Commit Graph

3665 Commits (fcec6a8a591c42953201cd474bf27efba4b334dd)

Author SHA1 Message Date
Prince Chaddha 5511ff1efd
Merge pull request #3578 from hexcat/add-wp-html-mail-xss
Added wp-html-mail-xss template
2022-01-24 14:21:06 +05:30
Prince Chaddha 6dd35d6491
Update and rename vulnerabilities/wordpress/wp-html-mail-xss.yaml to cves/2022/CVE-2022-0218.yaml 2022-01-24 14:17:01 +05:30
GitHub Action f882764c9b Auto Generated CVE annotations [Mon Jan 24 07:12:56 UTC 2022] 🤖 2022-01-24 07:12:56 +00:00
Prince Chaddha fa30e05f61
Merge pull request #3586 from V35HR4J/master
Create CVE-2021-39433.yaml
2022-01-24 12:40:15 +05:30
Prince Chaddha 018ae134c0
Merge pull request #3585 from gy741/rule-add-v90
Create CVE-2022-23178.yaml
2022-01-24 12:39:17 +05:30
Prince Chaddha e9897bddaa
Update CVE-2022-23178.yaml 2022-01-24 12:37:55 +05:30
Prince Chaddha 03697ed21a
Update CVE-2021-39433.yaml 2022-01-24 12:28:03 +05:30
Veshraj Ghimire df907cc2e3
Create CVE-2021-39433.yaml 2022-01-23 21:00:30 +05:45
GwanYeong Kim 2d53221aea Create CVE-2022-23178.yaml
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname and upassword fields.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-23 20:28:25 +09:00
Prince Chaddha 1d15a5464a
Update CVE-2021-24750.yaml 2022-01-23 14:51:25 +05:30
Prince Chaddha 3c9e02150d
Update CVE-2021-24750.yaml 2022-01-23 14:39:38 +05:30
Prince Chaddha 75184ca383
Update CVE-2021-24750.yaml 2022-01-23 14:38:12 +05:30
cckuailong dad34d012c add CVE-2021-24750 2022-01-23 13:17:20 +08:00
sandeep 2a8d8e1095 more updates 2022-01-22 23:27:52 +05:30
sandeep 6b14c6c6fc CVE-2021-40438 update 2022-01-22 23:18:07 +05:30
sullo 3b7bcda337 Enhancement: cves/2001/CVE-2001-1473.yaml by Chris 2022-01-21 13:58:26 -05:00
sullo 0fcaacfb8c Enhancement: cves/2001/CVE-2001-1473.yaml by Chris 2022-01-21 13:57:17 -05:00
Sandeep Singh 8a3e575e9f
Added CVE-2012-4547 / CVE-2009-5020 (#3575)
* Added CVE-2012-4547 / CVE-2009-5020

* Update CVE-2009-5020.yaml
2022-01-21 16:37:41 +05:30
Houziaux Mike 3564e64027
[Add] - Zimbra unauthenticated LFI (#3571)
* add zimbra lfi

* template updates

- CVE update
- Matchers update
- Additional LFI payload + matchers

* Update CVE-2013-7091.yaml

* Revert "Update CVE-2013-7091.yaml"

This reverts commit fdffa3944f29754d8971a2697754011d29677c42.

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: Prince Chaddha <cyberbossprince@gmail.com>
2022-01-21 13:02:08 +05:30
Leovalcante bac26e1669
Create check for cve-2020-24391 mongo-express RCE (#3566)
* Create check for cve-2020-24391 mongo-express RCE

* random file to write + matcher updates + extractor

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-20 14:55:01 +05:30
Sandeep Singh 1b0c7f1b7f
CVE-2021-22205 update (#3568)
*moved cves/2021/CVE-2021-22205.yaml to vulnerabilities/gitlab/gitlab-rce.yaml
*template extension update + added missing severity + misc updates
2022-01-20 14:25:57 +05:30
Greg Johnson e0a2d35a8d
add passive fingerprinting template for CVE-2021-22205 (#3565)
Co-authored-by: Greg Johnson (codeEmitter) <gjohnson@gitlab.com>
2022-01-20 14:12:37 +05:30
sandeep f6e3df8b33 CVE-2020-13483 Update 2022-01-19 13:44:01 +05:30
pussycat0x 650a38ffde
Qualcomm 4G LTE WiFi VoIP-Router (#3555)
* Add files via upload

* Auto Generated CVE annotations [Mon Jan 17 16:05:35 UTC 2022] 🤖

* Update CVE-2021-44528.yaml

* Update CVE-2021-45232.yaml

* Add files via upload

* removing duplicate template

* moving template around

* template fix

Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-19 13:33:34 +05:30
Roberto Nunes f8013457b6
Create CVE-2020-23575.yaml (#3547)
* Create CVE-2020-23575.yaml

* Update and rename CVE-2020-23575.yaml to cves/2020/CVE-2020-23575.yaml

* minor update

Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-18 13:12:16 +05:30
Roberto Nunes 2cadf76241
Create CVE-2021-32618.yaml (#3546)
* Create CVE-2021-32618.yaml

* Update and rename CVE-2021-32618.yaml to cves/2021/CVE-2021-32618.yaml

* matcher update

Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-18 12:51:00 +05:30
GitHub Action 2c250d66c7 Auto Generated CVE annotations [Tue Jan 18 05:22:01 UTC 2022] 🤖 2022-01-18 05:22:01 +00:00
Dwi Siswanto b8dabfbcbb
Add CVE-2021-20038 (#3542)
* Add CVE-2021-20038

* misc: Update author
2022-01-18 10:50:14 +05:30
GitHub Action 8244d08f57 Auto Generated CVE annotations [Sun Jan 16 16:40:51 UTC 2022] 🤖 2022-01-16 16:40:51 +00:00
Sandeep Singh f6377b09ec
Added Apache APISIX's Admin API Default Access Token (RCE) (#3544) 2022-01-16 22:08:55 +05:30
Patrick 1086ca1a30
added template for CVE-2021-42551 (#3541)
* added template for CVE-2021-42551

* Update CVE-2021-42551.yaml

* Update CVE-2021-42551.yaml

* unbricked CVE-2021-42551

* additional page specific matcher

Co-authored-by: Patrick <patrick.schmid@redguard.ch>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-16 19:01:29 +05:30
gy741 e5958c1364
Update tags (#3538) 2022-01-16 02:08:21 +05:30
GitHub Action 93337032a0 Auto Generated CVE annotations [Sat Jan 15 20:36:52 UTC 2022] 🤖 2022-01-15 20:36:52 +00:00
PikPikcU 7e0a3acf44
Create dreambox-xss (#3535)
* Create dreambox-xss.yaml

* Create dreambox-detect.yaml

* misc updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-16 02:05:33 +05:30
GitHub Action ca79e7a81f Auto Generated CVE annotations [Sat Jan 15 20:28:18 UTC 2022] 🤖 2022-01-15 20:28:18 +00:00
alph4byt3 2d28cebfee
Create CVE-2017-14135 (#3534)
* Create opendreambox-plugin-webadmin-rce.yaml

