CVE-2024-51793
Unrestricted Upload of File with Dangerous Type vulnerability in Webful Creations Computer Repair Shop allows Upload a Web Shell to a Web Server.This issue affects Computer Repair Shop: from n/a through 3.8115.
Github link:
https://github.com/KTN1990/CVE-2024-51793
Unrestricted Upload of File with Dangerous Type vulnerability in Webful Creations Computer Repair Shop allows Upload a Web Shell to a Web Server.This issue affects Computer Repair Shop: from n/a through 3.8115.
Github link:
https://github.com/KTN1990/CVE-2024-51793
GitHub
GitHub - KTN1990/CVE-2024-51793: (CVE-2024-51793) Wordpress Plugin: Computer Repair Shop <= 3.8115 - Unauthenticated Arbitrary…
(CVE-2024-51793) Wordpress Plugin: Computer Repair Shop <= 3.8115 - Unauthenticated Arbitrary File Upload - KTN1990/CVE-2024-51793
CVE-2023-20198
Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system.
For steps to close the attack vector for this vulnerability, see the Recommendations section of this advisory
Cisco will provide updates on the status of this investigation and when a software patch is available.
Github link:
https://github.com/DOMINIC471/qub-network-security-cve-2023-20198
Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system.
For steps to close the attack vector for this vulnerability, see the Recommendations section of this advisory
Cisco will provide updates on the status of this investigation and when a software patch is available.
Github link:
https://github.com/DOMINIC471/qub-network-security-cve-2023-20198
GitHub
GitHub - DOMINIC471/qub-network-security-cve-2023-20198: Analysis, detection, and mitigation of CVE-2023-20198 exploitation in…
Analysis, detection, and mitigation of CVE-2023-20198 exploitation in Cisco IOS XE – QUB CSC3064 Network Security Assessment - DOMINIC471/qub-network-security-cve-2023-20198
CVE-2021-4034
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
Github link:
https://github.com/Milad-Rafie/PwnKit-Local-Privilege-Escalation-Vulnerability-Discovered-in-polkit-s-pkexec-CVE-2021-4034-
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
Github link:
https://github.com/Milad-Rafie/PwnKit-Local-Privilege-Escalation-Vulnerability-Discovered-in-polkit-s-pkexec-CVE-2021-4034-
GitHub
GitHub - Milad-Rafie/PwnKit-Local-Privilege-Escalation-Vulnerability-Discovered-in-polkit-s-pkexec-CVE-2021-4034: Software Vulnerabilities…
Software Vulnerabilities and mitigation university course, to show exploitation and remediation caused by this vulnerability - GitHub - Milad-Rafie/PwnKit-Local-Privilege-Escalation-Vulnerability-...
CVE-2020-27347
In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.
Github link:
https://github.com/lucadibello/tmux-fuzzing
In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.
Github link:
https://github.com/lucadibello/tmux-fuzzing
GitHub
GitHub - lucadibello/tmux-fuzzing: Software Security Lab: Enhanced fuzzing for tmux using OSS-Fuzz. Developed new harnesses (cmd…
Software Security Lab: Enhanced fuzzing for tmux using OSS-Fuzz. Developed new harnesses (cmd-fuzzer, argument-fuzzer) to improve code coverage and analyzed CVE-2020-27347 with a PoC. - lucadibello...
CVE-2017-7184
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.
Github link:
https://github.com/b1nhack/CVE-2017-7184
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.
Github link:
https://github.com/b1nhack/CVE-2017-7184
GitHub
GitHub - b1nhack/CVE-2017-7184: CVE-2017-7184 exp
CVE-2017-7184 exp. Contribute to b1nhack/CVE-2017-7184 development by creating an account on GitHub.
CVE-2021-4034
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
Github link:
https://github.com/kali-guru/Pwnkit-CVE-2021-4034
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
Github link:
https://github.com/kali-guru/Pwnkit-CVE-2021-4034
GitHub
GitHub - kali-guru/Pwnkit-CVE-2021-4034: Automation Exploit
Automation Exploit. Contribute to kali-guru/Pwnkit-CVE-2021-4034 development by creating an account on GitHub.
CVE-2025-31200
A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.
Github link:
https://github.com/JGoyd/CVE-2025-31200-iOS-AudioConverter-RCE
A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.
Github link:
https://github.com/JGoyd/CVE-2025-31200-iOS-AudioConverter-RCE
GitHub
GitHub - JGoyd/CVE-2025-31200-iOS-AudioConverter-RCE: Public disclosure of CVE-2025-31200 – Zero-click RCE in iOS 18.X via Aud…
Public disclosure of CVE-2025-31200 – Zero-click RCE in iOS 18.X via AudioConverterService and malicious audio file. - JGoyd/CVE-2025-31200-iOS-AudioConverter-RCE