nothing in https://github.com//Mouhamedtec//CVE-2022-1192

Most of the CVE-2019-13272 PoCs are entirely unrelated or contain no proof-of-concept code.

The remainder are all reuploads of an older version of my exploit (which is based on Jann Horn's exploit, which is not on GitHub) which isn't included in this repo. You can find it here:

https://github.com/bcoles/kernel-exploits/blob/master/CVE-2019-13272/poc.c

The currently listed PoCs are:

• jas502n/CVE-2019-13272
  • reupload of old version, with a screenshot
• Cyc1eC/CVE-2019-13272
  • reupload of old version with comment headers removed for no adequately explained reason, with screenshots
• bigbigliang-malwarebenchmark/cve-2019-13272
  • compiled executable, with no source
• oneoy/CVE-2019-13272
  • clone of jas502n's repo
• Huandtx/CVE-2019-13272
  • reupload of old version, with screenshots
• polosec/CVE-2019-13272
  • a completely unrelated exploit that performs some form of traversal (/.%0d./.%0d./.%0d./.%0d./bin/sh)
• sumedhaDharmasena/-Kernel-ptrace-c-mishandles-vulnerability-CVE-2019-13272
  • clone of jas502n's repo as a ZIP file and screenshots
• Tharana/Exploiting-a-Linux-kernel-vulnerability
  • A PDF with screenshots and only portions of the old C code
• RashmikaEkanayake/Privilege-Escalation-CVE-2019-13272-
  • A PDF describing privilege escalation, screenshots, and old C source code with comment headers removed for no adequately explained reason
• Tharana/vulnerability-exploitation
  • The same PDF as RashmikaEkanayake's repo above, with an extra unrelated PDF about a different vulnerability (StageFright)
• teddy47/CVE-2019-13272---Documentation
  • Screenshots. Contains no code.

nothing in https://github.com/CBaekhyunC/cve-2024-65230

seems a joke

https://github.com/RickdeJager/CVE-2023-4911

Found here https://github.com/imabee101/CVE-2023-44487

I couldn't find this one on the repo so I felt I should at least report it here.

maybe there are exploits for CVE-2023-26604

https://www.exploit-db.com/exploits/51674

is the above exploit indeed functional?

the artifact cited by nomisec is just a checker

https://github.com/Zenmovie/CVE-2023-26604

#!/bin/sh

version=$(systemd --version | awk 'NR==1{print $2}')

if (($version < "247")) then
echo 'Vulnerable'
else
echo 'Not vulnerable'
fi

note also that the artifact cited by NVD has a date from 2012

https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/

Be careful.

Try it in your VMs and your jpg\xml\log... will be encrypted.

New CVE Slunk CVE-2023-46214, I couldn't find this one on the repo so I felt I should at least report it here.
Link: https://github.com/nathan31337/Splunk-RCE-poc

would be helpful to break these into files based on year, to reduce the size of a single file (currently over 14,000 lines)

CVE-2022-10086 does not exist

it's a py shell

such as: https://github.com/abdsec/CVE-2016-0801
watchers is 14

but https://github.com/nomi-sec/PoC-in-GitHub/blob/master/2016/CVE-2016-0801.json

stargazers_count==watchers_count

I'm curious how to achieve monitoring

nothing in https://github.com/buff07/CVE-2022-10249

These two are scam repos:(you can check the issues)
https://github.com/ZephrFish/CVE-2020-1350
https://github.com/tinkersec/cve-2020-1350
https://github.com/Plazmaz/CVE-2020-1350-poc

Hidden old vulnerability

https://github.com/nomi-sec/PoC-in-GitHub/tree/dev

I want to ask you a question. We can see that most cves have only 1 link on github and on nomisec but some of them have 20,30,40 and even 80 links but in those that have many links only some of them are in the nomisec database. Could you tell me if there is a filter, what characteristics do you use to apply this filter?

nothing in CVE-2024-33333 https://github.com/xiaoqiao147/CVE-2024-33333

this link

https://github.com/0nyx-hkr/cve-2023-4350

is referred to by

https://poc-in-github.motikan2010.net/

It's PoC for Cisco, not for Nexus.

did you actually check the code? it is just a honeypot. what a shame you have about ~500 stars out here and making that stupid things like promoting self-exploitation targeted for script-kiddos

Most, if not all repositories listed in CVE-2022-41082.json don't have real PoC, but instead, are trying to sell it for 0.5 bitcoin.

PoC-in-GitHub/2022/CVE-2022-41082.json

If you consider watchers_count to be the number of people who watch the repository, not the number of people who star the repository, you should use subscribers_count.
FYI: https://developer.github.com/changes/2012-09-05-watcher-api/

And if this is the intended behavior, I would like to have a new subscribers_count added.