Almost every publicly available CVE PoC (opens in new tab)

(github.com)

118 pointsscanr4y ago19 comments

19 comments

17 comments · 7 top-level

ovi2564y ago· 4 in thread

I am highly interested in finding Django CVE PoCs which would be useful to justify internally (and externally) upgrading services running old unsupported versions of Django (or backporting the patches from the supported versions, if applicable). This repository contains the string "Django" 35 times. There are false positives, like this one, where the string "POC" was found in the CVE description but it's actually saying "No POC found"

https://github.com/trickest/cve/blob/967839a1f3dd2e43c3ca7af...

The string "No POC found" appears 34,948 times in this repository. This is concerning, given this repo has ~1000 CVEs per year, and 24 years!

The GitHub links for each CVE are very low value, unfortunately, the modal link seems to be to a "awesome CVE" or "CVE POC list" repository of no value whatsoever.

I'd really like a CVE database where you can search by software and version and see which CVEs apply to your version, their severity, and which have PoCs. Anybody else feeling this would be valuable ?

mhmmmmmm4y ago

There is Exploit-DB which contains a list of PoC for a lot of services, if their count is to be believed its almost at 45k different PoC.

https://www.exploit-db.com/

scanrOP4y ago

I think this is more of a demonstration of what trickest can do.

I posted it because it made it onto GitHub trending and thought it shows the potential of what could be done by aggregating cve / POC data.

I had much the same thought as you, it would be great to have this in a curated database. I feel like someone might reply that such a thing already exists :)

Snyk is pretty good for your use case (I think). It often has PoCs or links to PoCs if they’re available for vulnerabilities associated with library / framework versions. Here’s the link to the vulnerabilities for Django:

https://snyk.io/vuln/pip:django

lkrubner4y ago

That already exists. I work on one version of that. Unless I've misunderstood you.

notRobot4y ago

> I'd really like a CVE database where you can search by software and version and see which CVEs apply to your version, their severity, and which have PoCs.

You work on such a database? Please link it for the rest of us!

2 more replies

rendall4y ago· 4 in thread

What is a CVE PoC?

ctxc4y ago

An organization, "mitre" maintains a list of publicly disclosed vulnerabilities and assigns each vulnerability a unique ID, which is the "CVE" number. The PoC is a "proof of concept" that explains how it could be exploited practically.

So this is mapping both those things.

rendall4y ago

Thank you

dr_hooo4y ago

Common Vulnerabilities and Exposures (CVE) + Proof of Concept

rendall4y ago

Thank you

cracauer4y ago· 2 in thread

I would like to have a resource like this, but instead of the PoC I want to see the diff that fixed the flaw in the software.

Anything like that around? I know it isn't trivial.

ovi2564y ago

I could see how to do this for some projects, like Django: get the list of their security updates. For each release, it lists the CVEs it fixes and the patch. The patch gives you the fix diff.

https://docs.djangoproject.com/en/4.0/releases/security/

artificial4y ago

Planning to do some ML training?

daehee4y ago

For a curated collection of CVE PoCs that is continuously updated by the bug bounty community, check out the projectdiscovery nuclei repo: https://github.com/projectdiscovery/nuclei-templates/tree/ma...

Sebb7674y ago

This is great! The title made me think of someone mocking badly described PoCs, but it's really a collection.

stonepresto4y ago

Seems a little spotty on finding popular PoCs for recent CVEs, but I think this is great for archiving purposes.

parandroid4y ago

Awesome work!

j / k navigate · click thread line to collapse

19 comments

17 comments · 7 top-level

ovi2564y ago· 4 in thread

https://github.com/trickest/cve/blob/967839a1f3dd2e43c3ca7af...

The string "No POC found" appears 34,948 times in this repository. This is concerning, given this repo has ~1000 CVEs per year, and 24 years!

The GitHub links for each CVE are very low value, unfortunately, the modal link seems to be to a "awesome CVE" or "CVE POC list" repository of no value whatsoever.

mhmmmmmm4y ago

There is Exploit-DB which contains a list of PoC for a lot of services, if their count is to be believed its almost at 45k different PoC.

https://www.exploit-db.com/

scanrOP4y ago

I think this is more of a demonstration of what trickest can do.

I posted it because it made it onto GitHub trending and thought it shows the potential of what could be done by aggregating cve / POC data.

I had much the same thought as you, it would be great to have this in a curated database. I feel like someone might reply that such a thing already exists :)

https://snyk.io/vuln/pip:django

lkrubner4y ago

That already exists. I work on one version of that. Unless I've misunderstood you.

notRobot4y ago

> I'd really like a CVE database where you can search by software and version and see which CVEs apply to your version, their severity, and which have PoCs.

You work on such a database? Please link it for the rest of us!

2 more replies

rendall4y ago· 4 in thread

What is a CVE PoC?

ctxc4y ago

So this is mapping both those things.

rendall4y ago

Thank you

dr_hooo4y ago

Common Vulnerabilities and Exposures (CVE) + Proof of Concept

rendall4y ago

Thank you

cracauer4y ago· 2 in thread

I would like to have a resource like this, but instead of the PoC I want to see the diff that fixed the flaw in the software.

Anything like that around? I know it isn't trivial.

ovi2564y ago

I could see how to do this for some projects, like Django: get the list of their security updates. For each release, it lists the CVEs it fixes and the patch. The patch gives you the fix diff.

https://docs.djangoproject.com/en/4.0/releases/security/

artificial4y ago

Planning to do some ML training?

daehee4y ago

Sebb7674y ago

This is great! The title made me think of someone mocking badly described PoCs, but it's really a collection.

stonepresto4y ago

Seems a little spotty on finding popular PoCs for recent CVEs, but I think this is great for archiving purposes.

parandroid4y ago

Awesome work!

j / k navigate · click thread line to collapse