Skip to content

Commit

Permalink
Updated by KhulnaSoft [BOT] 🤖
Browse files Browse the repository at this point in the history
  • Loading branch information
KhulnaSoft [BOT] authored and KhulnaSoft [BOT] committed Jan 23, 2025
1 parent 2bbf5ee commit 0b4c64c
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 1 deletion.
Binary file modified db/cve.sqlite
View file
Binary file not shown.
11 changes: 10 additions & 1 deletion docs/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

> Automatic monitor github cve using Github Actions

Last generated: 2025-01-22 02:14:00.961190
Last generated: 2025-01-23 02:12:00.917274

| CVE | Name | Description | Date |
|---|---|---|---|
Expand Down Expand Up @@ -48,6 +48,7 @@ Last generated: 2025-01-22 02:14:00.961190
| [CVE-2024-9264](https://www.cve.org/CVERecord?id=CVE-2024-9264) | [z3k0sec/CVE-2024-9264-RCE-Exploit](https://github.com/z3k0sec/CVE-2024-9264-RCE-Exploit) | Grafana RCE exploit (CVE-2024-9264) | 2024-10-21T03:36:05Z |
| [CVE-2024-9234](https://www.cve.org/CVERecord?id=CVE-2024-9234) | [RandomRobbieBF/CVE-2024-9234](https://github.com/RandomRobbieBF/CVE-2024-9234) | GutenKit <= 2.1.0 - Unauthenticated Arbitrary File Upload | 2024-10-17T18:48:12Z |
| [CVE-2024-9234](https://www.cve.org/CVERecord?id=CVE-2024-9234) | [CallMeBatosay/CVE-2024-9234](https://github.com/CallMeBatosay/CVE-2024-9234) | no description | 2024-11-07T04:56:44Z |
| [CVE-2024-9234](https://www.cve.org/CVERecord?id=CVE-2024-9234) | [Nxploited/CVE-2024-9234](https://github.com/Nxploited/CVE-2024-9234) | no description | 2024-12-28T11:00:02Z |
| [CVE-2024-9224](https://www.cve.org/CVERecord?id=CVE-2024-9224) | [RandomRobbieBF/CVE-2024-9224](https://github.com/RandomRobbieBF/CVE-2024-9224) | Hello World <= 2.1.1 - Authenticated (Subscriber+) Arbitrary File Read | 2024-10-11T09:17:20Z |
| [CVE-2024-9166](https://www.cve.org/CVERecord?id=CVE-2024-9166) | [Andrysqui/CVE-2024-9166](https://github.com/Andrysqui/CVE-2024-9166) | A vulnerability scanner that searches for the CVE-2024-9166 vulnerability on websites, more info about this vulnerability here: https://www.tenable.com/cve/CVE-2024-9166 | 2024-09-26T23:21:06Z |
| [CVE-2024-9162](https://www.cve.org/CVERecord?id=CVE-2024-9162) | [d0n601/CVE-2024-9162](https://github.com/d0n601/CVE-2024-9162) | All-in-One WP Migration and Backup <= 7.86 - Authenticated (Administrator+) Arbitrary PHP Code Injection | 2024-09-29T19:34:59Z |
Expand Down Expand Up @@ -87,6 +88,7 @@ Last generated: 2025-01-22 02:14:00.961190
| [CVE-2024-7954](https://www.cve.org/CVERecord?id=CVE-2024-7954) | [MuhammadWaseem29/RCE-CVE-2024-7954](https://github.com/MuhammadWaseem29/RCE-CVE-2024-7954) | no description | 2024-10-05T07:24:57Z |
| [CVE-2024-7954](https://www.cve.org/CVERecord?id=CVE-2024-7954) | [issamjr/CVE-2024-7954](https://github.com/issamjr/CVE-2024-7954) | The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request. | 2024-11-15T21:08:47Z |
