搜集 2022 年的漏洞
本项目用于搜集 2022 年的漏洞,注意: 本项目并不刻意搜集 POC 或 EXP,包含但不限于漏洞资讯、漏洞复现、漏洞分析、漏洞验证、漏洞利用
目前纯手工搜集,后期可能会加入机器人,漏洞按照更新时间逆序排序
命令执行
Gitlab Enterprise Edition (13.9.5) CVE-2021-22205
A Zero-Click RCE exploit for CVE-2021-0326 on the Peloton Bike
CVE-2022-24086 about Magento RCE
Apache APISIX 2.12.1、Apache APISIX 2.10.4 POC(CVE-2022-24112)
Remote Code Execution in TP-Link Tapo c200 IP camera
Cisco Anyconnect VPN unauth RCE(CVE-2022-20699)
RCE via Email-Templates (Authenticated only) in SuiteCRM <= 8.0.1(CVE-2021-45897)
HongJingEHR多个漏洞(Axis Adminservice远程代码执行漏洞、HongJingEHR未授权反序列化漏洞)
Uniview 未授权RCE漏洞 (CVE-2021-45039)
SONICWALL SMA100 Apache httpd 未授权RCE (CVE-2021-20038)
TerraMaster TOS session 伪造、任意⽂件读取、远程命令执⾏等多个漏洞
H2 数据库控制台未授权 RCE (CVE-2021-42392)
Atlassian Jira Server and Data Center 授权RCE漏洞 (CVE-2021-43947)
CVE-2021-41773 Apache HTTP Server 2.4.49 RCE
权限提升
Linux CVE-2022-0847-DirtyPipe-Exploit
Windows CVE-2021-24084 Windows Local Privilege Escalation
Linux polkit的pkexec 本地权限升级漏洞 EXP NO GCC(CVE-2021-4034)
Linux PolKit (polkitd) 0.133 本地提权(CVE-2021-3560)
Windows CVE-2021-1675 is a vulnerability in the Print Spooler Service of Microsoft Windows
Windows win32k LPE bypass CVE-2022-21882
Linux polkit的pkexec 本地权限升级漏洞 EXP(CVE-2021-4034)
拒绝服务
A-potential-Denial-of-Service-issue-in-protobuf-java
代码执行
Hotel Druid v3.0.3 Code Injection vulnerability (CVE-2022-22909)
Remote Code Execution on Confluence Servers(CVE-2021-26084)
a-tag with the HTML injection vulnerability in CSV+ <=0.8.0(CVE-2022-21241)
POC for CVE-2022-21907: Windows HTTP协议栈远程代码执行漏洞
GoAhead 远程代码执⾏漏洞 (CVE-2021-42342)
SQL注入
Casdoor SQL Injection (CVE-2022-24124)
Prestashop >= 1.7.5.0 < 1.7.8.2 - SQL injection(CVE-2021-43789)
Moodle 3.11-3.11.4 SQL注入 POC(CVE-2022-0332)
PhpIPAM v1.4.4 授权 SQL 注入(CVE-2022-23046)
CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection POC
CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection
wordpress SQL注入漏洞 (CVE-2022–21661)
越权漏洞
ZABBIX-监控系统 Unsafe Session Storage(CVE-2022-23131)
ZABBIX-监控系统-Saml-bypass-poc(CVE-2022-23131)
CVE-2022-22828 Synametrics - SynaMan version 4.9 存在越权漏洞
Hospital's Patient Records Management System 1.0(CVE-2022-22296)
Gin-Vue-admin垂直越权漏洞与代码分析 (CVE-2022-21660)
信息泄露
WebLogic 信息泄露漏洞(CVE-2022-21252)
Import Export WordPress plugin(CVE-2022-0236)
容器逃逸
Sample Ubuntu LPEs and container escapes CVE-2022-0185 分析
Sample Ubuntu LPEs and container escapes coming soon(CVE-2022-0185)
外部实体
Andrid XML外部实体引用inskylot/jadx的不当限制(CVE-2022-0219)
XSS
Stored XSS Vulnerability on RosarioSIS 8.2.1(CVE-2021-45416)
SAS Logon 9.4 allows warning-message injection(CVE-2022-25257)
Reflected XSS in TastyIgniter v3.2.2 Restaurtant CMS(CVE-2022-23378)
Stored Cross Site Scripting Sourcecodester Online Car Rental System 1.0(CVE-2021-46005)
Reflected Cross-site scripting (XSS) vulnerability in RosarioSIS 8.2.1(CVE-2021-45416)
D-Link Router DSL-2730E - Stored Cross Site Scripting (XSS)(CVE-2021-46108)
Ivanti Service Manager 2021.1 infected with reflected XSS(CVE-2021-38560)
RosarioSIS 8.2.1 反射式跨站点脚本(CVE-2021-45416)
HPRMS - 'room_list' Stored XSS(CVE-2022-22852)
HPRMS - 'doctors' Stored XSS(CVE-2022-22851)
HPRMS - 'room_types' Stored XSS(CVE-2022-22850)
文件上传
文件包含
Oracle WebLogic Server 12.1.3.0.0/12.2.1.3.0/12.2.1.4.0/14.1.1.0.0 本地文件包含(CVE-2022-21371)
SSRF
Microsoft Exchange ProxyLogon PoC (CVE-2021-26855)