* Update opendreambox-plugin-webadmin-rce.yaml

* Update opendreambox-plugin-webadmin-rce.yaml

* Update opendreambox-plugin-webadmin-rce.yaml

* misc updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-16 01:56:51 +05:30
GitHub Action d5e2eb7d41 Auto Generated CVE annotations [Sat Jan 15 19:05:39 UTC 2022] 🤖 2022-01-15 19:05:39 +00:00
GitHub Action bc3fa19859 Auto Generated CVE annotations [Thu Jan 13 05:21:21 UTC 2022] 🤖 2022-01-13 05:21:21 +00:00
Muhammad Daffa 64cf0fa4ba
Rename maian cart rce (#3532)
* Update and rename vulnerabilities/other/maian-cart-preauth-rce.yaml to cves/2021/CVE-2021-32172.yaml

* Update CVE-2021-32172.yaml

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-01-13 10:48:51 +05:30
Muhammad Daffa 0e39fd0103
Add some workflow templates (#3521)
* Add 27 workflow templates

* fixed Artifactory workflow

* Fixed Jetty workflow

* Fixed Moodle workflow

* Fixed Zabbix workflow

* Fixed DedeCMS workflow

* Fixed OFBiz workflow

* Fixed rConfig workflow

* Tag update for R-SeeNet workflow

* Add 3 token-spray templates

* format fixes

* Add workflow templates

* More workflows templates

* multiple workflow fixes

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-01-12 18:19:54 +05:30
sandeep 5c471a6168 removing duplicate template 2022-01-12 17:28:47 +05:30
Prince Chaddha 4af56f0b06
Merge pull request #3512 from gy741/rule-add-v84
Create CVE-2014-3206.yaml
2022-01-11 14:59:23 +05:30
Prince Chaddha e089bd841a
Update CVE-2014-3206.yaml 2022-01-11 14:57:24 +05:30
Prince Chaddha a53ae7b694
Merge pull request #3518 from gy741/rule-add-v85
Create CVE-2021-20167.yaml
2022-01-11 14:54:05 +05:30
Prince Chaddha 74e8442c74
Update and rename CVE-2019-13396.yaml to cves/2019/CVE-2019-13396.yaml 2022-01-11 14:43:58 +05:30
Prince Chaddha aa8fd16018
Merge pull request #3515 from Akokonunes/patch-104
Create CVE-2020-11529.yaml
2022-01-11 14:37:32 +05:30
Prince Chaddha 7f26b9e895
Update and rename CVE-2020-11529.yaml to cves/2020/CVE-2020-11529.yaml 2022-01-11 14:35:53 +05:30
GitHub Action c40624e7d9 Auto Generated CVE annotations [Tue Jan 11 08:57:41 UTC 2022] 🤖 2022-01-11 08:57:41 +00:00
Prince Chaddha 5657bdb557
Merge pull request #3516 from pikpikcu/patch-315
Create CVE-2021–20837
2022-01-11 14:24:26 +05:30
Prince Chaddha 70677b3b5a
Update CVE-2021–20837.yaml 2022-01-11 14:12:04 +05:30
Prince Chaddha 9afd4bcfd8
Update CVE-2021-20167.yaml 2022-01-11 13:57:07 +05:30
Prince Chaddha 6ea0a7f492
Update CVE-2020-7136.yaml 2022-01-11 13:43:30 +05:30
GwanYeong Kim 351dc3e460 Create CVE-2020-7136.yaml
A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the HPE Support Center at https://support.hpe.com/hpesc/public/home to download the latest version of HPE Smart Update Manager (SUM). Download the latest version of HPE Smart Update Manager (SUM) or download the latest Service Pack For ProLiant (SPP).

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-11 15:39:41 +09:00
GwanYeong Kim d772fd884b Create CVE-2021-20167.yaml
This vulnerability uses a combination of CVE-2021-20166 and CVE-2021-20167. Netgear RAX43 version 1.0.3.96 contains a command injection and authbypass vulnerability. The readycloud cgi application is vulnerable to command injection in the name parameter. and The URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the applicaiton.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-11 15:00:56 +09:00
PikPikcU 83e431802e
Create CVE-2021–20837.yaml 2022-01-10 21:44:31 -05:00
Sandeep Singh 9e4d5f0d23
lint fixes 2022-01-10 21:20:16 +05:30
GwanYeong Kim 9435362025 Create CVE-2014-3206.yaml
Seagate BlackArmor NAS allows remote attackers to execute arbitrary code via the session parameter to localhost/backupmgt/localJob.php or the auth_name parameter to localhost/backupmgmt/pre_connect_check.php.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-10 21:44:45 +09:00
Muhammad Daffa 068d576d22
Update CVE-2020-8641.yaml (#3505) 2022-01-08 20:23:53 +05:30
Roberto Nunes 484d77de7c
Create CVE-2021-39501.yaml (#3501)
* Create CVE-2021-39501.yaml

* moving template to cves directory

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-08 17:00:19 +05:30
Roberto Nunes 691688fb66
Create CVE-2020-23015.yaml (#3502)
* Create CVE-2020-23015.yaml

* moving template to cves directory

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-08 16:52:50 +05:30
GitHub Action 451313a0af Auto Generated CVE annotations [Sat Jan 8 10:57:43 UTC 2022] 🤖 2022-01-08 10:57:43 +00:00
JAS-37 0c7d13d152
add CVE-2021-31862 template (#3491)
* add CVE-2021-31862 template

* updated matchers

* Added SysAid panel + workflow

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-07 13:28:38 +05:30
Sandeep Singh 844c3b4a02
Network template updates & fixes (#3497)
* Fixed template syntax

* network template update and fixes
2022-01-07 12:58:37 +05:30
sandeep 945b4b1456 name update 2022-01-06 15:36:28 +05:30
Prince Chaddha 65703f0cc6
Merge pull request #3469 from ImNightmaree/patch-1
Update CVE-2017-11610.yaml
2022-01-06 14:00:23 +05:30
Prince Chaddha 2fa0619b65
Update CVE-2017-11610.yaml 2022-01-06 13:54:40 +05:30
GitHub Action fbb9f36310 Auto Generated CVE annotations [Thu Jan 6 08:06:01 UTC 2022] 🤖 2022-01-06 08:06:01 +00:00
Prince Chaddha e144116352
Merge pull request #3485 from projectdiscovery/CVE-2016-4977
Create CVE-2016-4977.yaml
2022-01-06 13:34:23 +05:30
Aaron Chen d0f71c6d1b
Update CVE-2021-31589.yaml (#3489) 2022-01-06 12:05:23 +05:30
Ahmed Aboul-Ela f279bd78d1
Add CVE-2021-31589 (#3486)
* Add CVE-2021-31589

