CVE-2024-49138
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Github link:
https://github.com/Humbug52542/DLang-file-encryptor
  
  Windows Common Log File System Driver Elevation of Privilege Vulnerability
Github link:
https://github.com/Humbug52542/DLang-file-encryptor
GitHub
  
  GitHub - Humbug52542/DLang-file-encryptor: This is my biggest project yet: a DLang file encryptor that escalates privileges using…
  This is my biggest project yet: a DLang file encryptor that escalates privileges using CVE-2024-49138 and disables Windows Defender. - Humbug52542/DLang-file-encryptor
  CVE-2021-22911
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE.
Github link:
https://github.com/octodi/CVE-2021-22911
  
  A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE.
Github link:
https://github.com/octodi/CVE-2021-22911
GitHub
  
  GitHub - octodi/CVE-2021-22911: Updated exploit for CVE-2021-22911 (Rocket.Chat 3.12.1 - NoSQL Injection to RCE (Unauthenticated))
  Updated exploit for CVE-2021-22911 (Rocket.Chat 3.12.1 - NoSQL Injection to RCE (Unauthenticated)) - octodi/CVE-2021-22911
  CVE-2025-29927
Next.js is a React framework for building full-stack web applications. Starting in version 1.11.4 and prior to versions 12.3.5, 13.5.9, 14.2.25, and 15.2.3, it is possible to bypass authorization checks within a Next.js application, if the authorization check occurs in middleware. If patching to a safe version is infeasible, it is recommend that you prevent external user requests which contain the x-middleware-subrequest header from reaching your Next.js application. This vulnerability is fixed in 12.3.5, 13.5.9, 14.2.25, and 15.2.3.
Github link:
https://github.com/SugiB3o/vulnerable-nextjs-14-CVE-2025-29927
  
  Next.js is a React framework for building full-stack web applications. Starting in version 1.11.4 and prior to versions 12.3.5, 13.5.9, 14.2.25, and 15.2.3, it is possible to bypass authorization checks within a Next.js application, if the authorization check occurs in middleware. If patching to a safe version is infeasible, it is recommend that you prevent external user requests which contain the x-middleware-subrequest header from reaching your Next.js application. This vulnerability is fixed in 12.3.5, 13.5.9, 14.2.25, and 15.2.3.
Github link:
https://github.com/SugiB3o/vulnerable-nextjs-14-CVE-2025-29927
GitHub
  
  GitHub - SugiB3o/vulnerable-nextjs-14-CVE-2025-29927: vulnerable-nextjs-14-CVE-2025-29927
  vulnerable-nextjs-14-CVE-2025-29927. Contribute to SugiB3o/vulnerable-nextjs-14-CVE-2025-29927 development by creating an account on GitHub.
  CVE-2021-26828
OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.
Github link:
https://github.com/ridpath/CVE-2021-26828-Ultimate
  
  OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.
Github link:
https://github.com/ridpath/CVE-2021-26828-Ultimate
GitHub
  
  GitHub - ridpath/CVE-2021-26828-Ultimate: ScadaFlare Authenticated RCE Exploit Framework for ScadaBR (CVE-2021-26828) OpenPLC ScadaBR
  ScadaFlare Authenticated RCE Exploit Framework for ScadaBR (CVE-2021-26828) OpenPLC ScadaBR  - GitHub - ridpath/CVE-2021-26828-Ultimate: ScadaFlare Authenticated RCE Exploit Framework for ScadaBR (...
  CVE-2017-0144
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
Github link:
https://github.com/pelagornisandersi/WIndows-7-automated-exploitation-using-metasploit-framework-
  
  The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
Github link:
https://github.com/pelagornisandersi/WIndows-7-automated-exploitation-using-metasploit-framework-
GitHub
  
  GitHub - pelagornisandersi/WIndows-7-automated-exploitation-using-metasploit-framework-: Automated bash script which scans an ip…
  Automated bash script which scans an ip for potential vulnerability to eternalblue using nmap and then exploit using metasploit framework which uses the CVE-2017-0144 vulnerability[Code name: Etern...
  CVE-2025-30397
None
Github link:
https://github.com/mbanyamer/CVE-2025-30397---Windows-Server-2025-JScript-RCE-Use-After-Free-
  
