SVN script for downloading a single folder = CVE =)BR @nu11secur1ty
svn checkout https://github.com/nu11secur1ty/CVE-mitre/trunk/$CVE
Libav Libav is a collection of libraries and tools to process multimedia content such as audio, video, subtitles and related metadata. Libraries libav
Libwebsockets Libwebsockets is a simple-to-use, MIT-license, pure C library providing client and server for http/1, http/2, websockets, MQTT and other
msgpack for C/C++ It's like JSON but smaller and faster. Overview MessagePack is an efficient binary serialization format, which lets you exchange dat
CMP CMP is a C implementation of the MessagePack serialization format. It currently implements version 5 of the MessagePack Spec. CMP's goal is to be
Introduction MPack is a C implementation of an encoder and decoder for the MessagePack serialization format. It is: Simple and easy to use Secure agai
BLLIP Reranking Parser Copyright Mark Johnson, Eugene Charniak, 24th November 2005 --- August 2006 We request acknowledgement in any publications that
st This is my customized version of Simple Terminal (st) by suckless.org . There are only three patches applied to this software, alpha, scrollback, a
Qnicorn Engine Qnicorn is a cutting edge and community-driven version of unicorn-engine. Qnicorn offers the features below: All features that Unicorn2
tree-sitter-org Unstable: This build will change. Org grammar for tree-sitter. It is not meant to implement emacs' orgmode parser, but to implement a
GLSL code blocks for Emacs Org-mode This org-mode extension adds the capability to run GLSL code blocks directly from inside Emacs and immediately dis
What is msgpack11 ? msgpack11 is a tiny MsgPack library for C++11, providing MsgPack parsing and serialization. This library is inspired by json11. Th
Signals2, part of collection of the Boost C++ Libraries, is an implementation of a managed signals and slots system. License Distributed under the Boo
Maintainer This library is currently maintained by Richard Hodges with generous support from the C++ Alliance. Build Status Branch Status develop mast
Program Options, part of the collection of Boost C++ Libraries, allows for definition and acquisition of (name, value) pairs from the user via convent
netLink C++ 11 KISS principle networking library. Features: C++ 11 IPv4, IPv6 Protocols: TCP, UDP Enable/Disable blocking mode Join/Leave UDP-Multicas
Welcome to the official version of GROMACS! If you are familiar with Unix, it should be fairly trivial to compile and install GROMACS. GROMACS uses o
oneAPI DPC++ Library (oneDPL) The oneAPI DPC++ Library (oneDPL) aims to work with the oneAPI DPC++ Compiler to provide high-productivity APIs to devel
BODEN CROSS-PLATFORM FRAMEWORK Build purely native cross-platform experiences with Boden Website ⬡ Getting Started ⬡ API Reference ⬡ Guides ⬡ Twitter
\mainpage json-c Overview and Build Status Building on Unix Prerequisites Build commands CMake options Testing Building with vcpkg Linking to libjson-
Bumps log4j-core from 2.14.1 to 2.17.1.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
You can trigger Dependabot actions by commenting on this PR:
949 Dec 30, 2022
3.7k Dec 31, 2022
2.6k Dec 31, 2022
290 Dec 31, 2022
419 Jan 1, 2023
218 Dec 17, 2022
1 Oct 6, 2021
4 Sep 10, 2022
161 Jan 7, 2023
31 Dec 1, 2022
100 Dec 1, 2022
52 Dec 1, 2022
210 Oct 18, 2022
487 Jan 7, 2023
646 Dec 29, 2022
1.6k Dec 27, 2022
2.6k Dec 31, 2022
@dependabot rebase will rebase this PR@dependabot recreate will recreate this PR, overwriting any edits that have been made to it@dependabot merge will merge this PR after your CI passes on it@dependabot squash and merge will squash and merge this PR after your CI passes on it@dependabot cancel merge will cancel a previously requested merge and block automerging@dependabot reopen will reopen this PR if it is closed@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labels will set the current labels as the default for future PRs for this repo and language@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and languageYou can disable automated security fix PRs for this repo from the Security Alerts page.
Bumps log4j-api from 2.14.1 to 2.17.1.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR@dependabot recreate will recreate this PR, overwriting any edits that have been made to it@dependabot merge will merge this PR after your CI passes on it@dependabot squash and merge will squash and merge this PR after your CI passes on it@dependabot cancel merge will cancel a previously requested merge and block automerging@dependabot reopen will reopen this PR if it is closed@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labels will set the current labels as the default for future PRs for this repo and language@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and languageYou can disable automated security fix PRs for this repo from the Security Alerts page.
The POC for https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-31777 is completely wrong. The CVE CVE-2021-31777 references an issue in TYPO3 Extension "DCE" (see https://typo3.org/security/advisory/typo3-ext-sa-2021-005), not in TYPO3 core.
Your Screencast actually shows the following:
. in the fields Start and StopStart and Stop are evaluated as date fields by JavaScript.
So basically you just disabled the user account by setting the current date in the Stop field, since the account now is only valid until the configured date and login therefore is not possible any more.
Hello nu11secur1ty, I saw that you helped implementing these pocs so, What do you think about other versions of ubuntu like 16.04 where glibc version is 2.23? I mean without the tcache implementation present by glibc 2.26 and above, i haven't seen any live poc on previous versions of ubuntu or glibc. Have you tried debugging on these versions?
CVE-2021-3156 This is a warehouse modification based on @CptGibbon and supports arbitrary command execution. 相关阅读:CVE-2021-3156 - Exploit修改 Root shell
CVE-2021-3156 PoC for CVE-2021-3156 (sudo heap overflow). Exploit by @gf_256 aka cts. Thanks to r4j from super guesser for help. Credit to Braon Samed
vsock_poc Investigating the bug behind CVE-2021-26708 This repo contains a small writeup about CVE-2021-26708, and how this bug can be turned into a U
MITRE Geodetic Library Geodetic library (or geolib) is a library for performing WGS-84 calculations with high precision. We think it's very handy and
Copyright (C) 2020-2021 Terence Kelly. All rights reserved. Author contact: [email protected], [email protected], [email protected] Adde
DEPRECATED The 1.2 branch of SDL is deprecated. While we occasionally collect fixes in revision control, there has not been a formal release since 201
CVE-2021-31727 and CVE-2021-31728 Public Reference for CVE-2021-31727 Exposes unrestricted disk read/write capabilities. Public Reference for CVE-2021
PrintNightmare - Windows Print Spooler RCE/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) Summary This is a remote code execution vulnerability tha
CVE-2021-1675-LPE-EXP Simple LPE Exploit of CVE-2021-1675 Usage CVE-2021-1675-LPE.exe
Leptonica Library www.leptonica.org The library supports many operations that are useful on Document images Natural images Fundamental image processin
188 Nov 15, 2022
433 Jan 4, 2023
25 Sep 19, 2022
2 Oct 14, 2022
21 May 30, 2021
55 Jan 2, 2023
66 Dec 4, 2022
72 Nov 18, 2022
51 Dec 4, 2022
1.3k Jan 5, 2023