Committer: Ahmed Aboul-Ela <ahmed.aboul3la@gmail.com>

* lint fixes

* updated matchers

* Added metadata

* Added Bomgar Login Panel detection

* Added Bomgar workflow

* Added favicon detection

Co-authored-by: Ahmed Aboul-Ela <ahmed@secgeek.local>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-05 18:39:53 +05:30
Prince Chaddha 7be7e8392a
Create CVE-2016-4977.yaml 2022-01-05 14:07:28 +05:30
Prince Chaddha 031b16b633
Merge pull request #3476 from projectdiscovery/CVE-2015-5531
Create CVE-2015-5531.yaml
2022-01-05 13:08:19 +05:30
GitHub Action 9305549db5 Auto Generated CVE annotations [Wed Jan 5 07:37:34 UTC 2022] 🤖 2022-01-05 07:37:34 +00:00
Prince Chaddha 3cb0c08288
Merge pull request #3474 from projectdiscovery/CVE-2016-10134
Create CVE-2016-10134.yaml
2022-01-05 13:05:50 +05:30
Prince Chaddha a9ef4d2612
Merge pull request #3480 from gy741/rule-add-v81
Create CVE-2021-21881.yaml
2022-01-05 13:01:57 +05:30
Prince Chaddha bf21395cb7
Update CVE-2015-5531.yaml 2022-01-05 13:01:50 +05:30
Prince Chaddha fefd3343eb
Update CVE-2021-21881.yaml 2022-01-05 13:00:40 +05:30
Prince Chaddha 616bea3a88
Update CVE-2021-21881.yaml 2022-01-05 12:59:27 +05:30
Pathtaga e281e5bf88
Updated all templates tags with technologies (#3478)
* Updated tags for template sonicwall-email-security-detect.yaml