  None
Github link:
https://github.com/mbanyamer/CVE-2025-30397---Windows-Server-2025-JScript-RCE-Use-After-Free-
GitHub
  
  GitHub - mbanyamer/CVE-2025-30397---Windows-Server-2025-JScript-RCE-Use-After-Free-: Remote Code Execution via Use-After-Free in…
  Remote Code Execution via Use-After-Free in JScript.dll (CVE-2025-30397) - mbanyamer/CVE-2025-30397---Windows-Server-2025-JScript-RCE-Use-After-Free-
  CVE-2025-5287
The Likes and Dislikes Plugin plugin for WordPress is vulnerable to SQL Injection via the 'post' parameter in all versions up to, and including, 1.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Github link:
https://github.com/wiseep/CVE-2025-5287
  
  The Likes and Dislikes Plugin plugin for WordPress is vulnerable to SQL Injection via the 'post' parameter in all versions up to, and including, 1.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Github link:
https://github.com/wiseep/CVE-2025-5287
GitHub
  
  GitHub - wiseep/CVE-2025-5287: Wordpress likes and dislikes add-on - SQL Injection
  Wordpress likes and dislikes add-on - SQL Injection - wiseep/CVE-2025-5287
  CVE-2025-48827
vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers' methods when running on PHP 8.1 or later, as demonstrated by the /api.php?method=protectedMethod pattern, as exploited in the wild in May 2025.
Github link:
https://github.com/wiseep/CVE-2025-48827
  
  vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers' methods when running on PHP 8.1 or later, as demonstrated by the /api.php?method=protectedMethod pattern, as exploited in the wild in May 2025.
Github link:
https://github.com/wiseep/CVE-2025-48827
GitHub
  
  GitHub - wiseep/CVE-2025-48827: Vbullettin RCE - CVE-2025-48827
  Vbullettin RCE - CVE-2025-48827. Contribute to wiseep/CVE-2025-48827 development by creating an account on GitHub.
  CVE-2025-3248
Langflow versions prior to 1.3.0 are susceptible to code injection in
the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary
code.
Github link:
https://github.com/tiemio/RCE-CVE-2025-3248
  
  Langflow versions prior to 1.3.0 are susceptible to code injection in
the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary
code.
Github link:
https://github.com/tiemio/RCE-CVE-2025-3248
GitHub
  
  GitHub - tiemio/RCE-CVE-2025-3248: This Python script exploits CVE-2025-3248 to execute arbitrary commands or spawn a reverse shell…
  This Python script exploits CVE-2025-3248 to execute arbitrary commands or spawn a reverse shell on a vulnerable system. Authentication is required to use this exploit. - tiemio/RCE-CVE-2025-3248
  CVE-2025-12654
None
Github link:
https://github.com/Quelvara/Anydesk-Exploit-CVE-2025-12654-RCE-Builder
  None
Github link:
https://github.com/Quelvara/Anydesk-Exploit-CVE-2025-12654-RCE-Builder
CVE-2024-9264
The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.
Github link:
https://github.com/Cythonic1/CVE-2024-9264
  
  The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.
Github link:
https://github.com/Cythonic1/CVE-2024-9264
GitHub
  
  GitHub - Cythonic1/CVE-2024-9264: A go implementation for CVE-2024-9264 which effect grafana versions 11.0.x, 11.1.x, and 11.2.x.
  A go implementation for CVE-2024-9264 which effect grafana versions 11.0.x, 11.1.x, and 11.2.x.  - GitHub - Cythonic1/CVE-2024-9264: A go implementation for CVE-2024-9264 which effect grafana versi...
  CVE-2011-0762
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
Github link:
https://github.com/AndreyFreitass/CVE-2011-0762
  
  The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
Github link:
https://github.com/AndreyFreitass/CVE-2011-0762
GitHub
  
  GitHub - AndreyFreitass/CVE-2011-0762: Programa de um CVE corrigido que foi postado com erros no Exploit-DB
  Programa de um CVE corrigido que foi postado com erros no Exploit-DB - AndreyFreitass/CVE-2011-0762
  