| [CVE-2024-7954](https://www.cve.org/CVERecord?id=CVE-2024-7954) | [zxj-hub/CVE-2024-7954POC](https://github.com/zxj-hub/CVE-2024-7954POC) | SPIP 4.30-alpha2、4.2.13、4.1.16之前的版本使用的porte_plume插件存在任意代码执行漏洞,远程未经身份验证的攻击者可以通过发送精心设计的HTTP 请求以SPIP用户身份执行任意PHP代码。 | 2024-12-20T15:40:35Z |
| [CVE-2024-7954](https://www.cve.org/CVERecord?id=CVE-2024-7954) | [0dayan0n/RCE_CVE-2024-7954-](https://github.com/0dayan0n/RCE_CVE-2024-7954-) | The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request. (CRITICAL) | 2024-12-28T01:05:05Z |
| [CVE-2024-7928](https://www.cve.org/CVERecord?id=CVE-2024-7928) | [bigb0x/CVE-2024-7928](https://github.com/bigb0x/CVE-2024-7928) | Will attempt to retrieve DB details for FastAdmin instances | 2024-08-20T03:09:47Z |
| [CVE-2024-7928](https://www.cve.org/CVERecord?id=CVE-2024-7928) | [fa-rrel/CVE-2024-7928](https://github.com/fa-rrel/CVE-2024-7928) | CVE-2024-7928 fastadmin vulnerability POC & Scanning | 2024-08-20T12:15:48Z |
| [CVE-2024-7928](https://www.cve.org/CVERecord?id=CVE-2024-7928) | [th3gokul/CVE-2024-7928](https://github.com/th3gokul/CVE-2024-7928) | CVE-2024-7928: FastAdmin < V1.3.4.20220530 Arbitrary File Reading Vulnerability | 2024-08-23T15:50:30Z |
Expand Down Expand Up @@ -1379,6 +1381,7 @@ Last generated: 2025-01-22 02:14:00.961190
| [CVE-2024-30088](https://www.cve.org/CVERecord?id=CVE-2024-30088) | [Admin9961/CVE-2024-30088](https://github.com/Admin9961/CVE-2024-30088) | Questa repository contiene una replica (tentativo di replica) scritto in Python per CVE-2024-30088. | 2024-07-27T10:41:33Z |
| [CVE-2024-30088](https://www.cve.org/CVERecord?id=CVE-2024-30088) | [Justintroup85/exploits-forsale-collateral-damage](https://github.com/Justintroup85/exploits-forsale-collateral-damage) | Kernel exploit for Xbox SystemOS using CVE-2024-30088 | 2024-08-25T12:47:10Z |
| [CVE-2024-30085](https://www.cve.org/CVERecord?id=CVE-2024-30085) | [Adamkadaban/CVE-2024-30085](https://github.com/Adamkadaban/CVE-2024-30085) | CVE-2024-30085 | 2024-12-25T06:03:45Z |
| [CVE-2024-30085](https://www.cve.org/CVERecord?id=CVE-2024-30085) | [murdok1982/Exploit-PoC-para-CVE-2024-30085](https://github.com/murdok1982/Exploit-PoC-para-CVE-2024-30085) | Exploit en Python diseñado para aprovechar la vulnerabilidad de elevación de privilegios CVE-2024-30085 | 2024-12-28T10:03:26Z |
| [CVE-2024-30078](https://www.cve.org/CVERecord?id=CVE-2024-30078) | [52by/CVE-2024-30078](https://github.com/52by/CVE-2024-30078) | no description | 2024-06-17T17:48:23Z |
| [CVE-2024-30078](https://www.cve.org/CVERecord?id=CVE-2024-30078) | [nkontopoul/checkwifivulnerability](https://github.com/nkontopoul/checkwifivulnerability) | Only tested in windows 11. Checks if you are protected via windows update against CVE-2024-30078 Windows Wi-Fi Driver Remote Code Execution Vulnerability | 2024-06-18T20:05:06Z |
| [CVE-2024-30078](https://www.cve.org/CVERecord?id=CVE-2024-30078) | [kvx07/CVE_2024_30078_A_POC](https://github.com/kvx07/CVE_2024_30078_A_POC) | no description | 2024-06-18T04:43:31Z |
Expand Down Expand Up @@ -1877,6 +1880,7 @@ Last generated: 2025-01-22 02:14:00.961190