* Updated tags for template detect-sentry.yaml

* Updated tags for template kong-detect.yaml

* Updated tags for template openam-detect.yaml

* Updated tags for template shiro-detect.yaml

* Updated tags for template iplanet-web-server.yaml

* Updated tags for template graylog-api-browser.yaml

* Updated tags for template prtg-detect.yaml

* Updated tags for template node-red-detect.yaml

* Updated tags for template abyss-web-server.yaml

* Updated tags for template geo-webserver.yaml

* Updated tags for template autobahn-python-detect.yaml

* Updated tags for template default-lighttpd-page.yaml

* Updated tags for template microsoft-iis-8.yaml

* Updated tags for template lucee-detect.yaml

* Updated tags for template php-proxy-detect.yaml

* Updated tags for template jenkins-detect.yaml

* Updated tags for template cockpit-detect.yaml

* Updated tags for template csrfguard-detect.yaml

* Updated tags for template dwr-index-detect.yaml

* Updated tags for template netsweeper-webadmin-detect.yaml

* Updated tags for template weblogic-detect.yaml

* Updated tags for template s3-detect.yaml

* Updated tags for template tileserver-gl.yaml

* Updated tags for template springboot-actuator.yaml

* Updated tags for template terraform-detect.yaml

* Updated tags for template redmine-cli-detect.yaml

* Updated tags for template mrtg-detect.yaml

* Updated tags for template tableau-server-detect.yaml

* Updated tags for template magmi-detect.yaml

* Updated tags for template oidc-detect.yaml

* Updated tags for template tor-socks-proxy.yaml

* Updated tags for template synology-web-station.yaml

* Updated tags for template herokuapp-detect.yaml

* Updated tags for template gunicorn-detect.yaml

* Updated tags for template sql-server-reporting.yaml

* Updated tags for template google-bucket-service.yaml

* Updated tags for template kubernetes-mirantis.yaml

* Updated tags for template kubernetes-enterprise-manager.yaml

* Updated tags for template oracle-iplanet-web-server.yaml

* Updated tags for template dell-idrac7-detect.yaml

* Updated tags for template dell-idrac6-detect.yaml

* Updated tags for template dell-idrac9-detect.yaml

* Updated tags for template dell-idrac8-detect.yaml

* Updated tags for template apache-guacamole.yaml

* Updated tags for template aws-cloudfront-service.yaml

* Updated tags for template aws-bucket-service.yaml

* Updated tags for template nginx-linux-page.yaml

* Updated tags for template telerik-fileupload-detect.yaml

* Updated tags for template telerik-dialoghandler-detect.yaml

* Updated tags for template htaccess-config.yaml

* Updated tags for template microsoft-azure-error.yaml

* Updated tags for template detect-options-method.yaml

* Updated tags for template unpatched-coldfusion.yaml

* Updated tags for template moodle-changelog.yaml

* Updated tags for template detect-dns-over-https.yaml

* Updated tags for template CVE-2019-19134.yaml

* Updated tags for template CVE-2019-3929.yaml

* Updated tags for template CVE-2019-19908.yaml

* Updated tags for template CVE-2019-10475.yaml

* Updated tags for template CVE-2019-17382.yaml

* Updated tags for template CVE-2019-16332.yaml

* Updated tags for template CVE-2019-14974.yaml

* Updated tags for template CVE-2019-19368.yaml

* Updated tags for template CVE-2019-12725.yaml

* Updated tags for template CVE-2019-15501.yaml

* Updated tags for template CVE-2019-9733.yaml

* Updated tags for template CVE-2019-14322.yaml

* Updated tags for template CVE-2019-9955.yaml

* Updated tags for template CVE-2019-0230.yaml

* Updated tags for template CVE-2019-10232.yaml

* Updated tags for template CVE-2019-17506.yaml

* Updated tags for template CVE-2019-8449.yaml

* Updated tags for template CVE-2019-12593.yaml

* Updated tags for template CVE-2019-10092.yaml

* Updated tags for template CVE-2019-1821.yaml

* Updated tags for template CVE-2019-3401.yaml

* Updated tags for template CVE-2019-16662.yaml

* Updated tags for template CVE-2019-5418.yaml

* Updated tags for template CVE-2016-4975.yaml

* Updated tags for template CVE-2016-1000137.yaml

* Updated tags for template CVE-2016-7552.yaml

* Updated tags for template CVE-2016-10956.yaml

* Updated tags for template CVE-2016-1000146.yaml

* Updated tags for template CVE-2013-2251.yaml

* Updated tags for template CVE-2013-1965.yaml

* Updated tags for template CVE-2014-2323.yaml

* Updated tags for template CVE-2014-5111.yaml

* Updated tags for template CVE-2014-2962.yaml

* Updated tags for template CVE-2014-4561.yaml

* Updated tags for template CVE-2014-4558.yaml

* Updated tags for template CVE-2014-3120.yaml

* Updated tags for template CVE-2007-5728.yaml

* Updated tags for template CVE-2009-4679.yaml

* Updated tags for template CVE-2009-1558.yaml

* Updated tags for template CVE-2009-4202.yaml

* Updated tags for template CVE-2009-0932.yaml

* Updated tags for template CVE-2015-2068.yaml

* Updated tags for template CVE-2015-8813.yaml

* Updated tags for template CVE-2015-7450.yaml

* Updated tags for template CVE-2015-2067.yaml

* Updated tags for template CVE-2015-3306.yaml

* Updated tags for template CVE-2015-3337.yaml

* Updated tags for template CVE-2015-1427.yaml

* Updated tags for template CVE-2015-1503.yaml

* Updated tags for template CVE-2015-1880.yaml

* Updated tags for template CVE-2018-3810.yaml

* Updated tags for template CVE-2018-18069.yaml

* Updated tags for template CVE-2018-17246.yaml

* Updated tags for template CVE-2018-10141.yaml

* Updated tags for template CVE-2018-16341.yaml

* Updated tags for template CVE-2018-18777.yaml

* Updated tags for template CVE-2018-15138.yaml

* Updated tags for template CVE-2018-11784.yaml

* Updated tags for template CVE-2018-16299.yaml

* Updated tags for template CVE-2018-7251.yaml

* Updated tags for template CVE-2018-1273.yaml

* Updated tags for template CVE-2018-1271.yaml

* Updated tags for template CVE-2018-11759.yaml

* Updated tags for template CVE-2018-3167.yaml

* Updated tags for template CVE-2018-7490.yaml

* Updated tags for template CVE-2018-2628.yaml

* Updated tags for template CVE-2018-13380.yaml

* Updated tags for template CVE-2018-2893.yaml

* Updated tags for template CVE-2018-5316.yaml

* Updated tags for template CVE-2018-20985.yaml

* Updated tags for template CVE-2018-10818.yaml

* Updated tags for template CVE-2018-1000861.yaml

* Updated tags for template CVE-2018-0296.yaml

* Updated tags for template CVE-2018-19458.yaml

* Updated tags for template CVE-2018-3760.yaml

* Updated tags for template CVE-2018-12998.yaml

* Updated tags for template CVE-2018-9118.yaml

* Updated tags for template CVE-2018-1000130.yaml

* Updated tags for template CVE-2008-6668.yaml

* Updated tags for template CVE-2017-7269.yaml

* Updated tags for template CVE-2017-1000170.yaml

* Updated tags for template CVE-2017-16877.yaml

* Updated tags for template CVE-2017-1000486.yaml

* Updated tags for template CVE-2017-9822.yaml

* Updated tags for template CVE-2017-0929.yaml

* Updated tags for template CVE-2017-7921.yaml

* Updated tags for template CVE-2017-14535.yaml

* Updated tags for template CVE-2017-5521.yaml

* Updated tags for template CVE-2017-12637.yaml

* Updated tags for template CVE-2017-12635.yaml

* Updated tags for template CVE-2017-11610.yaml

* Updated tags for template CVE-2021-20114.yaml

* Updated tags for template CVE-2021-40856.yaml

* Updated tags for template CVE-2021-21972.yaml

* Updated tags for template CVE-2021-31602.yaml

* Updated tags for template CVE-2021-41773.yaml

* Updated tags for template CVE-2021-37704.yaml

* Updated tags for template CVE-2021-45046.yaml

* Updated tags for template CVE-2021-26084.yaml

* Updated tags for template CVE-2021-27931.yaml

* Updated tags for template CVE-2021-24291.yaml

* Updated tags for template CVE-2021-41648.yaml

* Updated tags for template CVE-2021-37216.yaml

* Updated tags for template CVE-2021-22005.yaml

* Updated tags for template CVE-2021-37573.yaml

* Updated tags for template CVE-2021-31755.yaml

* Updated tags for template CVE-2021-43287.yaml

* Updated tags for template CVE-2021-24274.yaml

* Updated tags for template CVE-2021-33564.yaml

* Updated tags for template CVE-2021-22145.yaml

* Updated tags for template CVE-2021-24237.yaml

* Updated tags for template CVE-2021-44848.yaml

* Updated tags for template CVE-2021-25646.yaml

* Updated tags for template CVE-2021-21816.yaml

* Updated tags for template CVE-2021-41649.yaml

* Updated tags for template CVE-2021-41291.yaml

* Updated tags for template CVE-2021-41293.yaml

* Updated tags for template CVE-2021-21801.yaml

* Updated tags for template CVE-2021-29156.yaml

* Updated tags for template CVE-2021-34370.yaml

* Updated tags for template CVE-2021-27132.yaml

* Updated tags for template CVE-2021-28151.yaml

* Updated tags for template CVE-2021-26812.yaml

* Updated tags for template CVE-2021-21985.yaml

* Updated tags for template CVE-2021-43778.yaml

* Updated tags for template CVE-2021-25281.yaml

* Updated tags for template CVE-2021-40539.yaml

* Updated tags for template CVE-2021-36749.yaml

* Updated tags for template CVE-2021-21234.yaml

* Updated tags for template CVE-2021-33221.yaml

* Updated tags for template CVE-2021-42013.yaml

* Updated tags for template CVE-2021-33807.yaml

* Updated tags for template CVE-2021-44228.yaml

* Updated tags for template CVE-2012-0896.yaml

* Updated tags for template CVE-2012-0991.yaml

* Updated tags for template CVE-2012-0392.yaml

* Updated tags for template CVE-2012-4940.yaml

* Updated tags for template CVE-2012-1226.yaml

* Updated tags for template CVE-2012-4878.yaml

* Updated tags for template CVE-2010-1304.yaml

* Updated tags for template CVE-2010-1217.yaml

* Updated tags for template CVE-2010-0759.yaml

* Updated tags for template CVE-2010-2307.yaml

* Updated tags for template CVE-2010-4231.yaml

* Updated tags for template CVE-2010-2861.yaml

* Updated tags for template CVE-2010-4282.yaml

* Updated tags for template CVE-2010-1302.yaml

* Updated tags for template CVE-2010-1461.yaml

* Updated tags for template CVE-2020-4463.yaml

* Updated tags for template CVE-2020-1943.yaml

* Updated tags for template CVE-2020-36289.yaml

* Updated tags for template CVE-2020-17518.yaml

* Updated tags for template CVE-2020-12800.yaml

* Updated tags for template CVE-2020-10770.yaml

* Updated tags for template CVE-2020-17506.yaml

* Updated tags for template CVE-2020-11547.yaml

* Updated tags for template CVE-2020-11034.yaml

* Updated tags for template CVE-2020-24589.yaml

* Updated tags for template CVE-2020-9054.yaml

* Updated tags for template CVE-2020-28976.yaml

* Updated tags for template CVE-2020-16952.yaml

* Updated tags for template CVE-2020-24312.yaml

* Updated tags for template CVE-2020-8512.yaml

* Updated tags for template CVE-2020-14179.yaml

* Updated tags for template CVE-2020-6308.yaml

* Updated tags for template CVE-2020-35846.yaml

* Updated tags for template CVE-2020-7318.yaml

* Updated tags for template CVE-2020-2140.yaml

* Updated tags for template CVE-2020-5410.yaml

* Updated tags for template CVE-2020-5777.yaml

* Updated tags for template CVE-2020-13700.yaml

* Updated tags for template CVE-2020-5775.yaml

* Updated tags for template CVE-2020-13167.yaml

* Updated tags for template CVE-2020-35848.yaml

* Updated tags for template CVE-2020-9484.yaml

* Updated tags for template CVE-2020-15505.yaml

* Updated tags for template CVE-2020-9047.yaml

* Updated tags for template CVE-2020-17519.yaml

* Updated tags for template CVE-2020-17505.yaml

* Updated tags for template CVE-2020-9376.yaml

* Updated tags for template CVE-2020-8497.yaml

* Updated tags for template CVE-2020-14092.yaml

* Updated tags for template CVE-2020-10148.yaml

* Updated tags for template CVE-2020-35847.yaml

* Updated tags for template CVE-2020-12116.yaml

* Updated tags for template CVE-2020-11930.yaml

* Updated tags for template CVE-2020-24186.yaml

* Updated tags for template CVE-2020-9496.yaml

* Updated tags for template CVE-2020-35489.yaml

* Updated tags for template CVE-2020-26413.yaml

* Updated tags for template CVE-2020-2096.yaml

* misc updates

* misc update

* more updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-05 01:04:16 +05:30
Sandeep Singh 4acf3ece75
Template syntax fixes (#3484)
* syntax fix

