CVE-2025-5419
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Github link:
https://github.com/alegrason/CVE-2025-5419
  Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Github link:
https://github.com/alegrason/CVE-2025-5419
CVE-2025-26892
Unrestricted Upload of File with Dangerous Type vulnerability in dkszone Celestial Aura allows Using Malicious Files.This issue affects Celestial Aura: from n/a through 2.2.
Github link:
https://github.com/Nxploited/CVE-2025-26892
  
  Unrestricted Upload of File with Dangerous Type vulnerability in dkszone Celestial Aura allows Using Malicious Files.This issue affects Celestial Aura: from n/a through 2.2.
Github link:
https://github.com/Nxploited/CVE-2025-26892
GitHub
  
  GitHub - Nxploited/CVE-2025-26892: WordPress Celestial Aura Theme <= 2.2 is vulnerable to Arbitrary File Upload
  WordPress Celestial Aura Theme <= 2.2 is vulnerable to Arbitrary File Upload  - GitHub - Nxploited/CVE-2025-26892: WordPress Celestial Aura Theme <= 2.2 is vulnerable to Arbitrary File Upload
  CVE-2021-30047
VSFTPD 3.0.3 allows attackers to cause a denial of service due to limited number of connections allowed.
Github link:
https://github.com/Freitandrey/CVE-2021-30047
  
  VSFTPD 3.0.3 allows attackers to cause a denial of service due to limited number of connections allowed.
Github link:
https://github.com/Freitandrey/CVE-2021-30047
GitHub
  
  GitHub - Freitandrey/CVE-2021-30047: Ataque de denial of service no protocolo de rede FTP
  Ataque de denial of service no protocolo de rede FTP - Freitandrey/CVE-2021-30047
  CVE-2025-32756
A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.8, FortiNDR versions 7.6.0, 7.4.0 through 7.4.7, 7.2.0 through 7.2.4, 7.0.0 through 7.0.6, FortiCamera versions 2.1.0 through 2.1.3, 2.0 all versions, 1.1 all versions, allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie.
Github link:
https://github.com/becrevex/CVE-2025-32756
  
  A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.8, FortiNDR versions 7.6.0, 7.4.0 through 7.4.7, 7.2.0 through 7.2.4, 7.0.0 through 7.0.6, FortiCamera versions 2.1.0 through 2.1.3, 2.0 all versions, 1.1 all versions, allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie.
Github link:
https://github.com/becrevex/CVE-2025-32756
GitHub
  
  GitHub - becrevex/CVE-2025-32756: CVE-2025-32756: NSE Scanning for RCE in vulnerable FortiVoice, FortiMail, FortiNDR, FortiRecorder…
  CVE-2025-32756: NSE Scanning for RCE in vulnerable FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera nodes - becrevex/CVE-2025-32756
  CVE-2025-39507
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NasaTheme Nasa Core allows PHP Local File Inclusion. This issue affects Nasa Core: from n/a through 6.3.2.
Github link:
https://github.com/blackgirlinfosec/cve-lfi-lab
  
  Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NasaTheme Nasa Core allows PHP Local File Inclusion. This issue affects Nasa Core: from n/a through 6.3.2.
Github link:
https://github.com/blackgirlinfosec/cve-lfi-lab
GitHub
  
  GitHub - blackgirlinfosec/cve-lfi-lab: A hands on lab investigating CVE-2025-39507 from a Tier 1 SOC analyst perspective. Includes…
  A hands on lab investigating CVE-2025-39507 from a Tier 1 SOC analyst perspective. Includes log review in Microsoft Sentinel, IP analysis, real world screenshots, and a simple breakdown of a local ...
  CVE-2025-2539
The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax() function in all versions up to, and including, 3.9.9.0.1. This makes it possible for unauthenticated attackers, leveraging the use of a reversible weak algorithm, to read the contents of arbitrary files on the server, which can contain sensitive information.
Github link:
https://github.com/Yucaerin/CVE-2025-2539
  