| [CVE-2024-23334](https://www.cve.org/CVERecord?id=CVE-2024-23334) | [TheRedP4nther/LFI-aiohttp-CVE-2024-23334-PoC](https://github.com/TheRedP4nther/LFI-aiohttp-CVE-2024-23334-PoC) | Bash script to automate Local File Inclusion (LFI) attacks on aiohttp server version 3.9.1. | 2024-11-14T21:43:29Z |
| [CVE-2024-23334](https://www.cve.org/CVERecord?id=CVE-2024-23334) | [Pylonet/CVE-2024-23334](https://github.com/Pylonet/CVE-2024-23334) | no description | 2024-11-07T21:37:05Z |
| [CVE-2024-23334](https://www.cve.org/CVERecord?id=CVE-2024-23334) | [Betan423/CVE-2024-23334-PoC](https://github.com/Betan423/CVE-2024-23334-PoC) | This repository is a proof of concept (POC) for CVE-2024-23334, demonstrating an attempt to replicate the bug in aiohttp that leads to Local File Inclusion (LFI). | 2024-12-09T06:51:13Z |
| [CVE-2024-23334](https://www.cve.org/CVERecord?id=CVE-2024-23334) | [BestDevOfc/CVE-2024-23334-PoC](https://github.com/BestDevOfc/CVE-2024-23334-PoC) | A proof of concept of the path traversal vulnerability in the python AioHTTP library =< 3.9.1 | 2024-12-25T12:50:59Z |
| [CVE-2024-23298](https://www.cve.org/CVERecord?id=CVE-2024-23298) | [p1tsi/CVE-2024-23298.app](https://github.com/p1tsi/CVE-2024-23298.app) | PoC for CVE-2024-23298 | 2024-12-18T18:12:10Z |
| [CVE-2024-23208](https://www.cve.org/CVERecord?id=CVE-2024-23208) | [hrtowii/CVE-2024-23208-test](https://github.com/hrtowii/CVE-2024-23208-test) | no description | 2024-02-04T07:37:21Z |
| [CVE-2024-23200](https://www.cve.org/CVERecord?id=CVE-2024-23200) | [l00neyhacker/CVE-2024-23200](https://github.com/l00neyhacker/CVE-2024-23200) | CVE-2024-23200 | 2024-01-14T21:46:27Z |
Expand Down Expand Up @@ -2131,9 +2135,11 @@ Last generated: 2025-01-22 02:14:00.961190
| [CVE-2024-1208](https://www.cve.org/CVERecord?id=CVE-2024-1208) | [Cappricio-Securities/CVE-2024-1208](https://github.com/Cappricio-Securities/CVE-2024-1208) | LearnDash LMS < 4.10.3 - Sensitive Information Exposure | 2024-05-30T17:55:45Z |
| [CVE-2024-1207](https://www.cve.org/CVERecord?id=CVE-2024-1207) | [sahar042/CVE-2024-1207](https://github.com/sahar042/CVE-2024-1207) | The WP Booking Calendar plugin for WordPress is vulnerable to SQL Injection via the 'calendar_request_params[dates_ddmmyy_csv]' parameter in all versions up to, and including, 9.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attac | 2024-10-08T09:05:16Z |
| [CVE-2024-12025](https://www.cve.org/CVERecord?id=CVE-2024-12025) | [RandomRobbieBF/CVE-2024-12025](https://github.com/RandomRobbieBF/CVE-2024-12025) | Collapsing Categories <= 3.0.8 - Unauthenticated SQL Injection | 2024-12-19T14:15:29Z |
| [CVE-2024-11972](https://www.cve.org/CVERecord?id=CVE-2024-11972) | [JunTakemura/exploit-CVE-2024-11972](https://github.com/JunTakemura/exploit-CVE-2024-11972) | Exploit for CVE-2024-11972, Hunk Companion < 1.9.0 Unauthenticated Plugin Installation | 2024-12-15T23:54:15Z |