* more fixes
2022-01-05 00:22:08 +05:30
GwanYeong Kim d572716df0 Create CVE-2021-21881.yaml
An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-04 23:14:12 +09:00
GitHub Action 86c11d1b40 Auto Generated CVE annotations [Tue Jan 4 11:55:25 UTC 2022] 🤖 2022-01-04 11:55:25 +00:00
pajoda c45934891f
Create CVE-2021-36748.yaml (#2446)
* Create CVE-2021-36748.yaml

* Update indentation

* minor update

* Update CVE-2021-36748.yaml

* Additional unique matchers + easily readable syntax

* misc updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-04 17:23:56 +05:30
Prince Chaddha 08de914d33
Create CVE-2015-5531.yaml 2022-01-04 16:51:00 +05:30
Prince Chaddha 8615d9d9c8
Create CVE-2016-10134.yaml 2022-01-04 15:51:37 +05:30
ImNightmaree 760432c8e7
Update CVE-2017-11610.yaml
Not all machines have HTTP connectivity, DNS is more reliable.
2022-01-03 10:33:08 +00:00
sandeep 6f3591f920 rseenet tags update 2022-01-01 12:28:32 +05:30
sandeep 7eba1c5a0a added reference for rce 2021-12-31 17:53:27 +05:30
GitHub Action e238128b1c Auto Generated CVE annotations [Thu Dec 30 11:40:55 UTC 2021] 🤖 2021-12-30 11:40:55 +00:00
Sandeep Singh de7bef1300
Added CVE-2021-42567 (Apereo CAS Reflected XSS) (#3450)
* Added CVE-2021-42567 (Apereo CAS Reflected XSS)

* Added login panel detection
2021-12-30 17:09:29 +05:30
Prince Chaddha a94c5d62a1
Update CVE-2021-40859.yaml 2021-12-30 12:15:22 +05:30
Prince Chaddha f3deec4325
Update CVE-2021-40859.yaml 2021-12-30 12:15:02 +05:30
Sandeep Singh a10aff06e5
Merge branch 'master' into master 2021-12-29 21:28:30 +05:30
Sandeep Singh de9c4d605c
Apache Tomcat Template improvements (#3446)
* Improved Tomcat matchers / extractors / paths

* removed duplicate detections / matchers

* removed duplicate template

* Added missing tomcat tags
2021-12-29 19:10:59 +05:30
sandeep 8744282d5b removing matcher to avoid false negative result. 2021-12-29 12:10:51 +05:30
东方有鱼名为咸 7a05f1b538
add CVE-2021-45232.yaml (#3437)
* Create CVE-2021-45232.yaml

* matcher fixes

* more reference

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-28 19:43:00 +05:30
sandeep 85956018f8 Added metadata 2021-12-28 18:16:23 +05:30
Sandeep Singh 5d7d4409a0
Added CVE-2020-11546 (#3436)
Co-Authored-By: 0fficial_BlackHat13 <58517369+Official-BlackHat13@users.noreply.github.com>

Co-authored-by: 0fficial_BlackHat13 <58517369+Official-BlackHat13@users.noreply.github.com>
2021-12-28 18:13:04 +05:30
Muhammad Daffa 5c800a4ef7
Seperate technologies and exposed-panels templates (#3424)
* Edit magmi workflow

* Add some workflow template + edit some template

* Changing some templates

* minor update

* workflow matcher fixes

* tech update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-27 10:31:53 +05:30
Prince Chaddha ea0966877a
Merge pull request #3406 from Akokonunes/patch-95
Create CVE-2018-14912.yaml
2021-12-24 19:31:51 +05:30
Prince Chaddha ce4abd14ba
Update and rename CVE-2018-14912.yaml to cves/2018/CVE-2018-14912.yaml 2021-12-24 19:24:16 +05:30
GitHub Action c33766a93f Auto Generated CVE annotations [Fri Dec 24 13:38:52 UTC 2021] 🤖 2021-12-24 13:38:52 +00:00
Prince Chaddha 415f37a7a6
Update CVE-2021-27358.yaml 2021-12-24 19:02:18 +05:30
sandeep f892a053a2 Added Grafana unauthenticated snapshot creation 2021-12-24 17:47:55 +05:30
sandeep 54e064767d Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-12-23 21:46:10 +05:30
sandeep 99f5a47202 minor update 2021-12-23 21:40:28 +05:30
GitHub Action 132108f849 Auto Generated CVE annotations [Thu Dec 23 15:43:46 UTC 2021] 🤖 2021-12-23 15:43:46 +00:00
ImNightmaree a76a9baaf4
Create CVE-2021-45046 (#3378)
* Create CVE-2021-45046

* Update and rename CVE-2021-45046 to CVE-2021-45046.yaml

* minor update

Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-23 21:11:50 +05:30
Mohamed Elbadry d2d47bfcb0
Update CVE-2021-44228.yaml - Extract DNS interaction IP (#3396)
* Update CVE-2021-44228.yaml

* lint fix

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-22 18:17:30 +05:30
GitHub Action d253ff84ef Auto Generated CVE annotations [Wed Dec 22 06:47:35 UTC 2021] 🤖 2021-12-22 06:47:35 +00:00
pussycat0x 8a77db7919
unauthorized Puppet Node Manager (#3388)
* Add files via upload

* Update unauthorized-puppet-node-manager-detect.yaml

* Add files via upload

* Add files via upload

* Update CVE-2021-40859.yaml

* misc updates

* minor updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-22 12:16:05 +05:30
sandeep df2418ce18 misc updates 2021-12-22 12:10:38 +05:30
pussycat0x 08d097a751
Update CVE-2021-40859.yaml 2021-12-22 09:33:06 +05:30
pussycat0x 4b6a46f06f
Add files via upload 2021-12-22 09:30:36 +05:30
GitHub Action 10ba4de0d7 Auto Generated CVE annotations [Tue Dec 21 12:32:40 UTC 2021] 🤖 2021-12-21 12:32:40 +00:00
Prince Chaddha b622f5145d
Merge pull request #3383 from projectdiscovery/princechaddha-patch-2
Create CVE-2021-26085.yaml
2021-12-21 18:00:47 +05:30
Prince Chaddha 0c1a5e2c23
Merge pull request #3386 from Akokonunes/patch-93
Create CVE-2018-15138.yaml
2021-12-21 17:32:38 +05:30
Prince Chaddha 97b4a8a0e8
Update and rename CVE-2018-15138.yaml to cves/2018/CVE-2018-15138.yaml 2021-12-21 17:25:16 +05:30
GitHub Action 19bfb84638 Auto Generated CVE annotations [Tue Dec 21 11:06:14 UTC 2021] 🤖 2021-12-21 11:06:14 +00:00
GitHub Action 7fe5c23627 Auto Generated CVE annotations [Mon Dec 20 14:33:22 UTC 2021] 🤖 2021-12-20 14:33:22 +00:00
Prince Chaddha b8ee43e27a
Create CVE-2021-26085.yaml 2021-12-20 15:20:14 +05:30
Prince Chaddha d40c6cbaa3
Merge pull request #3377 from daffainfo/patch-284
Create CVE-2015-2166.yaml
2021-12-20 13:04:30 +05:30
Prince Chaddha d5c43bb502
Update CVE-2015-2166.yaml 2021-12-20 13:02:41 +05:30
Prince Chaddha 9461383161
Update CVE-2015-0554.yaml 2021-12-20 13:01:11 +05:30
Prince Chaddha 2c279c7388
Update CVE-2015-2166.yaml 2021-12-20 12:56:36 +05:30
Muhammad Daffa bee031da45
Create CVE-2015-2166.yaml 2021-12-19 20:33:58 +07:00
Muhammad Daffa e3c0539174
Create CVE-2015-0554.yaml 2021-12-19 20:23:13 +07:00
Prince Chaddha ca6146a4af
Update CVE-2021-44228.yaml 2021-12-19 14:52:29 +05:30
Ganoes 5f271045d1
CVE-2016-6210 - Fix typo in the regex (#3365)
* CVE-2016-6210 - Fix typo in the regex

