CVE-2023-21554
Microsoft Message Queuing Remote Code Execution Vulnerability
Github link:
https://github.com/leongxudong/MSMQ-Vulnerbaility
Microsoft Message Queuing Remote Code Execution Vulnerability
Github link:
https://github.com/leongxudong/MSMQ-Vulnerbaility
GitHub
GitHub - leongxudong/MSMQ-Vulnerbaility: Documentation and PoC for CVE-2023-21554 MSMQ Vulnerability
Documentation and PoC for CVE-2023-21554 MSMQ Vulnerability - leongxudong/MSMQ-Vulnerbaility
CVE-2023-32784
In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation.
Github link:
https://github.com/G4sp4rCS/CVE-2023-32784-password-combinator-fixer
In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation.
Github link:
https://github.com/G4sp4rCS/CVE-2023-32784-password-combinator-fixer
GitHub
GitHub - G4sp4rCS/CVE-2023-32784-password-combinator-fixer: After using the KeePass password dumper maybe some character parsed…
After using the KeePass password dumper maybe some character parsed as ● is incorrect and you want to know the real character - G4sp4rCS/CVE-2023-32784-password-combinator-fixer
CVE-2013-3900
The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during Authenticode signature verification, which allows remote attackers to execute arbitrary code via a crafted PE file, aka "WinVerifyTrust Signature Validation Vulnerability."
Github link:
https://github.com/piranhap/CVE-2013-3900_Remediation_PowerShell
The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during Authenticode signature verification, which allows remote attackers to execute arbitrary code via a crafted PE file, aka "WinVerifyTrust Signature Validation Vulnerability."
Github link:
https://github.com/piranhap/CVE-2013-3900_Remediation_PowerShell
GitHub
GitHub - piranhap/CVE-2013-3900_Remediation_PowerShell: Script to make changes on registry to fix CVE-2013-3900. It comes with…
Script to make changes on registry to fix CVE-2013-3900. It comes with an option to undo in case it breaks something on your environment. - GitHub - piranhap/CVE-2013-3900_Remediation_PowerShell: ...
CVE-2023-5561
WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack
Github link:
https://github.com/rootxsushant/CVE-2023-5561-POC-Updated
WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack
Github link:
https://github.com/rootxsushant/CVE-2023-5561-POC-Updated
GitHub
GitHub - rootxsushant/CVE-2023-5561-POC-Updated: Updated POC for Unauth Post Author Email Disclosures WordPress CVE-2023-5561
Updated POC for Unauth Post Author Email Disclosures WordPress CVE-2023-5561 - rootxsushant/CVE-2023-5561-POC-Updated
CVE-2022-22536
SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.
Github link:
https://github.com/BecodoExploit-mrCAT/SAPGateBreaker-Exploit
SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.
Github link:
https://github.com/BecodoExploit-mrCAT/SAPGateBreaker-Exploit
GitHub
GitHub - BecodoExploit-mrCAT/SAPGateBreaker-Exploit: SAPGateBreaker is a PoC exploit for CVE-2022-22536, a critical HTTP Request…
SAPGateBreaker is a PoC exploit for CVE-2022-22536, a critical HTTP Request Smuggling vulnerability in SAP NetWeaver. It demonstrates how to bypass ACLs by desynchronizing request parsing between I...
CVE-2025-29927
None
Github link:
https://github.com/Naveen-005/Next.Js-middleware-bypass-vulnerability-CVE-2025-29927
None
Github link:
https://github.com/Naveen-005/Next.Js-middleware-bypass-vulnerability-CVE-2025-29927
GitHub
GitHub - Naveen-005/Next.Js-middleware-bypass-vulnerability-CVE-2025-29927: A basic proof of concept of the CVE-2025-29927 vulnerability…
A basic proof of concept of the CVE-2025-29927 vulnerability that allows to bypass the middleware scripts. - Naveen-005/Next.Js-middleware-bypass-vulnerability-CVE-2025-29927