| [CVE-2024-11728](https://www.cve.org/CVERecord?id=CVE-2024-11728) | [samogod/CVE-2024-11728](https://github.com/samogod/CVE-2024-11728) | KiviCare – Clinic & Patient Management System (EHR) WordPress Plugin Unauthenticated SQL Injection PoC | 2024-12-11T12:33:46Z |
| [CVE-2024-11680](https://www.cve.org/CVERecord?id=CVE-2024-11680) | [D3N14LD15K/CVE-2024-11680_PoC_Exploit](https://github.com/D3N14LD15K/CVE-2024-11680_PoC_Exploit) | This repository contains a Proof of Concept (PoC) exploit for CVE-2024-11680, a critical vulnerability in ProjectSend r1605 and older versions. The exploit targets a Cross-Site Request Forgery (CSRF) flaw in combination with Privilege Misconfiguration issues. | 2024-12-04T18:42:43Z |
| [CVE-2024-11643](https://www.cve.org/CVERecord?id=CVE-2024-11643) | [RandomRobbieBF/CVE-2024-11643](https://github.com/RandomRobbieBF/CVE-2024-11643) | Accessibility by AllAccessible <= 1.3.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Option Update | 2024-12-05T09:47:31Z |
| [CVE-2024-11616](https://www.cve.org/CVERecord?id=CVE-2024-11616) | [inb1ts/CVE-2024-11616](https://github.com/inb1ts/CVE-2024-11616) | Crash PoC for exploiting Netskope Endpoint DLP double-fetch. | 2024-12-28T10:48:23Z |
| [CVE-2024-11477](https://www.cve.org/CVERecord?id=CVE-2024-11477) | [TheN00bBuilder/cve-2024-11477-writeup](https://github.com/TheN00bBuilder/cve-2024-11477-writeup) | CVE-2024-11477 7Zip Code Execution Writeup and Analysis | 2024-11-29T06:13:36Z |
| [CVE-2024-11451](https://www.cve.org/CVERecord?id=CVE-2024-11451) | [Xiaolqy/CVE-2024-11451](https://github.com/Xiaolqy/CVE-2024-11451) | no description | 2024-07-11T23:16:33Z |
| [CVE-2024-11432](https://www.cve.org/CVERecord?id=CVE-2024-11432) | [windz3r0day/CVE-2024-11432](https://github.com/windz3r0day/CVE-2024-11432) | CVE-2024-11432 poc exploit | 2024-11-22T16:46:24Z |
Expand Down Expand Up @@ -4408,6 +4414,7 @@ Last generated: 2025-01-22 02:14:00.961190
| [CVE-2022-39986](https://www.cve.org/CVERecord?id=CVE-2022-39986) | [tucommenceapousser/RaspAP-CVE-2022-39986-PoC](https://github.com/tucommenceapousser/RaspAP-CVE-2022-39986-PoC) | CVE-2022-39986 PoC | 2023-08-28T03:13:10Z |
| [CVE-2022-39986](https://www.cve.org/CVERecord?id=CVE-2022-39986) | [mind2hex/CVE-2022-39986](https://github.com/mind2hex/CVE-2022-39986) | bash script for automated discovery and exploitation of machines with the CVE-2022-39986 vulnerability | 2023-08-24T16:48:27Z |
| [CVE-2022-39227](https://www.cve.org/CVERecord?id=CVE-2022-39227) | [user0x1337/CVE-2022-39227](https://github.com/user0x1337/CVE-2022-39227) | CVE-2022-39227 : Proof of Concept | 2023-06-07T11:11:12Z |
| [CVE-2022-39227](https://www.cve.org/CVERecord?id=CVE-2022-39227) | [NoSpaceAvailable/CVE-2022-39227](https://github.com/NoSpaceAvailable/CVE-2022-39227) | A working POC found while doing a HTB challenge. Original: https://github.com/user0x1337/CVE-2022-39227 | 2024-03-28T12:55:13Z |
| [CVE-2022-3910](https://www.cve.org/CVERecord?id=CVE-2022-3910) | [veritas501/CVE-2022-3910](https://github.com/veritas501/CVE-2022-3910) | CVE-2022-3910 | 2023-03-14T07:22:25Z |
