projectdiscovery/nuclei-templates v9.5.0

Nuclei Templates v9.5.0 (breaking changes)

on GitHub

Release Highlight:

1. Nuclei Templates Refactoring: organized and categorized directory structure for improved management of nuclei templates.
2. Enhanced CVE Templates: more comprehensive vulnerability analysis with added information like CPE and EPSS Score.
3. Template Metadata: auto-generated max-request counter to each template, allowing easy filtering and visibility of maximum request.
4. Log4j Templates Update: updated templates addressing potential false positives related to Log4j.
5. KEV & Trending CVEs: a curated selection of noteworthy Known Exploited Vulnerabilities (KEV) and Trending CVEs, highlighted with 🔥.

See nuclei-templates v9.5.0, projectdiscovery/nuclei#3648, https://blog.projectdiscovery.io/nuclei-template-v9-5-0-update/ for more details.

New Templates Added : 61

• http/cves/2023/CVE-2023-32235.yaml by @j3ssie 🔥
• http/cves/2023/CVE-2023-31059.yaml by @parthmalhotra,@pdresearch
• http/cves/2023/CVE-2023-30212.yaml by @theamanrawat
• http/cves/2023/CVE-2023-30210.yaml by @theamanrawat
• http/cves/2023/CVE-2023-29922.yaml by @Co5mos
• http/cves/2023/CVE-2023-29489.yaml by @DhiyaneshDK
• http/cves/2023/CVE-2023-27524.yaml by @DhiyaneshDK,@0xf4n9x
• http/cves/2023/CVE-2023-27350.yaml by @rootxharsh,@iamnoooob,@pdresearch 🔥
• http/cves/2023/CVE-2023-26360.yaml by @DhiyaneshDK 🔥
• http/cves/2023/CVE-2023-25135.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2023/CVE-2023-20864.yaml by @rootxharsh,@iamnoooob,@pdresearch 🔥
• http/cves/2023/CVE-2023-1671.yaml by @Co5mos 🔥
• http/cves/2023/CVE-2023-1020.yaml by @theamanrawat
• http/cves/2022/CVE-2022-46020.yaml by @theamanrawat
• http/cves/2022/CVE-2022-45038.yaml by @theamanrawat
• http/cves/2022/CVE-2022-45037.yaml by @theamanrawat
• http/cves/2022/CVE-2022-4328.yaml by @theamanrawat
• http/cves/2022/CVE-2022-42096.yaml by @theamanrawat
• http/cves/2022/CVE-2022-42095.yaml by @theamanrawat
• http/cves/2022/CVE-2022-3980.yaml by dabla
• http/cves/2022/CVE-2022-27985.yaml by @theamanrawat
• http/cves/2022/CVE-2022-27984.yaml by @theamanrawat
• http/cves/2022/CVE-2022-24716.yaml by @DhiyaneshDK 🔥
• http/cves/2022/CVE-2022-24266.yaml by @theamanrawat
• http/cves/2022/CVE-2022-24265.yaml by @theamanrawat
• http/cves/2022/CVE-2022-24264.yaml by @theamanrawat
• http/cves/2021/CVE-2021-44228.yaml by @melbadry9
• http/cves/2021/CVE-2021-30175.yaml by @edoardottt
• http/cves/2021/CVE-2021-27320.yaml by @theamanrawat
• http/cves/2021/CVE-2021-27319.yaml by @theamanrawat
• http/cves/2021/CVE-2021-27316.yaml by @theamanrawat
• http/cves/2021/CVE-2021-27315.yaml by @theamanrawat
• http/cves/2021/CVE-2021-27314.yaml by @theamanrawat
• http/cves/2020/CVE-2020-27481.yaml by @edoardottt
• http/cves/2019/CVE-2019-3398.yaml by @rootxharsh,@iamnoooob,@pdresearch
• http/cves/2017/CVE-2017-17731.yaml by @j4vaovo
• http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml by @j4vaovo
• http/vulnerabilities/generic/generic-env.yaml by @kazet
• http/vulnerabilities/wordpress/advanced-booking-calendar-sqli.yaml by @theamanrawat
• http/vulnerabilities/wordpress/wp-autosuggest-sql-injection.yaml by @theamanrawat
• http/vulnerabilities/wordpress/wpml-xss.yaml by @bugvsme
• http/misconfiguration/apache/apache-zeppelin-unauth.yaml by @j4vaovo
• http/default-logins/powerjob-default-login.yaml by @j4vaovo
• http/default-logins/umami/umami-default-login.yaml by @barthy.koeln
• http/exposures/configs/platformio-ini.yaml by @DhiyaneshDK
• http/exposures/logs/nginx-shards.yaml by @DhiyaneshDK
• http/exposures/tokens/postman/postman-key.yaml by @DhiyaneshDK
• http/exposed-panels/eclipse-birt-panel.yaml by Shiva (Strobes Security)
• http/exposed-panels/jedox-web-panel.yaml by Team Syslifters
• http/exposed-panels/oracle-opera-login.yaml by @DhiyaneshDK
• http/exposed-panels/papercut-ng-panel.yaml by @ritikchaddha
• http/exposed-panels/proxmox-panel.yaml by @lum8rjack
• http/exposed-panels/red-lion-panel.yaml by @ritikchaddha
• http/exposed-panels/sophos-web-appliance.yaml by @DhiyaneshDk
• network/enumeration/smtp-commands-enum.yaml by @pussycat0x
• network/enumeration/smtp/smtp-user-enum.yaml by @pussycat0x
• http/fuzzing/ssrf-via-proxy.yaml by @geeknik,@petergrifin
• http/fuzzing/waf-fuzz.yaml by @dwisiswant0,@lu4nx,@Myst7ic
• http/osint/mail-archive.yaml by @lu4nx
• http/technologies/wordpress/plugins/gdpr-cookie-compliance.yaml by @ricardomaia
• file/keys/postman-api-key.yaml by @DhiyaneshDK
• headless/technologies/sap-spartacus.yaml by @TechbrunchFR

New Contributors

• @lum8rjack made their first contribution in #7110
• @barthy-koeln made their first contribution in #7164
• @mlec1 made their first contribution in #6967
• @ViCrack made their first contribution in #7182
• @j3ssie made their first contribution in #7188
• @chucklesb made their first contribution in #7195
• @david-bla made their first contribution in #7203
• @avisscr made their first contribution in #7172

Full Changelog: v9.4.3...v9.4.4