* minor variable update

Co-authored-by: ganoes <karel.rozhon@etnetera.cz>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-18 14:58:35 +05:30
Prince Chaddha fc566d27a8
Create CVE-2021-45092.yaml (#3372)
* Create CVE-2021-45092.yaml

* Added Thinfinity Iframe Injection

Co-Authored-By: Daniel Mofer <7999779+danielmofer@users.noreply.github.com>

* Added Thinfinity VirtualUI User Enumeration

Co-Authored-By: Daniel Mofer <7999779+danielmofer@users.noreply.github.com>

* added missing tag

Co-Authored-By: Daniel Mofer <7999779+danielmofer@users.noreply.github.com>

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: Daniel Mofer <7999779+danielmofer@users.noreply.github.com>
2021-12-18 14:32:44 +05:30
Abhiram V dd40419ea5
Updated CVE-2021-44228 with most common vulnerable headers (#3334)
* Updated with common headers which can be exploited

Reference : https://blog.qualys.com/vulnerabilities-threat-research/2021/12/10/apache-log4j2-zero-day-exploited-in-the-wild-log4shell
These headers are collected from above blog in Detecting the Vulnerability part

* fix: lint update

* Update CVE-2021-44228.yaml

* Update CVE-2021-44228.yaml

* Updated changed matchers and extractors regex according to v8.7.3 update

* payload updates for CVE-2021-44228

- more injection points
- a fixed regex to extract uppercase hostnames
- standardized payloads
- printed injection points

Source - https://twitter.com/0xceba/status/1471664540542648322

Co-Authored-By: 0xceba <44234156+0xceba@users.noreply.github.com>
Co-Authored-By: Abhiram V <61599526+Anon-Artist@users.noreply.github.com>

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: 0xceba <44234156+0xceba@users.noreply.github.com>
2021-12-18 10:51:45 +05:30
sandeep b8fa0d5857 update: added more reference 2021-12-15 21:26:35 +05:30
Geeknik Labs 9c169bd682
Create CVE-2021-44528.yaml (#3342) 2021-12-15 20:43:07 +05:30
sandeep c9ddd7a0ae update: id + reference update 2021-12-14 21:07:46 +05:30
sandeep 34d4557dad update: making it compatible with self-hosted interactsh server 2021-12-14 03:21:47 +05:30
Evan Rubinstein dddb0bbb82
Added CVE-2021-24997 (#3298)
* Added CVE-39226

* Added CVE-39226

* Delete CVE-39226.yaml

* Renamed CVE-39226 to CVE-2021-39226

Fixed naming error

* Added Wp-Guppy-Information-Disclosure template

* Removed File

Found better descriptor

* Added CVE-2021-24997

Added WordPress Guppy Information Disclosure CVE

* Fixed CVE-2021-24997

Fixed YAML formatting

* Fixed Typo

URL Path had an extra double quote

* Auto Generated Templates Stats [Wed Dec  8 23:07:24 UTC 2021] 🤖

* Deleted Blank Space

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Added CVE-2021-43496

* Update CVE-2021-43496.yaml

* fix: syntax update

* Added New Vuln

* Update CVE-2021-24997.yaml

* Update CVE-2021-43496.yaml

* Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml

* fix: lints update

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2021-12-14 02:22:26 +05:30
Nicolas 1411edf332
Updated CVE-2021-44228.yaml (#3335)
Co-authored-by: olacin <olacin@users.noreply.github.com>
2021-12-13 20:24:06 +05:30
Prince Chaddha fe4ec9185f
Merge pull request #3325 from 5tr1x/patch-1
Add X-Forwarded-For and Authentication headers
2021-12-12 17:31:07 +05:30
Prince Chaddha 1824aef5f5
Update and rename CVE-2018-7467.yaml to cves/2018/CVE-2018-7467.yaml 2021-12-12 16:53:17 +05:30
5tr1x 5dc71681c5
Add X-Forwarded-For and Authentication headers 2021-12-11 15:43:22 -06:00
Mohamed Elbadry 33fbe53930
Create CVE-2021-44228.yaml (#3319)
* Create CVE-2021-44228.yaml

* fix: syntax fix

* update: added additional path based payload

* update: strict matcher + pulling hostname information of the system

* update: added path based payload

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-12 00:56:50 +05:30
Muhammad Daffa 18d54f5204
Edit magmi workflow (#3312) 2021-12-09 23:28:33 +05:30
GitHub Action a19b941193 Auto Generated CVE annotations [Wed Dec 8 11:18:20 UTC 2021] 🤖 2021-12-08 11:18:20 +00:00
Sandeep Singh 2521cb62bf
Added CVE-2021-43798 (#3296)
* Added CVE-2021-43798