| [CVE-2022-3904](https://www.cve.org/CVERecord?id=CVE-2022-3904) | [RandomRobbieBF/CVE-2022-3904](https://github.com/RandomRobbieBF/CVE-2022-3904) | CVE-2022-3904 MonsterInsights < 8.9.1 - Stored Cross-Site Scripting via Google Analytics | 2023-07-12T09:51:32Z |
| [CVE-2022-38694](https://www.cve.org/CVERecord?id=CVE-2022-38694) | [TomKing062/CVE-2022-38694_unlock_bootloader](https://github.com/TomKing062/CVE-2022-38694_unlock_bootloader) | unlock bootloader for theoretically ALL unisoc ud710 and ums512 model | 2023-06-10T08:31:26Z |
Expand Down Expand Up @@ -4964,6 +4971,7 @@ Last generated: 2025-01-22 02:14:00.961190
| [CVE-2021-3560](https://www.cve.org/CVERecord?id=CVE-2021-3560) | [secnigma/CVE-2021-3560-Polkit-Privilege-Esclation](https://github.com/secnigma/CVE-2021-3560-Polkit-Privilege-Esclation) | no description | 2021-06-14T20:08:20Z |
| [CVE-2021-3560](https://www.cve.org/CVERecord?id=CVE-2021-3560) | [pashayogi/ROOT-CVE-2021-3560](https://github.com/pashayogi/ROOT-CVE-2021-3560) | Polkit 0.105-26 0.117-2 - Local Privilege Escalation | 2023-08-20T14:39:19Z |
| [CVE-2021-3560](https://www.cve.org/CVERecord?id=CVE-2021-3560) | [TieuLong21Prosper/CVE-2021-3560](https://github.com/TieuLong21Prosper/CVE-2021-3560) | CVE-2021-3560 Bypass su - root | 2023-10-06T15:27:13Z |
| [CVE-2021-3560](https://www.cve.org/CVERecord?id=CVE-2021-3560) | [markyu0401/CVE-2021-3560-Polkit-Privilege-Escalation](https://github.com/markyu0401/CVE-2021-3560-Polkit-Privilege-Escalation) | no description | 2023-12-15T03:38:41Z |
| [CVE-2021-35464](https://www.cve.org/CVERecord?id=CVE-2021-35464) | [Y4er/openam-CVE-2021-35464](https://github.com/Y4er/openam-CVE-2021-35464) | openam-CVE-2021-35464 tomcat 执行命令回显 | 2021-07-01T03:51:32Z |
| [CVE-2021-35448](https://www.cve.org/CVERecord?id=CVE-2021-35448) | [deathflash1411/cve-2021-35448](https://github.com/deathflash1411/cve-2021-35448) | Local Privilege Escalation in Remote Mouse 3.008 | 2023-06-11T06:32:12Z |
| [CVE-2021-35296](https://www.cve.org/CVERecord?id=CVE-2021-35296) | [afaq1337/CVE-2021-35296](https://github.com/afaq1337/CVE-2021-35296) | PoC of CVE-2021-35296 - PTCL Modem HG150-Ub | 2021-09-30T18:18:27Z |
Expand Down Expand Up @@ -7678,3 +7686,4 @@ Last generated: 2025-01-22 02:14:00.961190
| CVE NOT FOUND | [christian-cahig/CVE154_AY-2024-2025-S1](https://github.com/christian-cahig/CVE154_AY-2024-2025-S1) | Various files for the CVE154 classes taught at MSU-IIT during A.Y. 2024-2025 S1 | 2024-08-22T15:52:19Z |
| CVE NOT FOUND | [2aqu/CVE-2023-VULN](https://github.com/2aqu/CVE-2023-VULN) | cve-2023 vuln certify | 2024-08-31T21:43:56Z |
| CVE NOT FOUND | [NaInSec/CVE-1012182122-JSON](https://github.com/NaInSec/CVE-1012182122-JSON) | CVE Json Files - 2010, 2012, 2018, 2021 and 2022 | 2024-03-22T14:36:24Z |
| CVE NOT FOUND | [TuanCui22/impacket-2024](https://github.com/TuanCui22/impacket-2024) | impacket-2024-env to demo CVE ZEROLOGON | 2024-12-26T03:01:53Z |

0 comments on commit 0b4c64c

Please sign in to comment.