CVE-2023-45866
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
Github link:
https://github.com/Danyw24/blueXploit
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
Github link:
https://github.com/Danyw24/blueXploit
GitHub
GitHub - Danyw24/blueXploit: Exploit basado en vulnerabilidades criticas Bluetooth (CVE-2023-45866, CVE-2024-21306)
Exploit basado en vulnerabilidades criticas Bluetooth (CVE-2023-45866, CVE-2024-21306) - Danyw24/blueXploit
CVE-2024-0582
A memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap() it, and then frees it. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Github link:
https://github.com/101010zyl/CVE-2024-0582
A memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap() it, and then frees it. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Github link:
https://github.com/101010zyl/CVE-2024-0582
GitHub
GitHub - 101010zyl/CVE-2024-0582-dataonly: A data-only attack based on CVE-2024-0582
A data-only attack based on CVE-2024-0582. Contribute to 101010zyl/CVE-2024-0582-dataonly development by creating an account on GitHub.
CVE-2021-42321
Microsoft Exchange Server Remote Code Execution Vulnerability
Github link:
https://github.com/gmeier909/exchange_tools
Microsoft Exchange Server Remote Code Execution Vulnerability
Github link:
https://github.com/gmeier909/exchange_tools
GitHub
GitHub - gmeier909/exchange_tools: exchange工具
exchange工具. Contribute to gmeier909/exchange_tools development by creating an account on GitHub.
CVE-2019-12725
Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters.
Github link:
https://github.com/YZS17/CVE-2019-12725
Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters.
Github link:
https://github.com/YZS17/CVE-2019-12725
GitHub
GitHub - YZS17/CVE-2019-12725: The EXP/POC of CVE-2019-12725
The EXP/POC of CVE-2019-12725. Contribute to YZS17/CVE-2019-12725 development by creating an account on GitHub.