* updated with default plugin list

* Update grafana-file-read.yaml
2021-12-08 16:46:47 +05:30
Prince Chaddha 548980ae5b
Update CVE-2021-40856.yaml 2021-12-08 10:25:18 +05:30
GwanYeong Kim 48c6834de6 Create CVE-2021-40856.yaml
Inserting the prefix "/about/../" allows bypassing the authentication check for the web-based configuration management interface. This enables attackers to gain access to the login credentials used for authentication at the PBX, among other data.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-12-08 09:54:30 +09:00
Prince Chaddha 7905d1dfd7
Merge pull request #3281 from daffainfo/master
Add 10 templates and edit 1 workflows netsweeper
2021-12-07 13:59:14 +05:30
Prince Chaddha 684abeb93e
Update CVE-2014-9618.yaml 2021-12-07 13:42:19 +05:30
Prince Chaddha 2fcb784fcf
Update CVE-2014-9617.yaml 2021-12-07 13:38:32 +05:30
Prince Chaddha 6d73776e5d
Update CVE-2014-9615.yaml 2021-12-07 13:25:57 +05:30
Prince Chaddha 7bee8bedd9
Update CVE-2014-9614.yaml 2021-12-07 13:13:49 +05:30
Prince Chaddha ac1439c40f
Update CVE-2014-9608.yaml 2021-12-07 13:05:50 +05:30
Prince Chaddha 891a922592
Update CVE-2014-9609.yaml 2021-12-07 12:56:58 +05:30
Prince Chaddha c3f2e61e48
Update CVE-2014-9608.yaml 2021-12-07 12:55:09 +05:30
Prince Chaddha 881ea5dd3c
Update CVE-2014-9607.yaml 2021-12-07 12:48:33 +05:30
Prince Chaddha d38243621e
Update CVE-2014-9606.yaml 2021-12-07 12:43:19 +05:30
Prince Chaddha 7983f04c51
Update and rename CVE-2014-3110.yaml to CVE-2014-2908.yaml 2021-12-07 10:28:21 +05:30
Prince Chaddha f0fbe930f6
Update CVE-2014-3110.yaml 2021-12-07 10:23:35 +05:30
Muhammad Daffa 04dc5d7532
Update CVE-2014-9614.yaml 2021-12-06 23:49:04 +07:00
Muhammad Daffa b24b6e8fa1
Update CVE-2014-9614.yaml 2021-12-06 23:48:38 +07:00
GitHub Action 3bf8c4f4b4 Auto Generated CVE annotations [Mon Dec 6 16:40:52 UTC 2021] 🤖 2021-12-06 16:40:52 +00:00
daffainfo b90d0b7e3e Add 10 templates and edit 1 workflows 2021-12-06 23:38:54 +07:00
Muhammad Daffa f8771cea8f
Create CVE-2014-3110.yaml 2021-12-06 22:13:40 +07:00
Prince Chaddha 3d7060f0d2
Update and rename CVE-2018-8727.yaml to cves/2018/CVE-2018-8727.yaml 2021-12-06 18:31:06 +05:30
Prince Chaddha c92010033b
Update CVE-2020-8497.yaml 2021-12-06 10:39:43 +05:30
GwanYeong Kim b76c1d20f3 Create CVE-2020-8497.yaml
In Artica Pandora FMS through 7.42, an unauthenticated attacker can read the chat history. The file is in JSON format and it contains user names, user IDs, private messages, and timestamps.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-12-06 08:36:14 +09:00
sandeep b8d068416f update: added reference for CVE-2021-38314 2021-12-04 22:17:25 +05:30
sandeep f64926808d Added missing tag 2021-12-04 12:50:04 +05:30
GitHub Action 01cb3156ce Auto Generated CVE annotations [Sat Dec 4 07:17:12 UTC 2021] 🤖 2021-12-04 07:17:12 +00:00
sandeep d2d0d4bf8d minor update to description 2021-12-04 12:44:08 +05:30
alph4byt3 09468dc0f8 Create CVE-2021-29490.yaml 2021-12-04 12:40:47 +05:30
alph4byt3 5180d138bf Delete CVE-2021-29490 2021-12-04 12:40:47 +05:30
alph4byt3 41148c9f86 Create CVE-2021-29490 2021-12-04 12:40:47 +05:30
Prince Chaddha a04590433f
Merge pull request #3193 from Akokonunes/patch-78
Create CVE-2018-7719.yaml
2021-12-03 14:56:42 +05:30
GitHub Action ee1c16543d Auto Generated CVE annotations [Fri Dec 3 09:17:18 UTC 2021] 🤖 2021-12-03 09:17:18 +00:00
Prince Chaddha 7a32fc3941
Update and rename CVE-2021-27310.yaml to cves/2021/CVE-2021-27310.yaml 2021-12-03 14:43:25 +05:30
Prince Chaddha 7bd27557d8
Merge pull request #3253 from projectdiscovery/pr-fix-1
Update CVE-2021-30213.yaml
2021-12-03 14:32:47 +05:30
Prince Chaddha 0ac3b4da59
Merge pull request #3252 from projectdiscovery/pr-fix
Update CVE-2021-27931.yaml
2021-12-03 14:32:06 +05:30
Prince Chaddha 10c0f1b22f
Update CVE-2021-30213.yaml 2021-12-03 14:31:08 +05:30
Prince Chaddha 04bb340596
Update CVE-2021-27931.yaml 2021-12-03 14:30:44 +05:30
Prince Chaddha 5a36367340
Merge branch 'master' into pr-fix-1 2021-12-03 13:49:27 +05:30
Prince Chaddha 3cade85cc8
Merge branch 'master' into pr-fix 2021-12-03 13:23:33 +05:30
GitHub Action 6731cb176b Auto Generated CVE annotations [Fri Dec 3 07:23:34 UTC 2021] 🤖 2021-12-03 07:23:34 +00:00
Prince Chaddha ccca1add3f
Update CVE-2021-30213.yaml 2021-12-03 12:53:01 +05:30
Prince Chaddha e53cdde0c0
Merge pull request #3199 from alph4byt3/alph4byt3-patch-1
Create CVE-2021-30213.yaml
2021-12-03 12:52:11 +05:30
GitHub Action 5afe45cba5 Auto Generated CVE annotations [Fri Dec 3 07:19:34 UTC 2021] 🤖 2021-12-03 07:19:34 +00:00
Prince Chaddha 636a82effd
Update CVE-2021-27931.yaml 2021-12-03 12:48:47 +05:30
Prince Chaddha 025475d950
Merge pull request #3251 from projectdiscovery/pr-fix
Update and rename CVE-2021-40542.yaml to cves/2021/CVE-2021-40542.yaml
2021-12-03 12:48:01 +05:30
Prince Chaddha bac5f0f843
Merge pull request #3206 from alph4byt3/patch-1
Create CVE-2021-27931.yaml
2021-12-03 12:47:18 +05:30
Prince Chaddha 0457cbd6b2
Update and rename CVE-2021-40542.yaml to cves/2021/CVE-2021-40542.yaml 2021-12-03 12:42:37 +05:30
Prince Chaddha 91f667044c
Update CVE-2018-16133.yaml 2021-12-03 10:52:45 +05:30
sandeep df69e7e4e3 minor template update 2021-12-03 10:45:57 +05:30
Prince Chaddha 53182fa956
Merge pull request #3195 from Akokonunes/patch-80
Create CVE-2015-1503.yaml
2021-12-02 12:50:16 +05:30
Prince Chaddha 8a23858b71
Update and rename CVE-2015-1503.yaml to cves/2015/CVE-2015-1503.yaml 2021-12-02 12:48:57 +05:30
Prince Chaddha 78e5e52cd8
Merge pull request #3194 from Akokonunes/patch-79
Create CVE-2018-10201.yaml
2021-12-02 12:46:03 +05:30
Prince Chaddha cc24ef4880
Update CVE-2018-10201.yaml 2021-12-02 12:43:43 +05:30
sandeep 1dabef2e6f Revert "CVE update - CVE-2021-22049"
This reverts commit 70128c2587.
2021-12-02 01:34:29 +05:30
sandeep 70128c2587 CVE update - CVE-2021-22049 2021-12-02 01:31:41 +05:30
sandeep 814bf92a00 File name update - CVE-2021-39226 2021-12-02 01:14:10 +05:30
Sandeep Singh 19fcafa546
CVE-2021-39226 (#3241)
* Added CVE-39226

Co-Authored-By: Evan Rubinstein <70485623+evanRubinsteinIT@users.noreply.github.com>

Co-authored-by: Evan Rubinstein <70485623+evanRubinsteinIT@users.noreply.github.com>
2021-12-02 01:07:40 +05:30
sullo 854b464b1d
Add remediation information to CVE-2021-40539 and CVE-2021-44427 (#3237)
* Added remediation to CVE-2021-40539

