE-2021-3156 - https://github.com/1N53C/CVE-2021-3156-PoC CVE-2021-3156 - https://github.com/ARGOeu/secmon-probes CVE-2021-3156 - https://github.com/ARPSyndicate/cvemon CVE-2021-3156 - https://github.com/AbdullahRizwan101/Baron-Samedit CVE-2021-3156 - https://github.com/Al1ex/LinuxEelvation CVE-2021-3156 - https://github.com/Ashish-dawani/CVE-2021-3156-Patch +CVE-2021-3156 - https://github.com/Bubleh21/CVE-2021-3156 CVE-2021-3156 - https://github.com/ClassBluer/Exploit_Tools CVE-2021-3156 - https://github.com/CptGibbon/CVE-2021-3156 CVE-2021-3156 - https://github.com/CrackerCat/cve-2021-3157 +CVE-2021-3156 - https://github.com/CyberCommands/CVE-2021-3156 CVE-2021-3156 - https://github.com/CyberCommands/exploit-sudoedit +CVE-2021-3156 - https://github.com/EGI-Federation/SVG-advisories CVE-2021-3156 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-3156 - https://github.com/Exodusro/CVE-2021-3156 CVE-2021-3156 - https://github.com/Floodnut/papers_documents_Analysis CVE-2021-3156 - https://github.com/Gutem/scans-exploits CVE-2021-3156 - https://github.com/HynekPetrak/HynekPetrak @@ -38942,8 +42727,13 @@ CVE-2021-3156 - https://github.com/Rvn0xsy/CVE-2021-3156-plus CVE-2021-3156 - https://github.com/SPXcz/IC1_projekt CVE-2021-3156 - https://github.com/SantiagoSerrao/ScannerCVE-2021-3156 CVE-2021-3156 - https://github.com/SexyBeast233/SecBooks +CVE-2021-3156 - https://github.com/TheFlash2k/CVE-2021-3156 CVE-2021-3156 - https://github.com/TheSerialiZator/CTF-2021 +CVE-2021-3156 - https://github.com/Timirepo/CVE_Exploits +CVE-2021-3156 - https://github.com/Toufupi/CVE_Collection +CVE-2021-3156 - https://github.com/Y3A/CVE-2021-3156 CVE-2021-3156 - https://github.com/ajtech-hue/CVE-2021-3156-Mitigation-ShellScript-Build +CVE-2021-3156 - https://github.com/amanszpapaya/MacPer CVE-2021-3156 - https://github.com/apogiatzis/docker-CVE-2021-3156 CVE-2021-3156 - https://github.com/baka9moe/CVE-2021-3156-Exp CVE-2021-3156 - https://github.com/binw2018/CVE-2021-3156-SCRIPT @@ -38951,15 +42741,21 @@ CVE-2021-3156 - https://github.com/blasty/CVE-2021-3156 CVE-2021-3156 - https://github.com/bollwarm/SecToolSet CVE-2021-3156 - https://github.com/bsauce/kernel-exploit-factory CVE-2021-3156 - https://github.com/bsauce/kernel-security-learning +CVE-2021-3156 - https://github.com/capturingcats/CVE-2021-3156 +CVE-2021-3156 - https://github.com/d3c3ptic0n/CVE-2021-3156 CVE-2021-3156 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-3156 - https://github.com/dinhbaouit/CVE-2021-3156 +CVE-2021-3156 - https://github.com/donghyunlee00/CVE-2021-3156 CVE-2021-3156 - https://github.com/dyne/sud CVE-2021-3156 - https://github.com/elbee-cyber/CVE-2021-3156-PATCHER CVE-2021-3156 - https://github.com/fei9747/LinuxEelvation +CVE-2021-3156 - https://github.com/foyjog/shocker-attack CVE-2021-3156 - https://github.com/freeFV/CVE-2021-3156 CVE-2021-3156 - https://github.com/freitzzz/tpas-binary-exploitation +CVE-2021-3156 - https://github.com/gamblingmaster2020/vCenterExp CVE-2021-3156 - https://github.com/gmldbd94/cve-2021-3156 CVE-2021-3156 - https://github.com/greg-workspace/my_sudo_heap_overflow_exploit +CVE-2021-3156 - https://github.com/hac425xxx/heap-exploitation-in-real-world CVE-2021-3156 - https://github.com/harsh-bothra/learn365 CVE-2021-3156 - https://github.com/hilbix/suid CVE-2021-3156 - https://github.com/huike007/penetration_poc @@ -38975,16 +42771,20 @@ CVE-2021-3156 - https://github.com/lockedbyte/CVE-Exploits CVE-2021-3156 - https://github.com/lockedbyte/slides CVE-2021-3156 - https://github.com/lognoz/puppet-freebsd-workstation CVE-2021-3156 - https://github.com/loong576/ansible-production-practice-6 +CVE-2021-3156 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection CVE-2021-3156 - https://github.com/ltfafei/my_POC CVE-2021-3156 - https://github.com/mbcrump/CVE-2021-3156 CVE-2021-3156 - https://github.com/mr-r3b00t/CVE-2021-3156 CVE-2021-3156 - https://github.com/mstxq17/SecurityArticleLogger +CVE-2021-3156 - https://github.com/musergi/CVE-2021-3156 +CVE-2021-3156 - https://github.com/neolin-ms/LinuxDocLinks CVE-2021-3156 - https://github.com/nexcess/sudo_cve-2021-3156 CVE-2021-3156 - https://github.com/njahrckstr/exploits- CVE-2021-3156 - https://github.com/nobodyatall648/CVE-2021-3156 CVE-2021-3156 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-3156 - https://github.com/oneoy/CVE-2021-3156 CVE-2021-3156 - https://github.com/oneoy/exploits1 +CVE-2021-3156 - https://github.com/oriolOrnaque/TFG-Binary-exploitation CVE-2021-3156 - https://github.com/password520/CVE-2021-3156 CVE-2021-3156 - https://github.com/pathakabhi24/Awesome-C CVE-2021-3156 - https://github.com/perlun/sudo-1.8.3p1-patched @@ -38994,15 +42794,18 @@ CVE-2021-3156 - https://github.com/qxxxb/ctf_challenges CVE-2021-3156 - https://github.com/r0eXpeR/pentest CVE-2021-3156 - https://github.com/r3k4t/how-to-solve-sudo-heap-based-bufferoverflow-vulnerability CVE-2021-3156 - https://github.com/r4j0x00/exploits +CVE-2021-3156 - https://github.com/redhawkeye/sudo-exploit CVE-2021-3156 - https://github.com/reverse-ex/CVE-2021-3156 CVE-2021-3156 - https://github.com/sandesvitor/simple-ansible-lab CVE-2021-3156 - https://github.com/saucer-man/exploit +CVE-2021-3156 - https://github.com/sharkmoos/Baron-Samedit CVE-2021-3156 - https://github.com/siddicky/yotjf CVE-2021-3156 - https://github.com/stong/CVE-2021-3156 CVE-2021-3156 - https://github.com/stressboi/TA-Samedit CVE-2021-3156 - https://github.com/taielab/awesome-hacking-lists CVE-2021-3156 - https://github.com/tainguyenbp/linux-cve CVE-2021-3156 - https://github.com/teamtopkarl/CVE-2021-3156 +CVE-2021-3156 - https://github.com/tzwlhack/Vulnerability CVE-2021-3156 - https://github.com/uhub/awesome-c CVE-2021-3156 - https://github.com/unauth401/CVE-2021-3156 CVE-2021-3156 - https://github.com/usdogu/awesome-stars @@ -39020,15 +42823,22 @@ CVE-2021-31581 - https://github.com/ARPSyndicate/cvemon CVE-2021-31581 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-31589 - https://github.com/ARPSyndicate/cvemon CVE-2021-31589 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-31599 - https://github.com/iamaldi/publications +CVE-2021-31600 - https://github.com/iamaldi/publications +CVE-2021-31601 - https://github.com/iamaldi/publications CVE-2021-31602 - https://github.com/ARPSyndicate/cvemon CVE-2021-31602 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-31602 - https://github.com/iamaldi/publications +CVE-2021-31605 - https://github.com/nday-ldgz/ZoomEye-dork CVE-2021-31607 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-31607 - https://github.com/tzwlhack/Vulnerability CVE-2021-31609 - https://github.com/engn33r/awesome-bluetooth-security CVE-2021-31610 - https://github.com/engn33r/awesome-bluetooth-security CVE-2021-31611 - https://github.com/engn33r/awesome-bluetooth-security CVE-2021-31612 - https://github.com/engn33r/awesome-bluetooth-security CVE-2021-31613 - https://github.com/engn33r/awesome-bluetooth-security CVE-2021-31615 - https://github.com/engn33r/awesome-bluetooth-security +CVE-2021-31630 - https://github.com/h3v0x/CVE-2021-31630-OpenPLC_RCE CVE-2021-3164 - https://github.com/ARPSyndicate/cvemon CVE-2021-3164 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-3164 - https://github.com/nomi-sec/PoC-in-GitHub @@ -39041,6 +42851,7 @@ CVE-2021-3165 - https://github.com/rwils83/nvd_api_interactions CVE-2021-31682 - https://github.com/3ndG4me/WebCTRL-OperatorLocale-Parameter-Reflected-XSS CVE-2021-31682 - https://github.com/ARPSyndicate/cvemon CVE-2021-31682 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-31698 - https://github.com/nnsee/jekyll-cve-badge CVE-2021-31702 - https://github.com/ARPSyndicate/cvemon CVE-2021-31702 - https://github.com/l00neyhacker/CVE-2021-31702 CVE-2021-31702 - https://github.com/nomi-sec/PoC-in-GitHub @@ -39055,6 +42866,7 @@ CVE-2021-31728 - https://github.com/irql0/CVE-2021-31728 CVE-2021-31728 - https://github.com/mathisvickie/KMAC CVE-2021-31728 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-31737 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-31737 - https://github.com/tzwlhack/Vulnerability CVE-2021-31755 - https://github.com/ARPSyndicate/cvemon CVE-2021-31755 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-31755 - https://github.com/Yu3H0/IoT_CVE @@ -39064,16 +42876,19 @@ CVE-2021-31757 - https://github.com/Yu3H0/IoT_CVE CVE-2021-31757 - https://github.com/peanuts62/IOT_CVE CVE-2021-31758 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-31758 - https://github.com/Yu3H0/IoT_CVE +CVE-2021-31758 - https://github.com/tzwlhack/Vulnerability CVE-2021-31760 - https://github.com/ARPSyndicate/cvemon CVE-2021-31760 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-31760 - https://github.com/Mesh3l911/CVE-2021-31760 CVE-2021-31760 - https://github.com/electronicbots/CVE-2021-31760 CVE-2021-31760 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-31760 - https://github.com/tzwlhack/Vulnerability CVE-2021-31761 - https://github.com/ARPSyndicate/cvemon CVE-2021-31761 - https://github.com/Mesh3l911/CVE-2021-31761 CVE-2021-31761 - https://github.com/electronicbots/CVE-2021-31761 CVE-2021-31761 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-31762 - https://github.com/ARPSyndicate/cvemon +CVE-2021-31762 - https://github.com/Mesh3l911/CVE-2021-31762 CVE-2021-31762 - https://github.com/electronicbots/CVE-2021-31762 CVE-2021-31762 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-3177 - https://github.com/TAPAKAH20/python_dos_demo @@ -39085,10 +42900,12 @@ CVE-2021-31796 - https://github.com/ARPSyndicate/cvemon CVE-2021-31796 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-31796 - https://github.com/unmanarc/CACredDecoder CVE-2021-31799 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-31799 - https://github.com/tzwlhack/Vulnerability CVE-2021-31800 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-31800 - https://github.com/Elsfa7-110/kenzer-templates CVE-2021-31802 - https://github.com/ARPSyndicate/cvemon CVE-2021-31802 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-31802 - https://github.com/tzwlhack/Vulnerability CVE-2021-31806 - https://github.com/ARPSyndicate/cvemon CVE-2021-31807 - https://github.com/ARPSyndicate/cvemon CVE-2021-31810 - https://github.com/lifeparticle/Ruby-Cheatsheet @@ -39097,11 +42914,16 @@ CVE-2021-31856 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-31856 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-31856 - https://github.com/ssst0n3/CVE-2021-31856 CVE-2021-31856 - https://github.com/ssst0n3/my_vulnerabilities +CVE-2021-31856 - https://github.com/ssst0n3/ssst0n3 CVE-2021-31862 - https://github.com/ARPSyndicate/cvemon CVE-2021-31862 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-31862 - https://github.com/RobertDra/CVE-2021-31862 CVE-2021-31862 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-31862 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-31879 - https://github.com/dgardella/KCC +CVE-2021-31879 - https://github.com/epequeno/devops-demo CVE-2021-31932 - https://github.com/cmaruti/reports +CVE-2021-31950 - https://github.com/r0eXpeR/supplier CVE-2021-31955 - https://github.com/ARPSyndicate/cvemon CVE-2021-31955 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-31956 - https://github.com/ARPSyndicate/cvemon @@ -39112,6 +42934,7 @@ CVE-2021-32030 - https://github.com/ARPSyndicate/cvemon CVE-2021-32030 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-32030 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-32030 - https://github.com/koronkowy/koronkowy +CVE-2021-32030 - https://github.com/tzwlhack/Vulnerability CVE-2021-32099 - https://github.com/ARPSyndicate/cvemon CVE-2021-32099 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-32124 - https://github.com/Ainevsia/CVE-Request @@ -39135,10 +42958,12 @@ CVE-2021-32190 - https://github.com/Yu3H0/IoT_CVE CVE-2021-32191 - https://github.com/Yu3H0/IoT_CVE CVE-2021-32192 - https://github.com/Yu3H0/IoT_CVE CVE-2021-32193 - https://github.com/Yu3H0/IoT_CVE +CVE-2021-32202 - https://github.com/l00neyhacker/CVE-2021-32202 CVE-2021-32202 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-3223 - https://github.com/ARPSyndicate/cvemon CVE-2021-3223 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-3223 - https://github.com/SexyBeast233/SecBooks +CVE-2021-3223 - https://github.com/errorecho/CVEs-Collection CVE-2021-3229 - https://github.com/ARPSyndicate/cvemon CVE-2021-3229 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-3229 - https://github.com/fullbbadda1208/CVE-2021-3229 @@ -39151,23 +42976,31 @@ CVE-2021-32426 - https://github.com/Galapag0s/Trendnet_TW100-S4W1CA CVE-2021-32452 - https://github.com/Somerset-Recon/furbo-research CVE-2021-32471 - https://github.com/ARPSyndicate/cvemon CVE-2021-32471 - https://github.com/Spacial/awesome-csirt +CVE-2021-32471 - https://github.com/intrinsic-propensity/intrinsic-propensity.github.io CVE-2021-32471 - https://github.com/intrinsic-propensity/turing-machine CVE-2021-32471 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-32527 - https://github.com/4RG0S/2021-Summer-Some-Day-Exploit CVE-2021-32537 - https://github.com/0vercl0k/0vercl0k CVE-2021-32537 - https://github.com/0vercl0k/CVE-2021-32537 CVE-2021-32537 - https://github.com/ARPSyndicate/cvemon CVE-2021-32537 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-32588 - https://github.com/izj007/wechat +CVE-2021-32588 - https://github.com/r0eXpeR/supplier CVE-2021-32604 - https://github.com/SexyBeast233/SecBooks CVE-2021-32605 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-32605 - https://github.com/tzwlhack/Vulnerability CVE-2021-32606 - https://github.com/xairy/linux-kernel-exploitation CVE-2021-32618 - https://github.com/ARPSyndicate/cvemon CVE-2021-32618 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-32633 - https://github.com/cyllective/CVEs +CVE-2021-32635 - https://github.com/EGI-Federation/SVG-advisories CVE-2021-32637 - https://github.com/linuxserver/docker-swag +CVE-2021-32640 - https://github.com/PalindromeLabs/awesome-websocket-security CVE-2021-32640 - https://github.com/anthonykirby/lora-packet CVE-2021-32640 - https://github.com/engn33r/awesome-redos-security +CVE-2021-32640 - https://github.com/luiz-meireles/Redes-EP4 CVE-2021-32644 - https://github.com/ARPSyndicate/cvemon +CVE-2021-32644 - https://github.com/dnr6419/CVE-2021-32644 CVE-2021-32644 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-32648 - https://github.com/ARPSyndicate/cvemon CVE-2021-32648 - https://github.com/nomi-sec/PoC-in-GitHub @@ -39182,24 +43015,33 @@ CVE-2021-32724 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-3273 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-3273 - https://github.com/SexyBeast233/SecBooks CVE-2021-3273 - https://github.com/r0eXpeR/redteam_vul +CVE-2021-3273 - https://github.com/tzwlhack/Vulnerability CVE-2021-32740 - https://github.com/engn33r/awesome-redos-security CVE-2021-32749 - https://github.com/H0j3n/EzpzCheatSheet CVE-2021-3275 - https://github.com/s3curityb3ast/s3curityb3ast.github.io +CVE-2021-32760 - https://github.com/k1LoW/oshka CVE-2021-32765 - https://github.com/redis/hiredis CVE-2021-32777 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-32779 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-32789 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-32790 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-32797 - https://github.com/EGI-Federation/SVG-advisories +CVE-2021-32798 - https://github.com/EGI-Federation/SVG-advisories CVE-2021-32804 - https://github.com/yamory/CVE-2021-32804 +CVE-2021-3281 - https://github.com/HxDDD/CVE-PoC CVE-2021-3281 - https://github.com/lwzSoviet/CVE-2021-3281 CVE-2021-32819 - https://github.com/ARPSyndicate/cvemon CVE-2021-32819 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-32819 - https://github.com/Abady0x1/CVE-2021-32819 +CVE-2021-32819 - https://github.com/hlong12042/INCTF2021_web_writeup CVE-2021-32819 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-32820 - https://github.com/ARPSyndicate/cvemon CVE-2021-32820 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-32822 - https://github.com/tddouglas/tylerdouglas.co +CVE-2021-32849 - https://github.com/0x0021h/expbox CVE-2021-32849 - https://github.com/ARPSyndicate/cvemon CVE-2021-32849 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-32849 - https://github.com/ohnonoyesyes/CVE-2021-32849 CVE-2021-32849 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-32853 - https://github.com/ARPSyndicate/cvemon CVE-2021-32853 - https://github.com/ARPSyndicate/kenzer-templates @@ -39209,6 +43051,7 @@ CVE-2021-3291 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-3291 - https://github.com/ImHades101/CVE-2021-3291 CVE-2021-3291 - https://github.com/MucahitSaratar/zencart_auth_rce_poc CVE-2021-3291 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-3291 - https://github.com/tzwlhack/Vulnerability CVE-2021-32955 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-32959 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-32967 - https://github.com/p1ay8y3ar/cve_monitor @@ -39217,12 +43060,15 @@ CVE-2021-3297 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-3297 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-3297 - https://github.com/SexyBeast233/SecBooks CVE-2021-3297 - https://github.com/SouthWind0/southwind0.github.io +CVE-2021-3297 - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection +CVE-2021-3297 - https://github.com/tzwlhack/Vulnerability CVE-2021-32983 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-32991 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-33003 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-33007 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-33019 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-33026 - https://github.com/ARPSyndicate/cvemon +CVE-2021-33026 - https://github.com/CarlosG13/CVE-2021-33026 CVE-2021-33026 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-33026 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-33028 - https://github.com/E7mer/Owfuzz @@ -39231,29 +43077,44 @@ CVE-2021-33034 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-33044 - https://github.com/ARPSyndicate/cvemon CVE-2021-33044 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-33044 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-33044 - https://github.com/bp2008/DahuaLoginBypass +CVE-2021-33044 - https://github.com/dorkerdevil/CVE-2021-33044 +CVE-2021-33044 - https://github.com/mcw0/DahuaConsole CVE-2021-33044 - https://github.com/mcw0/PoC CVE-2021-33044 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-33044 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-33045 - https://github.com/ARPSyndicate/cvemon CVE-2021-33045 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-33045 - https://github.com/bp2008/DahuaLoginBypass +CVE-2021-33045 - https://github.com/dongpohezui/cve-2021-33045 +CVE-2021-33045 - https://github.com/mcw0/DahuaConsole CVE-2021-33045 - https://github.com/mcw0/PoC CVE-2021-33045 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-33045 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +CVE-2021-33055 - https://github.com/STMCyber/CVEs +CVE-2021-3306 - https://github.com/CarlosG13/CVE-2021-33026 CVE-2021-3310 - https://github.com/ARPSyndicate/cvemon CVE-2021-3310 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-3310 - https://github.com/piffd0s/CVE-2021-3310 CVE-2021-3317 - https://github.com/ARPSyndicate/cvemon CVE-2021-3317 - https://github.com/Al1ex/CVE-2021-3317 CVE-2021-3317 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-33193 - https://github.com/CHYbeta/OddProxyDemo +CVE-2021-33193 - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network CVE-2021-33221 - https://github.com/ARPSyndicate/cvemon CVE-2021-33221 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-3326 - https://github.com/dispera/giant-squid +CVE-2021-3326 - https://github.com/domyrtille/interview_project +CVE-2021-3326 - https://github.com/epequeno/devops-demo CVE-2021-3326 - https://github.com/nedenwalker/spring-boot-app-using-gradle CVE-2021-3326 - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln CVE-2021-3326 - https://github.com/onzack/trivy-multiscanner CVE-2021-3327 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-33357 - https://github.com/ARPSyndicate/cvemon CVE-2021-33357 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-3336 - https://github.com/boschresearch/pq-wolfSSL +CVE-2021-3336 - https://github.com/onelife/Arduino_wolfssl +CVE-2021-3336 - https://github.com/wolfssl-jp/wolfssl-private CVE-2021-33373 - https://github.com/GANGE666/Vulnerabilities CVE-2021-33373 - https://github.com/Yu3H0/IoT_CVE CVE-2021-33374 - https://github.com/GANGE666/Vulnerabilities @@ -39263,6 +43124,7 @@ CVE-2021-33403 - https://github.com/MRdoulestar/MRdoulestar CVE-2021-33403 - https://github.com/MRdoulestar/SC-RCVD CVE-2021-3342 - https://github.com/grymer/CVE CVE-2021-33430 - https://github.com/Daybreak2019/PolyCruise +CVE-2021-33430 - https://github.com/baltsers/polycruise CVE-2021-3345 - https://github.com/ARPSyndicate/cvemon CVE-2021-3345 - https://github.com/MLGRadish/CVE-2021-3345 CVE-2021-3345 - https://github.com/developer3000S/PoC-in-GitHub @@ -39273,7 +43135,10 @@ CVE-2021-33502 - https://github.com/engn33r/awesome-redos-security CVE-2021-33502 - https://github.com/marcosrg9/YouTubeTV CVE-2021-33503 - https://github.com/dbrennand/virustotal-python CVE-2021-33503 - https://github.com/engn33r/awesome-redos-security +CVE-2021-33503 - https://github.com/p-rog/cve-analyser +CVE-2021-33505 - https://github.com/leodido/demo-cloud-native-ebpf-day CVE-2021-33514 - https://github.com/SexyBeast233/SecBooks +CVE-2021-33525 - https://github.com/ArianeBlow/EyesOfNetwork-vuln-checker CVE-2021-33525 - https://github.com/ArianeBlow/LilacPathVUln CVE-2021-33543 - https://github.com/ARPSyndicate/cvemon CVE-2021-33544 - https://github.com/ARPSyndicate/cvemon @@ -39281,6 +43146,7 @@ CVE-2021-33544 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-33548 - https://github.com/ARPSyndicate/cvemon CVE-2021-33549 - https://github.com/ARPSyndicate/cvemon CVE-2021-3355 - https://github.com/EdgeSecurityTeam/Vulnerability +CVE-2021-3355 - https://github.com/tzwlhack/Vulnerability CVE-2021-33550 - https://github.com/ARPSyndicate/cvemon CVE-2021-33551 - https://github.com/ARPSyndicate/cvemon CVE-2021-33552 - https://github.com/ARPSyndicate/cvemon @@ -39289,6 +43155,9 @@ CVE-2021-33554 - https://github.com/ARPSyndicate/cvemon CVE-2021-33558 - https://github.com/ARPSyndicate/cvemon CVE-2021-33558 - https://github.com/mdanzaruddin/CVE-2021-33558. CVE-2021-33558 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-33560 - https://github.com/IBM/PGP-client-checker-CVE-2021-33560 +CVE-2021-33560 - https://github.com/brandoncamenisch/release-the-code-litecoin +CVE-2021-33560 - https://github.com/epequeno/devops-demo CVE-2021-33560 - https://github.com/onzack/trivy-multiscanner CVE-2021-33560 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-33564 - https://github.com/ARPSyndicate/cvemon @@ -39302,6 +43171,7 @@ CVE-2021-33570 - https://github.com/ARPSyndicate/cvemon CVE-2021-33570 - https://github.com/Tridentsec-io/postbird CVE-2021-33574 - https://github.com/Azure/publish-security-assessments CVE-2021-33574 - https://github.com/dispera/giant-squid +CVE-2021-33574 - https://github.com/madchap/opa-tests CVE-2021-33574 - https://github.com/nedenwalker/spring-boot-app-using-gradle CVE-2021-33574 - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln CVE-2021-33574 - https://github.com/ruzickap/cks-notes @@ -39309,9 +43179,12 @@ CVE-2021-33574 - https://github.com/thegeeklab/audit-exporter CVE-2021-33587 - https://github.com/engn33r/awesome-redos-security CVE-2021-3360 - https://github.com/ARPSyndicate/cvemon CVE-2021-3360 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-3360 - https://github.com/tcbutler320/CVE-2021-3360 CVE-2021-33623 - https://github.com/marcosrg9/YouTubeTV CVE-2021-33624 - https://github.com/ARPSyndicate/cvemon +CVE-2021-33624 - https://github.com/Kakashiiiiy/CVE-2021-33624 CVE-2021-33624 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-33677 - https://github.com/certat/exchange-scans CVE-2021-33687 - https://github.com/Onapsis/vulnerability_advisories CVE-2021-33693 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-33702 - https://github.com/Onapsis/vulnerability_advisories @@ -39325,6 +43198,7 @@ CVE-2021-33739 - https://github.com/SecWiki/windows-kernel-exploits CVE-2021-33739 - https://github.com/asr511/windows-kernel-exploits CVE-2021-33739 - https://github.com/demilson/Windows CVE-2021-33739 - https://github.com/freeide2017/CVE-2021-33739-POC +CVE-2021-33739 - https://github.com/giwon9977/CVE-2021-33739_PoC_Analysis CVE-2021-33739 - https://github.com/mishmashclone/SecWiki-windows-kernel-exploits CVE-2021-33739 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-33739 - https://github.com/p1ay8y3ar/cve_monitor @@ -39338,9 +43212,15 @@ CVE-2021-3374 - https://github.com/colemanjp/rstudio-shiny-server-directory-trav CVE-2021-33742 - https://github.com/yogsma/beacon23 CVE-2021-33766 - https://github.com/ARPSyndicate/cvemon CVE-2021-33766 - https://github.com/Astrogeorgeonethree/Starred +CVE-2021-33766 - https://github.com/FDlucifer/Proxy-Attackchain CVE-2021-33766 - https://github.com/bhdresh/About +CVE-2021-33766 - https://github.com/bhdresh/CVE-2021-33766 +CVE-2021-33766 - https://github.com/certat/exchange-scans +CVE-2021-33766 - https://github.com/demossl/CVE-2021-33766-ProxyToken CVE-2021-33766 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-33766 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-33766 - https://github.com/r0eXpeR/supplier +CVE-2021-33767 - https://github.com/cimcs/poc-exploits-of-smashex CVE-2021-3377 - https://github.com/ARPSyndicate/cvemon CVE-2021-3377 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-3378 - https://github.com/ARPSyndicate/cvemon @@ -39350,6 +43230,7 @@ CVE-2021-3378 - https://github.com/Elsfa7-110/kenzer-templates CVE-2021-3378 - https://github.com/developer3000S/PoC-in-GitHub CVE-2021-3378 - https://github.com/erberkan/fortilogger_arbitrary_fileupload CVE-2021-3378 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-3378 - https://github.com/tzwlhack/Vulnerability CVE-2021-33807 - https://github.com/ARPSyndicate/cvemon CVE-2021-33807 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-33818 - https://github.com/Jian-Xian/CVE-POC @@ -39358,16 +43239,28 @@ CVE-2021-33822 - https://github.com/Jian-Xian/CVE-POC CVE-2021-33823 - https://github.com/Jian-Xian/CVE-POC CVE-2021-33824 - https://github.com/Jian-Xian/CVE-POC CVE-2021-33831 - https://github.com/lanmarc77/CVE-2021-33831 +CVE-2021-33840 - https://github.com/lanmarc77/CVE-2021-33831 CVE-2021-33879 - https://github.com/ARPSyndicate/cvemon +CVE-2021-33879 - https://github.com/mmiszczyk/cve-2021-33879 CVE-2021-33879 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-33880 - https://github.com/PalindromeLabs/awesome-websocket-security CVE-2021-33881 - https://github.com/doegox/bibliography CVE-2021-33904 - https://github.com/ARPSyndicate/cvemon CVE-2021-33904 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-33909 - https://github.com/ChoKyuWon/exploit_articles +CVE-2021-33909 - https://github.com/ChrisTheCoolHut/CVE-2021-33909 +CVE-2021-33909 - https://github.com/EGI-Federation/SVG-advisories CVE-2021-33909 - https://github.com/H0j3n/EzpzCheatSheet +CVE-2021-33909 - https://github.com/Liang2580/CVE-2021-33909 CVE-2021-33909 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-33909 - https://github.com/baerwolf/cve-2021-33909 +CVE-2021-33909 - https://github.com/bbinfosec43/CVE-2021-33909 +CVE-2021-33909 - https://github.com/gitezri/LinuxVulnerabilities +CVE-2021-33909 - https://github.com/hac425xxx/heap-exploitation-in-real-world CVE-2021-33909 - https://github.com/huike007/penetration_poc CVE-2021-33909 - https://github.com/joydo/CVE-Writeups CVE-2021-33909 - https://github.com/kaosagnt/ansible-everyday +CVE-2021-33909 - https://github.com/sfowl/deep-directory CVE-2021-33909 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-33909 - https://github.com/xairy/linux-kernel-exploitation CVE-2021-3395 - https://github.com/ARPSyndicate/cvemon @@ -39388,6 +43281,7 @@ CVE-2021-34041 - https://github.com/Al1ex/Al1ex CVE-2021-34042 - https://github.com/Al1ex/Al1ex CVE-2021-34045 - https://github.com/ARPSyndicate/cvemon CVE-2021-34045 - https://github.com/Al1ex/Al1ex +CVE-2021-34045 - https://github.com/Al1ex/CVE-2021-34045 CVE-2021-34045 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-34046 - https://github.com/Al1ex/Al1ex CVE-2021-34047 - https://github.com/Al1ex/Al1ex @@ -39412,8 +43306,10 @@ CVE-2021-34149 - https://github.com/engn33r/awesome-bluetooth-security CVE-2021-34150 - https://github.com/engn33r/awesome-bluetooth-security CVE-2021-34173 - https://github.com/E7mer/Owfuzz CVE-2021-34174 - https://github.com/E7mer/Owfuzz +CVE-2021-3418 - https://github.com/amzdev0401/shim-review-backup CVE-2021-3418 - https://github.com/bitraser/shim-review-15.4 CVE-2021-3418 - https://github.com/jason-chang-atrust/shim-review +CVE-2021-3418 - https://github.com/luojc123/shim-nsdl CVE-2021-3418 - https://github.com/neverware/shim-review CVE-2021-3418 - https://github.com/puzzleos/uefi-shim_review CVE-2021-3418 - https://github.com/rhboot/shim-review @@ -39427,97 +43323,183 @@ CVE-2021-34273 - https://github.com/MRdoulestar/MRdoulestar CVE-2021-34273 - https://github.com/MRdoulestar/SC-RCVD CVE-2021-34280 - https://github.com/dlehgus1023/CVE CVE-2021-34280 - https://github.com/dlehgus1023/dlehgus1023 +CVE-2021-34280 - https://github.com/erepspinos/CVE CVE-2021-34352 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-34370 - https://github.com/ARPSyndicate/cvemon CVE-2021-34370 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-34371 - https://github.com/ARPSyndicate/cvemon CVE-2021-34371 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-34371 - https://github.com/zwjjustdoit/CVE-2021-34371.jar CVE-2021-3438 - https://github.com/Crystalware/CVE-2021-3438 CVE-2021-3438 - https://github.com/TobiasS1402/CVE-2021-3438 CVE-2021-3441 - https://github.com/ARPSyndicate/cvemon CVE-2021-3441 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-3441 - https://github.com/obsrva/obsrva.org CVE-2021-3441 - https://github.com/tcbutler320/CVE-2021-3441-check CVE-2021-34421 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups +CVE-2021-34423 - https://github.com/cyberheartmi9/Proxyshell-Scanner CVE-2021-34429 - https://github.com/ARPSyndicate/cvemon CVE-2021-34429 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-34429 - https://github.com/ColdFusionX/CVE-2021-34429 CVE-2021-34429 - https://github.com/SexyBeast233/SecBooks CVE-2021-34429 - https://github.com/bigblackhat/oFx CVE-2021-34429 - https://github.com/izj007/wechat CVE-2021-34429 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-34429 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-34432 - https://github.com/PBearson/FUME-Fuzzing-MQTT-Brokers CVE-2021-3444 - https://github.com/Wi1L-Y/News +CVE-2021-34470 - https://github.com/technion/CVE-2021-34470scanner +CVE-2021-34473 - https://github.com/0x3n0/redeam CVE-2021-34473 - https://github.com/ARPSyndicate/cvemon CVE-2021-34473 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-34473 - https://github.com/Astrogeorgeonethree/Starred +CVE-2021-34473 - https://github.com/FDlucifer/Proxy-Attackchain CVE-2021-34473 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-34473 - https://github.com/RaouzRouik/CVE-2021-34473-scanner +CVE-2021-34473 - https://github.com/RomanRII/proxyshell2rce +CVE-2021-34473 - https://github.com/aravazhimdr/ProxyShell-POC-Mod +CVE-2021-34473 - https://github.com/but43r/ProxyShell +CVE-2021-34473 - https://github.com/certat/exchange-scans CVE-2021-34473 - https://github.com/curated-intel/Log4Shell-IOCs +CVE-2021-34473 - https://github.com/cyberheartmi9/Proxyshell-Scanner CVE-2021-34473 - https://github.com/gobysec/Goby +CVE-2021-34473 - https://github.com/horizon3ai/proxyshell CVE-2021-34473 - https://github.com/hosch3n/ProxyVulns CVE-2021-34473 - https://github.com/huike007/penetration_poc CVE-2021-34473 - https://github.com/izj007/wechat +CVE-2021-34473 - https://github.com/je6k/CVE-2021-34473-Exchange-ProxyShell +CVE-2021-34473 - https://github.com/mithridates1313/ProxyShell_POC CVE-2021-34473 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-34473 - https://github.com/phamphuqui1998/CVE-2021-34473 CVE-2021-34473 - https://github.com/psc4re/NSE-scripts +CVE-2021-34473 - https://github.com/r0eXpeR/supplier +CVE-2021-34473 - https://github.com/signorrayan/RedTeam_toolkit CVE-2021-34473 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +CVE-2021-34481 - https://github.com/SSBhaumik/Printnightmare-safetool +CVE-2021-34481 - https://github.com/cfalta/MicrosoftWontFixList +CVE-2021-34481 - https://github.com/cquresphere/Remote-Install-Printers CVE-2021-34481 - https://github.com/jacob-baines/concealed_position CVE-2021-34481 - https://github.com/vanpn/CVE-2021-34481 +CVE-2021-34483 - https://github.com/cfalta/MicrosoftWontFixList CVE-2021-34486 - https://github.com/ARPSyndicate/cvemon CVE-2021-34486 - https://github.com/Ascotbe/Kernelhub +CVE-2021-34486 - https://github.com/KaLendsi/CVE-2021-34486 +CVE-2021-34486 - https://github.com/b1tg/CVE-2021-34486-exp CVE-2021-34486 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-34486 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-34486 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2021-34487 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-34487 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2021-3449 - https://github.com/ARPSyndicate/cvemon +CVE-2021-3449 - https://github.com/AliceMongodin/NSAPool-PenTest CVE-2021-3449 - https://github.com/EdgeSecurityTeam/Vulnerability CVE-2021-3449 - https://github.com/GitHubForSnap/podcast-dl-gael CVE-2021-3449 - https://github.com/falk-werner/cve-check +CVE-2021-3449 - https://github.com/jntass/TASSL-1.1.1k CVE-2021-3449 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-3449 - https://github.com/rnbochsr/yr_of_the_jellyfish CVE-2021-3449 - https://github.com/scriptzteam/glFTPd-v2.11ab-STABLE CVE-2021-3449 - https://github.com/taielab/awesome-hacking-lists CVE-2021-3449 - https://github.com/terorie/cve-2021-3449 +CVE-2021-3449 - https://github.com/thecyberbaby/Trivy-by-aquaSecurity +CVE-2021-3449 - https://github.com/tzwlhack/Vulnerability +CVE-2021-3449 - https://github.com/vinamra28/tekton-image-scan-trivy CVE-2021-34496 - https://github.com/fkm75P8YjLkb/CVE-2021-34496 CVE-2021-3450 - https://github.com/DNTYO/F5_Vulnerability CVE-2021-3450 - https://github.com/bollwarm/SecToolSet +CVE-2021-3450 - https://github.com/jntass/TASSL-1.1.1k CVE-2021-3450 - https://github.com/rnbochsr/yr_of_the_jellyfish CVE-2021-3450 - https://github.com/scriptzteam/glFTPd-v2.11ab-STABLE +CVE-2021-3450 - https://github.com/thecyberbaby/Trivy-by-aquaSecurity +CVE-2021-3450 - https://github.com/vinamra28/tekton-image-scan-trivy CVE-2021-34514 - https://github.com/oerli/cve-webhook CVE-2021-3452 - https://github.com/wsummerhill/CobaltStrike_RedTeam_CheatSheet +CVE-2021-34523 - https://github.com/0x3n0/redeam CVE-2021-34523 - https://github.com/ARPSyndicate/cvemon CVE-2021-34523 - https://github.com/Astrogeorgeonethree/Starred +CVE-2021-34523 - https://github.com/FDlucifer/Proxy-Attackchain +CVE-2021-34523 - https://github.com/aravazhimdr/ProxyShell-POC-Mod +CVE-2021-34523 - https://github.com/horizon3ai/proxyshell CVE-2021-34523 - https://github.com/hosch3n/ProxyVulns +CVE-2021-34523 - https://github.com/mithridates1313/ProxyShell_POC +CVE-2021-34523 - https://github.com/r0eXpeR/supplier +CVE-2021-34523 - https://github.com/signorrayan/RedTeam_toolkit CVE-2021-34527 - https://github.com/0x6d69636b/windows_hardening +CVE-2021-34527 - https://github.com/0x727/usefull-elevation-of-privilege +CVE-2021-34527 - https://github.com/0xirison/PrintNightmare-Patcher +CVE-2021-34527 - https://github.com/3gstudent/Invoke-BuildAnonymousSMBServer CVE-2021-34527 - https://github.com/ARPSyndicate/cvemon CVE-2021-34527 - https://github.com/AdamAmicro/CAHard +CVE-2021-34527 - https://github.com/AdamPumphrey/PowerShell CVE-2021-34527 - https://github.com/Alssi-consulting/HardeningKitty CVE-2021-34527 - https://github.com/Ascotbe/Kernelhub +CVE-2021-34527 - https://github.com/BeetleChunks/SpoolSploit +CVE-2021-34527 - https://github.com/CnOxx1/CVE-2021-34527-1675 +CVE-2021-34527 - https://github.com/DenizSe/CVE-2021-34527 +CVE-2021-34527 - https://github.com/Eutectico/Printnightmare CVE-2021-34527 - https://github.com/H0j3n/EzpzCheatSheet CVE-2021-34527 - https://github.com/Iveco/xknow_infosec CVE-2021-34527 - https://github.com/Jean-Francois-C/Windows-Penetration-Testing +CVE-2021-34527 - https://github.com/JohnHammond/CVE-2021-34527 CVE-2021-34527 - https://github.com/LaresLLC/CVE-2021-1675 CVE-2021-34527 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2021-34527 - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet CVE-2021-34527 - https://github.com/S3cur3Th1sSh1t/PowerSharpPack CVE-2021-34527 - https://github.com/S3cur3Th1sSh1t/WinPwn +CVE-2021-34527 - https://github.com/SSBhaumik/Printnightmare-safetool +CVE-2021-34527 - https://github.com/Tomparte/PrintNightmare +CVE-2021-34527 - https://github.com/VK9D/PrintNightmare +CVE-2021-34527 - https://github.com/WidespreadPandemic/CVE-2021-34527_ACL_mitigation +CVE-2021-34527 - https://github.com/WiredPulse/Invoke-PrinterNightmareResponse +CVE-2021-34527 - https://github.com/alvesnet-suporte/microsoft-vulnerabilidades CVE-2021-34527 - https://github.com/b4rtik/SharpKatz CVE-2021-34527 - https://github.com/boh/RedCsharp +CVE-2021-34527 - https://github.com/byt3bl33d3r/ItWasAllADream CVE-2021-34527 - https://github.com/carloslacasa/cyber-ansible +CVE-2021-34527 - https://github.com/cfalta/MicrosoftWontFixList +CVE-2021-34527 - https://github.com/chdav/offensive-cybersec-toolkit +CVE-2021-34527 - https://github.com/corelight/CVE-2021-1675 +CVE-2021-34527 - https://github.com/crtaylor315/PrintNightmare-Before-Halloween +CVE-2021-34527 - https://github.com/cube0x0/CVE-2021-1675 +CVE-2021-34527 - https://github.com/dywhoami/CVE-2021-34527-Scanner-Based-On-cube0x0-POC +CVE-2021-34527 - https://github.com/edsonjt81/CVE-2021-1675 +CVE-2021-34527 - https://github.com/edsonjt81/SpoolSploit +CVE-2021-34527 - https://github.com/eng-amarante/CyberSecurity CVE-2021-34527 - https://github.com/evilashz/CVE-2021-1675-LPE-EXP +CVE-2021-34527 - https://github.com/fardinbarashi/Fix-CVE-2021-34527 +CVE-2021-34527 - https://github.com/floridop/serviceflipper +CVE-2021-34527 - https://github.com/galoget/PrintNightmare-CVE-2021-1675-CVE-2021-34527 +CVE-2021-34527 - https://github.com/geekbrett/CVE-2021-34527-PrintNightmare-Workaround +CVE-2021-34527 - https://github.com/glorisonlai/printnightmare CVE-2021-34527 - https://github.com/glshnu/PrintNightmare +CVE-2021-34527 - https://github.com/hlldz/CVE-2021-1675-LPE CVE-2021-34527 - https://github.com/ly4k/PrintNightmare +CVE-2021-34527 - https://github.com/mayormaier/printnightmare-fixes CVE-2021-34527 - https://github.com/mdecrevoisier/EVTX-to-MITRE-Attack CVE-2021-34527 - https://github.com/mdecrevoisier/SIGMA-detection-rules +CVE-2021-34527 - https://github.com/nemo-wq/PrintNightmare-CVE-2021-34527 CVE-2021-34527 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-34527 - https://github.com/outflanknl/PrintNightmare +CVE-2021-34527 - https://github.com/ozergoker/PrintNightmare CVE-2021-34527 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-34527 - https://github.com/powershellpr0mpt/PrintNightmare-CVE-2021-34527 CVE-2021-34527 - https://github.com/pwninx/WinPwn +CVE-2021-34527 - https://github.com/raithedavion/PrintNightmare +CVE-2021-34527 - https://github.com/rdboboia/disable-RegisterSpoolerRemoteRpcEndPoint +CVE-2021-34527 - https://github.com/romarroca/random-scripts CVE-2021-34527 - https://github.com/scipag/HardeningKitty +CVE-2021-34527 - https://github.com/syntaxbearror/PowerShell-PrintNightmare +CVE-2021-34527 - https://github.com/synth3sis/PrintNightmare CVE-2021-34527 - https://github.com/taielab/awesome-hacking-lists +CVE-2021-34527 - https://github.com/thangnguyenchien/CVE CVE-2021-34527 - https://github.com/uhub/awesome-c-sharp +CVE-2021-34527 - https://github.com/vinaysudheer/Disable-Spooler-Service-PrintNightmare-CVE-2021-34527 CVE-2021-34527 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +CVE-2021-34527 - https://github.com/xbufu/PrintNightmareCheck CVE-2021-34527 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2021-34547 - https://github.com/likhihcv/PRTG_Network_Monitor_20.1.55.1775_CSRF CVE-2021-34552 - https://github.com/nnrogers515/discord-coderbot +CVE-2021-34558 - https://github.com/alexzorin/cve-2021-34558 CVE-2021-34558 - https://github.com/taielab/awesome-hacking-lists CVE-2021-34576 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-34600 - https://github.com/ARPSyndicate/cvemon @@ -39525,23 +43507,29 @@ CVE-2021-34600 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-34600 - https://github.com/x41sec/CVE-2021-34600 CVE-2021-34621 - https://github.com/ARPSyndicate/cvemon CVE-2021-34621 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-34621 - https://github.com/nmmcon/Exploits CVE-2021-34640 - https://github.com/ARPSyndicate/cvemon CVE-2021-34640 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-34643 - https://github.com/ARPSyndicate/cvemon CVE-2021-34643 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-34646 - https://github.com/motikan2010/CVE-2021-34646 CVE-2021-34646 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-34675 - https://github.com/rauschecker/CVEs CVE-2021-34676 - https://github.com/rauschecker/CVEs +CVE-2021-34684 - https://github.com/iamaldi/publications +CVE-2021-34685 - https://github.com/iamaldi/publications CVE-2021-34730 - https://github.com/badmonkey7/CVE-2021-34730 CVE-2021-34785 - https://github.com/eslam3kl/My_CVEs CVE-2021-34786 - https://github.com/eslam3kl/My_CVEs CVE-2021-34866 - https://github.com/xairy/linux-kernel-exploitation +CVE-2021-3487 - https://github.com/fluidattacks/makes CVE-2021-3490 - https://github.com/0xsyr0/OSCP CVE-2021-3490 - https://github.com/ARPSyndicate/cvemon CVE-2021-3490 - https://github.com/Al1ex/LinuxEelvation CVE-2021-3490 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2021-3490 - https://github.com/bsauce/kernel-exploit-factory CVE-2021-3490 - https://github.com/bsauce/kernel-security-learning +CVE-2021-3490 - https://github.com/chompie1337/Linux_LPE_eBPF_CVE-2021-3490 CVE-2021-3490 - https://github.com/goldenscale/GS_GithubMirror CVE-2021-3490 - https://github.com/huike007/penetration_poc CVE-2021-3490 - https://github.com/joydo/CVE-Writeups @@ -39549,8 +43537,10 @@ CVE-2021-3490 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-3490 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-3490 - https://github.com/xairy/linux-kernel-exploitation CVE-2021-3492 - https://github.com/ARPSyndicate/cvemon +CVE-2021-3492 - https://github.com/hac425xxx/heap-exploitation-in-real-world CVE-2021-3492 - https://github.com/joydo/CVE-Writeups CVE-2021-3492 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-3492 - https://github.com/synacktiv/CVE-2021-3492 CVE-2021-3492 - https://github.com/xairy/linux-kernel-exploitation CVE-2021-3493 - https://github.com/ARPSyndicate/cvemon CVE-2021-3493 - https://github.com/Abdennour-py/CVE-2021-3493 @@ -39561,10 +43551,16 @@ CVE-2021-3493 - https://github.com/H0j3n/EzpzCheatSheet CVE-2021-3493 - https://github.com/Ishan3011/CVE-2021-3493 CVE-2021-3493 - https://github.com/SexyBeast233/SecBooks CVE-2021-3493 - https://github.com/briskets/CVE-2021-3493 +CVE-2021-3493 - https://github.com/cerodah/overlayFS-CVE-2021-3493 +CVE-2021-3493 - https://github.com/ctrsploit/ctrsploit +CVE-2021-3493 - https://github.com/derek-turing/CVE-2021-3493 CVE-2021-3493 - https://github.com/fei9747/LinuxEelvation +CVE-2021-3493 - https://github.com/inspiringz/CVE-2021-3493 CVE-2021-3493 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-3493 - https://github.com/oneoy/CVE-2021-3493 +CVE-2021-3493 - https://github.com/puckiestyle/CVE-2021-3493 CVE-2021-3493 - https://github.com/taielab/awesome-hacking-lists +CVE-2021-3493 - https://github.com/tzwlhack/Vulnerability CVE-2021-3493 - https://github.com/xairy/linux-kernel-exploitation CVE-2021-34973 - https://github.com/dlehgus1023/CVE CVE-2021-34973 - https://github.com/dlehgus1023/dlehgus1023 @@ -39573,7 +43569,12 @@ CVE-2021-35003 - https://github.com/rdomanski/Exploits_and_Advisories CVE-2021-35004 - https://github.com/rdomanski/Exploits_and_Advisories CVE-2021-35042 - https://github.com/ARPSyndicate/cvemon CVE-2021-35042 - https://github.com/SexyBeast233/SecBooks +CVE-2021-35042 - https://github.com/errorecho/CVEs-Collection +CVE-2021-35042 - https://github.com/mrlihd/CVE-2021-35042 +CVE-2021-35042 - https://github.com/r4vi/CVE-2021-35042 CVE-2021-35054 - https://github.com/oerli/cve-webhook +CVE-2021-35061 - https://github.com/sthierolf/security +CVE-2021-35062 - https://github.com/sthierolf/security CVE-2021-35068 - https://github.com/xmpf/qualcomm-bulletins CVE-2021-35069 - https://github.com/xmpf/qualcomm-bulletins CVE-2021-35074 - https://github.com/xmpf/qualcomm-bulletins @@ -39589,14 +43590,18 @@ CVE-2021-35202 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-35203 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-35211 - https://github.com/ARPSyndicate/cvemon CVE-2021-35211 - https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections +CVE-2021-35211 - https://github.com/NattiSamson/Serv-U-CVE-2021-35211 +CVE-2021-35211 - https://github.com/Panopticon-Project/panopticon-TA505 CVE-2021-35211 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-35215 - https://github.com/ARPSyndicate/cvemon +CVE-2021-35215 - https://github.com/Y4er/CVE-2021-35215 CVE-2021-35215 - https://github.com/harsh-bothra/learn365 CVE-2021-35215 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-35215 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-35265 - https://github.com/ARPSyndicate/cvemon CVE-2021-35265 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-35296 - https://github.com/ARPSyndicate/cvemon +CVE-2021-35296 - https://github.com/afaq1337/CVE-2021-35296 CVE-2021-35296 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-35296 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-35324 - https://github.com/hurricane618/my_cves @@ -39621,21 +43626,30 @@ CVE-2021-3545 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-3546 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-35464 - https://github.com/ARPSyndicate/cvemon CVE-2021-35464 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-35464 - https://github.com/Y4er/openam-CVE-2021-35464 CVE-2021-35464 - https://github.com/gkhan496/WDIR CVE-2021-35464 - https://github.com/harsh-bothra/learn365 CVE-2021-35464 - https://github.com/n1sh1th/CVE-POC +CVE-2021-35464 - https://github.com/rood8008/CVE-2021-35464 CVE-2021-35464 - https://github.com/rudrapwn/source-code-review +CVE-2021-35492 - https://github.com/N4nj0/CVE-2021-35492 CVE-2021-35515 - https://github.com/CodeIntelligenceTesting/jazzer CVE-2021-35516 - https://github.com/CodeIntelligenceTesting/jazzer CVE-2021-35517 - https://github.com/CodeIntelligenceTesting/jazzer CVE-2021-35540 - https://github.com/dlehgus1023/CVE +CVE-2021-35540 - https://github.com/dlehgus1023/VirtualBox_IO-Fuzz CVE-2021-35540 - https://github.com/dlehgus1023/dlehgus1023 CVE-2021-3558 - https://github.com/V1n1v131r4/My-CVEs +CVE-2021-3560 - https://github.com/0dayNinja/CVE-2021-3560 CVE-2021-3560 - https://github.com/0xsyr0/OSCP CVE-2021-3560 - https://github.com/ARPSyndicate/cvemon CVE-2021-3560 - https://github.com/Almorabea/Polkit-exploit +CVE-2021-3560 - https://github.com/AssassinUKG/Polkit-CVE-2021-3560 +CVE-2021-3560 - https://github.com/BizarreLove/CVE-2021-3560 +CVE-2021-3560 - https://github.com/EGI-Federation/SVG-advisories CVE-2021-3560 - https://github.com/Ignitetechnologies/Linux-Privilege-Escalation CVE-2021-3560 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-3560 - https://github.com/STEALTH-Z/CVE-2021-3560 CVE-2021-3560 - https://github.com/aancw/polkit-auto-exploit CVE-2021-3560 - https://github.com/aasphixie/aasphixie.github.io CVE-2021-3560 - https://github.com/binganao/vulns-2022 @@ -39644,6 +43658,7 @@ CVE-2021-3560 - https://github.com/hakivvi/CVE-2021-3560 CVE-2021-3560 - https://github.com/huike007/penetration_poc CVE-2021-3560 - https://github.com/iSTARLabs/CVE-2021-3560_PoC CVE-2021-3560 - https://github.com/liamg/traitor +CVE-2021-3560 - https://github.com/mr-nobody20/CVE-2021-3560 CVE-2021-3560 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-3560 - https://github.com/oxagast/oxasploits CVE-2021-3560 - https://github.com/puckiestyle/CVE-2021-4034 @@ -39653,6 +43668,9 @@ CVE-2021-3560 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-35616 - https://github.com/ARPSyndicate/cvemon CVE-2021-35616 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-35616 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-35617 - https://github.com/hktalent/weblogic1411 +CVE-2021-35635 - https://github.com/ycamper/censys-scripts +CVE-2021-35645 - https://github.com/ycamper/censys-scripts CVE-2021-3572 - https://github.com/ARPSyndicate/cvemon CVE-2021-3572 - https://github.com/frenzymadness/CVE-2021-3572 CVE-2021-3572 - https://github.com/nomi-sec/PoC-in-GitHub @@ -39661,30 +43679,44 @@ CVE-2021-3577 - https://github.com/ARPSyndicate/cvemon CVE-2021-3577 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-3584 - https://github.com/afinepl/research CVE-2021-35942 - https://github.com/dispera/giant-squid +CVE-2021-35942 - https://github.com/madchap/opa-tests CVE-2021-35942 - https://github.com/nedenwalker/spring-boot-app-using-gradle CVE-2021-35942 - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln CVE-2021-35942 - https://github.com/ruzickap/cks-notes CVE-2021-35942 - https://github.com/thegeeklab/audit-exporter +CVE-2021-35956 - https://github.com/obsrva/obsrva.org +CVE-2021-35956 - https://github.com/tcbutler320/CVE-2021-35956 CVE-2021-35973 - https://github.com/SexyBeast233/SecBooks CVE-2021-35975 - https://github.com/ARPSyndicate/cvemon CVE-2021-35975 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-35975 - https://github.com/trump88/CVE-2021-35975 CVE-2021-3601 - https://github.com/thegeeklab/audit-exporter CVE-2021-3609 - https://github.com/xairy/linux-kernel-exploitation CVE-2021-36090 - https://github.com/CodeIntelligenceTesting/jazzer +CVE-2021-3612 - https://github.com/doshyt/cve-monitor CVE-2021-36133 - https://github.com/f-secure-foundry/advisories CVE-2021-36134 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-36159 - https://github.com/anchore/grype +CVE-2021-36159 - https://github.com/thecyberbaby/Trivy-by-aquaSecurity CVE-2021-3619 - https://github.com/BlackburnHax/inntinn +CVE-2021-36198 - https://github.com/r0eXpeR/supplier +CVE-2021-36222 - https://github.com/brandoncamenisch/release-the-code-litecoin +CVE-2021-36222 - https://github.com/dgardella/KCC CVE-2021-36222 - https://github.com/dispera/giant-squid CVE-2021-3625 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-3625 - https://github.com/szymonh/szymonh +CVE-2021-3625 - https://github.com/szymonh/zephyr_cve-2021-3625 CVE-2021-3626 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-36260 - https://github.com/4n4nk3/HikPwn CVE-2021-36260 - https://github.com/ARPSyndicate/cvemon CVE-2021-36260 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-36260 - https://github.com/Aiminsun/CVE-2021-36260 CVE-2021-36260 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-36260 - https://github.com/TaroballzChen/CVE-2021-36260-metasploit CVE-2021-36260 - https://github.com/mcw0/PoC CVE-2021-36260 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-36260 - https://github.com/rabbitsafe/CVE-2021-36260 +CVE-2021-36260 - https://github.com/s0duku/PocSelenium CVE-2021-36260 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-36276 - https://github.com/hfiref0x/KDU CVE-2021-36276 - https://github.com/mathisvickie/KMAC @@ -39692,18 +43724,29 @@ CVE-2021-3628 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-36286 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-3634 - https://github.com/GitHubForSnap/podcast-dl-gael CVE-2021-3634 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-36355 - https://github.com/Mayfly277/vulns CVE-2021-36355 - https://github.com/Orange-Cyberdefense/CVE-repository CVE-2021-36380 - https://github.com/ARPSyndicate/cvemon CVE-2021-36380 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-36387 - https://github.com/cyberaz0r/Yellowfin-Multiple-Vulnerabilities +CVE-2021-36388 - https://github.com/cyberaz0r/Yellowfin-Multiple-Vulnerabilities +CVE-2021-36389 - https://github.com/cyberaz0r/Yellowfin-Multiple-Vulnerabilities CVE-2021-36392 - https://github.com/luukverhoeven/luukverhoeven +CVE-2021-36394 - https://github.com/dinhbaouit/CVE-2021-36394 +CVE-2021-3646 - https://github.com/ajmalabubakkr/CVE CVE-2021-36530 - https://github.com/Marsman1996/pocs CVE-2021-36531 - https://github.com/Marsman1996/pocs CVE-2021-3654 - https://github.com/ARPSyndicate/cvemon CVE-2021-3654 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-36563 - https://github.com/Edgarloyola/CVE-2021-36563 CVE-2021-36563 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-36580 - https://github.com/shifa123/shifa123 +CVE-2021-36581 - https://github.com/l00neyhacker/CVE-2021-36581 CVE-2021-36581 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-36582 - https://github.com/l00neyhacker/CVE-2021-36582 CVE-2021-36582 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-3671 - https://github.com/dispera/giant-squid +CVE-2021-36740 - https://github.com/aakindur/Awesome-Vulnerable-Apps CVE-2021-36740 - https://github.com/vavkamil/awesome-vulnerable-apps CVE-2021-36741 - https://github.com/v-p-b/avpwn CVE-2021-36742 - https://github.com/v-p-b/avpwn @@ -39712,42 +43755,93 @@ CVE-2021-36748 - https://github.com/ARPSyndicate/cvemon CVE-2021-36748 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-36749 - https://github.com/ARPSyndicate/cvemon CVE-2021-36749 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-36749 - https://github.com/BrucessKING/CVE-2021-36749 CVE-2021-36749 - https://github.com/Sma11New/PocList CVE-2021-36749 - https://github.com/bigblackhat/oFx CVE-2021-36749 - https://github.com/d-rn/vulBox +CVE-2021-36749 - https://github.com/dnr6419/Druid_docker +CVE-2021-36749 - https://github.com/dorkerdevil/CVE-2021-36749 CVE-2021-36749 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-36749 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-36749 - https://github.com/zwlsix/apache_druid_CVE-2021-36749 +CVE-2021-3679 - https://github.com/aegistudio/RingBufferDetonator +CVE-2021-36798 - https://github.com/JamVayne/CobaltStrikeDos +CVE-2021-36798 - https://github.com/M-Kings/CVE-2021-36798 CVE-2021-36799 - https://github.com/ARPSyndicate/cvemon CVE-2021-36799 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-36799 - https://github.com/robertguetzkow/ets5-password-recovery CVE-2021-36808 - https://github.com/ARPSyndicate/cvemon +CVE-2021-36808 - https://github.com/ctuIhu/CVE-2021-36808 CVE-2021-36808 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-36808 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-3682 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-36878 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-36934 - https://github.com/0x0D1n/CVE-2021-36934 +CVE-2021-36934 - https://github.com/0xsyk0/GoHiveShadow CVE-2021-36934 - https://github.com/0xsyr0/OSCP CVE-2021-36934 - https://github.com/ARPSyndicate/cvemon CVE-2021-36934 - https://github.com/Ascotbe/Kernelhub +CVE-2021-36934 - https://github.com/CrackerCat/HiveNightmare +CVE-2021-36934 - https://github.com/GossiTheDog/HiveNightmare +CVE-2021-36934 - https://github.com/HuskyHacks/ShadowSteal +CVE-2021-36934 - https://github.com/JoranSlingerland/CVE-2021-36934 CVE-2021-36934 - https://github.com/Mikasazero/Cobalt-Strike CVE-2021-36934 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-36934 - https://github.com/OlivierLaflamme/CVE-2021-36934-export-shadow-volume-POC +CVE-2021-36934 - https://github.com/Operational-Sciences-Group/Project-Beewolf CVE-2021-36934 - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet CVE-2021-36934 - https://github.com/SexyBeast233/SecBooks +CVE-2021-36934 - https://github.com/Sp00p64/PyNightmare +CVE-2021-36934 - https://github.com/VertigoRay/CVE-2021-36934 +CVE-2021-36934 - https://github.com/Wh04m1001/VSSCopy +CVE-2021-36934 - https://github.com/WiredPulse/Invoke-HiveDreams +CVE-2021-36934 - https://github.com/WiredPulse/Invoke-HiveNightmare CVE-2021-36934 - https://github.com/YangSirrr/YangsirStudyPlan CVE-2021-36934 - https://github.com/b4rtik/SharpKatz +CVE-2021-36934 - https://github.com/bytesizedalex/CVE-2021-36934 +CVE-2021-36934 - https://github.com/cfalta/MicrosoftWontFixList +CVE-2021-36934 - https://github.com/chron1k/oxide_hive +CVE-2021-36934 - https://github.com/creeper-exe/creeper-exe +CVE-2021-36934 - https://github.com/cube0x0/CVE-2021-36934 +CVE-2021-36934 - https://github.com/exploitblizzard/CVE-2021-36934 CVE-2021-36934 - https://github.com/geeksniper/windows-privilege-escalation +CVE-2021-36934 - https://github.com/grishinpv/poc_CVE-2021-36934 CVE-2021-36934 - https://github.com/guervild/BOFs CVE-2021-36934 - https://github.com/huike007/penetration_poc +CVE-2021-36934 - https://github.com/irissentinel/CVE-2021-36934 CVE-2021-36934 - https://github.com/izj007/wechat +CVE-2021-36934 - https://github.com/jmaddington/Serious-Sam---CVE-2021-36934-Mitigation-for-Datto-RMM CVE-2021-36934 - https://github.com/kas0n/RedTeam-Articles +CVE-2021-36934 - https://github.com/mr-r3b00t/HiveNigtmare +CVE-2021-36934 - https://github.com/mwarnerblu/GoHN +CVE-2021-36934 - https://github.com/n3tsurge/CVE-2021-36934 CVE-2021-36934 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-36934 - https://github.com/pyonghe/HiveNightmareChecker +CVE-2021-36934 - https://github.com/rnbochsr/atlas +CVE-2021-36934 - https://github.com/romarroca/SeriousSam +CVE-2021-36934 - https://github.com/shaktavist/SeriousSam CVE-2021-36934 - https://github.com/taielab/awesome-hacking-lists +CVE-2021-36934 - https://github.com/tda90/CVE-2021-36934 +CVE-2021-36934 - https://github.com/websecnl/CVE-2021-36934 CVE-2021-36934 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +CVE-2021-36934 - https://github.com/wolf0x/HiveNightmare +CVE-2021-36934 - https://github.com/wolf0x/PSHiveNightmare CVE-2021-36934 - https://github.com/wsummerhill/CobaltStrike_RedTeam_CheatSheet CVE-2021-36934 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2021-36936 - https://github.com/cfalta/MicrosoftWontFixList CVE-2021-36942 - https://github.com/ARPSyndicate/cvemon +CVE-2021-36942 - https://github.com/cfalta/MicrosoftWontFixList +CVE-2021-36942 - https://github.com/crisprss/PetitPotam CVE-2021-36942 - https://github.com/ly4k/PetitPotam +CVE-2021-36942 - https://github.com/r0eXpeR/supplier +CVE-2021-36942 - https://github.com/topotam/PetitPotam +CVE-2021-36947 - https://github.com/cfalta/MicrosoftWontFixList CVE-2021-36949 - https://github.com/Maxwitat/Check-AAD-Connect-for-CVE-2021-36949-vulnerability +CVE-2021-36949 - https://github.com/r0eXpeR/supplier CVE-2021-36958 - https://github.com/Tomparte/PrintNightmare +CVE-2021-36958 - https://github.com/xbufu/Mimispool CVE-2021-36975 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2021-3706 - https://github.com/ajmalabubakkr/CVE CVE-2021-3707 - https://github.com/ARPSyndicate/cvemon CVE-2021-3707 - https://github.com/HadiMed/DSL-2750U-Full-chain CVE-2021-3707 - https://github.com/nomi-sec/PoC-in-GitHub @@ -39755,10 +43849,15 @@ CVE-2021-3708 - https://github.com/HadiMed/DSL-2750U-Full-chain CVE-2021-3708 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-3711 - https://github.com/anchore/grype CVE-2021-3711 - https://github.com/aymankhder/scanner-for-container +CVE-2021-3711 - https://github.com/jntass/TASSL-1.1.1k CVE-2021-3711 - https://github.com/leonov-av/scanvus CVE-2021-3712 - https://github.com/anchore/grype +CVE-2021-3712 - https://github.com/giantswarm/starboard-exporter CVE-2021-3712 - https://github.com/leonov-av/scanvus +CVE-2021-3712 - https://github.com/lucky-sideburn/secpod_wrap CVE-2021-37144 - https://github.com/faisalfs10x/CVE-IDs +CVE-2021-37144 - https://github.com/nightfury99/CVE-IDs +CVE-2021-3715 - https://github.com/Markakd/kernel_exploit CVE-2021-37152 - https://github.com/SecurityAnalysts/CVE-2021-37152 CVE-2021-37185 - https://github.com/ic3sw0rd/S7_plus_Crash CVE-2021-37204 - https://github.com/ic3sw0rd/S7_plus_Crash @@ -39766,10 +43865,16 @@ CVE-2021-37205 - https://github.com/ic3sw0rd/S7_plus_Crash CVE-2021-37216 - https://github.com/ARPSyndicate/cvemon CVE-2021-37216 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-37343 - https://github.com/ARPSyndicate/cvemon +CVE-2021-3737 - https://github.com/GitHubForSnap/matrix-commander-gael +CVE-2021-3740 - https://github.com/ajmalabubakkr/CVE +CVE-2021-3741 - https://github.com/ajmalabubakkr/CVE +CVE-2021-37413 - https://github.com/martinkubecka/CVE-References CVE-2021-37414 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-3742 - https://github.com/ajmalabubakkr/CVE CVE-2021-37422 