  The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax() function in all versions up to, and including, 3.9.9.0.1. This makes it possible for unauthenticated attackers, leveraging the use of a reversible weak algorithm, to read the contents of arbitrary files on the server, which can contain sensitive information.
Github link:
https://github.com/Yucaerin/CVE-2025-2539
GitHub
  
  GitHub - Yucaerin/CVE-2025-2539: CVE-2025-2539 - WordPress File Away <= 3.9.9.0.1 - Arbitrary File Read
  CVE-2025-2539 - WordPress File Away <= 3.9.9.0.1 - Arbitrary File Read - Yucaerin/CVE-2025-2539
  CVE-2025-32433
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-32433
  
  Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-32433
GitHub
  
  GitHub - B1ack4sh/Blackash-CVE-2025-32433: CVE-2025-32433 Erlang SSH Library Exploit 🛑
  CVE-2025-32433 Erlang SSH Library Exploit 🛑. Contribute to B1ack4sh/Blackash-CVE-2025-32433 development by creating an account on GitHub.
  CVE-2025-24071
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-24071
  
  Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-24071
GitHub
  
  GitHub - B1ack4sh/Blackash-CVE-2025-24071: CVE-2025-24071
  CVE-2025-24071. Contribute to B1ack4sh/Blackash-CVE-2025-24071 development by creating an account on GitHub.
  CVE-2021-3156
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Github link:
https://github.com/TopskiyPavelQwertyGang/Review.CVE-2021-3156
  
  Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Github link:
https://github.com/TopskiyPavelQwertyGang/Review.CVE-2021-3156
GitHub
  
  GitHub - TopskiyPavelQwertyGang/Review.CVE-2021-3156: CVE-2021-3156-Exploit-Demo
  CVE-2021-3156-Exploit-Demo. Contribute to TopskiyPavelQwertyGang/Review.CVE-2021-3156 development by creating an account on GitHub.
  CVE-2025-24071
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
Github link:
https://github.com/TH-SecForge/CVE-2025-24071
  
  Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
Github link:
https://github.com/TH-SecForge/CVE-2025-24071
GitHub
  
  GitHub - TH-SecForge/CVE-2025-24071: Security Vulnerability Report: CVE-2025-24071 - Windows File Explorer Spoofing Vulnerability
  Security Vulnerability Report: CVE-2025-24071 - Windows File Explorer Spoofing Vulnerability - TH-SecForge/CVE-2025-24071
  CVE-2025-29972
Server-Side Request Forgery (SSRF) in Azure allows an authorized attacker to perform spoofing over a network.
Github link:
https://github.com/TH-SecForge/CVE-2025-29972
  
  Server-Side Request Forgery (SSRF) in Azure allows an authorized attacker to perform spoofing over a network.
Github link:
https://github.com/TH-SecForge/CVE-2025-29972
GitHub
  
  GitHub - TH-SecForge/CVE-2025-29972: CVE-2025-29927 - Critical Security Vulnerability in Next.js
  CVE-2025-29927 - Critical Security Vulnerability in Next.js - TH-SecForge/CVE-2025-29972
  CVE-2024-10914
A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been declared as critical. Affected by this vulnerability is the function cgi_user_add of the file /cgi-bin/account_mgr.cgi?cmd=cgi_user_add. The manipulation of the argument name leads to os command injection. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
Github link:
https://github.com/TH-SecForge/CVE-2024-10914
  
  A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been declared as critical. Affected by this vulnerability is the function cgi_user_add of the file /cgi-bin/account_mgr.cgi?cmd=cgi_user_add. The manipulation of the argument name leads to os command injection. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
Github link:
https://github.com/TH-SecForge/CVE-2024-10914
GitHub
  
  GitHub - TH-SecForge/CVE-2024-10914: CVE-2024-10914 is a critical command injection vulnerability affecting several legacy D-Link…
  CVE-2024-10914 is a critical command injection vulnerability affecting several legacy D-Link Network Attached Storage (NAS) devices. - TH-SecForge/CVE-2024-10914
  CVE-2011-0762
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
Github link:
https://github.com/Freitandrey/CVE-2011-0762
  
  The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
Github link:
https://github.com/Freitandrey/CVE-2011-0762
GitHub
  
