Initial Access Intelligence
The "Initial Access Intelligence" module is a vital tool for cybersecurity, designed to scan GitHub repositories for the latest exploit and proof-of-concept codes for new vulnerabilities. It provides users with crucial updates on potential security threats, enabling proactive defense measures. This module helps close the gap between vulnerability discovery and patching, significantly enhancing system security.
-
Nov. 22, 2024, 4:48 a.m.
Application to scan helm charts using grype.
Dockerfile Python
Updated: 1 day, 23 hours ago0 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 4:18 a.m. This repo has been linked 1 different CVEs too. -
Nov. 22, 2024, 1:43 p.m.
CVE-2023-38646是Metabase中的一个远程代码执行漏洞。该漏洞源于Metabase在处理未经身份验证的API端点/api/setup/validate时,对JDBC连接字符串的处理存在安全缺陷。攻击者可以通过构造特定的JDBC连接字符串,利用该端点在服务器上执行任意命令,而无需进行身份验证。
Python
Updated: 1 day, 14 hours ago2 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 4:15 a.m. This repo has been linked 1 different CVEs too. -
Nov. 22, 2024, 1:44 p.m.
CVE-2023-20198是思科IOS XE软件Web UI功能中的一个严重漏洞,允许未经身份验证的远程攻击者在受影响的系统上创建具有特权级别15的账户,从而完全控制设备。
Python
Updated: 1 day, 14 hours ago1 stars 1 fork 1 watcherBorn at : Nov. 22, 2024, 4:10 a.m. This repo has been linked 1 different CVEs too. -
Nov. 23, 2024, 8:41 a.m.
CVE-2024-36401-GeoServer Property 表达式注入 Rce woodpecker-framework 插件
Java
Updated: 19 hours, 37 minutes ago4 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 3:57 a.m. This repo has been linked 1 different CVEs too. -
Nov. 22, 2024, 3:53 a.m.
opcua-exploit-framework-main
Python Shell
Updated: 2 days ago0 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 3:37 a.m. This repo has been linked 24 different CVEs too.CVE-2023-27321 CVE-2023-39477 CVE-2023-32172 CVE-2023-27334 CVE-2023-31048 CVE-2023-3825 CVE-2023-32787 CVE-2022-37013 CVE-2022-2848 CVE-2022-2825 CVE-2022-25897 CVE-2022-25903 CVE-2022-24375 CVE-2022-25888 CVE-2022-25761 CVE-2022-25304 CVE-2022-24381 CVE-2022-24298 CVE-2022-21208 CVE-2022-1748 CVE-2022-29866 CVE-2022-29864 CVE-2022-30551 CVE-2021-27432 -
Nov. 22, 2024, 1:43 p.m.
CVE-2024-47575是Fortinet的FortiManager和FortiManager Cloud产品中的一个严重漏洞,源于fgfmsd守护进程缺乏对关键功能的身份验证。
Python
Updated: 1 day, 14 hours ago3 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 3:13 a.m. This repo has been linked 1 different CVEs too. -
Nov. 22, 2024, 3:42 a.m.
CVE-2024-7965是Google Chrome浏览器中V8 JavaScript引擎的一个高危漏洞。该漏洞源于V8引擎在处理特定JavaScript代码时实现不当,导致堆内存损坏。攻击者可通过诱导用户访问包含特制JavaScript的恶意网页,利用此漏洞在Chrome渲染器中执行任意代码。
cve exp poc cve-2024-7965
JavaScript
Updated: 2 days ago0 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 2:55 a.m. This repo has been linked 1 different CVEs too. -
Nov. 22, 2024, 4:49 a.m.
None
Java
Updated: 1 day, 23 hours ago0 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 2:52 a.m. This repo has been linked 1 different CVEs too. -
Nov. 23, 2024, 4:36 a.m.
None
Java
Updated: 23 hours, 43 minutes ago0 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 2:21 a.m. This repo has been linked 1 different CVEs too. -
Nov. 22, 2024, 1:43 p.m.
CVE-2024-9441是影响Linear eMerge e3系列(版本1.00-07及之前)的操作系统命令注入漏洞。未经身份验证的远程攻击者可通过HTTP请求中“forgot_password”功能的“login_id”参数,执行任意操作系统命令。
cve exp poc cve-2024-9441
Python
Updated: 1 day, 14 hours ago1 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 2:04 a.m. This repo has been linked 2 different CVEs too.