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-37423 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-3747 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-37475 - https://github.com/anhquan99/DetectSQLInjectionPyshark CVE-2021-3749 - https://github.com/MaySoMusician/geidai-ikoi CVE-2021-3749 - https://github.com/broxus/ever-wallet-browser-extension CVE-2021-3749 - https://github.com/rgstephens/node-red-contrib-graphql @@ -39779,21 +43884,33 @@ CVE-2021-37538 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-3757 - https://github.com/broxus/ever-wallet-browser-extension CVE-2021-37573 - https://github.com/ARPSyndicate/cvemon CVE-2021-37573 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-37580 - https://github.com/0x0021h/expbox CVE-2021-37580 - https://github.com/ARPSyndicate/cvemon CVE-2021-37580 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-37580 - https://github.com/Liang2580/CVE-2021-37580 CVE-2021-37580 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-37580 - https://github.com/Osyanina/westone-CVE-2021-37580-scanner +CVE-2021-37580 - https://github.com/Wing-song/CVE-2021-37580 +CVE-2021-37580 - https://github.com/ZororoZ/CVE-2021-37580 +CVE-2021-37580 - https://github.com/fengwenhua/CVE-2021-37580 CVE-2021-37580 - https://github.com/githublihaha/vul +CVE-2021-37580 - https://github.com/langligelang/langligelang CVE-2021-37580 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-37580 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-37580 - https://github.com/rabbitsafe/CVE-2021-37580 CVE-2021-37580 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +CVE-2021-37589 - https://github.com/luca-regne/CVE-2021-37589 CVE-2021-37593 - https://github.com/faisalfs10x/CVE-IDs +CVE-2021-37593 - https://github.com/nightfury99/CVE-IDs CVE-2021-37594 - https://github.com/googleprojectzero/winafl CVE-2021-37595 - https://github.com/googleprojectzero/winafl CVE-2021-37608 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-37624 - https://github.com/0xInfection/PewSWITCH CVE-2021-37624 - https://github.com/ARPSyndicate/cvemon CVE-2021-37624 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-37624 - https://github.com/taielab/awesome-hacking-lists CVE-2021-37678 - https://github.com/ARPSyndicate/cvemon +CVE-2021-37678 - https://github.com/fran-CICS/ExploitTensorflowCVE-2021-37678 CVE-2021-37678 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-37678 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-37704 - https://github.com/ARPSyndicate/cvemon @@ -39802,24 +43919,32 @@ CVE-2021-37714 - https://github.com/CodeIntelligenceTesting/jazzer CVE-2021-37714 - https://github.com/mosaic-hgw/jMeter CVE-2021-37742 - https://github.com/dawid-czarnecki/public-vulnerabilities CVE-2021-37748 - https://github.com/ARPSyndicate/cvemon +CVE-2021-37748 - https://github.com/SECFORCE/CVE-2021-37748 CVE-2021-37748 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-37748 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-37750 - https://github.com/leonov-av/scanvus +CVE-2021-37761 - https://github.com/r0eXpeR/supplier CVE-2021-3781 - https://github.com/okumuralab/bibun8 CVE-2021-37832 - https://github.com/ARPSyndicate/cvemon +CVE-2021-37832 - https://github.com/dievus/CVE-2021-37832 CVE-2021-37832 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-37832 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-37833 - https://github.com/ARPSyndicate/cvemon CVE-2021-37833 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-37833 - https://github.com/dievus/CVE-2021-37833 CVE-2021-37850 - https://github.com/p1atdev/CVE-2021-37850 CVE-2021-37915 - https://github.com/SECFORCE/CVE-2021-37748 +CVE-2021-37927 - https://github.com/r0eXpeR/supplier CVE-2021-37980 - https://github.com/ARPSyndicate/cvemon CVE-2021-37980 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-37980 - https://github.com/ZeusBox/CVE-2021-37980 CVE-2021-37980 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-37980 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-37980 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-37991 - https://github.com/googleprojectzero/fuzzilli CVE-2021-38001 - https://github.com/ARPSyndicate/cvemon +CVE-2021-38001 - https://github.com/Peterpan0927/TFC-Chrome-v8-bug-CVE-2021-38001-poc +CVE-2021-38001 - https://github.com/maldiohead/TFC-Chrome-v8-bug-CVE-2021-38001-poc CVE-2021-38001 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-38001 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-38001 - https://github.com/vngkv123/aSiagaming @@ -39831,8 +43956,12 @@ CVE-2021-38085 - https://github.com/geeksniper/windows-privilege-escalation CVE-2021-38085 - https://github.com/jacob-baines/concealed_position CVE-2021-38112 - https://github.com/RhinoSecurityLabs/CVEs CVE-2021-38112 - https://github.com/SummitRoute/csp_security_mistakes +CVE-2021-38114 - https://github.com/meweez/meweez +CVE-2021-38115 - https://github.com/meweez/meweez CVE-2021-38149 - https://github.com/jboogie15/CVE-2021-38149 CVE-2021-3815 - https://github.com/OpenGitLab/Bug-Storage +CVE-2021-38165 - https://github.com/yiffOS/patches +CVE-2021-38171 - https://github.com/meweez/meweez CVE-2021-38173 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-38176 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-38177 - https://github.com/Onapsis/vulnerability_advisories @@ -39842,6 +43971,7 @@ CVE-2021-3825 - https://github.com/mdisec/mdisec-twitch-yayinlari CVE-2021-3829 - https://github.com/OpenGitLab/Bug-Storage CVE-2021-38294 - https://github.com/ARPSyndicate/cvemon CVE-2021-38295 - https://github.com/ARPSyndicate/cvemon +CVE-2021-38295 - https://github.com/ProfessionallyEvil/CVE-2021-38295-PoC CVE-2021-38295 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-38295 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-3831 - https://github.com/OpenGitLab/Bug-Storage @@ -39864,7 +43994,9 @@ CVE-2021-38560 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-38560 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-3857 - https://github.com/OpenGitLab/Bug-Storage CVE-2021-38583 - https://github.com/charlesbickel/CVE-2021-38583 +CVE-2021-38601 - https://github.com/5l1v3r1/CVE-2021-38601 CVE-2021-38602 - https://github.com/KielVaughn/CVE-2021-38602 +CVE-2021-38603 - https://github.com/KielVaughn/CVE-2021-38603 CVE-2021-38604 - https://github.com/dispera/giant-squid CVE-2021-38604 - https://github.com/nedenwalker/spring-boot-app-using-gradle CVE-2021-38604 - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln @@ -39872,32 +44004,67 @@ CVE-2021-38604 - https://github.com/thegeeklab/audit-exporter CVE-2021-3861 - https://github.com/szymonh/szymonh CVE-2021-38619 - https://github.com/charlesbickel/CVE-2021-38619 CVE-2021-3863 - https://github.com/noobpk/noobpk +CVE-2021-38639 - https://github.com/DarkSprings/CVE-2021-38639 CVE-2021-38639 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-38639 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2021-38645 - https://github.com/joshhighet/omi +CVE-2021-38645 - https://github.com/rcarboneras/OMIGOD-OMSAgentInfo +CVE-2021-38645 - https://github.com/sbiqbe/omigod-check CVE-2021-38646 - https://github.com/Spacial/awesome-csirt CVE-2021-38647 - https://github.com/ARPSyndicate/cvemon CVE-2021-38647 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-38647 - https://github.com/AlteredSecurity/CVE-2021-38647 CVE-2021-38647 - https://github.com/Astrogeorgeonethree/Starred +CVE-2021-38647 - https://github.com/FDlucifer/firece-fish +CVE-2021-38647 - https://github.com/Immersive-Labs-Sec/cve-2021-38647 CVE-2021-38647 - https://github.com/Iveco/xknow_infosec +CVE-2021-38647 - https://github.com/Metarget/awesome-cloud-security +CVE-2021-38647 - https://github.com/SimenBai/CVE-2021-38647-POC-and-Demo-environment +CVE-2021-38647 - https://github.com/Vulnmachines/OMIGOD_cve-2021-38647 CVE-2021-38647 - https://github.com/abousteif/cve-2021-38647 CVE-2021-38647 - https://github.com/cisagov/Malcolm CVE-2021-38647 - https://github.com/corelight/CVE-2021-38647 +CVE-2021-38647 - https://github.com/craig-m-unsw/omigod-lab +CVE-2021-38647 - https://github.com/fr34kyy/omigod +CVE-2021-38647 - https://github.com/hetmehtaa/bug-bounty-noob +CVE-2021-38647 - https://github.com/horizon3ai/CVE-2021-38647 +CVE-2021-38647 - https://github.com/joshhighet/omi +CVE-2021-38647 - https://github.com/m1thryn/CVE-2021-38647 +CVE-2021-38647 - https://github.com/marcosimioni/omigood +CVE-2021-38647 - https://github.com/midoxnet/CVE-2021-38647 +CVE-2021-38647 - https://github.com/nday-ldgz/ZoomEye-dork CVE-2021-38647 - https://github.com/neolin-ms/AzureDocLinks CVE-2021-38647 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-38647 - https://github.com/r0eXpeR/supplier +CVE-2021-38647 - https://github.com/rcarboneras/OMIGOD-OMSAgentInfo +CVE-2021-38647 - https://github.com/sbiqbe/omigod-check CVE-2021-38648 - https://github.com/ARPSyndicate/cvemon +CVE-2021-38648 - https://github.com/joshhighet/omi +CVE-2021-38648 - https://github.com/rcarboneras/OMIGOD-OMSAgentInfo +CVE-2021-38648 - https://github.com/sbiqbe/omigod-check +CVE-2021-38649 - https://github.com/joshhighet/omi +CVE-2021-38649 - https://github.com/rcarboneras/OMIGOD-OMSAgentInfo +CVE-2021-38649 - https://github.com/sbiqbe/omigod-check CVE-2021-38665 - https://github.com/googleprojectzero/winafl CVE-2021-38666 - https://github.com/ARPSyndicate/cvemon +CVE-2021-38666 - https://github.com/DarkSprings/CVE-2021-38666-poc CVE-2021-38666 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups CVE-2021-38666 - https://github.com/googleprojectzero/winafl CVE-2021-38666 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-38666 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-38699 - https://github.com/HuskyHacks/CVE-2021-38699-Reflected-XSS +CVE-2021-38699 - https://github.com/HuskyHacks/CVE-2021-38699-Stored-XSS +CVE-2021-38699 - https://github.com/Justin-1993/CVE-2021-38699 CVE-2021-38702 - https://github.com/ARPSyndicate/cvemon CVE-2021-38702 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-38704 - https://github.com/ARPSyndicate/cvemon CVE-2021-38704 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-38704 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-38704 - https://github.com/sudonoodle/CVE-2021-38704 CVE-2021-38705 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-38705 - https://github.com/sudonoodle/CVE-2021-38705 CVE-2021-38706 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-38706 - https://github.com/sudonoodle/CVE-2021-38706 CVE-2021-38707 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-38710 - https://github.com/security-n/CVE-2021-38710 CVE-2021-3874 - https://github.com/Haxatron/Haxatron @@ -39906,6 +44073,7 @@ CVE-2021-38751 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-38759 - https://github.com/ARPSyndicate/cvemon CVE-2021-38759 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-3879 - https://github.com/noobpk/noobpk +CVE-2021-38833 - https://github.com/mari0x00/AVMS-exploit CVE-2021-38877 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-38951 - https://github.com/r00t4dm/r00t4dm CVE-2021-3900 - https://github.com/Haxatron/Haxatron @@ -39914,8 +44082,10 @@ CVE-2021-3903 - https://github.com/cemonatk/onefuzzyway CVE-2021-3906 - https://github.com/Haxatron/Haxatron CVE-2021-39111 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-39113 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-39115 - https://github.com/PetrusViet/CVE-2021-39115 CVE-2021-39115 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-39117 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-39137 - https://github.com/gnc-project/galaxynetwork CVE-2021-39141 - https://github.com/Shadow0ps/CVE-2021-28482-Exchange-POC CVE-2021-39141 - https://github.com/zwjjustdoit/Xstream-1.4.17 CVE-2021-39144 - https://github.com/Shadow0ps/CVE-2021-28482-Exchange-POC @@ -39925,6 +44095,7 @@ CVE-2021-39148 - https://github.com/wh1t3p1g/tabby CVE-2021-39150 - https://github.com/Shadow0ps/CVE-2021-28482-Exchange-POC CVE-2021-39150 - https://github.com/zwjjustdoit/Xstream-1.4.17 CVE-2021-39152 - https://github.com/wh1t3p1g/tabby +CVE-2021-39152 - https://github.com/zwjjustdoit/Xstream-1.4.17 CVE-2021-39201 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-39204 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-39206 - https://github.com/p1ay8y3ar/cve_monitor @@ -39940,6 +44111,7 @@ CVE-2021-3927 - https://github.com/cemonatk/onefuzzyway CVE-2021-39273 - https://github.com/nikip72/CVE-2021-39273-CVE-2021-39274 CVE-2021-39274 - https://github.com/nikip72/CVE-2021-39273-CVE-2021-39274 CVE-2021-3928 - https://github.com/cemonatk/onefuzzyway +CVE-2021-39287 - https://github.com/Fearless523/CVE-2021-39287-Stored-XSS CVE-2021-3931 - https://github.com/Haxatron/Haxatron CVE-2021-39316 - https://github.com/ARPSyndicate/cvemon CVE-2021-39316 - https://github.com/ARPSyndicate/kenzer-templates @@ -39964,16 +44136,23 @@ CVE-2021-39379 - https://github.com/security-n/CVE-2021-39379 CVE-2021-3938 - https://github.com/Haxatron/Haxatron CVE-2021-39433 - https://github.com/ARPSyndicate/cvemon CVE-2021-39433 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-39433 - https://github.com/PinkDraconian/CVE-2021-39433 CVE-2021-39433 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-3944 - https://github.com/Haxatron/Haxatron +CVE-2021-3945 - https://github.com/0x0021h/expbox CVE-2021-3945 - https://github.com/noobpk/noobpk +CVE-2021-39475 - https://github.com/W4RCL0UD/CVE-2021-39475 +CVE-2021-39476 - https://github.com/W4RCL0UD/CVE-2021-39476 CVE-2021-3950 - https://github.com/noobpk/noobpk CVE-2021-39501 - https://github.com/ARPSyndicate/cvemon CVE-2021-39501 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-39512 - https://github.com/guusec/CVE-2021-39512-BigTreeCMS-v4.4.14-AccountTakeOver +CVE-2021-3952 - https://github.com/r0eXpeR/supplier CVE-2021-39623 - https://github.com/ARPSyndicate/cvemon CVE-2021-39623 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-39623 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-3963 - https://github.com/Haxatron/Haxatron +CVE-2021-39659 - https://github.com/kris-classes/restart CVE-2021-3966 - https://github.com/szymonh/szymonh CVE-2021-39685 - https://github.com/ARPSyndicate/cvemon CVE-2021-39685 - https://github.com/nomi-sec/PoC-in-GitHub @@ -40003,6 +44182,7 @@ CVE-2021-40101 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-4015 - https://github.com/Haxatron/Haxatron CVE-2021-40153 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-40154 - https://github.com/ARPSyndicate/cvemon +CVE-2021-40154 - https://github.com/Xen1thLabs-AE/CVE-2021-40154 CVE-2021-40154 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-40154 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-40155 - https://github.com/p1ay8y3ar/cve_monitor @@ -40015,8 +44195,10 @@ CVE-2021-40223 - https://github.com/asang17/CVE-2021-40223 CVE-2021-40232 - https://github.com/noobpk/noobpk CVE-2021-40233 - https://github.com/noobpk/noobpk CVE-2021-40234 - https://github.com/noobpk/noobpk +CVE-2021-40239 - https://github.com/H4niz/CVE CVE-2021-4024 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-4026 - https://github.com/Haxatron/Haxatron +CVE-2021-40292 - https://github.com/minhgalaxy/CVE CVE-2021-4032 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-40323 - https://github.com/ARPSyndicate/cvemon CVE-2021-40323 - https://github.com/ARPSyndicate/kenzer-templates @@ -40031,6 +44213,8 @@ CVE-2021-4034 - https://github.com/Awrrays/Pentest-Tips CVE-2021-4034 - https://github.com/BachoSeven/stellestelline CVE-2021-4034 - https://github.com/CYB3RK1D/CVE-2021-4034-POC CVE-2021-4034 - https://github.com/DosAmp/pkwned +CVE-2021-4034 - https://github.com/Hiimsonkul/Hiimsonkul +CVE-2021-4034 - https://github.com/IBM-Cloud/vpc-ha-iac CVE-2021-4034 - https://github.com/Ignitetechnologies/Linux-Privilege-Escalation CVE-2021-4034 - https://github.com/Kirill89/CVE-2021-4034 CVE-2021-4034 - https://github.com/MedKH1684/Pwnkit-CVE-2021-4034 @@ -40063,6 +44247,7 @@ CVE-2021-4034 - https://github.com/hackingyseguridad/CVE-2021-4034 CVE-2021-4034 - https://github.com/hohn/codeql-sample-polkit CVE-2021-4034 - https://github.com/jostmart/-CVE-2021-4034 CVE-2021-4034 - https://github.com/kaosagnt/ansible-everyday +CVE-2021-4034 - https://github.com/learner-ing/changeTools CVE-2021-4034 - https://github.com/liamg/traitor CVE-2021-4034 - https://github.com/luckythandel/CVE-2021-4034 CVE-2021-4034 - https://github.com/ly4k/PwnKit @@ -40078,6 +44263,7 @@ CVE-2021-4034 - https://github.com/rayheffer/CVE-2021-4034 CVE-2021-4034 - https://github.com/robemmerson/CVE-2021-4034 CVE-2021-4034 - https://github.com/san3ncrypt3d/CVE-2021-4034-POC CVE-2021-4034 - https://github.com/sanchez-anthony/ansible_pwnkit_mitigation +CVE-2021-4034 - https://github.com/sarutobi12/sarutobi12 CVE-2021-4034 - https://github.com/scent2d/PoC-CVE-2021-4034 CVE-2021-4034 - https://github.com/slange-dev/slange-dev CVE-2021-4034 - https://github.com/sofire/polkit-0.96-CVE-2021-4034 @@ -40090,102 +44276,196 @@ CVE-2021-4034 - https://github.com/uhub/awesome-c CVE-2021-4034 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-4034 - https://github.com/wongwaituck/CVE-2021-4034 CVE-2021-4034 - https://github.com/xymeng16/security +CVE-2021-4034 - https://github.com/zetaemme/b4d_p3n6u1n CVE-2021-4034 - https://github.com/ziadsaleemi/polkit_CVE-2021-4034 CVE-2021-40346 - https://github.com/ARPSyndicate/cvemon +CVE-2021-40346 - https://github.com/CHYbeta/OddProxyDemo +CVE-2021-40346 - https://github.com/D4rkP0w4r/INTENT-CTF-2021 +CVE-2021-40346 - https://github.com/Vulnmachines/HAProxy_CVE-2021-40346 +CVE-2021-40346 - https://github.com/alikarimi999/CVE-2021-40346 +CVE-2021-40346 - https://github.com/chenjj/Awesome-HTTPRequestSmuggling +CVE-2021-40346 - https://github.com/donky16/CVE-2021-40346-POC CVE-2021-40346 - https://github.com/izj007/wechat +CVE-2021-40346 - https://github.com/knqyf263/CVE-2021-40346 CVE-2021-40346 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-40346 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-40346 - https://github.com/taielab/awesome-hacking-lists CVE-2021-4035 - https://github.com/0xalwayslucky/log4j-polkit-poc +CVE-2021-40352 - https://github.com/allenenosh/CVE-2021-40352 +CVE-2021-40352 - https://github.com/allenenosh/allenenosh +CVE-2021-40352 - https://github.com/zeroc00I/CVE-2021-09-03 +CVE-2021-40353 - https://github.com/5qu1n7/CVE-2021-40353 CVE-2021-40353 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-40373 - https://github.com/maikroservice/CVE-2021-40373 +CVE-2021-40374 - https://github.com/DCKento/CVE-2021-40374 +CVE-2021-40375 - https://github.com/DCKento/CVE-2021-40375 CVE-2021-4043 - https://github.com/ARPSyndicate/cvemon CVE-2021-4043 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-4043 - https://github.com/oreosec/pwnkit CVE-2021-40438 - https://github.com/0day666/Vulnerability-verification CVE-2021-40438 - https://github.com/ARPSyndicate/cvemon CVE-2021-40438 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-40438 - https://github.com/BabyTeam1024/CVE-2021-40438 +CVE-2021-40438 - https://github.com/CHYbeta/OddProxyDemo +CVE-2021-40438 - https://github.com/HxDDD/CVE-PoC +CVE-2021-40438 - https://github.com/ericmann/apache-cve-poc CVE-2021-40438 - https://github.com/harsh-bothra/learn365 CVE-2021-40438 - https://github.com/litt1eb0yy/One-Liner-Scripts CVE-2021-40438 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-40438 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-40438 - https://github.com/pisut4152/Sigma-Rule-for-CVE-2021-40438-exploitation-attempt +CVE-2021-40438 - https://github.com/sixpacksecurity/CVE-2021-40438 +CVE-2021-40438 - https://github.com/vsh00t/BB-PoC +CVE-2021-40438 - https://github.com/xiaojiangxl/CVE-2021-40438 +CVE-2021-40444 - https://github.com/0xK4gura/CVE-2021-40444-POC CVE-2021-40444 - https://github.com/0xsyr0/OSCP CVE-2021-40444 - https://github.com/ARPSyndicate/cvemon +CVE-2021-40444 - https://github.com/Alexcot25051999/CVE-2021-40444 CVE-2021-40444 - https://github.com/Ascotbe/Kernelhub +CVE-2021-40444 - https://github.com/DarkSprings/CVE-2021-40444 +CVE-2021-40444 - https://github.com/Edubr2020/CVE-2021-40444--CABless +CVE-2021-40444 - https://github.com/H0j3n/CVE-2021-40444 +CVE-2021-40444 - https://github.com/Immersive-Labs-Sec/cve-2021-40444-analysis CVE-2021-40444 - https://github.com/Iveco/xknow_infosec +CVE-2021-40444 - https://github.com/Jeromeyoung/MSHTMHell +CVE-2021-40444 - https://github.com/KnoooW/CVE-2021-40444-docx-Generate +CVE-2021-40444 - https://github.com/LazarusReborn/Docx-Exploit-2021 CVE-2021-40444 - https://github.com/LumaKernel/awesome-stars CVE-2021-40444 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-40444 - https://github.com/Panopticon-Project/panopticon-WizardSpider CVE-2021-40444 - https://github.com/Spacial/awesome-csirt +CVE-2021-40444 - https://github.com/TiagoSergio/CVE-2021-40444 +CVE-2021-40444 - https://github.com/Udyz/CVE-2021-40444-CAB +CVE-2021-40444 - https://github.com/Udyz/CVE-2021-40444-Sample CVE-2021-40444 - https://github.com/VilNE-Scanner/VilNE CVE-2021-40444 - https://github.com/YangSirrr/YangsirStudyPlan +CVE-2021-40444 - https://github.com/Zeop-CyberSec/word_mshtml +CVE-2021-40444 - https://github.com/aslitsecurity/CVE-2021-40444_builders +CVE-2021-40444 - https://github.com/aydianosec/CVE2021-40444 +CVE-2021-40444 - https://github.com/ba0jy/awesome-intelligence +CVE-2021-40444 - https://github.com/bambooqj/CVE-2021-40444_EXP_JS CVE-2021-40444 - https://github.com/carloslacasa/cyber-ansible +CVE-2021-40444 - https://github.com/eduardomcm/VelociraptorCompetition CVE-2021-40444 - https://github.com/eminunal1453/Various-Malware-Hashes +CVE-2021-40444 - https://github.com/endrazine/cnam-tp5-sec108 +CVE-2021-40444 - https://github.com/factionsypho/TIC4301_Project +CVE-2021-40444 - https://github.com/fengjixuchui/CVE-2021-40444-docx-Generate +CVE-2021-40444 - https://github.com/gh0stxplt/CVE-2021-40444-URL-Extractor CVE-2021-40444 - https://github.com/izj007/wechat +CVE-2021-40444 - https://github.com/jamesrep/cve-2021-40444 +CVE-2021-40444 - https://github.com/js-on/CVE-2021-40444 CVE-2021-40444 - https://github.com/k8gege/CVE-2021-40444 +CVE-2021-40444 - https://github.com/kal1gh0st/CVE-2021-40444_CAB_archives +CVE-2021-40444 - https://github.com/klezVirus/CVE-2021-40444 +CVE-2021-40444 - https://github.com/lisinan988/CVE-2021-40444-exp +CVE-2021-40444 - https://github.com/lockedbyte/CVE-2021-40444 +CVE-2021-40444 - https://github.com/mahesh-0369/my-project-2 +CVE-2021-40444 - https://github.com/mansk1es/Caboom +CVE-2021-40444 - https://github.com/nightrelax/Exploit-PoC-CVE-2021-40444-inject-ma-doc-vao-docx CVE-2021-40444 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-40444 - https://github.com/ozergoker/CVE-2021-40444 +CVE-2021-40444 - https://github.com/r0eXpeR/supplier +CVE-2021-40444 - https://github.com/ramirezversion/winwordexfil +CVE-2021-40444 - https://github.com/rfcxv/CVE-2021-40444-POC +CVE-2021-40444 - https://github.com/slaughterjames/Dridex_17092021 CVE-2021-40444 - https://github.com/taielab/awesome-hacking-lists CVE-2021-40444 - https://github.com/ulexec/Exploits CVE-2021-40444 - https://github.com/vanhohen/ADNinja +CVE-2021-40444 - https://github.com/vanhohen/MSHTML-CVE-2021-40444 +CVE-2021-40444 - https://github.com/vysecurity/CVE-2021-40444 CVE-2021-40444 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-40444 - https://github.com/ycdxsb/WindowsPrivilegeEscalation +CVE-2021-40444 - https://github.com/zaneGittins/CVE-2021-40444-evtx CVE-2021-40447 - https://github.com/Tomparte/PrintNightmare CVE-2021-40449 - https://github.com/ARPSyndicate/cvemon CVE-2021-40449 - https://github.com/Al1ex/WindowsElevation CVE-2021-40449 - https://github.com/Ascotbe/Kernelhub +CVE-2021-40449 - https://github.com/CppXL/cve-2021-40449-poc CVE-2021-40449 - https://github.com/FunnyWolf/Viper +CVE-2021-40449 - https://github.com/KaLendsi/CVE-2021-40449-Exploit +CVE-2021-40449 - https://github.com/Kristal-g/CVE-2021-40449_poc CVE-2021-40449 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2021-40449 - https://github.com/S3cur3Th1sSh1t/WinPwn +CVE-2021-40449 - https://github.com/hakivvi/CVE-2021-40449 +CVE-2021-40449 - https://github.com/ly4k/CallbackHell CVE-2021-40449 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-40449 - https://github.com/pipiscrew/timeline CVE-2021-40449 - https://github.com/taielab/awesome-hacking-lists +CVE-2021-40449 - https://github.com/timwhitez/Git-Daily CVE-2021-40449 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-40449 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2021-4045 - https://github.com/ARPSyndicate/cvemon CVE-2021-4045 - https://github.com/binganao/vulns-2022 +CVE-2021-4045 - https://github.com/hacefresko/CVE-2021-4045-PoC CVE-2021-4045 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-40450 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-40450 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2021-40490 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-40492 - https://github.com/5qu1n7/CVE-2021-40492 CVE-2021-40492 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-40512 - https://github.com/war4uthor/CVE-2021-40512 +CVE-2021-40513 - https://github.com/war4uthor/CVE-2021-40513 +CVE-2021-40514 - https://github.com/war4uthor/CVE-2021-40514 +CVE-2021-40528 - https://github.com/brandoncamenisch/release-the-code-litecoin CVE-2021-40531 - https://github.com/ARPSyndicate/cvemon +CVE-2021-40531 - https://github.com/jonpalmisc/CVE-2021-40531 CVE-2021-40531 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-40539 - https://github.com/ARPSyndicate/cvemon CVE-2021-40539 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-40539 - https://github.com/DarkSprings/CVE-2021-40539 CVE-2021-40539 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2021-40539 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-40539 - https://github.com/r0eXpeR/supplier +CVE-2021-40539 - https://github.com/synacktiv/CVE-2021-40539 CVE-2021-40539 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-40542 - https://github.com/ARPSyndicate/cvemon CVE-2021-40542 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-40617 - https://github.com/H4niz/CVE +CVE-2021-40618 - https://github.com/minhgalaxy/CVE CVE-2021-40670 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-40690 - https://github.com/onelogin/java-saml CVE-2021-40690 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-40697 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-40724 - https://github.com/NetKingJ/android-security-awesome +CVE-2021-40728 - https://github.com/zanezhub/PIA-PC CVE-2021-4075 - https://github.com/Haxatron/Haxatron +CVE-2021-40812 - https://github.com/meweez/meweez CVE-2021-40839 - https://github.com/ARPSyndicate/cvemon CVE-2021-40839 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-40839 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-40845 - https://github.com/FDlucifer/firece-fish +CVE-2021-40845 - https://github.com/ricardojoserf/CVE-2021-40845 +CVE-2021-40847 - https://github.com/hetmehtaa/bug-bounty-noob CVE-2021-40856 - https://github.com/ARPSyndicate/cvemon CVE-2021-40856 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-40859 - https://github.com/ARPSyndicate/cvemon CVE-2021-40859 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-40859 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-40865 - https://github.com/ARPSyndicate/cvemon +CVE-2021-40865 - https://github.com/hktalent/CVE-2021-40865 CVE-2021-40865 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-40865 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-40868 - https://github.com/ARPSyndicate/cvemon CVE-2021-40868 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-40870 - https://github.com/0xAgun/CVE-2021-40870 CVE-2021-40870 - https://github.com/ARPSyndicate/cvemon CVE-2021-40870 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-40870 - https://github.com/FDlucifer/firece-fish +CVE-2021-40870 - https://github.com/JoyGhoshs/CVE-2021-40870 +CVE-2021-40870 - https://github.com/byteofjoshua/CVE-2021-40870 CVE-2021-40870 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-40875 - https://github.com/ARPSyndicate/cvemon CVE-2021-40875 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-40875 - https://github.com/SakuraSamuraii/derailed CVE-2021-4089 - https://github.com/Haxatron/Haxatron CVE-2021-40904 - https://github.com/ARPSyndicate/cvemon +CVE-2021-40904 - https://github.com/Edgarloyola/CVE-2021-40904 CVE-2021-40904 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-40905 - https://github.com/ARPSyndicate/cvemon +CVE-2021-40905 - https://github.com/Edgarloyola/CVE-2021-40905 CVE-2021-40905 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-40906 - https://github.com/ARPSyndicate/cvemon +CVE-2021-40906 - https://github.com/Edgarloyola/CVE-2021-40906 CVE-2021-40906 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-40960 - https://github.com/ARPSyndicate/cvemon CVE-2021-40960 - https://github.com/ARPSyndicate/kenzer-templates @@ -40194,8 +44474,10 @@ CVE-2021-40965 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-40966 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-40978 - https://github.com/ARPSyndicate/cvemon CVE-2021-40978 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-40978 - https://github.com/nisdn/CVE-2021-40978 CVE-2021-40978 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-4104 - https://github.com/ARPSyndicate/cvemon +CVE-2021-4104 - https://github.com/Diablo5G/Certification-Prep CVE-2021-4104 - https://github.com/GGongnanE/TodayILearned CVE-2021-4104 - https://github.com/HackJava/Log4j2 CVE-2021-4104 - https://github.com/HynekPetrak/log4shell-finder @@ -40216,6 +44498,7 @@ CVE-2021-4104 - https://github.com/whitesource-ps/ws-bulk-report-generator CVE-2021-4104 - https://github.com/whitesource/log4j-detect-distribution CVE-2021-41061 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-41073 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-41074 - https://github.com/dillonkirsch/CVE-2021-41074 CVE-2021-41081 - https://github.com/ARPSyndicate/cvemon CVE-2021-41081 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-41081 - https://github.com/p1ay8y3ar/cve_monitor @@ -40223,23 +44506,61 @@ CVE-2021-41082 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-41083 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-41088 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-41089 - https://github.com/ssst0n3/my_vulnerabilities +CVE-2021-41089 - https://github.com/ssst0n3/ssst0n3 +CVE-2021-41157 - https://github.com/0xInfection/PewSWITCH CVE-2021-41157 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-41157 - https://github.com/taielab/awesome-hacking-lists CVE-2021-41174 - https://github.com/ARPSyndicate/cvemon CVE-2021-41174 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-41174 - https://github.com/we45/nuclei-appsec-workflows CVE-2021-4119 - https://github.com/Haxatron/Haxatron +CVE-2021-41196 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41197 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41198 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41199 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41200 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41201 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41202 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41203 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41204 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41205 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41207 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41208 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41209 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41210 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41211 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41212 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41213 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41214 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41215 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41216 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41219 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41221 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41223 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41224 - https://github.com/adwisatya/SnykVulndb +CVE-2021-41227 - https://github.com/adwisatya/SnykVulndb CVE-2021-4124 - https://github.com/OpenGitLab/Bug-Storage CVE-2021-41266 - https://github.com/ARPSyndicate/cvemon CVE-2021-41266 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-41273 - https://github.com/Haxatron/Haxatron +CVE-2021-41277 - https://github.com/0x0021h/expbox CVE-2021-41277 - https://github.com/ARPSyndicate/cvemon CVE-2021-41277 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-41277 - https://github.com/FDlucifer/firece-fish +CVE-2021-41277 - https://github.com/Henry4E36/Metabase-cve-2021-41277 CVE-2021-41277 - https://github.com/LeakIX/l9explore CVE-2021-41277 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-41277 - https://github.com/Seals6/CVE-2021-41277 +CVE-2021-41277 - https://github.com/TheLastVvV/CVE-2021-41277 +CVE-2021-41277 - https://github.com/Vulnmachines/Metabase_CVE-2021-41277 CVE-2021-41277 - https://github.com/bigblackhat/oFx +CVE-2021-41277 - https://github.com/kaizensecurity/CVE-2021-41277 +CVE-2021-41277 - https://github.com/kap1ush0n/CVE-2021-41277 CVE-2021-41277 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-41277 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-41277 - https://github.com/tahtaciburak/CVE-2021-41277 CVE-2021-41277 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +CVE-2021-41277 - https://github.com/z3n70/CVE-2021-41277 CVE-2021-41291 - https://github.com/ARPSyndicate/cvemon CVE-2021-41291 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-41293 - https://github.com/ARPSyndicate/cvemon @@ -40247,93 +44568,210 @@ CVE-2021-41293 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-4130 - https://github.com/Haxatron/Haxatron CVE-2021-41303 - https://github.com/pen4uin/vulnerability-lab CVE-2021-41326 - https://github.com/dawid-czarnecki/public-vulnerabilities +CVE-2021-41335 - https://github.com/waleedassar/ObpCreateSymbolicLinkName_EoP +CVE-2021-41349 - https://github.com/0x0021h/expbox CVE-2021-41349 - https://github.com/ARPSyndicate/cvemon CVE-2021-41349 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-41349 - https://github.com/cepxeo/pentest_notes CVE-2021-41349 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-41349 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-41351 - https://github.com/ARPSyndicate/cvemon +CVE-2021-41351 - https://github.com/JaneMandy/CVE-2021-41351-POC CVE-2021-41351 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-41351 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-41357 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-41357 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2021-41379 - https://github.com/AlexandrVIvanov/InstallerFileTakeOver +CVE-2021-41379 - https://github.com/Octoberfest7/Tools CVE-2021-41379 - https://github.com/devopscoder331/CVE_InstallerFileTakeOver CVE-2021-41379 - https://github.com/dxnboy/redteam +CVE-2021-41379 - https://github.com/klinix5/InstallerFileTakeOver CVE-2021-41379 - https://github.com/noname1007/InstallerFileTakeOver CVE-2021-41379 - https://github.com/puckiestyle/InstallerFileTakeOver CVE-2021-41379 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2021-41381 - https://github.com/ARPSyndicate/cvemon CVE-2021-41381 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-41381 - https://github.com/Net-hunter121/CVE-2021-41381 +CVE-2021-41382 - https://github.com/basubanakar/Plastic-SCM-Exploit CVE-2021-41467 - https://github.com/ARPSyndicate/cvemon CVE-2021-41467 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-41495 - https://github.com/Daybreak2019/PolyCruise +CVE-2021-41495 - https://github.com/baltsers/polycruise CVE-2021-41496 - https://github.com/Daybreak2019/PolyCruise +CVE-2021-41496 - https://github.com/baltsers/polycruise CVE-2021-41497 - https://github.com/Daybreak2019/PolyCruise +CVE-2021-41497 - https://github.com/baltsers/polycruise CVE-2021-41498 - https://github.com/Daybreak2019/PolyCruise +CVE-2021-41498 - https://github.com/baltsers/polycruise CVE-2021-41499 - https://github.com/Daybreak2019/PolyCruise +CVE-2021-41499 - https://github.com/baltsers/polycruise CVE-2021-41500 - https://github.com/Daybreak2019/PolyCruise +CVE-2021-41500 - https://github.com/baltsers/polycruise +CVE-2021-41511 - https://github.com/Ni7inSharma/CVE-2021-41511 CVE-2021-41526 - https://github.com/RonnieSalomonsen/My-CVEs +CVE-2021-41560 - https://github.com/Nickguitar/RevCAT CVE-2021-41591 - https://github.com/davidshares/Lightning-Network CVE-2021-41592 - https://github.com/davidshares/Lightning-Network CVE-2021-41593 - https://github.com/davidshares/Lightning-Network +CVE-2021-41595 - https://github.com/ach-ing/cves +CVE-2021-41596 - https://github.com/ach-ing/cves +CVE-2021-41597 - https://github.com/ach-ing/cves CVE-2021-41617 - https://github.com/phx/cvescan CVE-2021-41643 - https://github.com/ARPSyndicate/cvemon +CVE-2021-41643 - https://github.com/hax3xploit/CVE-2021-41643 CVE-2021-41643 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-41643 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-41644 - https://github.com/ARPSyndicate/cvemon +CVE-2021-41644 - https://github.com/hax3xploit/CVE-2021-41644 CVE-2021-41644 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-41644 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-41645 - https://github.com/ARPSyndicate/cvemon +CVE-2021-41645 - https://github.com/hax3xploit/CVE-2021-41645 CVE-2021-41645 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-41645 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-41646 - https://github.com/ARPSyndicate/cvemon +CVE-2021-41646 - https://github.com/hax3xploit/CVE-2021-41646 CVE-2021-41646 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-41646 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-41647 - https://github.com/MobiusBinary/CVE-2021-41647 CVE-2021-41648 - https://github.com/ARPSyndicate/cvemon CVE-2021-41648 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-41648 - https://github.com/MobiusBinary/CVE-2021-41648 CVE-2021-41649 - https://github.com/ARPSyndicate/cvemon CVE-2021-41649 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-41649 - https://github.com/MobiusBinary/CVE-2021-41649 CVE-2021-41651 - https://github.com/MobiusBinary/CVE-2021-41651 +CVE-2021-41653 - https://github.com/0x0021h/expbox CVE-2021-41653 - https://github.com/ARPSyndicate/cvemon CVE-2021-41653 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-41653 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2021-41653 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-41653 - https://github.com/ohnonoyesyes/CVE-2021-41653 CVE-2021-41653 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- CVE-2021-41728 - https://github.com/ARPSyndicate/cvemon +CVE-2021-41728 - https://github.com/Dir0x/CVE-2021-41728 CVE-2021-41728 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-41728 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-41730 - https://github.com/ARPSyndicate/cvemon +CVE-2021-41730 - https://github.com/IBUILI/CVE-2021-41730 CVE-2021-41730 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-41733 - https://github.com/PentesterGuruji/CVE-2021-41773 CVE-2021-41773 - https://github.com/0day666/Vulnerability-verification CVE-2021-41773 - https://github.com/0e0w/GoHackTools +CVE-2021-41773 - https://github.com/0x3n0/redeam +CVE-2021-41773 - https://github.com/0xAlmighty/CVE-2021-41773-PoC +CVE-2021-41773 - https://github.com/0xRar/CVE-2021-41773 CVE-2021-41773 - https://github.com/0xsyr0/OSCP +CVE-2021-41773 - https://github.com/1nhann/CVE-2021-41773 +CVE-2021-41773 - https://github.com/5gstudent/cve-2021-41773-and-cve-2021-42013 CVE-2021-41773 - https://github.com/ARPSyndicate/cvemon CVE-2021-41773 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-41773 - https://github.com/AkshayraviC09YC47/CVE-Exploits +CVE-2021-41773 - https://github.com/AssassinUKG/CVE-2021-41773 +CVE-2021-41773 - https://github.com/BabyTeam1024/CVE-2021-41773 +CVE-2021-41773 - https://github.com/Balgogan/CVE-2021-41773 +CVE-2021-41773 - https://github.com/BlueTeamSteve/CVE-2021-41773 +CVE-2021-41773 - https://github.com/CHYbeta/Vuln100Topics20 +CVE-2021-41773 - https://github.com/ComdeyOverflow/CVE-2021-41773 +CVE-2021-41773 - https://github.com/EagleTube/CVE-2021-41773 +CVE-2021-41773 - https://github.com/FDlucifer/firece-fish CVE-2021-41773 - https://github.com/H0j3n/EzpzCheatSheet CVE-2021-41773 - https://github.com/H0j3n/EzpzShell +CVE-2021-41773 - https://github.com/HightechSec/scarce-apache2 +CVE-2021-41773 - https://github.com/HxDDD/CVE-PoC +CVE-2021-41773 - https://github.com/Hydragyrum/CVE-2021-41773-Playground +CVE-2021-41773 - https://github.com/IcmpOff/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution-Exploit +CVE-2021-41773 - https://github.com/LayarKacaSiber/CVE-2021-41773 +CVE-2021-41773 - https://github.com/LetouRaphael/Poc-CVE-2021-41773 +CVE-2021-41773 - https://github.com/Ls4ss/CVE-2021-41773_CVE-2021-42013 +CVE-2021-41773 - https://github.com/LudovicPatho/CVE-2021-41773 +CVE-2021-41773 - https://github.com/MazX0p/CVE-2021-41773 CVE-2021-41773 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-41773 - https://github.com/MrCl0wnLab/SimplesApachePathTraversal CVE-2021-41773 - https://github.com/N0el4kLs/Vulhub_Exp +CVE-2021-41773 - https://github.com/PentesterGuruji/CVE-2021-41773 +CVE-2021-41773 - https://github.com/RyouYoo/CVE-2021-41773 +CVE-2021-41773 - https://github.com/Sakura-nee/CVE-2021-41773 +CVE-2021-41773 - https://github.com/Shadow-warrior0/Apache_path_traversal +CVE-2021-41773 - https://github.com/TAI-REx/cve-2021-41773-nse +CVE-2021-41773 - https://github.com/TheLastVvV/CVE-2021-41773 +CVE-2021-41773 - https://github.com/TishcaTpx/POC-CVE-2021-41773 +CVE-2021-41773 - https://github.com/Vulnmachines/cve-2021-41773 +CVE-2021-41773 - https://github.com/Zeop-CyberSec/apache_normalize_path +CVE-2021-41773 - https://github.com/ZephrFish/CVE-2021-41773-PoC +CVE-2021-41773 - https://github.com/ahmad4fifz/CVE-2021-41773 +CVE-2021-41773 - https://github.com/ahmad4fifz/CVE-2021-42013 +CVE-2021-41773 - https://github.com/apapedulimu/Apachuk +CVE-2021-41773 - https://github.com/b1tsec/CVE-2021-41773 CVE-2021-41773 - https://github.com/binganao/vulns-2022 +CVE-2021-41773 - https://github.com/blasty/CVE-2021-41773 +CVE-2021-41773 - https://github.com/byteofjoshua/CVE-2021-41773 +CVE-2021-41773 - https://github.com/capdegarde/apache_path_traversal +CVE-2021-41773 - https://github.com/cgddgc/CVE-2021-41773-42013 CVE-2021-41773 - https://github.com/cisagov/Malcolm +CVE-2021-41773 - https://github.com/cloudbyteelias/CVE-2021-41773 +CVE-2021-41773 - https://github.com/corelight/CVE-2021-41773 +CVE-2021-41773 - https://github.com/creadpag/CVE-2021-41773-POC CVE-2021-41773 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups +CVE-2021-41773 - https://github.com/fnatalucci/CVE-2021-41773-RCE +CVE-2021-41773 - https://github.com/habibiefaried/CVE-2021-41773-PoC CVE-2021-41773 - https://github.com/hackingyseguridad/nmap +CVE-2021-41773 - https://github.com/htrgouvea/research +CVE-2021-41773 - https://github.com/iilegacyyii/PoC-CVE-2021-41773 +CVE-2021-41773 - https://github.com/im-hanzou/apachrot +CVE-2021-41773 - https://github.com/inbug-team/CVE-2021-41773_CVE-2021-42013 +CVE-2021-41773 - https://github.com/itsecurityco/CVE-2021-41773 +CVE-2021-41773 - https://github.com/jbovet/CVE-2021-41773 +CVE-2021-41773 - https://github.com/jheeree/Simple-CVE-2021-41773-checker +CVE-2021-41773 - https://github.com/justakazh/mass_cve-2021-41773 +CVE-2021-41773 - https://github.com/knqyf263/CVE-2021-41773 +CVE-2021-41773 - https://github.com/ksanchezcld/httpd-2.4.49 +CVE-2021-41773 - https://github.com/kubota/POC-CVE-2021-41773 +CVE-2021-41773 - https://github.com/lopqto/CVE-2021-41773_Honeypot +CVE-2021-41773 - https://github.com/lorddemon/CVE-2021-41773-PoC CVE-2021-41773 - https://github.com/ltfafei/my_POC CVE-2021-41773 - https://github.com/luck-ying/Library-POC +CVE-2021-41773 - https://github.com/m96dg/vulnerable_docker_apache_2_4_49 +CVE-2021-41773 - https://github.com/mahtin/unix-v7-uucp-chkpth-bug +CVE-2021-41773 - https://github.com/masahiro331/CVE-2021-41773 +CVE-2021-41773 - https://github.com/mohwahyudi/cve-2021-41773 +CVE-2021-41773 - https://github.com/mr-exo/CVE-2021-41773 +CVE-2021-41773 - https://github.com/n3k00n3/CVE-2021-41773 CVE-2021-41773 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-41773 - https://github.com/numanturle/CVE-2021-41773 +CVE-2021-41773 - https://github.com/pisut4152/Sigma-Rule-for-CVE-2021-41773-and-CVE-2021-42013-exploitation-attempt +CVE-2021-41773 - https://github.com/qwutony/CVE-2021-41773 +CVE-2021-41773 - https://github.com/r00tVen0m/CVE-2021-41773 +CVE-2021-41773 - https://github.com/ranggaggngntt/CVE-2021-41773 +CVE-2021-41773 - https://github.com/scarmandef/CVE-2021-41773 +CVE-2021-41773 - https://github.com/shellreaper/CVE-2021-41773 +CVE-2021-41773 - https://github.com/signorrayan/RedTeam_toolkit CVE-2021-41773 - https://github.com/superfish9/pt +CVE-2021-41773 - https://github.com/superzerosec/CVE-2021-41773 +CVE-2021-41773 - https://github.com/theLSA/apache-httpd-path-traversal-checker +CVE-2021-41773 - https://github.com/twseptian/CVE-2021-41773 +CVE-2021-41773 - https://github.com/twseptian/CVE-2021-42013-Docker-Lab +CVE-2021-41773 - https://github.com/vida00/Scanner-CVE-2021-41773 +CVE-2021-41773 - https://github.com/vinhjaxt/CVE-2021-41773-exploit +CVE-2021-41773 - https://github.com/vulf/CVE-2021-41773_42013 +CVE-2021-41773 - https://github.com/walnutsecurity/cve-2021-41773 CVE-2021-41773 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +CVE-2021-41773 - https://github.com/wolf1892/CVE-2021-41773 +CVE-2021-41773 - https://github.com/xMohamed0/CVE-2021-41773 +CVE-2021-41773 - https://github.com/zeronine9/CVE-2021-41773 CVE-2021-4179 - https://github.com/OpenGitLab/Bug-Storage CVE-2021-41816 - https://github.com/lifeparticle/Ruby-Cheatsheet CVE-2021-41817 - https://github.com/lifeparticle/Ruby-Cheatsheet CVE-2021-41819 - https://github.com/lifeparticle/Ruby-Cheatsheet CVE-2021-41822 - https://github.com/ARPSyndicate/cvemon +CVE-2021-41822 - https://github.com/badboycxcc/CVE-2021-41822 CVE-2021-41822 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-41826 - https://github.com/ARPSyndicate/cvemon CVE-2021-41826 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-41869 - https://github.com/ach-ing/cves CVE-2021-41878 - https://github.com/ARPSyndicate/cvemon CVE-2021-41878 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-41951 - https://github.com/0x0021h/expbox CVE-2021-41951 - https://github.com/ARPSyndicate/cvemon CVE-2021-41951 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-41962 - https://github.com/ARPSyndicate/cvemon @@ -40350,19 +44788,58 @@ CVE-2021-42008 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42008 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-42008 - https://github.com/xairy/linux-kernel-exploitation CVE-2021-42013 - https://github.com/0day666/Vulnerability-verification +CVE-2021-42013 - https://github.com/5gstudent/cve-2021-41773-and-cve-2021-42013 CVE-2021-42013 - https://github.com/ARPSyndicate/cvemon CVE-2021-42013 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-42013 - https://github.com/CHYbeta/Vuln100Topics20 +CVE-2021-42013 - https://github.com/FDlucifer/firece-fish CVE-2021-42013 - https://github.com/H0j3n/EzpzCheatSheet CVE-2021-42013 - https://github.com/H0j3n/EzpzShell +CVE-2021-42013 - https://github.com/Hydragyrum/CVE-2021-41773-Playground +CVE-2021-42013 - https://github.com/IcmpOff/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution-Exploit +CVE-2021-42013 - https://github.com/LayarKacaSiber/CVE-2021-42013 +CVE-2021-42013 - https://github.com/Ls4ss/CVE-2021-41773_CVE-2021-42013 CVE-2021-42013 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-42013 - https://github.com/MrCl0wnLab/SimplesApachePathTraversal +CVE-2021-42013 - https://github.com/Shadow-warrior0/Apache_path_traversal +CVE-2021-42013 - https://github.com/TheLastVvV/CVE-2021-42013 +CVE-2021-42013 - https://github.com/TheLastVvV/CVE-2021-42013_Reverse-Shell +CVE-2021-42013 - https://github.com/Vulnmachines/cve-2021-42013 +CVE-2021-42013 - https://github.com/Zeop-CyberSec/apache_normalize_path +CVE-2021-42013 - https://github.com/ahmad4fifz/CVE-2021-41773 +CVE-2021-42013 - https://github.com/ahmad4fifz/CVE-2021-42013 +CVE-2021-42013 - https://github.com/andrea-mattioli/apache-exploit-CVE-2021-42013 +CVE-2021-42013 - https://github.com/corelight/CVE-2021-41773 CVE-2021-42013 - https://github.com/ibrahimetecicek/Advent-of-Cyber-3-2021- +CVE-2021-42013 - https://github.com/im-hanzou/apachrot +CVE-2021-42013 - https://github.com/inbug-team/CVE-2021-41773_CVE-2021-42013 +CVE-2021-42013 - https://github.com/ksanchezcld/httpd-2.4.49 CVE-2021-42013 - https://github.com/ltfafei/my_POC +CVE-2021-42013 - https://github.com/mr-exo/CVE-2021-41773 CVE-2021-42013 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-42013 - https://github.com/pisut4152/Sigma-Rule-for-CVE-2021-41773-and-CVE-2021-42013-exploitation-attempt +CVE-2021-42013 - https://github.com/robotsense1337/CVE-2021-42013 +CVE-2021-42013 - https://github.com/theLSA/apache-httpd-path-traversal-checker +CVE-2021-42013 - https://github.com/twseptian/CVE-2021-41773 +CVE-2021-42013 - https://github.com/twseptian/CVE-2021-42013-Docker-Lab +CVE-2021-42013 - https://github.com/vulf/CVE-2021-41773_42013 +CVE-2021-42013 - https://github.com/walnutsecurity/cve-2021-42013 CVE-2021-42013 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +CVE-2021-42013 - https://github.com/xMohamed0/CVE-2021-42013-ApacheRCE CVE-2021-42071 - https://github.com/ARPSyndicate/cvemon CVE-2021-42071 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42073 - https://github.com/superfish9/pt +CVE-2021-42114 - https://github.com/agathanon/vuldb-sync CVE-2021-42114 - https://github.com/codexlynx/hardware-attacks-state-of-the-art +CVE-2021-42115 - https://github.com/sixgroup-security/CVE +CVE-2021-42116 - https://github.com/sixgroup-security/CVE +CVE-2021-42117 - https://github.com/sixgroup-security/CVE +CVE-2021-42118 - https://github.com/sixgroup-security/CVE +CVE-2021-42119 - https://github.com/sixgroup-security/CVE +CVE-2021-42120 - https://github.com/sixgroup-security/CVE +CVE-2021-42121 - https://github.com/sixgroup-security/CVE +CVE-2021-42122 - https://github.com/sixgroup-security/CVE +CVE-2021-42123 - https://github.com/sixgroup-security/CVE CVE-2021-42237 - https://github.com/ARPSyndicate/cvemon CVE-2021-42237 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-42237 - https://github.com/PinkDev1/CVE-2021-42237 @@ -40371,6 +44848,7 @@ CVE-2021-42254 - https://github.com/RonnieSalomonsen/My-CVEs CVE-2021-42258 - https://github.com/ARPSyndicate/cvemon CVE-2021-42258 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-42261 - https://github.com/ARPSyndicate/cvemon +CVE-2021-42261 - https://github.com/jet-pentest/CVE-2021-42261 CVE-2021-42261 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42261 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-42276 - https://github.com/googleprojectzero/winafl @@ -40378,10 +44856,12 @@ CVE-2021-42278 - https://github.com/0xsyr0/OSCP CVE-2021-42278 - https://github.com/ARPSyndicate/cvemon CVE-2021-42278 - https://github.com/Ascotbe/Kernelhub CVE-2021-42278 - https://github.com/H0j3n/EzpzCheatSheet +CVE-2021-42278 - https://github.com/Ignitetechnologies/Windows-Privilege-Escalation CVE-2021-42278 - https://github.com/Jean-Francois-C/Windows-Penetration-Testing CVE-2021-42278 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2021-42278 - https://github.com/Qazeer/OffensivePythonPipeline CVE-2021-42278 - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet +CVE-2021-42278 - https://github.com/YossiSassi/hAcKtive-Directory-Forensics CVE-2021-42278 - https://github.com/ihebski/A-Red-Teamer-diaries CVE-2021-42278 - https://github.com/infosecn1nja/AD-Attack-Defense CVE-2021-42278 - https://github.com/mdecrevoisier/EVTX-to-MITRE-Attack @@ -40406,6 +44886,7 @@ CVE-2021-42287 - https://github.com/H0j3n/EzpzCheatSheet CVE-2021-42287 - https://github.com/Jean-Francois-C/Windows-Penetration-Testing CVE-2021-42287 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2021-42287 - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet +CVE-2021-42287 - https://github.com/YossiSassi/hAcKtive-Directory-Forensics CVE-2021-42287 - https://github.com/ihebski/A-Red-Teamer-diaries CVE-2021-42287 - https://github.com/infosecn1nja/AD-Attack-Defense CVE-2021-42287 - https://github.com/mishmashclone/infosecn1nja-AD-Attack-Defense @@ -40420,6 +44901,7 @@ CVE-2021-42291 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42291 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2021-42292 - https://github.com/ARPSyndicate/cvemon CVE-2021-42292 - https://github.com/cisagov/Malcolm +CVE-2021-42292 - https://github.com/corelight/CVE-2021-42292 CVE-2021-42292 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42292 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-42301 - https://github.com/szymonh/szymonh @@ -40428,7 +44910,10 @@ CVE-2021-42303 - https://github.com/szymonh/szymonh CVE-2021-42304 - https://github.com/szymonh/szymonh CVE-2021-42305 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42306 - https://github.com/SummitRoute/csp_security_mistakes +CVE-2021-42321 - https://github.com/0x0021h/expbox CVE-2021-42321 - https://github.com/ARPSyndicate/cvemon +CVE-2021-42321 - https://github.com/DarkSprings/CVE-2021-42321 +CVE-2021-42321 - https://github.com/FDlucifer/Proxy-Attackchain CVE-2021-42321 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2021-42321 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42321 - https://github.com/p1ay8y3ar/cve_monitor @@ -40437,11 +44922,14 @@ CVE-2021-42323 - https://github.com/szymonh/szymonh CVE-2021-42325 - https://github.com/ARPSyndicate/cvemon CVE-2021-42325 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42327 - https://github.com/ARPSyndicate/cvemon +CVE-2021-42327 - https://github.com/docfate111/CVE-2021-42327 CVE-2021-42327 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42327 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-42327 - https://github.com/xairy/linux-kernel-exploitation +CVE-2021-42340 - https://github.com/PalindromeLabs/awesome-websocket-security CVE-2021-42342 - https://github.com/ARPSyndicate/cvemon CVE-2021-42342 - https://github.com/binganao/vulns-2022 +CVE-2021-42342 - https://github.com/kimusan/goahead-webserver-pre-5.1.5-RCE-PoC-CVE-2021-42342- CVE-2021-42342 - https://github.com/n1sh1th/CVE-POC CVE-2021-42342 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42342 - https://github.com/p1ay8y3ar/cve_monitor @@ -40453,6 +44941,8 @@ CVE-2021-42392 - https://github.com/cuspycode/jpa-crypt CVE-2021-42392 - https://github.com/cuspycode/jpa-ddl CVE-2021-42392 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42392 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-42544 - https://github.com/sixgroup-security/CVE +CVE-2021-42545 - https://github.com/sixgroup-security/CVE CVE-2021-42550 - https://github.com/Dokyeongyun/SW_Knowledge CVE-2021-42550 - https://github.com/GGongnanE/TodayILearned CVE-2021-42550 - https://github.com/HynekPetrak/log4shell-finder @@ -40469,41 +44959,63 @@ CVE-2021-42566 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-42567 - https://github.com/ARPSyndicate/cvemon CVE-2021-42567 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-42574 - https://github.com/ARPSyndicate/cvemon +CVE-2021-42574 - https://github.com/buckley-w-david/trojan-source +CVE-2021-42574 - https://github.com/burberius/trojan-source-maven-plugin +CVE-2021-42574 - https://github.com/hffaust/CVE-2021-42574_and_CVE-2021-42694 +CVE-2021-42574 - https://github.com/js-on/CVE-2021-42574 CVE-2021-42574 - https://github.com/kaosagnt/ansible-everyday +CVE-2021-42574 - https://github.com/m1dsummer/AD-2021 +CVE-2021-42574 - https://github.com/maweil/bidi_char_detector CVE-2021-42574 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42574 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-42574 - https://github.com/pierDipi/unicode-control-characters-action +CVE-2021-42574 - https://github.com/shiomiyan/CVE-2021-42574 CVE-2021-42592 - https://github.com/Zeyad-Azima/Zeyad-Azima CVE-2021-42593 - https://github.com/Zeyad-Azima/Zeyad-Azima CVE-2021-42662 - https://github.com/ARPSyndicate/cvemon +CVE-2021-42662 - https://github.com/TheHackingRabbi/CVE-2021-42662 +CVE-2021-42662 - https://github.com/TheHackingRabbi/CVE-2021-42663 CVE-2021-42662 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42663 - https://github.com/ARPSyndicate/cvemon +CVE-2021-42663 - https://github.com/TheHackingRabbi/CVE-2021-42663 CVE-2021-42663 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42663 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-42664 - https://github.com/ARPSyndicate/cvemon +CVE-2021-42664 - https://github.com/TheHackingRabbi/CVE-2021-42664 CVE-2021-42664 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42665 - https://github.com/ARPSyndicate/cvemon +CVE-2021-42665 - https://github.com/TheHackingRabbi/CVE-2021-42665 CVE-2021-42665 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42666 - https://github.com/ARPSyndicate/cvemon +CVE-2021-42666 - https://github.com/TheHackingRabbi/CVE-2021-42666 CVE-2021-42666 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42667 - https://github.com/ARPSyndicate/cvemon +CVE-2021-42667 - https://github.com/TheHackingRabbi/CVE-2021-42667 CVE-2021-42667 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42667 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-42668 - https://github.com/ARPSyndicate/cvemon +CVE-2021-42668 - https://github.com/TheHackingRabbi/CVE-2021-42668 CVE-2021-42668 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42668 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-42669 - https://github.com/ARPSyndicate/cvemon +CVE-2021-42669 - https://github.com/TheHackingRabbi/CVE-2021-42669 CVE-2021-42669 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42669 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-42670 - https://github.com/ARPSyndicate/cvemon +CVE-2021-42670 - https://github.com/TheHackingRabbi/CVE-2021-42670 CVE-2021-42670 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42670 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-42671 - https://github.com/ARPSyndicate/cvemon +CVE-2021-42671 - https://github.com/TheHackingRabbi/CVE-2021-42671 CVE-2021-42671 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42671 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-42694 - https://github.com/ARPSyndicate/cvemon +CVE-2021-42694 - https://github.com/hffaust/CVE-2021-42574_and_CVE-2021-42694 +CVE-2021-42694 - https://github.com/js-on/CVE-2021-42694 CVE-2021-42694 - https://github.com/kaosagnt/ansible-everyday CVE-2021-42694 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-42694 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-42694 - https://github.com/pierDipi/unicode-control-characters-action CVE-2021-42711 - https://github.com/RonnieSalomonsen/My-CVEs CVE-2021-42712 - https://github.com/RonnieSalomonsen/My-CVEs CVE-2021-42713 - https://github.com/RonnieSalomonsen/My-CVEs @@ -40518,11 +45030,15 @@ CVE-2021-42840 - https://github.com/ARPSyndicate/cvemon CVE-2021-42913 - https://github.com/ARPSyndicate/cvemon CVE-2021-42913 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-43032 - https://github.com/ARPSyndicate/cvemon +CVE-2021-43032 - https://github.com/SakuraSamuraii/CVE-2021-43032 CVE-2021-43032 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-43032 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-43137 - https://github.com/dn0m1n8tor/dn0m1n8tor CVE-2021-43140 - https://github.com/ARPSyndicate/cvemon +CVE-2021-43140 - https://github.com/Dir0x/CVE-2021-43140 CVE-2021-43140 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-43141 - https://github.com/ARPSyndicate/cvemon +CVE-2021-43141 - https://github.com/Dir0x/CVE-2021-43141 CVE-2021-43141 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-43141 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-43217 - https://github.com/cttynul/ana @@ -40532,12 +45048,15 @@ CVE-2021-43224 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-43224 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-43224 - https://github.com/ycdxsb/WindowsPrivilegeEscalation CVE-2021-43226 - https://github.com/KaLendsi/CVE-2021-43224-POC +CVE-2021-43267 - https://github.com/0x0021h/expbox CVE-2021-43267 - https://github.com/ARPSyndicate/cvemon CVE-2021-43267 - https://github.com/Al1ex/LinuxEelvation +CVE-2021-43267 - https://github.com/DarkSprings/CVE-2021-43267-POC CVE-2021-43267 - https://github.com/bcoles/kasld CVE-2021-43267 - https://github.com/bsauce/kernel-exploit-factory CVE-2021-43267 - https://github.com/bsauce/kernel-security-learning CVE-2021-43267 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-43267 - https://github.com/ohnonoyesyes/CVE-2021-43267 CVE-2021-43267 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-43267 - https://github.com/xairy/linux-kernel-exploitation CVE-2021-43287 - https://github.com/ARPSyndicate/cvemon @@ -40548,17 +45067,23 @@ CVE-2021-43297 - https://github.com/bitterzzZZ/CVE-2021-43297-POC CVE-2021-43297 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-43297 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-43297 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +CVE-2021-43324 - https://github.com/mikaelkall/0day CVE-2021-43325 - https://github.com/gfoss/CVE-2021-43326_Exploit CVE-2021-43326 - https://github.com/ARPSyndicate/cvemon CVE-2021-43326 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-43361 - https://github.com/ARPSyndicate/cvemon +CVE-2021-43361 - https://github.com/bartutku/CVE-2021-43361 CVE-2021-43361 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-43361 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-43405 - https://github.com/armadill00/-FusionPBX-4.5.29---Remote-Code-Execution-RCE-Authenticated- CVE-2021-43408 - https://github.com/Hacker5preme/Exploits +CVE-2021-43451 - https://github.com/dn0m1n8tor/dn0m1n8tor CVE-2021-43469 - https://github.com/ARPSyndicate/cvemon +CVE-2021-43469 - https://github.com/badboycxcc/CVE-2021-43469 CVE-2021-43469 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-43469 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-43471 - https://github.com/ARPSyndicate/cvemon +CVE-2021-43471 - https://github.com/cxaqhq/CVE-2021-43471 CVE-2021-43471 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-43471 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-43495 - https://github.com/ARPSyndicate/cvemon @@ -40566,16 +45091,21 @@ CVE-2021-43495 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-43496 - https://github.com/ARPSyndicate/cvemon CVE-2021-43496 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-43527 - https://github.com/kaosagnt/ansible-everyday +CVE-2021-43557 - https://github.com/0x0021h/expbox CVE-2021-43557 - https://github.com/ARPSyndicate/cvemon CVE-2021-43557 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-43557 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-43557 - https://github.com/xvnpw/k8s-CVE-2021-43557-poc CVE-2021-43616 - https://github.com/ARPSyndicate/cvemon +CVE-2021-43616 - https://github.com/icatalina/CVE-2021-43616 CVE-2021-43616 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-43616 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-43617 - https://github.com/ARPSyndicate/cvemon +CVE-2021-43617 - https://github.com/kombat1/CVE-2021-43617 CVE-2021-43617 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-43617 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-43679 - https://github.com/pen4uin/vulnerability-lab +CVE-2021-43778 - https://github.com/AK-blank/CVE-2021-43778 CVE-2021-43778 - https://github.com/ARPSyndicate/cvemon CVE-2021-43778 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-43778 - https://github.com/d-rn/vulBox @@ -40594,6 +45124,7 @@ CVE-2021-43798 - https://github.com/d-rn/vulBox CVE-2021-43798 - https://github.com/harsh-bothra/learn365 CVE-2021-43798 - https://github.com/n1sh1th/CVE-POC CVE-2021-43798 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-43798 - https://github.com/salvador-arreola/prometheus-grafana-telegram-k8s CVE-2021-43798 - https://github.com/taielab/awesome-hacking-lists CVE-2021-43798 - https://github.com/tanjiti/sec_profile CVE-2021-43798 - https://github.com/woods-sega/woodswiki @@ -40620,9 +45151,12 @@ CVE-2021-43858 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-43858 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-43859 - https://github.com/r00t4dm/r00t4dm CVE-2021-43860 - https://github.com/Karneades/awesome-vulnerabilities +CVE-2021-43883 - https://github.com/0x727/usefull-elevation-of-privilege CVE-2021-43883 - https://github.com/0xsyr0/OSCP CVE-2021-43883 - https://github.com/ARPSyndicate/cvemon CVE-2021-43883 - https://github.com/Ascotbe/Kernelhub +CVE-2021-43883 - https://github.com/Octoberfest7/Tools +CVE-2021-43883 - https://github.com/klinix5/InstallerFileTakeOver CVE-2021-43883 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-43883 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-43883 - https://github.com/ycdxsb/WindowsPrivilegeEscalation @@ -40648,8 +45182,10 @@ CVE-2021-44140 - https://github.com/pen4uin/vulnerability-lab CVE-2021-44142 - https://github.com/backloop-biz/CVE_checks CVE-2021-44149 - https://github.com/f-secure-foundry/advisories CVE-2021-44217 - https://github.com/ARPSyndicate/cvemon +CVE-2021-44217 - https://github.com/Hyperkopite/CVE-2021-44217 CVE-2021-44217 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-44217 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-44223 - https://github.com/vavkamil/wp-update-confusion CVE-2021-44228 - https://github.com/0xsyr0/OSCP CVE-2021-44228 - https://github.com/ARPSyndicate/cvemon CVE-2021-44228 - https://github.com/ARPSyndicate/kenzer-templates @@ -40662,21 +45198,26 @@ CVE-2021-44228 - https://github.com/ClaudeStabile/PadeOpenfireDockerMode CVE-2021-44228 - https://github.com/CobbleSword/NachoSpigot CVE-2021-44228 - https://github.com/Cosmo-Tech/azure-digital-twins-simulator-connector CVE-2021-44228 - https://github.com/CptOfEvilMinions/ChooseYourSIEMAdventure +CVE-2021-44228 - https://github.com/Diablo5G/Certification-Prep CVE-2021-44228 - https://github.com/Dmitriy-area51/Exploit CVE-2021-44228 - https://github.com/Fantantonio/UNIVR-FSP-2022-Project CVE-2021-44228 - https://github.com/FeryaelJustice/Log4Shell CVE-2021-44228 - https://github.com/FraunhoferIOSB/FROST-Server CVE-2021-44228 - https://github.com/FunnyWolf/Viper CVE-2021-44228 - https://github.com/Goqi/ELong +CVE-2021-44228 - https://github.com/GreenDelta/search-wrapper-es-rest CVE-2021-44228 - https://github.com/H0j3n/EzpzCheatSheet CVE-2021-44228 - https://github.com/HackJava/Log4j2 +CVE-2021-44228 - https://github.com/HaveFun83/awesome-stars CVE-2021-44228 - https://github.com/HynekPetrak/log4shell-finder CVE-2021-44228 - https://github.com/J0B10/Minzomat CVE-2021-44228 - https://github.com/J0B10/Voteban CVE-2021-44228 - https://github.com/Jean-Francois-C/Windows-Penetration-Testing +CVE-2021-44228 - https://github.com/KONNEKTIO/konnekt-docs CVE-2021-44228 - https://github.com/Log4s/log4s CVE-2021-44228 - https://github.com/MedKH1684/Log4j-Vulnerability-Exploitation CVE-2021-44228 - https://github.com/Mr-xn/Penetration_Testing_POC +CVE-2021-44228 - https://github.com/NUMde/compass-num-conformance-checker CVE-2021-44228 - https://github.com/Neo23x0/log4shell-detector CVE-2021-44228 - https://github.com/NiftyBank/java-app CVE-2021-44228 - https://github.com/OsiriX-Foundation/karnak @@ -40684,6 +45225,7 @@ CVE-2021-44228 - https://github.com/OtherDevOpsGene/kubernetes-security-tools CVE-2021-44228 - https://github.com/PAXSTORE/paxstore-openapi-java-sdk CVE-2021-44228 - https://github.com/Qualys/log4jscanwin CVE-2021-44228 - https://github.com/R0Wi/elasticsearch-nextcloud-docker +CVE-2021-44228 - https://github.com/RADIUS-as-a-Service/radiusaas-docs CVE-2021-44228 - https://github.com/Staubgeborener/stars CVE-2021-44228 - https://github.com/Taipo/pareto_security CVE-2021-44228 - https://github.com/adelarsq/awesome-bugs @@ -40691,6 +45233,7 @@ CVE-2021-44228 - https://github.com/adriacabeza/personal-stars CVE-2021-44228 - https://github.com/alastria/alastria-node-besu CVE-2021-44228 - https://github.com/allegroai/clearml-server CVE-2021-44228 - https://github.com/angristan/awesome-stars +CVE-2021-44228 - https://github.com/asterinwl/elastic_search CVE-2021-44228 - https://github.com/awslabs/jndi-deobfuscate-python CVE-2021-44228 - https://github.com/b1n4ryj4n/awesome-stars CVE-2021-44228 - https://github.com/baobaovt/CodeReviewLab @@ -40712,6 +45255,7 @@ CVE-2021-44228 - https://github.com/dileepdkumar/https-github.com-cisagov-log4j- CVE-2021-44228 - https://github.com/docker-solr/docker-solr CVE-2021-44228 - https://github.com/druminik/log4shell-poc CVE-2021-44228 - https://github.com/eclipse-archived/kuksa.integration +CVE-2021-44228 - https://github.com/eclipse-scout/scout.rt CVE-2021-44228 - https://github.com/eromang/researches CVE-2021-44228 - https://github.com/eventsentry/scripts CVE-2021-44228 - https://github.com/factoidforrest/homepage @@ -40722,15 +45266,18 @@ CVE-2021-44228 - https://github.com/getsentry/sentry-java CVE-2021-44228 - https://github.com/git-bom/bomsh CVE-2021-44228 - https://github.com/goofball222/unifi CVE-2021-44228 - https://github.com/gredler/aegis4j +CVE-2021-44228 - https://github.com/guerzon/guerzon CVE-2021-44228 - https://github.com/hex0wn/learn-java-bug CVE-2021-44228 - https://github.com/hotpotcookie/lol4j-white-box CVE-2021-44228 - https://github.com/hypertrace/hypertrace CVE-2021-44228 - https://github.com/idmengineering/handy_stuff CVE-2021-44228 - https://github.com/imTigger/webapp-hardware-bridge +CVE-2021-44228 - https://github.com/insignit/cve-informatie CVE-2021-44228 - https://github.com/integralads/dependency-deep-scan-utilities CVE-2021-44228 - https://github.com/irrer/DICOMClient CVE-2021-44228 - https://github.com/jacobalberty/unifi-docker CVE-2021-44228 - https://github.com/jaspervanderhoek/MicroflowScheduledEventManager +CVE-2021-44228 - https://github.com/jaygooby/jaygooby CVE-2021-44228 - https://github.com/jbautistamartin/Log4ShellEjemplo CVE-2021-44228 - https://github.com/justb4/docker-jmeter CVE-2021-44228 - https://github.com/kdgregory/log4j-aws-appenders @@ -40745,6 +45292,7 @@ CVE-2021-44228 - https://github.com/localstack/localstack-java-utils CVE-2021-44228 - https://github.com/logpresso/CVE-2021-44228-Scanner CVE-2021-44228 - https://github.com/lucab85/ansible-role-log4shell CVE-2021-44228 - https://github.com/lucab85/log4j-cve-2021-44228 +CVE-2021-44228 - https://github.com/lukibahr/unifi-controller-helm-chart CVE-2021-44228 - https://github.com/mark-5-9/mark59 CVE-2021-44228 - https://github.com/mark-5-9/mark59-wip CVE-2021-44228 - https://github.com/maxgfr/awesome-stars @@ -40765,12 +45313,14 @@ CVE-2021-44228 - https://github.com/nroduit/Weasis CVE-2021-44228 - https://github.com/ochrance-cz/web CVE-2021-44228 - https://github.com/open-source-agenda/new-open-source-projects CVE-2021-44228 - https://github.com/petebuffon/launcher-ot-minecraft +CVE-2021-44228 - https://github.com/pg0123/writeups CVE-2021-44228 - https://github.com/phax/ph-oton CVE-2021-44228 - https://github.com/phax/phase4 CVE-2021-44228 - https://github.com/phax/phoss-directory CVE-2021-44228 - https://github.com/promregator/promregator CVE-2021-44228 - https://github.com/pvnovarese/2022-02-enterprise-demo CVE-2021-44228 - https://github.com/quoll/mulgara +CVE-2021-44228 - https://github.com/racke/ansible-role-solr CVE-2021-44228 - https://github.com/rod4n4m1/hashi-vault-js CVE-2021-44228 - https://github.com/romeolibm/DBWorkloadProcessor CVE-2021-44228 - https://github.com/schnatterer/smeagol-galore @@ -40789,10 +45339,12 @@ CVE-2021-44228 - https://github.com/thl-cmk/CVE-log4j-check_mk-plugin CVE-2021-44228 - https://github.com/tmax-cloud/install-EFK CVE-2021-44228 - https://github.com/tslenter/RSX-RSC CVE-2021-44228 - https://github.com/typelevel/log4cats +CVE-2021-44228 - https://github.com/uli-heller/spring-boot-logback CVE-2021-44228 - https://github.com/vdenotaris/spring-boot-security-saml-sample CVE-2021-44228 - https://github.com/vendia/blog CVE-2021-44228 - https://github.com/veo/vscan CVE-2021-44228 - https://github.com/vorburger/Learning-Log4j2 +CVE-2021-44228 - https://github.com/wanetty/wanetty.github.io CVE-2021-44228 - https://github.com/watson-developer-cloud/assistant-with-discovery CVE-2021-44228 - https://github.com/wavefrontHQ/wavefront-proxy CVE-2021-44228 - https://github.com/whalehub/awesome-stars @@ -40802,9 +45354,11 @@ CVE-2021-44228 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC CVE-2021-44228 - https://github.com/zlatinb/mucats CVE-2021-44270 - https://github.com/ARPSyndicate/cvemon CVE-2021-44270 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-44270 - https://github.com/pinpinsec/Anviz-Access-Control-Authentication-Bypass CVE-2021-4428 - https://github.com/ARPSyndicate/cvemon CVE-2021-4428 - https://github.com/kward/log4sh CVE-2021-4428 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-44352 - https://github.com/zhlu32/cve CVE-2021-4438 - https://github.com/ARPSyndicate/cvemon CVE-2021-4438 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-44427 - https://github.com/ARPSyndicate/cvemon @@ -40852,6 +45406,7 @@ CVE-2021-44832 - https://github.com/tmax-cloud/install-EFK CVE-2021-44832 - https://github.com/whitesource/log4j-detect-distribution CVE-2021-44848 - https://github.com/ARPSyndicate/cvemon CVE-2021-44848 - https://github.com/ARPSyndicate/kenzer-templates +CVE-2021-44864 - https://github.com/zhlu32/cve CVE-2021-44974 - https://github.com/0xShad3/vulnerabilities CVE-2021-44975 - https://github.com/0xShad3/vulnerabilities CVE-2021-45007 - https://github.com/nomi-sec/PoC-in-GitHub @@ -40869,8 +45424,10 @@ CVE-2021-45046 - https://github.com/ARPSyndicate/cvemon CVE-2021-45046 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-45046 - https://github.com/Awisefew/Lof4j CVE-2021-45046 - https://github.com/CptOfEvilMinions/ChooseYourSIEMAdventure +CVE-2021-45046 - https://github.com/Diablo5G/Certification-Prep CVE-2021-45046 - https://github.com/HackJava/Log4j2 CVE-2021-45046 - https://github.com/HynekPetrak/log4shell-finder +CVE-2021-45046 - https://github.com/NUMde/compass-num-conformance-checker CVE-2021-45046 - https://github.com/NiftyBank/java-app CVE-2021-45046 - https://github.com/Qualys/log4jscanwin CVE-2021-45046 - https://github.com/Staubgeborener/stars @@ -40885,9 +45442,11 @@ CVE-2021-45046 - https://github.com/docker-solr/docker-solr CVE-2021-45046 - https://github.com/eventsentry/scripts CVE-2021-45046 - https://github.com/hypertrace/hypertrace CVE-2021-45046 - https://github.com/imTigger/webapp-hardware-bridge +CVE-2021-45046 - https://github.com/insignit/cve-informatie CVE-2021-45046 - https://github.com/integralads/dependency-deep-scan-utilities CVE-2021-45046 - https://github.com/jacobalberty/unifi-docker CVE-2021-45046 - https://github.com/justb4/docker-jmeter +CVE-2021-45046 - https://github.com/kdpuvvadi/Omada-Ansible CVE-2021-45046 - https://github.com/logpresso/CVE-2021-44228-Scanner CVE-2021-45046 - https://github.com/mergebase/csv-compare CVE-2021-45046 - https://github.com/nlmaca/Wowza_Installers @@ -40903,6 +45462,7 @@ CVE-2021-45046 - https://github.com/tmax-cloud/install-EFK CVE-2021-45046 - https://github.com/whalehub/awesome-stars CVE-2021-45046 - https://github.com/whitesource-ps/ws-bulk-report-generator CVE-2021-45046 - https://github.com/whitesource/log4j-detect-distribution +CVE-2021-45078 - https://github.com/fluidattacks/makes CVE-2021-45092 - https://github.com/ARPSyndicate/cvemon CVE-2021-45092 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-45096 - https://github.com/dawid-czarnecki/public-vulnerabilities @@ -40935,12 +45495,14 @@ CVE-2021-45105 - https://github.com/tmax-cloud/install-EFK CVE-2021-45105 - https://github.com/watson-developer-cloud/assistant-with-discovery CVE-2021-45105 - https://github.com/whalehub/awesome-stars CVE-2021-45105 - https://github.com/whitesource/log4j-detect-distribution +CVE-2021-45232 - https://github.com/0x0021h/expbox CVE-2021-45232 - https://github.com/ARPSyndicate/cvemon CVE-2021-45232 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-45232 - https://github.com/Mr-xn/Penetration_Testing_POC CVE-2021-45232 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-45232 - https://github.com/p1ay8y3ar/cve_monitor CVE-2021-45232 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +CVE-2021-45268 - https://github.com/V1n1v131r4/CSRF-to-RCE-on-Backdrop-CMS CVE-2021-45268 - https://github.com/V1n1v131r4/My-CVEs CVE-2021-45380 - https://github.com/ARPSyndicate/cvemon CVE-2021-45380 - https://github.com/ARPSyndicate/kenzer-templates @@ -40973,8 +45535,10 @@ CVE-2021-45897 - https://github.com/binganao/vulns-2022 CVE-2021-45897 - https://github.com/manuelz120/CVE-2021-45897 CVE-2021-45897 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-45897 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-45901 - https://github.com/9lyph/CVE-2021-45901 CVE-2021-45901 - https://github.com/ARPSyndicate/cvemon CVE-2021-45901 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-45903 - https://github.com/ach-ing/cves CVE-2021-45978 - https://github.com/dlehgus1023/CVE CVE-2021-45978 - https://github.com/dlehgus1023/dlehgus1023 CVE-2021-45979 - https://github.com/dlehgus1023/CVE @@ -40986,6 +45550,7 @@ CVE-2021-46005 - https://github.com/ARPSyndicate/kenzer-templates CVE-2021-46005 - https://github.com/binganao/vulns-2022 CVE-2021-46005 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-46005 - https://github.com/p1ay8y3ar/cve_monitor +CVE-2021-46013 - https://github.com/able403/able403 CVE-2021-46067 - https://github.com/ARPSyndicate/cvemon CVE-2021-46067 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2021-46067 - https://github.com/p1ay8y3ar/cve_monitor @@ -41034,6 +45599,8 @@ CVE-2021-46557 - https://github.com/Zeyad-Azima/Zeyad-Azima CVE-2021-46558 - https://github.com/Zeyad-Azima/Zeyad-Azima CVE-2021-6857 - https://github.com/ARPSyndicate/cvemon CVE-2021-6857 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2021-6857 - https://github.com/zi0n8/CVE-2021-6857 +CVE-2021-6901 - https://github.com/mooneee/cve-2021-6901 CVE-2021-9999 - https://github.com/Reach-Z/CVE-2021-9999 CVE-2022-0085 - https://github.com/Haxatron/Haxatron CVE-2022-0086 - https://github.com/Haxatron/Haxatron diff --git a/references.txt b/references.txt index 86a2f0808d..49b20b58a9 100644 --- a/references.txt +++ b/references.txt @@ -14747,7 +14747,14 @@ CVE-2013-2877 - http://seclists.org/fulldisclosure/2014/Dec/23 CVE-2013-2877 - http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html CVE-2013-2924 - http://bugs.icu-project.org/trac/ticket/10318 CVE-2013-2945 - http://packetstormsecurity.com/files/121481/b2evolution-4.1.6-SQL-Injection.html +CVE-2013-3006 - http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 +CVE-2013-3007 - http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 +CVE-2013-3008 - http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 CVE-2013-3009 - http://seclists.org/fulldisclosure/2016/Apr/3 +CVE-2013-3009 - http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 +CVE-2013-3010 - http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 +CVE-2013-3011 - http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 +CVE-2013-3012 - http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 CVE-2013-3050 - http://packetstormsecurity.com/files/121202/ZAPms-1.41-SQL-Injection.html CVE-2013-3050 - http://www.exploit-db.com/exploits/24942 CVE-2013-3067 - https://www.ise.io/research/studies-and-papers/linksys_wrt310v2/ @@ -14920,6 +14927,7 @@ CVE-2013-3962 - http://seclists.org/fulldisclosure/2013/Jun/84 CVE-2013-3963 - http://seclists.org/fulldisclosure/2013/Jun/84 CVE-2013-3964 - http://seclists.org/fulldisclosure/2013/Jun/84 CVE-2013-3969 - http://blog.scrt.ch/2013/06/04/mongodb-rce-by-databasespraying/ +CVE-2013-4002 - http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 CVE-2013-4074 - http://packetstormsecurity.com/files/126848/Wireshark-CAPWAP-Dissector-Denial-Of-Service.html CVE-2013-4091 - http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html CVE-2013-4092 - http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html @@ -22006,6 +22014,8 @@ CVE-2016-0492 - https://www.exploit-db.com/exploits/39852/ CVE-2016-0635 - http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html CVE-2016-0701 - http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html CVE-2016-0701 - https://www.kb.cert.org/vuls/id/257823 +CVE-2016-0702 - https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168 +CVE-2016-0703 - https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168 CVE-2016-0704 - https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168 CVE-2016-0705 - https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168 CVE-2016-0706 - http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html @@ -22046,6 +22056,8 @@ CVE-2016-0793 - http://packetstormsecurity.com/files/136323/Wildfly-Filter-Restr CVE-2016-0793 - https://www.exploit-db.com/exploits/39573/ CVE-2016-0797 - https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168 CVE-2016-0798 - https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168 +CVE-2016-0799 - https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168 +CVE-2016-0800 - https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168 CVE-2016-0800 - https://www.kb.cert.org/vuls/id/583776 CVE-2016-0801 - https://www.exploit-db.com/exploits/39801/ CVE-2016-0823 - http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html @@ -25544,6 +25556,7 @@ CVE-2017-14039 - https://blogs.gentoo.org/ago/2017/08/28/openjpeg-heap-based-buf CVE-2017-14039 - https://github.com/uclouvain/openjpeg/issues/992 CVE-2017-14040 - https://blogs.gentoo.org/ago/2017/08/28/openjpeg-invalid-memory-write-in-tgatoimage-convert-c/ CVE-2017-14041 - https://blogs.gentoo.org/ago/2017/08/28/openjpeg-stack-based-buffer-overflow-write-in-pgxtoimage-convert-c/ +CVE-2017-14041 - https://github.com/uclouvain/openjpeg/issues/997 CVE-2017-14042 - https://blogs.gentoo.org/ago/2017/08/28/graphicsmagick-memory-allocation-failure-in-magickrealloc-memory-c-2/ CVE-2017-14075 - http://packetstormsecurity.com/files/144045/Jungo-DriverWizard-WinDrive-OOB-Write-Privilege-Escalation.html CVE-2017-14075 - https://www.exploit-db.com/exploits/42625/ @@ -25598,11 +25611,13 @@ CVE-2017-14143 - https://www.exploit-db.com/exploits/43876/ CVE-2017-14147 - http://packetstormsecurity.com/files/144022/FiberHome-Unauthenticated-ADSL-Router-Factory-Reset.html CVE-2017-14147 - https://www.exploit-db.com/exploits/42649/ CVE-2017-14151 - https://blogs.gentoo.org/ago/2017/08/16/openjpeg-heap-based-buffer-overflow-in-opj_mqc_flush-mqc-c/ +CVE-2017-14151 - https://github.com/uclouvain/openjpeg/issues/982 CVE-2017-14152 - https://blogs.gentoo.org/ago/2017/08/16/openjpeg-heap-based-buffer-overflow-in-opj_write_bytes_le-cio-c/ CVE-2017-14153 - http://packetstormsecurity.com/files/144046/Jungo-DriverWizard-WinDrive-Overflow.html CVE-2017-14153 - https://www.exploit-db.com/exploits/42624/ CVE-2017-14160 - http://openwall.com/lists/oss-security/2017/09/21/2 CVE-2017-14164 - https://blogs.gentoo.org/ago/2017/09/06/heap-based-buffer-overflow-in-opj_write_bytes_le-cio-c-incomplete-fix-for-cve-2017-14152/ +CVE-2017-14164 - https://github.com/uclouvain/openjpeg/issues/991 CVE-2017-14165 - https://blogs.gentoo.org/ago/2017/09/06/graphicsmagick-memory-allocation-failure-in-magickmalloc-memory-c-2/ CVE-2017-14166 - https://blogs.gentoo.org/ago/2017/09/06/libarchive-heap-based-buffer-overflow-in-xml_data-archive_read_support_format_xar-c/ CVE-2017-14172 - https://github.com/ImageMagick/ImageMagick/issues/715 @@ -25775,6 +25790,7 @@ CVE-2017-14645 - https://blogs.gentoo.org/ago/2017/09/14/bento4-heap-based-buffe CVE-2017-14646 - https://blogs.gentoo.org/ago/2017/09/14/bento4-heap-based-buffer-overflow-in-ap4_databuffersetdata-ap4databuffer-cpp/ CVE-2017-14647 - https://blogs.gentoo.org/ago/2017/09/14/bento4-stack-based-buffer-overflow-in-ap4_visualsampleentryreadfields-ap4sampleentry-cpp/ CVE-2017-14649 - https://blogs.gentoo.org/ago/2017/09/19/graphicsmagick-assertion-failure-in-pixel_cache-c/ +CVE-2017-14650 - https://github.com/horde/horde/commit/eb3afd14c22c77ae0d29e2848f5ac726ef6e7c5b CVE-2017-14651 - https://cybersecurityworks.com/zerodays/cve-2017-14651-wso2.html CVE-2017-14651 - https://github.com/cybersecurityworks/Disclosed/issues/15 CVE-2017-14652 - http://adrianhayter.com/exploits.php @@ -26123,30 +26139,76 @@ CVE-2017-16007 - http://blog.intothesymmetry.com/2017/03/critical-vulnerability- CVE-2017-16013 - https://github.com/hapijs/hapi/issues/3466 CVE-2017-16016 - https://github.com/punkave/sanitize-html/issues/100 CVE-2017-16018 - https://github.com/restify/node-restify/issues/1018 +CVE-2017-16026 - https://github.com/request/request/issues/1904 CVE-2017-16036 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/badjs-sourcemap-server CVE-2017-16037 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/gomeplus-h5-proxy CVE-2017-16039 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/hftp CVE-2017-16083 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/node-simple-router +CVE-2017-16085 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/tinyserver2 +CVE-2017-16093 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/cyber-js CVE-2017-16094 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/iter-http +CVE-2017-16095 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/serverliujiayi1 +CVE-2017-16097 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/tiny-http +CVE-2017-16101 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/serverwg +CVE-2017-16102 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/serverhuwenhui +CVE-2017-16104 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/citypredict.whauwiller CVE-2017-16105 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/serverwzl +CVE-2017-16107 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/pooledwebsocket +CVE-2017-16109 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/easyquick CVE-2017-16120 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/liyujing +CVE-2017-16123 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/pooledwebsocket +CVE-2017-16131 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/unicorn-list CVE-2017-16132 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/simple-npm-registry +CVE-2017-16133 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/goserv +CVE-2017-16135 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/serverzyy CVE-2017-16139 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/jikes +CVE-2017-16140 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/lab6.brit95 +CVE-2017-16141 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/lab6drewfusbyu +CVE-2017-16142 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/infraserver +CVE-2017-16143 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/commentapp.stetsonwood +CVE-2017-16146 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/mockserve CVE-2017-16148 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/serve46 +CVE-2017-16149 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/zwserver +CVE-2017-16150 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/wangguojing123 CVE-2017-16153 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/gaoxuyan CVE-2017-16155 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/fast-http-cli CVE-2017-16156 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/myprolyz +CVE-2017-16157 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/censorify.tanisjr +CVE-2017-16158 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/tiny-http +CVE-2017-16159 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/caolilinode CVE-2017-16161 - https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/shenliru +CVE-2017-16165 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/calmquist.static-server CVE-2017-16166 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/byucslabsix +CVE-2017-16169 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/looppake +CVE-2017-16172 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/section2.madisonjbrooks12 +CVE-2017-16175 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/ewgaddis.lab6 +CVE-2017-16176 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/jansenstuffpleasework CVE-2017-16179 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/dasafio +CVE-2017-16180 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/serverabc +CVE-2017-16183 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/iter-server CVE-2017-16184 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/scott-blanch-weather-app +CVE-2017-16185 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/uekw1511server +CVE-2017-16187 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/open-device +CVE-2017-16188 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/reecerver +CVE-2017-16189 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/sly07 CVE-2017-16190 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/dcdcdcdcdc +CVE-2017-16191 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/cypserver CVE-2017-16193 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/mfrs +CVE-2017-16194 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/picard +CVE-2017-16195 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/pytservce +CVE-2017-16196 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/quickserver CVE-2017-16198 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/ritp CVE-2017-16201 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/zjjserver +CVE-2017-16208 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/dmmcquay.lab6 +CVE-2017-16211 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/lessindex CVE-2017-16213 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/mfrserver +CVE-2017-16216 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/tencent-server +CVE-2017-16217 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/fbr-client CVE-2017-16218 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/dgard8.lab6 +CVE-2017-16219 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/yttivy CVE-2017-16220 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/wind-mvc +CVE-2017-16222 - https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/elding +CVE-2017-16229 - https://github.com/ohler55/ox/issues/195 CVE-2017-16231 - http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html CVE-2017-16231 - http://seclists.org/fulldisclosure/2018/Dec/33 CVE-2017-16231 - http://www.openwall.com/lists/oss-security/2017/11/01/11 @@ -26256,6 +26318,7 @@ CVE-2017-16755 - https://ruby.sh/helpspot-disclosure-20180206.txt CVE-2017-16756 - https://ruby.sh/helpspot-disclosure-20180206.txt CVE-2017-16757 - https://www.vulnerability-lab.com/get_content.php?id=2062 CVE-2017-16758 - https://packetstormsecurity.com/files/144921/WordPress-Ultimate-Instagram-Feed-1.2-Cross-Site-Scripting.html +CVE-2017-16763 - https://github.com/bbengfort/confire/issues/24 CVE-2017-16763 - https://joel-malwarebenchmark.github.io/blog/2017/11/12/cve-2017-16763-configure-loaded-through-confire/ CVE-2017-16764 - https://github.com/illagrenan/django-make-app/issues/5 CVE-2017-16764 - https://joel-malwarebenchmark.github.io/blog/2017/11/12/cve-2017-16764-vulnerability-in-django-make-app/ @@ -26874,6 +26937,7 @@ CVE-2017-18347 - https://www.aisec.fraunhofer.de/en/FirmwareProtection.html CVE-2017-18348 - https://korelogic.com/Resources/Advisories/KL-001-2017-022.txt CVE-2017-18357 - http://packetstormsecurity.com/files/152995/Shopware-createInstanceFromNamedArguments-PHP-Object-Instantiation.html CVE-2017-18358 - https://blog.ripstech.com/2018/limesurvey-persistent-xss-to-code-execution/ +CVE-2017-18362 - https://github.com/kbni/owlky CVE-2017-18364 - http://packetstormsecurity.com/files/153591/phpFK-lite-version-Cross-Site-Scripting.html CVE-2017-18364 - https://www.netsparker.com/web-applications-advisories/ns-17-030-multiple-reflected-xss-vulnerabilities-in-phpfkl-lite/ CVE-2017-18368 - https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txt @@ -26906,6 +26970,7 @@ CVE-2017-18486 - https://www.exploit-db.com/exploits/42776 CVE-2017-18509 - http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html CVE-2017-18509 - https://lists.openwall.net/netdev/2017/12/04/40 CVE-2017-18509 - https://pulsesecurity.co.nz/advisories/linux-kernel-4.9-inetcsklistenstop-gpf +CVE-2017-18594 - https://github.com/AMatchandaHaystack/Research/blob/master/Nmap%26libsshDF CVE-2017-18597 - http://lenonleite.com.br/en/2017/09/11/jtrt-responsive-tables-wordpress-plugin-sql-injection/ CVE-2017-18601 - https://www.exploit-db.com/exploits/42351 CVE-2017-18602 - https://www.exploit-db.com/exploits/42351 @@ -27691,6 +27756,7 @@ CVE-2017-6833 - https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero CVE-2017-6834 - https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-ulaw2linear_buf-g711-cpp/ CVE-2017-6835 - https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecreset1-blockcodec-cpp/ CVE-2017-6836 - https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-expand3to4modulerun-simplemodule-h/ +CVE-2017-6836 - https://github.com/mpruett/audiofile/issues/40 CVE-2017-6837 - https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/ CVE-2017-6837 - https://github.com/mpruett/audiofile/issues/41 CVE-2017-6838 - https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/ @@ -27726,10 +27792,15 @@ CVE-2017-6896 - https://www.exploit-db.com/exploits/41633/ CVE-2017-6908 - https://github.com/concrete5/concrete5-legacy/issues/1948 CVE-2017-6909 - https://github.com/shish/shimmie2/issues/597 CVE-2017-6911 - http://packetstormsecurity.com/files/141651/USB-Pratirodh-Insecure-Password-Storage.html +CVE-2017-6914 - https://github.com/bigtreecms/BigTree-CMS/files/843734/BigTree.-.Multiple.Issue.of.CSRF.that.could.Illegally.Few.Data.Changes.v02.pdf CVE-2017-6914 - https://github.com/bigtreecms/BigTree-CMS/issues/275 +CVE-2017-6915 - https://github.com/bigtreecms/BigTree-CMS/files/843734/BigTree.-.Multiple.Issue.of.CSRF.that.could.Illegally.Few.Data.Changes.v02.pdf CVE-2017-6915 - https://github.com/bigtreecms/BigTree-CMS/issues/275 +CVE-2017-6916 - https://github.com/bigtreecms/BigTree-CMS/files/843734/BigTree.-.Multiple.Issue.of.CSRF.that.could.Illegally.Few.Data.Changes.v02.pdf CVE-2017-6916 - https://github.com/bigtreecms/BigTree-CMS/issues/275 +CVE-2017-6917 - https://github.com/bigtreecms/BigTree-CMS/files/843734/BigTree.-.Multiple.Issue.of.CSRF.that.could.Illegally.Few.Data.Changes.v02.pdf CVE-2017-6917 - https://github.com/bigtreecms/BigTree-CMS/issues/275 +CVE-2017-6918 - https://github.com/bigtreecms/BigTree-CMS/files/843734/BigTree.-.Multiple.Issue.of.CSRF.that.could.Illegally.Few.Data.Changes.v02.pdf CVE-2017-6918 - https://github.com/bigtreecms/BigTree-CMS/issues/275 CVE-2017-6950 - https://erpscan.io/advisories/erpscan-17-011-sap-gui-versions-remote-code-execution-bypass-security-policy/ CVE-2017-6953 - https://www.exploit-db.com/exploits/41972/ @@ -29151,6 +29222,7 @@ CVE-2018-11010 - https://support.k7computing.com/index.php?/selfhelp/view-articl CVE-2018-11013 - https://0x3f97.github.io/exploit/2018/05/13/D-Link-DIR-816-A2-CN-router-stack-based-buffer-overflow/ CVE-2018-11017 - https://docs.google.com/document/d/18lJc_F5p3HPaMwsUAIwP0zMMhwJs-Snhuj05nhMIgAw/edit CVE-2018-11018 - https://github.com/zhaoheng521/PbootCMS/blob/master/V1.0.7%20csrf +CVE-2018-11019 - https://github.com/datadancer/HIAFuzz/blob/master/CVE-2018-11019.md CVE-2018-11020 - https://github.com/datadancer/HIAFuzz/blob/master/CVE-2018-11020.md CVE-2018-11021 - https://github.com/datadancer/HIAFuzz/blob/master/CVE-2018-11021.md CVE-2018-11023 - https://github.com/datadancer/HIAFuzz/blob/master/CVEs.md @@ -29452,6 +29524,7 @@ CVE-2018-1157 - https://www.tenable.com/security/research/tra-2018-21 CVE-2018-11575 - https://github.com/Edward-L/fuzzing-pocs/tree/master/ngiflib CVE-2018-11575 - https://github.com/miniupnp/ngiflib/issues/4 CVE-2018-11576 - https://github.com/Edward-L/fuzzing-pocs/tree/master/ngiflib +CVE-2018-11576 - https://github.com/miniupnp/ngiflib/issues/6 CVE-2018-11577 - https://github.com/Edward-L/fuzzing-pocs/tree/master/liblouis CVE-2018-11577 - https://github.com/liblouis/liblouis/issues/582 CVE-2018-11578 - https://github.com/Edward-L/fuzzing-pocs/tree/master/ngiflib @@ -29519,6 +29592,7 @@ CVE-2018-11742 - http://packetstormsecurity.com/files/150610/NEC-Univerge-Sv9100 CVE-2018-11742 - http://seclists.org/fulldisclosure/2018/Dec/1 CVE-2018-11742 - https://www.exploit-db.com/exploits/45942/ CVE-2018-11776 - https://cwiki.apache.org/confluence/display/WW/S2-057 +CVE-2018-11776 - https://github.com/hook-s3c/CVE-2018-11776-Python-PoC CVE-2018-11776 - https://www.exploit-db.com/exploits/45260/ CVE-2018-11776 - https://www.exploit-db.com/exploits/45262/ CVE-2018-11776 - https://www.exploit-db.com/exploits/45367/ @@ -29533,6 +29607,7 @@ CVE-2018-1188 - https://www.exploit-db.com/exploits/44039/ CVE-2018-1189 - https://www.exploit-db.com/exploits/44039/ CVE-2018-1201 - https://www.exploit-db.com/exploits/44039/ CVE-2018-12015 - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900834 +CVE-2018-12018 - https://github.com/ethereum/go-ethereum/pull/16891 CVE-2018-12019 - http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html CVE-2018-1202 - https://www.exploit-db.com/exploits/44039/ CVE-2018-12020 - http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html @@ -29715,6 +29790,7 @@ CVE-2018-12638 - http://packetstormsecurity.com/files/151018/Base-Soundtouch-18. CVE-2018-12648 - https://bugs.freedesktop.org/show_bug.cgi?id=106981 CVE-2018-12650 - http://packetstormsecurity.com/files/155232/Adrenalin-Core-HCM-5.4.0-Cross-Site-Scripting.html CVE-2018-12653 - http://packetstormsecurity.com/files/155244/Adrenalin-Core-HCM-5.4.0-Cross-Site-Scripting.html +CVE-2018-12659 - https://github.com/slims/slims8_akasia/issues/103 CVE-2018-12689 - https://www.exploit-db.com/exploits/44926/ CVE-2018-12692 - https://medium.com/advisability/the-in-security-of-the-tp-link-technologies-tl-wa850re-wi-fi-range-extender-26db87a7a0cc CVE-2018-12692 - https://www.exploit-db.com/exploits/44912/ @@ -29833,6 +29909,7 @@ CVE-2018-13112 - https://github.com/appneta/tcpreplay/issues/477 CVE-2018-13134 - https://www.exploit-db.com/exploits/45970/ CVE-2018-13134 - https://www.xc0re.net/2018/05/25/tp-link-wireless-router-archer-c1200-cross-site-scripting/ CVE-2018-13137 - https://ansawaf.blogspot.com/2019/04/cve-2018-13137-xss-in-events-manager.html +CVE-2018-13137 - https://gist.github.com/ansarisec/12737c207c0851d52865ed60c08891b7 CVE-2018-13139 - https://github.com/erikd/libsndfile/issues/397 CVE-2018-13140 - http://packetstormsecurity.com/files/149468/Antidote-9.5.1-Code-Execution.html CVE-2018-13140 - http://seclists.org/fulldisclosure/2018/Sep/38 @@ -32999,6 +33076,7 @@ CVE-2018-7589 - https://github.com/dtschump/CImg/issues/184 CVE-2018-7600 - https://github.com/a2u/CVE-2018-7600 CVE-2018-7600 - https://github.com/g0rx/CVE-2018-7600-Drupal-RCE CVE-2018-7600 - https://greysec.net/showthread.php?tid=2912&pid=10561 +CVE-2018-7600 - https://groups.drupal.org/security/faq-2018-002 CVE-2018-7600 - https://research.checkpoint.com/uncovering-drupalgeddon-2/ CVE-2018-7600 - https://www.exploit-db.com/exploits/44448/ CVE-2018-7600 - https://www.exploit-db.com/exploits/44449/ @@ -33282,6 +33360,7 @@ CVE-2018-8935 - https://blog.trailofbits.com/2018/03/15/amd-flaws-technical-summ CVE-2018-8936 - https://blog.trailofbits.com/2018/03/15/amd-flaws-technical-summary/ CVE-2018-8937 - https://nileshsapariya.blogspot.ae/2018/03/open-redirect-to-reflected-xss-open.html CVE-2018-8940 - https://seclists.org/fulldisclosure/2019/May/9 +CVE-2018-8941 - https://github.com/SECFORCE/CVE-2018-8941 CVE-2018-8945 - https://sourceware.org/bugzilla/show_bug.cgi?id=22809 CVE-2018-8947 - https://www.exploit-db.com/exploits/44343/ CVE-2018-8955 - http://packetstormsecurity.com/files/149900/Bitdefender-GravityZone-Installer-Signature-Bypass-Code-Execution.html @@ -37216,6 +37295,7 @@ CVE-2019-9165 - http://packetstormsecurity.com/files/152496/Nagios-XI-5.5.10-XSS CVE-2019-9166 - http://packetstormsecurity.com/files/152496/Nagios-XI-5.5.10-XSS-Remote-Code-Execution.html CVE-2019-9167 - http://packetstormsecurity.com/files/152496/Nagios-XI-5.5.10-XSS-Remote-Code-Execution.html CVE-2019-9172 - https://gitlab.com/gitlab-org/gitlab-ce/issues/54795 +CVE-2019-9176 - https://gitlab.com/gitlab-org/gitlab-ce/issues/55664 CVE-2019-9184 - https://www.exploit-db.com/exploits/46467/ CVE-2019-9189 - http://packetstormsecurity.com/files/155273/Prima-Access-Control-2.3.35-Script-Upload-Remote-Code-Execution.html CVE-2019-9193 - http://packetstormsecurity.com/files/152757/PostgreSQL-COPY-FROM-PROGRAM-Command-Execution.html @@ -37770,6 +37850,7 @@ CVE-2020-10808 - https://pentest.blog/vesta-control-panel-second-order-remote-co CVE-2020-10809 - https://research.loginsoft.com/bugs/heap-overflow-in-decompress-c-hdf5-1-13-0/ CVE-2020-10810 - https://research.loginsoft.com/bugs/null-pointer-dereference-in-h5ac-c-hdf5-1-13-0/ CVE-2020-10811 - https://research.loginsoft.com/bugs/heap-buffer-overflow-in-h5olayout-c-hdf5-1-13-0/ +CVE-2020-10812 - https://github.com/Loginsoft-Research/hdf5-reports/tree/master/Vuln_4 CVE-2020-10812 - https://research.loginsoft.com/bugs/null-pointer-dereference-in-h5fquery-c-hdf5-1-13-0/ CVE-2020-10818 - https://code610.blogspot.com/2020/03/rce-in-artica-426.html CVE-2020-10819 - https://code610.blogspot.com/2020/03/nagios-5611-xssd.html