  GitHub - Freitandrey/CVE-2011-0762: Script que corrigi o exploit da CVE que foi publicado no exploit-db
  Script que corrigi o exploit da CVE que foi publicado no exploit-db - Freitandrey/CVE-2011-0762
  CVE-2022-26134
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
Github link:
https://github.com/thetowsif/CVE-2022-26134
  
  In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
Github link:
https://github.com/thetowsif/CVE-2022-26134
GitHub
  
  GitHub - thetowsif/CVE-2022-26134: Atlassian's Confluence Server and Data Center editions (Vulnerable Version > 7.18.1)
  Atlassian's Confluence Server and Data Center editions (Vulnerable Version > 7.18.1) - thetowsif/CVE-2022-26134
  CVE-2025-48129
Incorrect Privilege Assignment vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light allows Privilege Escalation. This issue affects Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light: from n/a through 2.4.37.
Github link:
https://github.com/Nxploited/CVE-2025-48129
  
  Incorrect Privilege Assignment vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light allows Privilege Escalation. This issue affects Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light: from n/a through 2.4.37.
Github link:
https://github.com/Nxploited/CVE-2025-48129
GitHub
  
  GitHub - Nxploited/CVE-2025-48129: WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light Plugin <= 2.4.37…
  WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light Plugin <= 2.4.37 is vulnerable to Privilege Escalation  - GitHub - Nxploited/CVE-2025-48129: WordPress Spreadsh...
  CVE-2025-5840
A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /user_update_customer_order.php. The manipulation of the argument uploaded_file leads to unrestricted upload. It is possible to initiate the attack remotely.
Github link:
https://github.com/haxerr9/CVE-2025-5840
  
  A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /user_update_customer_order.php. The manipulation of the argument uploaded_file leads to unrestricted upload. It is possible to initiate the attack remotely.
Github link:
https://github.com/haxerr9/CVE-2025-5840
GitHub
  
  GitHub - haxerr9/CVE-2025-5840: CVE-2025-5840 Exploit Written In Python By haxerr9
  CVE-2025-5840 Exploit Written In Python By haxerr9 - haxerr9/CVE-2025-5840
  CVE-2025-5419
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Github link:
https://github.com/lacelruz/CVE-2025-5419
  
  Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Github link:
https://github.com/lacelruz/CVE-2025-5419
GitHub
  
  GitHub - lacelruz/CVE-2025-5419: Out-of-Bounds Read/Write in Chrome V8 — Heap Corruption → RCE
  Out-of-Bounds Read/Write in Chrome V8 — Heap Corruption → RCE - lacelruz/CVE-2025-5419
  CVE-2025-32756
A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.8, FortiNDR versions 7.6.0, 7.4.0 through 7.4.7, 7.2.0 through 7.2.4, 7.0.0 through 7.0.6, FortiCamera versions 2.1.0 through 2.1.3, 2.0 all versions, 1.1 all versions, allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-32756
  
  A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.8, FortiNDR versions 7.6.0, 7.4.0 through 7.4.7, 7.2.0 through 7.2.4, 7.0.0 through 7.0.6, FortiCamera versions 2.1.0 through 2.1.3, 2.0 all versions, 1.1 all versions, allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-32756
GitHub
  
  GitHub - B1ack4sh/Blackash-CVE-2025-32756: CVE-2025-32756-POC
  CVE-2025-32756-POC. Contribute to B1ack4sh/Blackash-CVE-2025-32756 development by creating an account on GitHub.
  CVE-2021-36934
Windows Elevation of Privilege Vulnerability
Github link:
https://github.com/Ap3x369/Why-so-Serious-SAM
  
  Windows Elevation of Privilege Vulnerability
Github link:
https://github.com/Ap3x369/Why-so-Serious-SAM
GitHub
  
  GitHub - Ap3x369/Why-so-Serious-SAM: PoC malware that uses exploit CVE-2021-36934 (improper ACLs on shadow copies) using a fileless…
  PoC malware that uses exploit CVE-2021-36934 (improper ACLs on shadow copies) using a fileless red team method on Windows 10/11 with LOLBins, extracting SYSTEM and SAM hives for local NTLM hashes. ...
  