nomi-sec / poc-in-github Goto Github PK
View Code? Open in Web Editor NEW๐ก PoC auto collect from GitHub. โ ๏ธ Be careful Malware.
Home Page: https://poc-in-github.motikan2010.net
๐ก PoC auto collect from GitHub. โ ๏ธ Be careful Malware.
Home Page: https://poc-in-github.motikan2010.net
Most of the CVE-2019-13272 PoCs are entirely unrelated or contain no proof-of-concept code.
The remainder are all reuploads of an older version of my exploit (which is based on Jann Horn's exploit, which is not on GitHub) which isn't included in this repo. You can find it here:
https://github.com/bcoles/kernel-exploits/blob/master/CVE-2019-13272/poc.c
The currently listed PoCs are:
/.%0d./.%0d./.%0d./.%0d./bin/sh
)nothing in https://github.com/CBaekhyunC/cve-2024-65230
seems a joke
Found here https://github.com/imabee101/CVE-2023-44487
I couldn't find this one on the repo so I felt I should at least report it here.
maybe there are exploits for CVE-2023-26604
https://www.exploit-db.com/exploits/51674
is the above exploit indeed functional?
the artifact cited by nomisec is just a checker
https://github.com/Zenmovie/CVE-2023-26604
#!/bin/sh
version=$(systemd --version | awk 'NR==1{print $2}')
if (($version < "247")) then
echo 'Vulnerable'
else
echo 'Not vulnerable'
fi
note also that the artifact cited by NVD has a date from 2012
https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/
New CVE Slunk CVE-2023-46214, I couldn't find this one on the repo so I felt I should at least report it here.
Link: https://github.com/nathan31337/Splunk-RCE-poc
would be helpful to break these into files based on year, to reduce the size of a single file (currently over 14,000 lines)
CVE-2022-10086 does not exist
it's a py shell
such as: https://github.com/abdsec/CVE-2016-0801
watchers is 14
but https://github.com/nomi-sec/PoC-in-GitHub/blob/master/2016/CVE-2016-0801.json
stargazers_count==watchers_count
I'm curious how to achieve monitoring
nothing in https://github.com/buff07/CVE-2022-10249
These two are scam repos:(you can check the issues)
https://github.com/ZephrFish/CVE-2020-1350
https://github.com/tinkersec/cve-2020-1350
https://github.com/Plazmaz/CVE-2020-1350-poc
I want to ask you a question. We can see that most cves have only 1 link on github and on nomisec but some of them have 20,30,40 and even 80 links but in those that have many links only some of them are in the nomisec database. Could you tell me if there is a filter, what characteristics do you use to apply this filter?
nothing in CVE-2024-33333 https://github.com/xiaoqiao147/CVE-2024-33333
It's PoC for Cisco, not for Nexus.
did you actually check the code? it is just a honeypot. what a shame you have about ~500 stars out here and making that stupid things like promoting self-exploitation targeted for script-kiddos
Most, if not all repositories listed in CVE-2022-41082.json don't have real PoC, but instead, are trying to sell it for 0.5 bitcoin.
If you consider watchers_count
to be the number of people who watch the repository, not the number of people who star the repository, you should use subscribers_count
.
FYI: https://developer.github.com/changes/2012-09-05-watcher-api/
And if this is the intended behavior, I would like to have a new subscribers_count
added.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.