* Added remediation to CVE-2021-44427

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2021-12-01 22:23:24 +05:30
Prince Chaddha 40d7678327
Merge pull request #3233 from Akokonunes/patch-83
Create CVE-2018-16133.yaml
2021-12-01 19:21:26 +05:30
Prince Chaddha c9b6c8e463
Merge pull request #3235 from cckuailong/master
add CVE-2021-43778.yaml
2021-12-01 19:21:08 +05:30
Prince Chaddha 93f9f3ccac
Update CVE-2021-43778.yaml 2021-12-01 19:19:10 +05:30
Prince Chaddha ec4360339e
Merge pull request #3232 from Akokonunes/patch-82
Create CVE-2018-18323.yaml
2021-12-01 19:16:06 +05:30
Prince Chaddha c77356d541
Update and rename CVE-2018-16133.yaml to cves/2018/CVE-2018-16133.yaml 2021-12-01 19:15:56 +05:30
GitHub Action d3649d4f43 Auto Generated CVE annotations [Wed Dec 1 13:42:24 UTC 2021] 🤖 2021-12-01 13:42:24 +00:00
Prince Chaddha 80df18b062
Update and rename CVE-2018-18323.yaml to cves/2018/CVE-2018-18323.yaml 2021-12-01 19:10:27 +05:30
Prince Chaddha a265f86133
Rename CVE-2018-19753.yaml to cves/2018/CVE-2018-19753.yaml 2021-12-01 19:08:50 +05:30
cckuailong 2a8ca5d836 add CVE-2021-43778.yaml 2021-12-01 15:04:29 +08:00
GitHub Action fb048c7972 Auto Generated CVE annotations [Tue Nov 30 18:51:32 UTC 2021] 🤖 2021-11-30 18:51:32 +00:00
Sandeep Singh eb5a6ab341
Added CVE-2021-41266 (#3229)
Co-Authored-By: Lenin Alevski <1795553+Alevsk@users.noreply.github.com>
2021-12-01 00:19:41 +05:30
Prince Chaddha d484fed316
Merge pull request #3224 from xShuden/master
Create  CVE-2021-44427.yaml
2021-11-30 21:55:47 +04:00
Prince Chaddha f6a952d4be
Update CVE-2021-44427.yaml 2021-11-30 23:23:31 +05:30
Prince Chaddha ae078ecd51
Merge pull request #3223 from gy741/rule-add-v74
Create CVE-2021-41653.yaml
2021-11-30 20:54:55 +04:00
Prince Chaddha 0b82e570d1
Update CVE-2021-41653.yaml 2021-11-30 22:22:16 +05:30
Aaron Chen 38f147a716
create CVE-2021-41951 (#3202)
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2021-11-30 22:19:12 +05:30
Sandeep Singh 949cd0d5a6
CVE 2021 41951 (#3226)
* create CVE-2021-41951

Co-authored-by: Aaron Chen <aaronchen.lisp@gmail.com>
2021-11-30 22:15:32 +05:30
Furkan Sayım 3ae4c1b484
Create CVE-2021-44427.yaml 2021-11-30 16:56:38 +01:00
GwanYeong Kim 3dd0c78fff Create CVE-2021-41653.yaml
The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-11-30 14:35:25 +09:00
GitHub Action 2f6733c202 Auto Generated CVE annotations [Mon Nov 29 14:34:36 UTC 2021] 🤖 2021-11-29 14:34:36 +00:00
Sandeep Singh 38839cfbbc
Added Commvault CommCell Directory Traversal (CVE-2020-25780) (#3182) 2021-11-29 20:02:59 +05:30
forgedhallpass 7ef4f90cf0
feat: CVE-2021-22053 (#3220)
* feat: CVE-2021-22053
2021-11-29 18:42:08 +05:30
GitHub Action bcb798df8b Auto Generated CVE annotations [Sun Nov 28 20:49:07 UTC 2021] 🤖 2021-11-28 20:49:07 +00:00
sandeep b7cb6a63cb moving template into cves 2021-11-29 02:17:27 +05:30
GitHub Action 302227a09d Auto Generated CVE annotations [Sun Nov 28 20:31:30 UTC 2021] 🤖 2021-11-28 20:31:30 +00:00
Sandeep Singh 90b18a504e
Merge pull request #3217 from projectdiscovery/CVE-2021-38540
Apache Airflow - Unauthenticated variable Import (CVE-2021-38540)
2021-11-29 01:59:54 +05:30
sandeep 682db62431 Fixed CVE-2020-14882 payload + matcher 2021-11-29 01:15:05 +05:30
sandeep d00dea3f6b removed unwanted headers 2021-11-29 00:05:36 +05:30
sandeep 685c46640e Added Apache Airflow - Unauthenticated variable Import 2021-11-28 23:47:12 +05:30
Sandeep Singh b07189e3d1
Merge pull request #3216 from projectdiscovery/CVE-2014-8682-fix
Added missing condition for CVE-2014-8682
2021-11-28 17:24:24 +05:30
sandeep 63b23a4848 Added additional reference 2021-11-28 17:22:02 +05:30
sandeep e108fe7df8 Added missing condition 2021-11-28 00:08:05 +05:30
sandeep 7345869864 Added additional matcher 2021-11-27 10:04:24 +05:30
rotemr 0595a1dcf1 Add template for CVE-2021-24278 2021-11-27 01:32:48 +02:00
sandeep 9aad440f05 lint fixing 2021-11-26 22:25:58 +05:30
Sandeep Singh 45319b2571
Merge pull request #3191 from r3naissance/master
Adding a 2000 cve because I tragically came across it today...
2021-11-26 22:18:36 +05:30
sandeep e7c68469e0 Added additional path 2021-11-26 22:17:35 +05:30
sandeep 325d8de2fe added addition tag 2021-11-26 22:14:43 +05:30
alph4byt3 3c1ae20146
Create CVE-2021-27931.yaml 2021-11-25 17:39:09 +02:00
Prince Chaddha 62b3e7e9d0
Update and rename CVE-2018-7719.yaml to cves/2018/CVE-2018-7719.yaml 2021-11-25 10:45:10 +04:00
GitHub Action 1f46d1653d Auto Generated CVE annotations [Wed Nov 24 21:58:12 UTC 2021] 🤖 2021-11-24 21:58:12 +00:00
sandeep 566361897c moving template of cves folder 2021-11-25 03:21:36 +05:30
alph4byt3 f2ff7a1a7e
Create CVE-2021-30213.yaml 2021-11-24 17:43:59 +02:00
Prince Chaddha 168db8a984
Update CVE-2020-2096.yaml 2021-11-24 11:58:52 +04:00
Chapman Schleiss ea78c078d8 Fixed Title 2021-11-23 16:53:00 -07:00
Chapman Schleiss 45521a075f Adding a 2000 cve because I tragically came across it today... 2021-11-23 16:46:22 -07:00
yuan 641ffd4e93 update CVE-2020-2096 2021-11-23 19:01:24 +08:00
GitHub Action 65ec414ae7 Auto Generated CVE annotations [Tue Nov 23 04:08:40 UTC 2021] 🤖 2021-11-23 04:08:40 +00:00
Prince Chaddha 13204529fa
Merge pull request #3181 from pikpikcu/patch-301
Create CVE-2020-20982
2021-11-23 09:37:04 +05:30