Nuclei Templates v9.5.0 (breaking changes)
Release Highlight:
- Nuclei Templates Refactoring: organized and categorized directory structure for improved management of nuclei templates.
- Enhanced CVE Templates: more comprehensive vulnerability analysis with added information like CPE and EPSS Score.
- Template Metadata: auto-generated
max-requestcounter to each template, allowing easy filtering and visibility of maximum request. - Log4j Templates Update: updated templates addressing potential false positives related to Log4j.
- KEV & Trending CVEs: a curated selection of noteworthy Known Exploited Vulnerabilities (KEV) and Trending CVEs, highlighted with 🔥.
See nuclei-templates v9.5.0, projectdiscovery/nuclei#3648, https://blog.projectdiscovery.io/nuclei-template-v9-5-0-update/ for more details.
New Templates Added : 61
- http/cves/2023/CVE-2023-32235.yaml by @j3ssie 🔥
- http/cves/2023/CVE-2023-31059.yaml by @parthmalhotra,@pdresearch
- http/cves/2023/CVE-2023-30212.yaml by @theamanrawat
- http/cves/2023/CVE-2023-30210.yaml by @theamanrawat
- http/cves/2023/CVE-2023-29922.yaml by @Co5mos
- http/cves/2023/CVE-2023-29489.yaml by @dhiyaneshdk
- http/cves/2023/CVE-2023-27524.yaml by @dhiyaneshdk,@0xf4n9x
- http/cves/2023/CVE-2023-27350.yaml by @rootxharsh,@iamnoooob,@pdresearch 🔥
- http/cves/2023/CVE-2023-26360.yaml by @dhiyaneshdk 🔥
- http/cves/2023/CVE-2023-25135.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
- http/cves/2023/CVE-2023-20864.yaml by @rootxharsh,@iamnoooob,@pdresearch 🔥
- http/cves/2023/CVE-2023-1671.yaml by @Co5mos 🔥
- http/cves/2023/CVE-2023-1020.yaml by @theamanrawat
- http/cves/2022/CVE-2022-46020.yaml by @theamanrawat
- http/cves/2022/CVE-2022-45038.yaml by @theamanrawat
- http/cves/2022/CVE-2022-45037.yaml by @theamanrawat
- http/cves/2022/CVE-2022-4328.yaml by @theamanrawat
- http/cves/2022/CVE-2022-42096.yaml by @theamanrawat
- http/cves/2022/CVE-2022-42095.yaml by @theamanrawat
- http/cves/2022/CVE-2022-3980.yaml by dabla
- http/cves/2022/CVE-2022-27985.yaml by @theamanrawat
- http/cves/2022/CVE-2022-27984.yaml by @theamanrawat
- http/cves/2022/CVE-2022-24716.yaml by @dhiyaneshdk 🔥
- http/cves/2022/CVE-2022-24266.yaml by @theamanrawat
- http/cves/2022/CVE-2022-24265.yaml by @theamanrawat
- http/cves/2022/CVE-2022-24264.yaml by @theamanrawat
- http/cves/2021/CVE-2021-44228.yaml by @melbadry9
- http/cves/2021/CVE-2021-30175.yaml by @edoardottt
- http/cves/2021/CVE-2021-27320.yaml by @theamanrawat
- http/cves/2021/CVE-2021-27319.yaml by @theamanrawat
- http/cves/2021/CVE-2021-27316.yaml by @theamanrawat
- http/cves/2021/CVE-2021-27315.yaml by @theamanrawat
- http/cves/2021/CVE-2021-27314.yaml by @theamanrawat
- http/cves/2020/CVE-2020-27481.yaml by @edoardottt
- http/cves/2019/CVE-2019-3398.yaml by @rootxharsh,@iamnoooob,@pdresearch
- http/cves/2017/CVE-2017-17731.yaml by @j4vaovo
- http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml by @j4vaovo
- http/vulnerabilities/generic/generic-env.yaml by @kazet
- http/vulnerabilities/wordpress/advanced-booking-calendar-sqli.yaml by @theamanrawat
- http/vulnerabilities/wordpress/wp-autosuggest-sql-injection.yaml by @theamanrawat
- http/vulnerabilities/wordpress/wpml-xss.yaml by @bugvsme
- http/misconfiguration/apache/apache-zeppelin-unauth.yaml by @j4vaovo
- http/default-logins/powerjob-default-login.yaml by @j4vaovo
- http/default-logins/umami/umami-default-login.yaml by @barthy.koeln
- http/exposures/configs/platformio-ini.yaml by @dhiyaneshdk
- http/exposures/logs/nginx-shards.yaml by @dhiyaneshdk
- http/exposures/tokens/postman/postman-key.yaml by @dhiyaneshdk
- http/exposed-panels/eclipse-birt-panel.yaml by Shiva (Strobes Security)
- http/exposed-panels/jedox-web-panel.yaml by Team Syslifters
- http/exposed-panels/oracle-opera-login.yaml by @dhiyaneshdk
- http/exposed-panels/papercut-ng-panel.yaml by @ritikchaddha
- http/exposed-panels/proxmox-panel.yaml by @lum8rjack
- http/exposed-panels/red-lion-panel.yaml by @ritikchaddha
- http/exposed-panels/sophos-web-appliance.yaml by @dhiyaneshdk
- network/enumeration/smtp-commands-enum.yaml by @pussycat0x
- network/enumeration/smtp/smtp-user-enum.yaml by @pussycat0x
- http/fuzzing/ssrf-via-proxy.yaml by @geeknik,@petergrifin
- http/fuzzing/waf-fuzz.yaml by @dwisiswant0,@lu4nx,@Myst7ic
- http/osint/mail-archive.yaml by @lu4nx
- http/technologies/wordpress/plugins/gdpr-cookie-compliance.yaml by @ricardomaia
- file/keys/postman-api-key.yaml by @dhiyaneshdk
- headless/technologies/sap-spartacus.yaml by @TechbrunchFR
New Contributors
- @lum8rjack made their first contribution in #7110
- @barthy-koeln made their first contribution in #7164
- @mlec1 made their first contribution in #6967
- @ViCrack made their first contribution in #7182
- @j3ssie made their first contribution in #7188
- @chucklesb made their first contribution in #7195
- @david-bla made their first contribution in #7203
- @avisscr made their first contribution in #7172
Full Changelog: v9.4.3...v9.4.4
Contributors
geeknik, kazet, and 23 other contributors